java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessage
io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.TlsParameters
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, TlsParametersOrBuilder, Serializable

public final class TlsParameters extends com.google.protobuf.GeneratedMessage implements TlsParametersOrBuilder
 [#next-free-field: 6]
 
Protobuf type envoy.extensions.transport_sockets.tls.v3.TlsParameters
See Also:
  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static final class 
    [#next-free-field: 6]
    static enum 
    Protobuf enum envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol

    Nested classes/interfaces inherited from class com.google.protobuf.GeneratedMessage

    com.google.protobuf.GeneratedMessage.ExtendableBuilder<MessageT extends com.google.protobuf.GeneratedMessage.ExtendableMessage<MessageT>,BuilderT extends com.google.protobuf.GeneratedMessage.ExtendableBuilder<MessageT,BuilderT>>, com.google.protobuf.GeneratedMessage.ExtendableMessage<MessageT extends com.google.protobuf.GeneratedMessage.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessage.ExtendableMessageOrBuilder<MessageT extends com.google.protobuf.GeneratedMessage.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessage.FieldAccessorTable, com.google.protobuf.GeneratedMessage.GeneratedExtension<ContainingT extends com.google.protobuf.Message,T>, com.google.protobuf.GeneratedMessage.UnusedPrivateParameter

    Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessage

    com.google.protobuf.AbstractMessage.BuilderParent

    Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessageLite

    com.google.protobuf.AbstractMessageLite.InternalOneOfEnum
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
     
    private com.google.protobuf.LazyStringArrayList
     
    private static final TlsParameters
     
    static final int
     
    private com.google.protobuf.LazyStringArrayList
     
    private byte
     
    private static final com.google.protobuf.Parser<TlsParameters>
     
    private static final long
     
    static final int
     
    private com.google.protobuf.LazyStringArrayList
     
    static final int
     
    static final int
     
    private int
     
    private int
     

    Fields inherited from class com.google.protobuf.GeneratedMessage

    alwaysUseFieldBuilders, unknownFields

    Fields inherited from class com.google.protobuf.AbstractMessage

    memoizedSize

    Fields inherited from class com.google.protobuf.AbstractMessageLite

    memoizedHashCode
  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    private
     
    private
    TlsParameters(com.google.protobuf.GeneratedMessage.Builder<?> builder)
     
  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
     
    getCipherSuites(int index)
    If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
    com.google.protobuf.ByteString
    If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
    int
    If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
    com.google.protobuf.ProtocolStringList
    If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
     
     
    static final com.google.protobuf.Descriptors.Descriptor
     
    getEcdhCurves(int index)
    If specified, the TLS connection will only support the specified ECDH curves.
    com.google.protobuf.ByteString
    getEcdhCurvesBytes(int index)
    If specified, the TLS connection will only support the specified ECDH curves.
    int
    If specified, the TLS connection will only support the specified ECDH curves.
    com.google.protobuf.ProtocolStringList
    If specified, the TLS connection will only support the specified ECDH curves.
    com.google.protobuf.Parser<TlsParameters>
     
    int
     
    If specified, the TLS connection will only support the specified signature algorithms.
    com.google.protobuf.ByteString
    If specified, the TLS connection will only support the specified signature algorithms.
    int
    If specified, the TLS connection will only support the specified signature algorithms.
    com.google.protobuf.ProtocolStringList
    If specified, the TLS connection will only support the specified signature algorithms.
    Maximum TLS protocol version.
    int
    Maximum TLS protocol version.
    Minimum TLS protocol version.
    int
    Minimum TLS protocol version.
    int
     
    protected com.google.protobuf.GeneratedMessage.FieldAccessorTable
     
    final boolean
     
     
     
     
    newBuilderForType(com.google.protobuf.AbstractMessage.BuilderParent parent)
     
     
    parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    parseFrom(byte[] data)
     
    parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    parseFrom(com.google.protobuf.ByteString data)
     
    parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    parseFrom(com.google.protobuf.CodedInputStream input)
     
    parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
     
    parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
     
    parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static com.google.protobuf.Parser<TlsParameters>
     
     
    void
    writeTo(com.google.protobuf.CodedOutputStream output)
     

