io.netty.handler.ssl

package io.netty.handler.ssl

SSL · TLS implementation based on SSLEngine

Related Packages

Package

Description

io.netty.handler.ssl.ocsp

Certificate validation using OCSP

io.netty.handler.ssl.util

Utility classes that helps easier development of TLS/SSL applications.
Class

Description

AbstractSniHandler<T>

Enables SNI (Server Name Indication) extension for server side SSL.

ApplicationProtocolAccessor

Provides a way to get the application-level protocol name from ALPN or NPN.

ApplicationProtocolConfig

Provides an SSLEngine agnostic way to configure a ApplicationProtocolNegotiator.

ApplicationProtocolConfig.Protocol

Defines which application level protocol negotiation to use.

ApplicationProtocolConfig.SelectedListenerFailureBehavior

Defines the most common behaviors for the peer which is notified of the selected protocol.

ApplicationProtocolConfig.SelectorFailureBehavior

Defines the most common behaviors for the peer that selects the application protocol.

ApplicationProtocolNames

Provides a set of protocol names used in ALPN and NPN.

ApplicationProtocolNegotiationHandler

Configures a ChannelPipeline depending on the application-level protocol negotiation result of SslHandler.

ApplicationProtocolNegotiator

Deprecated.
use ApplicationProtocolConfig

ApplicationProtocolUtil

Utility class for application protocol common operations.

AsyncRunnable

BouncyCastleAlpnSslEngine

BouncyCastleAlpnSslUtils

BouncyCastlePemReader

Ciphers

Cipher suites

CipherSuiteConverter

Converts a Java cipher suite string to an OpenSSL cipher suite string and vice versa.

CipherSuiteConverter.CachedValue

Used to store nullable values in a CHM

CipherSuiteFilter

Provides a means to filter the supplied cipher suite based upon the supported and default cipher suites.

ClientAuth

Indicates the state of the SSLEngine with respect to client authentication.

DefaultOpenSslKeyMaterial

DelegatingSslContext

Adapter class which allows to wrap another SslContext and init SSLEngine instances.

EnhancingX509ExtendedTrustManager

Wraps an existing X509ExtendedTrustManager and enhances the CertificateException that is thrown because of hostname validation.

ExtendedOpenSslSession

Delegates all operations to a wrapped OpenSslInternalSession except the methods defined by ExtendedSSLSession itself.

GroupsConverter

Convert java naming to OpenSSL naming if possible and if not return the original name.

IdentityCipherSuiteFilter

This class will not do any filtering of ciphers suites.

Java7SslParametersUtils

Java8SslUtils

JdkAlpnApplicationProtocolNegotiator

Deprecated.
use ApplicationProtocolConfig.

JdkAlpnApplicationProtocolNegotiator.AlpnWrapper

JdkAlpnApplicationProtocolNegotiator.FailureWrapper

JdkAlpnSslEngine

JdkAlpnSslUtils

JdkApplicationProtocolNegotiator

Deprecated.
use ApplicationProtocolConfig

JdkApplicationProtocolNegotiator.AllocatorAwareSslEngineWrapperFactory

JdkApplicationProtocolNegotiator.ProtocolSelectionListener

A listener to be notified by which protocol was select by its peer.

JdkApplicationProtocolNegotiator.ProtocolSelectionListenerFactory

Factory interface for JdkApplicationProtocolNegotiator.ProtocolSelectionListener objects.

JdkApplicationProtocolNegotiator.ProtocolSelector

Interface to define the role of an application protocol selector in the SSL handshake process.

JdkApplicationProtocolNegotiator.ProtocolSelectorFactory

Factory interface for JdkApplicationProtocolNegotiator.ProtocolSelector objects.

JdkApplicationProtocolNegotiator.SslEngineWrapperFactory

Abstract factory pattern for wrapping an SSLEngine object.

JdkBaseApplicationProtocolNegotiator

Common base class for JdkApplicationProtocolNegotiator classes to inherit from.

JdkBaseApplicationProtocolNegotiator.FailProtocolSelectionListener

JdkBaseApplicationProtocolNegotiator.FailProtocolSelector

JdkBaseApplicationProtocolNegotiator.NoFailProtocolSelectionListener

JdkBaseApplicationProtocolNegotiator.NoFailProtocolSelector

JdkDefaultApplicationProtocolNegotiator

The JdkApplicationProtocolNegotiator to use if you do not care about NPN or ALPN and are using SslProvider.JDK.

JdkNpnApplicationProtocolNegotiator

Deprecated.
use ApplicationProtocolConfig.

JdkSslClientContext

Deprecated.
Use SslContextBuilder to create JdkSslContext instances and only use JdkSslContext in your code.

JdkSslContext

An SslContext which uses JDK's SSL/TLS implementation.

JdkSslContext.Defaults

JdkSslEngine

JdkSslServerContext

Deprecated.
Use SslContextBuilder to create JdkSslContext instances and only use JdkSslContext in your code.

