Package io.netty.handler.ssl

Class OpenSsl

  • public final class OpenSsl
extends java.lang.Object
    Tells if netty-tcnative and its OpenSSL support are available.

    • Field Detail

      • UNAVAILABILITY_CAUSE

        private static final java.lang.Throwable UNAVAILABILITY_CAUSE

      • DEFAULT_CIPHERS

        static final java.util.List<java.lang.String> DEFAULT_CIPHERS

      • AVAILABLE_CIPHER_SUITES

        static final java.util.Set<java.lang.String> AVAILABLE_CIPHER_SUITES

      • AVAILABLE_OPENSSL_CIPHER_SUITES

        private static final java.util.Set<java.lang.String> AVAILABLE_OPENSSL_CIPHER_SUITES

      • AVAILABLE_JAVA_CIPHER_SUITES

        private static final java.util.Set<java.lang.String> AVAILABLE_JAVA_CIPHER_SUITES

      • SUPPORTS_KEYMANAGER_FACTORY

        private static final boolean SUPPORTS_KEYMANAGER_FACTORY

      • USE_KEYMANAGER_FACTORY

        private static final boolean USE_KEYMANAGER_FACTORY

      • SUPPORTS_OCSP

        private static final boolean SUPPORTS_OCSP

      • TLSV13_SUPPORTED

        private static final boolean TLSV13_SUPPORTED

      • IS_BORINGSSL

        private static final boolean IS_BORINGSSL

      • IS_AWSLC

        private static final boolean IS_AWSLC

      • CLIENT_DEFAULT_PROTOCOLS

        private static final java.util.Set<java.lang.String> CLIENT_DEFAULT_PROTOCOLS

      • SERVER_DEFAULT_PROTOCOLS

        private static final java.util.Set<java.lang.String> SERVER_DEFAULT_PROTOCOLS

      • SUPPORTED_PROTOCOLS_SET

        static final java.util.Set<java.lang.String> SUPPORTED_PROTOCOLS_SET

      • EXTRA_SUPPORTED_TLS_1_3_CIPHERS

        static final java.lang.String[] EXTRA_SUPPORTED_TLS_1_3_CIPHERS

      • EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING

        static final java.lang.String EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING

      • NAMED_GROUPS

        static final java.lang.String[] NAMED_GROUPS

      • JAVAX_CERTIFICATE_CREATION_SUPPORTED

        static final boolean JAVAX_CERTIFICATE_CREATION_SUPPORTED

      • DEFAULT_NAMED_GROUPS

        private static final java.lang.String[] DEFAULT_NAMED_GROUPS

    • Constructor Detail

      • OpenSsl

        private OpenSsl()

    • Method Detail

      • checkTls13Ciphers

        static java.lang.String checkTls13Ciphers​(InternalLogger logger,
                                          java.lang.String ciphers)

      • isSessionCacheSupported

        static boolean isSessionCacheSupported()

      • selfSignedCertificate

        static java.security.cert.X509Certificate selfSignedCertificate()
                                                         throws java.security.cert.CertificateException
        Returns a self-signed X509Certificate for netty.io.
        Throws:
        java.security.cert.CertificateException

      • doesSupportOcsp

        private static boolean doesSupportOcsp()

      • doesSupportProtocol

        private static boolean doesSupportProtocol​(int protocol,
                                           int opt)

      • isAvailable

        public static boolean isAvailable()
        Returns true if and only if netty-tcnative and its OpenSSL support are available.

      • isOcspSupported

        public static boolean isOcspSupported()
        Returns true if the used version of OpenSSL supports OCSP stapling.

      • version

        public static int version()
        Returns the version of the used available OpenSSL library or -1 if isAvailable() returns false.

      • versionString

        public static java.lang.String versionString()
        Returns the version string of the used available OpenSSL library or null if isAvailable() returns false.

      • ensureAvailability

        public static void ensureAvailability()
        Ensure that netty-tcnative and its OpenSSL support are available.
        Throws:
        java.lang.UnsatisfiedLinkError - if unavailable

      • unavailabilityCause

        public static java.lang.Throwable unavailabilityCause()
        Returns the cause of unavailability of netty-tcnative and its OpenSSL support.
        Returns:
        the cause if unavailable. null if available.

      • availableCipherSuites

        @Deprecated
public static java.util.Set<java.lang.String> availableCipherSuites()
        Deprecated.
        use availableOpenSslCipherSuites()

      • availableOpenSslCipherSuites

        public static java.util.Set<java.lang.String> availableOpenSslCipherSuites()
        Returns all the available OpenSSL cipher suites. Please note that the returned array may include the cipher suites that are insecure or non-functional.

      • availableJavaCipherSuites

        public static java.util.Set<java.lang.String> availableJavaCipherSuites()
        Returns all the available cipher suites (Java-style). Please note that the returned array may include the cipher suites that are insecure or non-functional.

      • isCipherSuiteAvailable

        public static boolean isCipherSuiteAvailable​(java.lang.String cipherSuite)
        Returns true if and only if the specified cipher suite is available in OpenSSL. Both Java-style cipher suite and OpenSSL-style cipher suite are accepted.

      • supportsKeyManagerFactory

        public static boolean supportsKeyManagerFactory()
        Returns true if KeyManagerFactory is supported when using OpenSSL.

      • supportsHostnameValidation

        @Deprecated
public static boolean supportsHostnameValidation()
        Deprecated.
        Will be removed because hostname validation is always done by a TrustManager implementation.
        Always returns true if isAvailable() returns true.

      • useKeyManagerFactory

        static boolean useKeyManagerFactory()

      • memoryAddress

        static long memoryAddress​(ByteBuf buf)

      • loadTcNative

        private static void loadTcNative()
                          throws java.lang.Exception
        Throws:
        java.lang.Exception

      • initializeTcNative

        private static boolean initializeTcNative​(java.lang.String engine)
                                   throws java.lang.Exception
        Throws:
        java.lang.Exception

      • isTlsv13Supported

        static boolean isTlsv13Supported()

      • isOptionSupported

        static boolean isOptionSupported​(SslContextOption<?> option)

      • defaultProtocols

        private static java.util.Set<java.lang.String> defaultProtocols​(java.lang.String property)

      • defaultProtocols

        static java.lang.String[] defaultProtocols​(boolean isClient)

      • isBoringSSL

        static boolean isBoringSSL()

      • isAWSLC

        static boolean isAWSLC()