Package io.netty.handler.ssl

SSL · TLS implementation based on SSLEngine

Interface Summary

Interface	Description
ApplicationProtocolAccessor	Provides a way to get the application-level protocol name from ALPN or NPN.
ApplicationProtocolNegotiator	Deprecated. use ApplicationProtocolConfig
AsyncRunnable
CipherSuiteFilter	Provides a means to filter the supplied cipher suite based upon the supported and default cipher suites.
JdkApplicationProtocolNegotiator	Deprecated. use ApplicationProtocolConfig
JdkApplicationProtocolNegotiator.ProtocolSelectionListener	A listener to be notified by which protocol was select by its peer.
JdkApplicationProtocolNegotiator.ProtocolSelectionListenerFactory	Factory interface for JdkApplicationProtocolNegotiator.ProtocolSelectionListener objects.
JdkApplicationProtocolNegotiator.ProtocolSelector	Interface to define the role of an application protocol selector in the SSL handshake process.
JdkApplicationProtocolNegotiator.ProtocolSelectorFactory	Factory interface for JdkApplicationProtocolNegotiator.ProtocolSelector objects.
JdkApplicationProtocolNegotiator.SslEngineWrapperFactory	Abstract factory pattern for wrapping an SSLEngine object.
OpenSslApplicationProtocolNegotiator	Deprecated. use ApplicationProtocolConfig
OpenSslAsyncPrivateKeyMethod
OpenSslCertificateCompressionAlgorithm	Provides compression and decompression implementations for TLS Certificate Compression (RFC 8879).
OpenSslEngineMap
OpenSslInternalSession	SSLSession that is specific to our native implementation.
OpenSslKeyMaterial	Holds references to the native key-material that is used by OpenSSL.
OpenSslPrivateKeyMethod	Allow to customize private key signing / decrypting (when using RSA).
OpenSslSession	SSLSession sub-type that is used by our native implementation.
OpenSslX509TrustManagerWrapper.TrustManagerWrapper
PemEncoded	A marker interface for PEM encoded values.
ReferenceCountedOpenSslEngine.NativeSslException
ResumableX509ExtendedTrustManager	An interface that TrustManager instances can implement, to be notified of resumed SSL sessions.

