Package io.netty.handler.ssl
Class SslUtils
- java.lang.Object
-
- io.netty.handler.ssl.SslUtils
-
final class SslUtils extends java.lang.ObjectConstants for SSL packets.
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static java.lang.String[]DEFAULT_CIPHER_SUITES(package private) static java.lang.String[]DEFAULT_TLSV13_CIPHER_SUITES(package private) static java.lang.StringINVALID_CIPHER(package private) static intNOT_ENCRYPTEDdata is not encrypted(package private) static intNOT_ENOUGH_DATANot enough data in buffer to parse the record length(package private) static java.lang.StringPROTOCOL_SSL_V2(package private) static java.lang.StringPROTOCOL_SSL_V2_HELLO(package private) static java.lang.StringPROTOCOL_SSL_V3(package private) static java.lang.StringPROTOCOL_TLS_V1(package private) static java.lang.StringPROTOCOL_TLS_V1_1(package private) static java.lang.StringPROTOCOL_TLS_V1_2(package private) static java.lang.StringPROTOCOL_TLS_V1_3(package private) static intSSL_CONTENT_TYPE_ALERTalert(package private) static intSSL_CONTENT_TYPE_APPLICATION_DATAapplication data(package private) static intSSL_CONTENT_TYPE_CHANGE_CIPHER_SPECchange cipher spec(package private) static intSSL_CONTENT_TYPE_EXTENSION_HEARTBEATHeartBeat Extension(package private) static intSSL_CONTENT_TYPE_HANDSHAKEhandshake(package private) static intSSL_RECORD_HEADER_LENGTHthe length of the ssl record header (in bytes)(package private) static java.lang.String[]TLSV13_CIPHER_SUITES(package private) static java.util.Set<java.lang.String>TLSV13_CIPHERS
-
Constructor Summary
Constructors Modifier Constructor Description privateSslUtils()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description (package private) static voidaddIfSupported(java.util.Set<java.lang.String> supported, java.util.List<java.lang.String> enabled, java.lang.String... names)Add elements fromnamesintoenabledif they are insupported.(package private) static intgetEncryptedPacketLength(ByteBuf buffer, int offset)Return how much bytes can be read out of the encrypted data.private static intgetEncryptedPacketLength(java.nio.ByteBuffer buffer)(package private) static intgetEncryptedPacketLength(java.nio.ByteBuffer[] buffers, int offset)(package private) static voidhandleHandshakeFailure(ChannelHandlerContext ctx, java.lang.Throwable cause, boolean notify)(package private) static booleanisTLSv13Cipher(java.lang.String cipher)Returnstrueif the the given cipher (in openssl format) is for TLSv1.3,falseotherwise.(package private) static booleanisValidHostNameForSNI(java.lang.String hostname)Validate that the given hostname can be used in SNI extension.private static shortshortBE(ByteBuf buffer, int offset)private static shortshortBE(java.nio.ByteBuffer buffer, int offset)(package private) static ByteBuftoBase64(ByteBufAllocator allocator, ByteBuf src)Same asBase64.encode(ByteBuf, boolean)but allows the use of a customByteBufAllocator.(package private) static javax.net.ssl.SSLHandshakeExceptiontoSSLHandshakeException(java.lang.Throwable e)Converts the given exception to aSSLHandshakeException, if it isn't already.private static shortunsignedByte(byte b)private static intunsignedShortBE(ByteBuf buffer, int offset)private static intunsignedShortBE(java.nio.ByteBuffer buffer, int offset)(package private) static voiduseFallbackCiphersIfDefaultIsEmpty(java.util.List<java.lang.String> defaultCiphers, java.lang.Iterable<java.lang.String> fallbackCiphers)(package private) static voiduseFallbackCiphersIfDefaultIsEmpty(java.util.List<java.lang.String> defaultCiphers, java.lang.String... fallbackCiphers)(package private) static voidzeroout(ByteBuf buffer)Fills theByteBufwith zero bytes.(package private) static voidzerooutAndRelease(ByteBuf buffer)Fills theByteBufwith zero bytes and releases it.