    Methods inherited from class com.google.protobuf.GeneratedMessage

    canUseUnsafe, computeStringSize, computeStringSizeNoTag, emptyBooleanList, emptyDoubleList, emptyFloatList, emptyIntList, emptyList, emptyLongList, getAllFields, getDescriptorForType, getField, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMapFieldReflection, isStringEmpty, makeMutableCopy, makeMutableCopy, mergeFromAndMakeImmutableInternal, newFileScopedGeneratedExtension, newInstance, newMessageScopedGeneratedExtension, parseDelimitedWithIOException, parseDelimitedWithIOException, parseUnknownField, parseUnknownFieldProto3, parseWithIOException, parseWithIOException, parseWithIOException, parseWithIOException, serializeBooleanMapTo, serializeIntegerMapTo, serializeLongMapTo, serializeStringMapTo, writeReplace, writeString, writeStringNoTag

    Methods inherited from class com.google.protobuf.AbstractMessage

    findInitializationErrors, getInitializationErrorString, hashFields, toString

    Methods inherited from class com.google.protobuf.AbstractMessageLite

    addAll, checkByteStringIsUtf8, toByteArray, toByteString, writeDelimitedTo, writeTo

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    Methods inherited from interface com.google.protobuf.MessageLite

    toByteArray, toByteString, writeDelimitedTo, writeTo

    Methods inherited from interface com.google.protobuf.MessageOrBuilder

    findInitializationErrors, getAllFields, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof
  • Field Details

    • serialVersionUID

      private static final long serialVersionUID
      See Also:
    • TLS_MINIMUM_PROTOCOL_VERSION_FIELD_NUMBER

      public static final int TLS_MINIMUM_PROTOCOL_VERSION_FIELD_NUMBER
      See Also:
    • tlsMinimumProtocolVersion_

      private int tlsMinimumProtocolVersion_
    • TLS_MAXIMUM_PROTOCOL_VERSION_FIELD_NUMBER

      public static final int TLS_MAXIMUM_PROTOCOL_VERSION_FIELD_NUMBER
      See Also:
    • tlsMaximumProtocolVersion_

      private int tlsMaximumProtocolVersion_
    • CIPHER_SUITES_FIELD_NUMBER

      public static final int CIPHER_SUITES_FIELD_NUMBER
      See Also:
    • cipherSuites_

      private com.google.protobuf.LazyStringArrayList cipherSuites_
    • ECDH_CURVES_FIELD_NUMBER

      public static final int ECDH_CURVES_FIELD_NUMBER
      See Also:
    • ecdhCurves_

      private com.google.protobuf.LazyStringArrayList ecdhCurves_
    • SIGNATURE_ALGORITHMS_FIELD_NUMBER

      public static final int SIGNATURE_ALGORITHMS_FIELD_NUMBER
      See Also:
    • signatureAlgorithms_

      private com.google.protobuf.LazyStringArrayList signatureAlgorithms_
    • memoizedIsInitialized

      private byte memoizedIsInitialized
    • DEFAULT_INSTANCE

      private static final TlsParameters DEFAULT_INSTANCE
    • PARSER

      private static final com.google.protobuf.Parser<TlsParameters> PARSER
  • Constructor Details

    • TlsParameters

      private TlsParameters(com.google.protobuf.GeneratedMessage.Builder<?> builder)
    • TlsParameters

      private TlsParameters()
  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()
    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessage
    • getTlsMinimumProtocolVersionValue

      public int getTlsMinimumProtocolVersionValue()
       Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.
      
       TLS protocol versions below TLSv1_2 require setting compatible ciphers with the
       ``cipher_suites`` setting as the default ciphers no longer include compatible ciphers.
      
       .. attention::
      
       Using TLS protocol versions below TLSv1_2 has serious security considerations and risks.
       
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
      Specified by:
      getTlsMinimumProtocolVersionValue in interface TlsParametersOrBuilder
      Returns:
      The enum numeric value on the wire for tlsMinimumProtocolVersion.
    • getTlsMinimumProtocolVersion

      public TlsParameters.TlsProtocol getTlsMinimumProtocolVersion()
       Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.
      
       TLS protocol versions below TLSv1_2 require setting compatible ciphers with the
       ``cipher_suites`` setting as the default ciphers no longer include compatible ciphers.
      
       .. attention::
      
       Using TLS protocol versions below TLSv1_2 has serious security considerations and risks.
       
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
      Specified by:
      getTlsMinimumProtocolVersion in interface TlsParametersOrBuilder
      Returns:
      The tlsMinimumProtocolVersion.
    • getTlsMaximumProtocolVersionValue

      public int getTlsMaximumProtocolVersionValue()
       Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
       servers.
       