Class Summary

Class	Description
AbstractSniHandler<T>	Enables SNI (Server Name Indication) extension for server side SSL.
ApplicationProtocolConfig	Provides an SSLEngine agnostic way to configure a ApplicationProtocolNegotiator.
ApplicationProtocolNames	Provides a set of protocol names used in ALPN and NPN.
ApplicationProtocolNegotiationHandler	Configures a ChannelPipeline depending on the application-level protocol negotiation result of SslHandler.
ApplicationProtocolUtil	Utility class for application protocol common operations.
BouncyCastleAlpnSslEngine
BouncyCastleAlpnSslUtils
BouncyCastlePemReader
Ciphers	Cipher suites
CipherSuiteConverter	Converts a Java cipher suite string to an OpenSSL cipher suite string and vice versa.
CipherSuiteConverter.CachedValue	Used to store nullable values in a CHM
DefaultOpenSslKeyMaterial
DelegatingSslContext	Adapter class which allows to wrap another SslContext and init SSLEngine instances.
EnhancingX509ExtendedTrustManager	Wraps an existing X509ExtendedTrustManager and enhances the CertificateException that is thrown because of hostname validation.
ExtendedOpenSslSession	Delegates all operations to a wrapped OpenSslInternalSession except the methods defined by ExtendedSSLSession itself.
GroupsConverter	Convert java naming to OpenSSL naming if possible and if not return the original name.
IdentityCipherSuiteFilter	This class will not do any filtering of ciphers suites.
Java7SslParametersUtils
Java8SslUtils
JdkAlpnApplicationProtocolNegotiator	Deprecated. use ApplicationProtocolConfig.
JdkAlpnApplicationProtocolNegotiator.AlpnWrapper
JdkAlpnApplicationProtocolNegotiator.FailureWrapper
JdkAlpnSslEngine
JdkAlpnSslUtils
JdkApplicationProtocolNegotiator.AllocatorAwareSslEngineWrapperFactory
JdkBaseApplicationProtocolNegotiator	Common base class for JdkApplicationProtocolNegotiator classes to inherit from.
JdkBaseApplicationProtocolNegotiator.FailProtocolSelectionListener
JdkBaseApplicationProtocolNegotiator.FailProtocolSelector
JdkBaseApplicationProtocolNegotiator.NoFailProtocolSelectionListener
JdkBaseApplicationProtocolNegotiator.NoFailProtocolSelector
JdkDefaultApplicationProtocolNegotiator	The JdkApplicationProtocolNegotiator to use if you do not care about NPN or ALPN and are using SslProvider.JDK.
JdkNpnApplicationProtocolNegotiator	Deprecated. use ApplicationProtocolConfig.
JdkSslClientContext	Deprecated. Use SslContextBuilder to create JdkSslContext instances and only use JdkSslContext in your code.
JdkSslContext	An SslContext which uses JDK's SSL/TLS implementation.
JdkSslContext.Defaults
JdkSslEngine
JdkSslServerContext	Deprecated. Use SslContextBuilder to create JdkSslContext instances and only use JdkSslContext in your code.
OpenSsl	Tells if netty-tcnative and its OpenSSL support are available.
OpenSslCachingKeyMaterialProvider	OpenSslKeyMaterialProvider that will cache the OpenSslKeyMaterial to reduce the overhead of parsing the chain and the key for generation of the material.
OpenSslCachingX509KeyManagerFactory	Wraps another KeyManagerFactory and caches its chains / certs for an alias for better performance when using SslProvider.OPENSSL or SslProvider.OPENSSL_REFCNT.
OpenSslCertificateCompressionConfig	Configuration for TLS1.3 certificate compression extension.
OpenSslCertificateCompressionConfig.AlgorithmConfig	The configuration for algorithm.
OpenSslCertificateCompressionConfig.Builder	Builder for an OpenSslCertificateCompressionAlgorithm.
OpenSslClientContext	A client-side SslContext which uses OpenSSL's SSL/TLS implementation.
OpenSslClientSessionCache	OpenSslSessionCache that is used by the client-side.
OpenSslClientSessionCache.HostPort	Host / Port tuple used to find a OpenSslInternalSession in the cache.
OpenSslContext	This class will use a finalizer to ensure native resources are automatically cleaned up.
OpenSslContextOption<T>	SslContextOptions that are specific to the SslProvider.OPENSSL / SslProvider.OPENSSL_REFCNT.
OpenSslDefaultApplicationProtocolNegotiator	Deprecated. use ApplicationProtocolConfig.
OpenSslEngine	Implements a SSLEngine using OpenSSL BIO abstractions.
OpenSslKeyMaterialManager	Manages key material for OpenSslEngines and so set the right PrivateKeys and X509Certificates.
OpenSslKeyMaterialProvider	Provides OpenSslKeyMaterial for a given alias.
OpenSslNpnApplicationProtocolNegotiator	Deprecated. use ApplicationProtocolConfig
OpenSslPrivateKey
OpenSslServerContext	A server-side SslContext which uses OpenSSL's SSL/TLS implementation.
OpenSslServerSessionContext	OpenSslSessionContext implementation which offers extra methods which are only useful for the server-side.
OpenSslSessionCache	SSLSessionCache implementation for our native SSL implementation.
OpenSslSessionCache.NativeSslSession	OpenSslInternalSession implementation which wraps the native SSL_SESSION* while in cache.
OpenSslSessionContext	OpenSSL specific SSLSessionContext implementation.
OpenSslSessionId	Represent the session ID used by an OpenSslInternalSession.
OpenSslSessionStats	Stats exposed by an OpenSSL session context.
OpenSslSessionTicketKey	Session Ticket Key
OpenSslX509KeyManagerFactory	Special KeyManagerFactory that pre-compute the keymaterial used when SslProvider.OPENSSL or SslProvider.OPENSSL_REFCNT is used and so will improve handshake times and its performance.
OpenSslX509KeyManagerFactory.OpenSslKeyManagerFactorySpi
OpenSslX509KeyManagerFactory.OpenSslKeyManagerFactorySpi.ProviderFactory
OpenSslX509KeyManagerFactory.OpenSslKeyManagerFactorySpi.ProviderFactory.OpenSslPopulatedKeyMaterialProvider	OpenSslKeyMaterialProvider implementation that pre-compute the OpenSslKeyMaterial for all aliases.
OpenSslX509KeyManagerFactory.OpenSslKeyStore
OpenSslX509TrustManagerWrapper	Utility which allows to wrap X509TrustManager implementations with the internal implementation used by SSLContextImpl that provides extended verification.
OpenSslX509TrustManagerWrapper.UnsafeTrustManagerWrapper
OptionalSslHandler	OptionalSslHandler is a utility decoder to support both SSL and non-SSL handlers based on the first message received.
PemPrivateKey	This is a special purpose implementation of a PrivateKey which allows the user to pass PEM/PKCS#8 encoded key material straight into OpenSslContext without having to parse and re-encode bytes in Java land.
PemReader	Reads a PEM file and converts it into a list of DERs so that they are imported into a KeyStore easily.
PemValue	A PEM encoded value.
PemX509Certificate	This is a special purpose implementation of a X509Certificate which allows the user to pass PEM/PKCS#8 encoded data straight into OpenSslContext without having to parse and re-encode bytes in Java land.
PseudoRandomFunction	This pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length.
ReferenceCountedOpenSslClientContext	A client-side SslContext which uses OpenSSL's SSL/TLS implementation.
ReferenceCountedOpenSslClientContext.ExtendedTrustManagerVerifyCallback
ReferenceCountedOpenSslClientContext.OpenSslClientCertificateCallback
ReferenceCountedOpenSslClientContext.OpenSslClientSessionContext
ReferenceCountedOpenSslClientContext.TrustManagerVerifyCallback
ReferenceCountedOpenSslContext	An implementation of SslContext which works with libraries that support the OpenSsl C library API.
ReferenceCountedOpenSslContext.AbstractCertificateVerifier
ReferenceCountedOpenSslContext.AsyncPrivateKeyMethod
ReferenceCountedOpenSslContext.AsyncPrivateKeyMethod.ResultCallbackListener
ReferenceCountedOpenSslContext.CompressionAlgorithm
ReferenceCountedOpenSslContext.DefaultOpenSslEngineMap
ReferenceCountedOpenSslContext.PrivateKeyMethod
ReferenceCountedOpenSslEngine	Implements a SSLEngine using OpenSSL BIO abstractions.
ReferenceCountedOpenSslServerContext	A server-side SslContext which uses OpenSSL's SSL/TLS implementation.
ReferenceCountedOpenSslServerContext.ExtendedTrustManagerVerifyCallback
ReferenceCountedOpenSslServerContext.OpenSslServerCertificateCallback
ReferenceCountedOpenSslServerContext.OpenSslSniHostnameMatcher
ReferenceCountedOpenSslServerContext.TrustManagerVerifyCallback
ResumptionController
ResumptionController.X509ExtendedWrapTrustManager
SignatureAlgorithmConverter	Converts OpenSSL signature Algorithm names to Java signature Algorithm names.
SniCompletionEvent	Event that is fired once we did a selection of a SslContext based on the SNI hostname, which may be because it was successful or there was an error.
SniHandler	Enables SNI (Server Name Indication) extension for server side SSL.
SniHandler.AsyncMappingAdapter
SniHandler.Selection
SslClientHelloHandler<T>	ByteToMessageDecoder which allows to be notified once a full ClientHello was received.
SslCloseCompletionEvent	Event that is fired once the close_notify was received or if an failure happens before it was received.
SslCompletionEvent
SslContext	A secure socket protocol implementation which acts as a factory for SSLEngine and SslHandler.
SslContextBuilder	Builder for configuring a new SslContext for creation.
SslContextOption<T>	A SslContextOption allows to configure a SslContext in a type-safe way.
SslHandler	Adds SSL · TLS and StartTLS support to a Channel.
SslHandlerCoalescingBufferQueue	Each call to SSL_write will introduce about ~100 bytes of overhead.
SslHandshakeCompletionEvent	Event that is fired once the SSL handshake is complete, which may be because it was successful or there was an error.
SslMasterKeyHandler	The SslMasterKeyHandler is a channel-handler you can include in your pipeline to consume the master key & session identifier for a TLS session.
SslMasterKeyHandler.WiresharkSslMasterKeyHandler	Record the session identifier and master key to the InternalLogger named io.netty.wireshark.
SslProtocols	SSL/TLS protocols
SslUtils	Constants for SSL packets.
SupportedCipherSuiteFilter	This class will filter all requested ciphers out that are not supported by the current SSLEngine.