-
-
-
Field Detail
-
TLSV13_CIPHERS
static final java.util.Set<java.lang.String> TLSV13_CIPHERS
-
PROTOCOL_SSL_V2_HELLO
static final java.lang.String PROTOCOL_SSL_V2_HELLO
- See Also:
- Constant Field Values
-
PROTOCOL_SSL_V2
static final java.lang.String PROTOCOL_SSL_V2
- See Also:
- Constant Field Values
-
PROTOCOL_SSL_V3
static final java.lang.String PROTOCOL_SSL_V3
- See Also:
- Constant Field Values
-
PROTOCOL_TLS_V1
static final java.lang.String PROTOCOL_TLS_V1
- See Also:
- Constant Field Values
-
PROTOCOL_TLS_V1_1
static final java.lang.String PROTOCOL_TLS_V1_1
- See Also:
- Constant Field Values
-
PROTOCOL_TLS_V1_2
static final java.lang.String PROTOCOL_TLS_V1_2
- See Also:
- Constant Field Values
-
PROTOCOL_TLS_V1_3
static final java.lang.String PROTOCOL_TLS_V1_3
- See Also:
- Constant Field Values
-
INVALID_CIPHER
static final java.lang.String INVALID_CIPHER
- See Also:
- Constant Field Values
-
SSL_CONTENT_TYPE_CHANGE_CIPHER_SPEC
static final int SSL_CONTENT_TYPE_CHANGE_CIPHER_SPEC
change cipher spec- See Also:
- Constant Field Values
-
SSL_CONTENT_TYPE_ALERT
static final int SSL_CONTENT_TYPE_ALERT
alert- See Also:
- Constant Field Values
-
SSL_CONTENT_TYPE_HANDSHAKE
static final int SSL_CONTENT_TYPE_HANDSHAKE
handshake- See Also:
- Constant Field Values
-
SSL_CONTENT_TYPE_APPLICATION_DATA
static final int SSL_CONTENT_TYPE_APPLICATION_DATA
application data- See Also:
- Constant Field Values
-
SSL_CONTENT_TYPE_EXTENSION_HEARTBEAT
static final int SSL_CONTENT_TYPE_EXTENSION_HEARTBEAT
HeartBeat Extension- See Also:
- Constant Field Values
-
SSL_RECORD_HEADER_LENGTH
static final int SSL_RECORD_HEADER_LENGTH
the length of the ssl record header (in bytes)- See Also:
- Constant Field Values
-
NOT_ENOUGH_DATA
static final int NOT_ENOUGH_DATA
Not enough data in buffer to parse the record length- See Also:
- Constant Field Values
-
NOT_ENCRYPTED
static final int NOT_ENCRYPTED
data is not encrypted- See Also:
- Constant Field Values
-
DEFAULT_CIPHER_SUITES
static final java.lang.String[] DEFAULT_CIPHER_SUITES
-
DEFAULT_TLSV13_CIPHER_SUITES
static final java.lang.String[] DEFAULT_TLSV13_CIPHER_SUITES
-
TLSV13_CIPHER_SUITES
static final java.lang.String[] TLSV13_CIPHER_SUITES
-
-
Method Detail
-
addIfSupported
static void addIfSupported(java.util.Set<java.lang.String> supported, java.util.List<java.lang.String> enabled, java.lang.String... names)Add elements fromnamesintoenabledif they are insupported.
-
useFallbackCiphersIfDefaultIsEmpty
static void useFallbackCiphersIfDefaultIsEmpty(java.util.List<java.lang.String> defaultCiphers, java.lang.Iterable<java.lang.String> fallbackCiphers)
-
useFallbackCiphersIfDefaultIsEmpty
static void useFallbackCiphersIfDefaultIsEmpty(java.util.List<java.lang.String> defaultCiphers, java.lang.String... fallbackCiphers)
-
toSSLHandshakeException
static javax.net.ssl.SSLHandshakeException toSSLHandshakeException(java.lang.Throwable e)
Converts the given exception to aSSLHandshakeException, if it isn't already.
-
getEncryptedPacketLength
static int getEncryptedPacketLength(ByteBuf buffer, int offset)
Return how much bytes can be read out of the encrypted data. Be aware that this method will not increase the readerIndex of the givenByteBuf.- Parameters:
buffer- TheByteBufto read from. Be aware that it must have at leastSSL_RECORD_HEADER_LENGTHbytes to read, otherwise it will throw anIllegalArgumentException.- Returns:
- length
The length of the encrypted packet that is included in the buffer or
{@link #SslUtils#NOT_ENOUGH_DATA} if not enough data is present in the
ByteBuf. This will returnNOT_ENCRYPTEDif the givenByteBufis not encrypted at all. - Throws:
java.lang.IllegalArgumentException- Is thrown if the givenByteBufhas not at leastSSL_RECORD_HEADER_LENGTHbytes to read.
-
unsignedShortBE
private static int unsignedShortBE(ByteBuf buffer, int offset)
-
shortBE
private static short shortBE(ByteBuf buffer, int offset)
-
unsignedByte
private static short unsignedByte(byte b)
-
unsignedShortBE
private static int unsignedShortBE(java.nio.ByteBuffer buffer, int offset)
-
shortBE
private static short shortBE(java.nio.ByteBuffer buffer, int offset)
-
getEncryptedPacketLength
static int getEncryptedPacketLength(java.nio.ByteBuffer[] buffers, int offset)
-
getEncryptedPacketLength
private static int getEncryptedPacketLength(java.nio.ByteBuffer buffer)
-
handleHandshakeFailure
static void handleHandshakeFailure(ChannelHandlerContext ctx, java.lang.Throwable cause, boolean notify)
-
zerooutAndRelease
static void zerooutAndRelease(ByteBuf buffer)
Fills theByteBufwith zero bytes and releases it.
-
toBase64
static ByteBuf toBase64(ByteBufAllocator allocator, ByteBuf src)
Same asBase64.encode(ByteBuf, boolean)but allows the use of a customByteBufAllocator.- See Also:
Base64.encode(ByteBuf, boolean)
-
isValidHostNameForSNI
static boolean isValidHostNameForSNI(java.lang.String hostname)
Validate that the given hostname can be used in SNI extension.
-
isTLSv13Cipher
static boolean isTLSv13Cipher(java.lang.String cipher)
Returnstrueif the the given cipher (in openssl format) is for TLSv1.3,falseotherwise.
-
-