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
      Specified by:
      getTlsMaximumProtocolVersionValue in interface TlsParametersOrBuilder
      Returns:
      The enum numeric value on the wire for tlsMaximumProtocolVersion.
    • getTlsMaximumProtocolVersion

      public TlsParameters.TlsProtocol getTlsMaximumProtocolVersion()
       Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
       servers.
       
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
      Specified by:
      getTlsMaximumProtocolVersion in interface TlsParametersOrBuilder
      Returns:
      The tlsMaximumProtocolVersion.
    • getCipherSuitesList

      public com.google.protobuf.ProtocolStringList getCipherSuitesList()
       If specified, the TLS listener will only support the specified `cipher list
       <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
       when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
      
       If not specified, a default list will be used. Defaults are different for server (downstream) and
       client (upstream) TLS configurations.
       Defaults will change over time in response to security considerations; If you care, configure
       it instead of using the default.
      
       In non-FIPS builds, the default server cipher list is:
      
       .. code-block:: none
      
       [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
       [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
      
       .. code-block:: none
      
       ECDHE-ECDSA-AES128-GCM-SHA256
       ECDHE-RSA-AES128-GCM-SHA256
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In non-FIPS builds, the default client cipher list is:
      
       .. code-block:: none
      
       [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
       [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
      
       .. code-block:: none
      
       ECDHE-ECDSA-AES128-GCM-SHA256
       ECDHE-RSA-AES128-GCM-SHA256
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
       
      repeated string cipher_suites = 3;
      Specified by:
      getCipherSuitesList in interface TlsParametersOrBuilder
      Returns:
      A list containing the cipherSuites.
    • getCipherSuitesCount

      public int getCipherSuitesCount()
       If specified, the TLS listener will only support the specified `cipher list
       <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
       when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
      
       If not specified, a default list will be used. Defaults are different for server (downstream) and
       client (upstream) TLS configurations.
       Defaults will change over time in response to security considerations; If you care, configure
       it instead of using the default.
      
       In non-FIPS builds, the default server cipher list is:
      
       .. code-block:: none
      
       [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
       [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
      
       .. code-block:: none
      
       ECDHE-ECDSA-AES128-GCM-SHA256
       ECDHE-RSA-AES128-GCM-SHA256
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In non-FIPS builds, the default client cipher list is:
      
       .. code-block:: none
      
       [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
       [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
      
       .. code-block:: none
      
       ECDHE-ECDSA-AES128-GCM-SHA256
       ECDHE-RSA-AES128-GCM-SHA256
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
       
      repeated string cipher_suites = 3;
      Specified by:
      getCipherSuitesCount in interface TlsParametersOrBuilder
      Returns:
      The count of cipherSuites.
    • getCipherSuites

      public String getCipherSuites(int index)
       If specified, the TLS listener will only support the specified `cipher list
       <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
       when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
      
       If not specified, a default list will be used. Defaults are different for server (downstream) and
       client (upstream) TLS configurations.
       Defaults will change over time in response to security considerations; If you care, configure
       it instead of using the default.
      
       In non-FIPS builds, the default server cipher list is:
      
       .. code-block:: none
      
       [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
       [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
      
       .. code-block:: none
      
       ECDHE-ECDSA-AES128-GCM-SHA256
       ECDHE-RSA-AES128-GCM-SHA256
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In non-FIPS builds, the default client cipher list is:
      
       .. code-block:: none
      
       [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
       [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
      
       .. code-block:: none
      
       ECDHE-ECDSA-AES128-GCM-SHA256
       ECDHE-RSA-AES128-GCM-SHA256
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
       
      repeated string cipher_suites = 3;
      Specified by:
      getCipherSuites in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The cipherSuites at the given index.
    • getCipherSuitesBytes

      public com.google.protobuf.ByteString getCipherSuitesBytes(int index)
       If specified, the TLS listener will only support the specified `cipher list
       <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
       when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
      
       If not specified, a default list will be used. Defaults are different for server (downstream) and
       client (upstream) TLS configurations.
       Defaults will change over time in response to security considerations; If you care, configure
       it instead of using the default.
      