NotSslRecordException

Special SSLException which will get thrown if a packet is received that not looks like a TLS/SSL record.

OpenSsl

Tells if netty-tcnative and its OpenSSL support are available.

OpenSslApplicationProtocolNegotiator

Deprecated.
use ApplicationProtocolConfig

OpenSslAsyncPrivateKeyMethod

OpenSslCachingKeyMaterialProvider

OpenSslKeyMaterialProvider that will cache the OpenSslKeyMaterial to reduce the overhead of parsing the chain and the key for generation of the material.

OpenSslCachingX509KeyManagerFactory

Wraps another KeyManagerFactory and caches its chains / certs for an alias for better performance when using SslProvider.OPENSSL or SslProvider.OPENSSL_REFCNT.

OpenSslCertificateCompressionAlgorithm

Provides compression and decompression implementations for TLS Certificate Compression (RFC 8879).

OpenSslCertificateCompressionConfig

Configuration for TLS1.3 certificate compression extension.

OpenSslCertificateCompressionConfig.AlgorithmConfig

The configuration for algorithm.

OpenSslCertificateCompressionConfig.AlgorithmMode

The usage mode of the OpenSslCertificateCompressionAlgorithm.

OpenSslCertificateCompressionConfig.Builder

Builder for an OpenSslCertificateCompressionAlgorithm.

OpenSslCertificateException

A special CertificateException which allows to specify which error code is included in the SSL Record.

OpenSslClientContext

A client-side SslContext which uses OpenSSL's SSL/TLS implementation.

OpenSslClientSessionCache

OpenSslSessionCache that is used by the client-side.

OpenSslClientSessionCache.HostPort

Host / Port tuple used to find a OpenSslInternalSession in the cache.

OpenSslContext

This class will use a finalizer to ensure native resources are automatically cleaned up.

OpenSslContextOption<T>

SslContextOptions that are specific to the SslProvider.OPENSSL / SslProvider.OPENSSL_REFCNT.

OpenSslDefaultApplicationProtocolNegotiator

Deprecated.
use ApplicationProtocolConfig.

OpenSslEngine

Implements a SSLEngine using OpenSSL BIO abstractions.

OpenSslEngineMap

OpenSslInternalSession

SSLSession that is specific to our native implementation.

OpenSslKeyMaterial

Holds references to the native key-material that is used by OpenSSL.

OpenSslKeyMaterialManager

Manages key material for OpenSslEngines and so set the right PrivateKeys and X509Certificates.

OpenSslKeyMaterialProvider

Provides OpenSslKeyMaterial for a given alias.

OpenSslNpnApplicationProtocolNegotiator

Deprecated.
use ApplicationProtocolConfig

OpenSslPrivateKey

OpenSslPrivateKeyMethod

Allow to customize private key signing / decrypting (when using RSA).

OpenSslServerContext

A server-side SslContext which uses OpenSSL's SSL/TLS implementation.

OpenSslServerSessionContext

OpenSslSessionContext implementation which offers extra methods which are only useful for the server-side.

OpenSslSession

SSLSession sub-type that is used by our native implementation.

OpenSslSessionCache

SSLSessionCache implementation for our native SSL implementation.

OpenSslSessionCache.NativeSslSession

OpenSslInternalSession implementation which wraps the native SSL_SESSION* while in cache.

OpenSslSessionContext

OpenSSL specific SSLSessionContext implementation.

OpenSslSessionId

Represent the session ID used by an OpenSslInternalSession.

OpenSslSessionStats

Stats exposed by an OpenSSL session context.

OpenSslSessionTicketKey

Session Ticket Key

OpenSslX509KeyManagerFactory

Special KeyManagerFactory that pre-compute the keymaterial used when SslProvider.OPENSSL or SslProvider.OPENSSL_REFCNT is used and so will improve handshake times and its performance.

OpenSslX509KeyManagerFactory.OpenSslKeyManagerFactorySpi

OpenSslX509KeyManagerFactory.OpenSslKeyManagerFactorySpi.ProviderFactory

OpenSslX509KeyManagerFactory.OpenSslKeyManagerFactorySpi.ProviderFactory.OpenSslPopulatedKeyMaterialProvider

OpenSslKeyMaterialProvider implementation that pre-compute the OpenSslKeyMaterial for all aliases.

OpenSslX509KeyManagerFactory.OpenSslKeyStore

OpenSslX509TrustManagerWrapper

Utility which allows to wrap X509TrustManager implementations with the internal implementation used by SSLContextImpl that provides extended verification.

OpenSslX509TrustManagerWrapper.TrustManagerWrapper

OpenSslX509TrustManagerWrapper.UnsafeTrustManagerWrapper

OptionalSslHandler

OptionalSslHandler is a utility decoder to support both SSL and non-SSL handlers based on the first message received.

