Package io.netty.handler.ssl
Class OpenSsl
- java.lang.Object
-
- io.netty.handler.ssl.OpenSsl
-
public final class OpenSsl extends java.lang.Object
Tells ifnetty-tcnative
and its OpenSSL support are available.
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static java.util.Set<java.lang.String>
AVAILABLE_CIPHER_SUITES
private static java.util.Set<java.lang.String>
AVAILABLE_JAVA_CIPHER_SUITES
private static java.util.Set<java.lang.String>
AVAILABLE_OPENSSL_CIPHER_SUITES
private static java.util.Set<java.lang.String>
CLIENT_DEFAULT_PROTOCOLS
(package private) static java.util.List<java.lang.String>
DEFAULT_CIPHERS
private static java.lang.String[]
DEFAULT_NAMED_GROUPS
(package private) static java.lang.String[]
EXTRA_SUPPORTED_TLS_1_3_CIPHERS
(package private) static java.lang.String
EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING
private static boolean
IS_BORINGSSL
(package private) static boolean
JAVAX_CERTIFICATE_CREATION_SUPPORTED
private static InternalLogger
logger
(package private) static java.lang.String[]
NAMED_GROUPS
private static java.util.Set<java.lang.String>
SERVER_DEFAULT_PROTOCOLS
(package private) static java.util.Set<java.lang.String>
SUPPORTED_PROTOCOLS_SET
private static boolean
SUPPORTS_KEYMANAGER_FACTORY
private static boolean
SUPPORTS_OCSP
private static boolean
TLSV13_SUPPORTED
private static java.lang.Throwable
UNAVAILABILITY_CAUSE
private static boolean
USE_KEYMANAGER_FACTORY
-
Constructor Summary
Constructors Modifier Constructor Description private
OpenSsl()
-
Method Summary
All Methods Static Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static java.util.Set<java.lang.String>
availableCipherSuites()
Deprecated.static java.util.Set<java.lang.String>
availableJavaCipherSuites()
Returns all the available cipher suites (Java-style).static java.util.Set<java.lang.String>
availableOpenSslCipherSuites()
Returns all the available OpenSSL cipher suites.(package private) static java.lang.String
checkTls13Ciphers(InternalLogger logger, java.lang.String ciphers)
(package private) static java.lang.String[]
defaultProtocols(boolean isClient)
private static java.util.Set<java.lang.String>
defaultProtocols(java.lang.String property)
private static boolean
doesSupportOcsp()
private static boolean
doesSupportProtocol(int protocol, int opt)
static void
ensureAvailability()
Ensure thatnetty-tcnative
and its OpenSSL support are available.private static boolean
initializeTcNative(java.lang.String engine)
static boolean
isAlpnSupported()
Deprecated.static boolean
isAvailable()
Returnstrue
if and only ifnetty-tcnative
and its OpenSSL support are available.(package private) static boolean
isBoringSSL()
static boolean
isCipherSuiteAvailable(java.lang.String cipherSuite)
Returnstrue
if and only if the specified cipher suite is available in OpenSSL.static boolean
isOcspSupported()
Returnstrue
if the used version of OpenSSL supports OCSP stapling.(package private) static boolean
isOptionSupported(SslContextOption<?> option)
(package private) static boolean
isSessionCacheSupported()
(package private) static boolean
isTlsv13Supported()
private static void
loadTcNative()
(package private) static long
memoryAddress(ByteBuf buf)
(package private) static void
releaseIfNeeded(ReferenceCounted counted)
(package private) static java.security.cert.X509Certificate
selfSignedCertificate()
Returns a self-signedX509Certificate
fornetty.io
.static boolean
supportsHostnameValidation()
Deprecated.Will be removed because hostname validation is always done by aTrustManager
implementation.static boolean
supportsKeyManagerFactory()
Returnstrue
ifKeyManagerFactory
is supported when using OpenSSL.static java.lang.Throwable
unavailabilityCause()
Returns the cause of unavailability ofnetty-tcnative
and its OpenSSL support.(package private) static boolean
useKeyManagerFactory()
static int
version()
static java.lang.String
versionString()
Returns the version string of the used available OpenSSL library ornull
ifisAvailable()
returnsfalse
.
