datalore/jimu-decompiled
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
jimu-decompiled/sources/okhttp3/ConnectionSpec.java
datalore a950f49678 Initial commit
2025-05-13 19:24:51 +02:00

206 lines
8.9 KiB
Java
Raw Permalink Blame History

package okhttp3;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLSocket;
import okhttp3.internal.Util;
/* loaded from: classes2.dex */
public final class ConnectionSpec {
final String[] cipherSuites;
final boolean supportsTlsExtensions;
final boolean tls;
final String[] tlsVersions;
private static final CipherSuite[] RESTRICTED_CIPHER_SUITES = {CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256};
private static final CipherSuite[] APPROVED_CIPHER_SUITES = {CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA};
public static final ConnectionSpec RESTRICTED_TLS = new Builder(true).cipherSuites(RESTRICTED_CIPHER_SUITES).tlsVersions(TlsVersion.TLS_1_2).supportsTlsExtensions(true).build();
public static final ConnectionSpec MODERN_TLS = new Builder(true).cipherSuites(APPROVED_CIPHER_SUITES).tlsVersions(TlsVersion.TLS_1_2, TlsVersion.TLS_1_1, TlsVersion.TLS_1_0).supportsTlsExtensions(true).build();
public static final ConnectionSpec COMPATIBLE_TLS = new Builder(MODERN_TLS).tlsVersions(TlsVersion.TLS_1_0).supportsTlsExtensions(true).build();
public static final ConnectionSpec CLEARTEXT = new Builder(false).build();
ConnectionSpec(Builder builder) {
this.tls = builder.tls;
this.cipherSuites = builder.cipherSuites;
this.tlsVersions = builder.tlsVersions;
this.supportsTlsExtensions = builder.supportsTlsExtensions;
}
private ConnectionSpec supportedSpec(SSLSocket sSLSocket, boolean z) {
String[] intersect = this.cipherSuites != null ? Util.intersect(CipherSuite.ORDER_BY_NAME, sSLSocket.getEnabledCipherSuites(), this.cipherSuites) : sSLSocket.getEnabledCipherSuites();
String[] intersect2 = this.tlsVersions != null ? Util.intersect(Util.NATURAL_ORDER, sSLSocket.getEnabledProtocols(), this.tlsVersions) : sSLSocket.getEnabledProtocols();
String[] supportedCipherSuites = sSLSocket.getSupportedCipherSuites();
int indexOf = Util.indexOf(CipherSuite.ORDER_BY_NAME, supportedCipherSuites, "TLS_FALLBACK_SCSV");
if (z && indexOf != -1) {
intersect = Util.concat(intersect, supportedCipherSuites[indexOf]);
}
return new Builder(this).cipherSuites(intersect).tlsVersions(intersect2).build();
}
void apply(SSLSocket sSLSocket, boolean z) {
ConnectionSpec supportedSpec = supportedSpec(sSLSocket, z);
String[] strArr = supportedSpec.tlsVersions;
if (strArr != null) {
sSLSocket.setEnabledProtocols(strArr);
}
String[] strArr2 = supportedSpec.cipherSuites;
if (strArr2 != null) {
sSLSocket.setEnabledCipherSuites(strArr2);
}
}
public List<CipherSuite> cipherSuites() {
String[] strArr = this.cipherSuites;
if (strArr != null) {
return CipherSuite.forJavaNames(strArr);
}
return null;
}
public boolean equals(Object obj) {
if (!(obj instanceof ConnectionSpec)) {
return false;
}
if (obj == this) {
return true;
}
ConnectionSpec connectionSpec = (ConnectionSpec) obj;
boolean z = this.tls;
if (z != connectionSpec.tls) {
return false;
}
return !z || (Arrays.equals(this.cipherSuites, connectionSpec.cipherSuites) && Arrays.equals(this.tlsVersions, connectionSpec.tlsVersions) && this.supportsTlsExtensions == connectionSpec.supportsTlsExtensions);
}
public int hashCode() {
if (this.tls) {
return ((((527 + Arrays.hashCode(this.cipherSuites)) * 31) + Arrays.hashCode(this.tlsVersions)) * 31) + (!this.supportsTlsExtensions ? 1 : 0);