PemEncoded

A marker interface for PEM encoded values.

PemPrivateKey

This is a special purpose implementation of a PrivateKey which allows the user to pass PEM/PKCS#8 encoded key material straight into OpenSslContext without having to parse and re-encode bytes in Java land.

PemReader

Reads a PEM file and converts it into a list of DERs so that they are imported into a KeyStore easily.

PemValue

A PEM encoded value.

PemX509Certificate

This is a special purpose implementation of a X509Certificate which allows the user to pass PEM/PKCS#8 encoded data straight into OpenSslContext without having to parse and re-encode bytes in Java land.

PseudoRandomFunction

This pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length.

ReferenceCountedOpenSslClientContext

A client-side SslContext which uses OpenSSL's SSL/TLS implementation.

ReferenceCountedOpenSslClientContext.ExtendedTrustManagerVerifyCallback

ReferenceCountedOpenSslClientContext.OpenSslClientCertificateCallback

ReferenceCountedOpenSslClientContext.OpenSslClientSessionContext

ReferenceCountedOpenSslClientContext.TrustManagerVerifyCallback

ReferenceCountedOpenSslContext

An implementation of SslContext which works with libraries that support the OpenSsl C library API.

ReferenceCountedOpenSslContext.AbstractCertificateVerifier

ReferenceCountedOpenSslContext.AsyncPrivateKeyMethod

ReferenceCountedOpenSslContext.AsyncPrivateKeyMethod.ResultCallbackListener

ReferenceCountedOpenSslContext.CompressionAlgorithm

ReferenceCountedOpenSslContext.DefaultOpenSslEngineMap

ReferenceCountedOpenSslContext.PrivateKeyMethod

ReferenceCountedOpenSslEngine

Implements a SSLEngine using OpenSSL BIO abstractions.

ReferenceCountedOpenSslEngine.HandshakeState

ReferenceCountedOpenSslEngine.NativeSslException

ReferenceCountedOpenSslEngine.OpenSslException

ReferenceCountedOpenSslEngine.OpenSslHandshakeException

ReferenceCountedOpenSslServerContext

A server-side SslContext which uses OpenSSL's SSL/TLS implementation.

ReferenceCountedOpenSslServerContext.ExtendedTrustManagerVerifyCallback

ReferenceCountedOpenSslServerContext.OpenSslServerCertificateCallback

ReferenceCountedOpenSslServerContext.OpenSslSniHostnameMatcher

ReferenceCountedOpenSslServerContext.TrustManagerVerifyCallback

ResumableX509ExtendedTrustManager

An interface that TrustManager instances can implement, to be notified of resumed SSL sessions.

ResumptionController

ResumptionController.X509ExtendedWrapTrustManager

SignatureAlgorithmConverter

Converts OpenSSL signature Algorithm names to Java signature Algorithm names.

SniCompletionEvent

Event that is fired once we did a selection of a SslContext based on the SNI hostname, which may be because it was successful or there was an error.

SniHandler

Enables SNI (Server Name Indication) extension for server side SSL.

SniHandler.AsyncMappingAdapter

SniHandler.Selection

SslClientHelloHandler<T>

ByteToMessageDecoder which allows to be notified once a full ClientHello was received.

SslCloseCompletionEvent

Event that is fired once the close_notify was received or if an failure happens before it was received.

SslClosedEngineException

SSLException which signals that the exception was caused by an SSLEngine which was closed already.

SslCompletionEvent

SslContext

A secure socket protocol implementation which acts as a factory for SSLEngine and SslHandler.

SslContextBuilder

Builder for configuring a new SslContext for creation.

SslContextOption<T>

A SslContextOption allows to configure a SslContext in a type-safe way.

SslHandler

Adds SSL · TLS and StartTLS support to a Channel.

SslHandler.SslEngineType

SslHandlerCoalescingBufferQueue

Each call to SSL_write will introduce about ~100 bytes of overhead.

SslHandshakeCompletionEvent

Event that is fired once the SSL handshake is complete, which may be because it was successful or there was an error.

SslHandshakeTimeoutException

SSLHandshakeException that is used when a handshake failed due a configured timeout.

SslMasterKeyHandler

The SslMasterKeyHandler is a channel-handler you can include in your pipeline to consume the master key invalid input: '&' session identifier for a TLS session.

SslMasterKeyHandler.WiresharkSslMasterKeyHandler

Record the session identifier and master key to the InternalLogger named io.netty.wireshark.

SslProtocols

SSL/TLS protocols

SslProvider

An enumeration of SSL/TLS protocol providers.

SslUtils

Constants for SSL packets.

StacklessSSLHandshakeException

A SSLHandshakeException that does not fill in the stack trace.

SupportedCipherSuiteFilter

This class will filter all requested ciphers out that are not supported by the current SSLEngine.

Package io.netty.handler.ssl