Class SslMasterKeyHandler

    • Field Detail

      • SSL_SESSIONIMPL_CLASS

        private static final java.lang.Class<?> SSL_SESSIONIMPL_CLASS
        The JRE SSLSessionImpl cannot be imported
      • SSL_SESSIONIMPL_MASTER_SECRET_FIELD

        private static final java.lang.reflect.Field SSL_SESSIONIMPL_MASTER_SECRET_FIELD
        The master key field in the SSLSessionImpl
      • SYSTEM_PROP_KEY

        public static final java.lang.String SYSTEM_PROP_KEY
        A system property that can be used to turn on/off the SslMasterKeyHandler dynamically without having to edit your pipeline. -Dio.netty.ssl.masterKeyHandler=true
        See Also:
        Constant Field Values
      • UNAVAILABILITY_CAUSE

        private static final java.lang.Throwable UNAVAILABILITY_CAUSE
        The unavailability cause of whether the private Sun implementation of SSLSessionImpl is available.
    • Constructor Detail

      • SslMasterKeyHandler

        protected SslMasterKeyHandler()
        Constructor.
    • Method Detail

      • ensureSunSslEngineAvailability

        public static void ensureSunSslEngineAvailability()
        Ensure that SSLSessionImpl is available.
        Throws:
        java.lang.UnsatisfiedLinkError - if unavailable
      • sunSslEngineUnavailabilityCause

        public static java.lang.Throwable sunSslEngineUnavailabilityCause()
        Returns the cause of unavailability.
        Returns:
        the cause if unavailable. null if available.
      • isSunSslEngineAvailable

        public static boolean isSunSslEngineAvailable()
      • accept

        protected abstract void accept​(javax.crypto.SecretKey masterKey,
                                       javax.net.ssl.SSLSession session)
        Consume the master key for the session and the sessionId
        Parameters:
        masterKey - A 48-byte secret shared between the client and server.
        session - The current TLS session
      • masterKeyHandlerEnabled

        protected boolean masterKeyHandlerEnabled()
        Checks if the handler is set up to actually handle/accept the event. By default the SYSTEM_PROP_KEY property is checked, but any implementations of this class are free to override if they have different mechanisms of checking.
        Returns:
        true if it should handle, false otherwise.
      • newWireSharkSslMasterKeyHandler

        public static SslMasterKeyHandler newWireSharkSslMasterKeyHandler()
        Create a SslMasterKeyHandler.WiresharkSslMasterKeyHandler instance. This TLS master key handler logs the master key and session-id in a format understood by Wireshark -- this can be especially useful if you need to ever decrypt a TLS session and are using perfect forward secrecy (i.e. Diffie-Hellman) The key and session identifier are forwarded to the log named 'io.netty.wireshark'.