}
return 17;
}
public boolean isCompatible(SSLSocket sSLSocket) {
if (!this.tls) {
return false;
}
String[] strArr = this.tlsVersions;
if (strArr != null && !Util.nonEmptyIntersection(Util.NATURAL_ORDER, strArr, sSLSocket.getEnabledProtocols())) {
return false;
}
String[] strArr2 = this.cipherSuites;
return strArr2 == null || Util.nonEmptyIntersection(CipherSuite.ORDER_BY_NAME, strArr2, sSLSocket.getEnabledCipherSuites());
}
public boolean isTls() {
return this.tls;
}
public boolean supportsTlsExtensions() {
return this.supportsTlsExtensions;
}
public List<TlsVersion> tlsVersions() {
String[] strArr = this.tlsVersions;
if (strArr != null) {
return TlsVersion.forJavaNames(strArr);
}
return null;
}
public String toString() {
if (!this.tls) {
return "ConnectionSpec()";
}
return "ConnectionSpec(cipherSuites=" + (this.cipherSuites != null ? cipherSuites().toString() : "[all enabled]") + ", tlsVersions=" + (this.tlsVersions != null ? tlsVersions().toString() : "[all enabled]") + ", supportsTlsExtensions=" + this.supportsTlsExtensions + ")";
}
public static final class Builder {
String[] cipherSuites;
boolean supportsTlsExtensions;
boolean tls;
String[] tlsVersions;
Builder(boolean z) {
this.tls = z;
}
public Builder allEnabledCipherSuites() {
if (!this.tls) {
throw new IllegalStateException("no cipher suites for cleartext connections");
}
this.cipherSuites = null;
return this;
}
public Builder allEnabledTlsVersions() {
if (!this.tls) {
throw new IllegalStateException("no TLS versions for cleartext connections");
}
this.tlsVersions = null;
return this;
}
public ConnectionSpec build() {
return new ConnectionSpec(this);
}
public Builder cipherSuites(CipherSuite... cipherSuiteArr) {
if (!this.tls) {
throw new IllegalStateException("no cipher suites for cleartext connections");
}
String[] strArr = new String[cipherSuiteArr.length];
for (int i = 0; i < cipherSuiteArr.length; i++) {
strArr[i] = cipherSuiteArr[i].javaName;
}
return cipherSuites(strArr);
}
public Builder supportsTlsExtensions(boolean z) {
if (!this.tls) {
throw new IllegalStateException("no TLS extensions for cleartext connections");
}
this.supportsTlsExtensions = z;
return this;
}
public Builder tlsVersions(TlsVersion... tlsVersionArr) {
if (!this.tls) {
throw new IllegalStateException("no TLS versions for cleartext connections");
}
String[] strArr = new String[tlsVersionArr.length];
for (int i = 0; i < tlsVersionArr.length; i++) {
strArr[i] = tlsVersionArr[i].javaName;
}
return tlsVersions(strArr);
}
public Builder(ConnectionSpec connectionSpec) {
this.tls = connectionSpec.tls;
this.cipherSuites = connectionSpec.cipherSuites;
this.tlsVersions = connectionSpec.tlsVersions;
this.supportsTlsExtensions = connectionSpec.supportsTlsExtensions;
}
public Builder cipherSuites(String... strArr) {
if (this.tls) {
if (strArr.length != 0) {
this.cipherSuites = (String[]) strArr.clone();
return this;
}
throw new IllegalArgumentException("At least one cipher suite is required");
}
throw new IllegalStateException("no cipher suites for cleartext connections");
}
public Builder tlsVersions(String... strArr) {
if (this.tls) {
if (strArr.length != 0) {
this.tlsVersions = (String[]) strArr.clone();
return this;
}
throw new IllegalArgumentException("At least one TLS version is required");
}
throw new IllegalStateException("no TLS versions for cleartext connections");
}
}
}
Reference in New Issue View Git Blame Copy Permalink