Enum Summary

Enum	Description
ApplicationProtocolConfig.Protocol	Defines which application level protocol negotiation to use.
ApplicationProtocolConfig.SelectedListenerFailureBehavior	Defines the most common behaviors for the peer which is notified of the selected protocol.
ApplicationProtocolConfig.SelectorFailureBehavior	Defines the most common behaviors for the peer that selects the application protocol.
ClientAuth	Indicates the state of the SSLEngine with respect to client authentication.
OpenSslCertificateCompressionConfig.AlgorithmMode	The usage mode of the OpenSslCertificateCompressionAlgorithm.
ReferenceCountedOpenSslEngine.HandshakeState
SslHandler.SslEngineType
SslProvider	An enumeration of SSL/TLS protocol providers.

Exception Summary

Exception	Description
NotSslRecordException	Special SSLException which will get thrown if a packet is received that not looks like a TLS/SSL record.
OpenSslCertificateException	A special CertificateException which allows to specify which error code is included in the SSL Record.
ReferenceCountedOpenSslEngine.OpenSslException
ReferenceCountedOpenSslEngine.OpenSslHandshakeException
SslClosedEngineException	SSLException which signals that the exception was caused by an SSLEngine which was closed already.
SslHandshakeTimeoutException	SSLHandshakeException that is used when a handshake failed due a configured timeout.
StacklessSSLHandshakeException	A SSLHandshakeException that does not fill in the stack trace.