-
-
-
Field Detail
-
logger
private static final InternalLogger logger
-
UNAVAILABILITY_CAUSE
private static final java.lang.Throwable UNAVAILABILITY_CAUSE
-
DEFAULT_CIPHERS
static final java.util.List<java.lang.String> DEFAULT_CIPHERS
-
AVAILABLE_CIPHER_SUITES
static final java.util.Set<java.lang.String> AVAILABLE_CIPHER_SUITES
-
AVAILABLE_OPENSSL_CIPHER_SUITES
private static final java.util.Set<java.lang.String> AVAILABLE_OPENSSL_CIPHER_SUITES
-
AVAILABLE_JAVA_CIPHER_SUITES
private static final java.util.Set<java.lang.String> AVAILABLE_JAVA_CIPHER_SUITES
-
SUPPORTS_KEYMANAGER_FACTORY
private static final boolean SUPPORTS_KEYMANAGER_FACTORY
-
USE_KEYMANAGER_FACTORY
private static final boolean USE_KEYMANAGER_FACTORY
-
SUPPORTS_OCSP
private static final boolean SUPPORTS_OCSP
-
TLSV13_SUPPORTED
private static final boolean TLSV13_SUPPORTED
-
IS_BORINGSSL
private static final boolean IS_BORINGSSL
-
CLIENT_DEFAULT_PROTOCOLS
private static final java.util.Set<java.lang.String> CLIENT_DEFAULT_PROTOCOLS
-
SERVER_DEFAULT_PROTOCOLS
private static final java.util.Set<java.lang.String> SERVER_DEFAULT_PROTOCOLS
-
SUPPORTED_PROTOCOLS_SET
static final java.util.Set<java.lang.String> SUPPORTED_PROTOCOLS_SET
-
EXTRA_SUPPORTED_TLS_1_3_CIPHERS
static final java.lang.String[] EXTRA_SUPPORTED_TLS_1_3_CIPHERS
-
EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING
static final java.lang.String EXTRA_SUPPORTED_TLS_1_3_CIPHERS_STRING
-
NAMED_GROUPS
static final java.lang.String[] NAMED_GROUPS
-
JAVAX_CERTIFICATE_CREATION_SUPPORTED
static final boolean JAVAX_CERTIFICATE_CREATION_SUPPORTED
-
DEFAULT_NAMED_GROUPS
private static final java.lang.String[] DEFAULT_NAMED_GROUPS
-
-
Method Detail
-
checkTls13Ciphers
static java.lang.String checkTls13Ciphers(InternalLogger logger, java.lang.String ciphers)
-
isSessionCacheSupported
static boolean isSessionCacheSupported()
-
selfSignedCertificate
static java.security.cert.X509Certificate selfSignedCertificate() throws java.security.cert.CertificateException
Returns a self-signedX509Certificate
fornetty.io
.- Throws:
java.security.cert.CertificateException
-
doesSupportOcsp
private static boolean doesSupportOcsp()
-
doesSupportProtocol
private static boolean doesSupportProtocol(int protocol, int opt)
-
isAvailable
public static boolean isAvailable()
Returnstrue
if and only ifnetty-tcnative
and its OpenSSL support are available.
-
isAlpnSupported
@Deprecated public static boolean isAlpnSupported()
Deprecated.Returnstrue
if the used version of openssl supports ALPN.
-
isOcspSupported
public static boolean isOcspSupported()
Returnstrue
if the used version of OpenSSL supports OCSP stapling.
-
version
public static int version()
-
versionString
public static java.lang.String versionString()
Returns the version string of the used available OpenSSL library ornull
ifisAvailable()
returnsfalse
.
-
ensureAvailability
public static void ensureAvailability()
Ensure thatnetty-tcnative
and its OpenSSL support are available.- Throws:
java.lang.UnsatisfiedLinkError
- if unavailable
-
unavailabilityCause
public static java.lang.Throwable unavailabilityCause()
Returns the cause of unavailability ofnetty-tcnative
and its OpenSSL support.- Returns:
- the cause if unavailable.
null
if available.
-
availableCipherSuites
@Deprecated public static java.util.Set<java.lang.String> availableCipherSuites()
Deprecated.
-
availableOpenSslCipherSuites
public static java.util.Set<java.lang.String> availableOpenSslCipherSuites()
Returns all the available OpenSSL cipher suites. Please note that the returned array may include the cipher suites that are insecure or non-functional.
-
availableJavaCipherSuites
public static java.util.Set<java.lang.String> availableJavaCipherSuites()
Returns all the available cipher suites (Java-style). Please note that the returned array may include the cipher suites that are insecure or non-functional.
-
isCipherSuiteAvailable
public static boolean isCipherSuiteAvailable(java.lang.String cipherSuite)
Returnstrue
if and only if the specified cipher suite is available in OpenSSL. Both Java-style cipher suite and OpenSSL-style cipher suite are accepted.
-
supportsKeyManagerFactory
public static boolean supportsKeyManagerFactory()
Returnstrue
ifKeyManagerFactory
is supported when using OpenSSL.
-
supportsHostnameValidation
@Deprecated public static boolean supportsHostnameValidation()
Deprecated.Will be removed because hostname validation is always done by aTrustManager
implementation.
-
useKeyManagerFactory
static boolean useKeyManagerFactory()
-
memoryAddress
static long memoryAddress(ByteBuf buf)
-
loadTcNative
private static void loadTcNative() throws java.lang.Exception
- Throws:
java.lang.Exception
-
initializeTcNative
private static boolean initializeTcNative(java.lang.String engine) throws java.lang.Exception
- Throws:
java.lang.Exception
-
releaseIfNeeded
static void releaseIfNeeded(ReferenceCounted counted)
-
isTlsv13Supported
static boolean isTlsv13Supported()
-
isOptionSupported
static boolean isOptionSupported(SslContextOption<?> option)
-
defaultProtocols
private static java.util.Set<java.lang.String> defaultProtocols(java.lang.String property)
-
defaultProtocols
static java.lang.String[] defaultProtocols(boolean isClient)
-
isBoringSSL
static boolean isBoringSSL()
-
-