       In non-FIPS builds, the default server cipher list is:
      
       .. code-block:: none
      
       [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
       [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
      
       .. code-block:: none
      
       ECDHE-ECDSA-AES128-GCM-SHA256
       ECDHE-RSA-AES128-GCM-SHA256
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In non-FIPS builds, the default client cipher list is:
      
       .. code-block:: none
      
       [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
       [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
      
       .. code-block:: none
      
       ECDHE-ECDSA-AES128-GCM-SHA256
       ECDHE-RSA-AES128-GCM-SHA256
       ECDHE-ECDSA-AES256-GCM-SHA384
       ECDHE-RSA-AES256-GCM-SHA384
       
      repeated string cipher_suites = 3;
      Specified by:
      getCipherSuitesBytes in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the cipherSuites at the given index.
    • getEcdhCurvesList

      public com.google.protobuf.ProtocolStringList getEcdhCurvesList()
       If specified, the TLS connection will only support the specified ECDH
       curves. If not specified, the default curves will be used.
      
       In non-FIPS builds, the default curves are:
      
       .. code-block:: none
      
       X25519
       P-256
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
      
       .. code-block:: none
      
       P-256
       
      repeated string ecdh_curves = 4;
      Specified by:
      getEcdhCurvesList in interface TlsParametersOrBuilder
      Returns:
      A list containing the ecdhCurves.
    • getEcdhCurvesCount

      public int getEcdhCurvesCount()
       If specified, the TLS connection will only support the specified ECDH
       curves. If not specified, the default curves will be used.
      
       In non-FIPS builds, the default curves are:
      
       .. code-block:: none
      
       X25519
       P-256
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
      
       .. code-block:: none
      
       P-256
       
      repeated string ecdh_curves = 4;
      Specified by:
      getEcdhCurvesCount in interface TlsParametersOrBuilder
      Returns:
      The count of ecdhCurves.
    • getEcdhCurves

      public String getEcdhCurves(int index)
       If specified, the TLS connection will only support the specified ECDH
       curves. If not specified, the default curves will be used.
      
       In non-FIPS builds, the default curves are:
      
       .. code-block:: none
      
       X25519
       P-256
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
      
       .. code-block:: none
      
       P-256
       
      repeated string ecdh_curves = 4;
      Specified by:
      getEcdhCurves in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The ecdhCurves at the given index.
    • getEcdhCurvesBytes

      public com.google.protobuf.ByteString getEcdhCurvesBytes(int index)
       If specified, the TLS connection will only support the specified ECDH
       curves. If not specified, the default curves will be used.
      
       In non-FIPS builds, the default curves are:
      
       .. code-block:: none
      
       X25519
       P-256
      
       In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
      
       .. code-block:: none
      
       P-256
       
      repeated string ecdh_curves = 4;
      Specified by:
      getEcdhCurvesBytes in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the ecdhCurves at the given index.
    • getSignatureAlgorithmsList

      public com.google.protobuf.ProtocolStringList getSignatureAlgorithmsList()
       If specified, the TLS connection will only support the specified signature algorithms.
       The list is ordered by preference.
       If not specified, the default signature algorithms defined by BoringSSL will be used.
      
       Default signature algorithms selected by BoringSSL (may be out of date):
      
       .. code-block:: none
      
       ecdsa_secp256r1_sha256
       rsa_pss_rsae_sha256
       rsa_pkcs1_sha256
       ecdsa_secp384r1_sha384
       rsa_pss_rsae_sha384
       rsa_pkcs1_sha384
       rsa_pss_rsae_sha512
       rsa_pkcs1_sha512
       rsa_pkcs1_sha1
      
       Signature algorithms supported by BoringSSL (may be out of date):
      
       .. code-block:: none
      
       rsa_pkcs1_sha256
       rsa_pkcs1_sha384
       rsa_pkcs1_sha512
       ecdsa_secp256r1_sha256
       ecdsa_secp384r1_sha384
       ecdsa_secp521r1_sha512
       rsa_pss_rsae_sha256
       rsa_pss_rsae_sha384
       rsa_pss_rsae_sha512
       ed25519
       rsa_pkcs1_sha1
       ecdsa_sha1
       
      repeated string signature_algorithms = 5;
      Specified by:
      getSignatureAlgorithmsList in interface TlsParametersOrBuilder
      Returns:
      A list containing the signatureAlgorithms.
    • getSignatureAlgorithmsCount

      public int getSignatureAlgorithmsCount()
       If specified, the TLS connection will only support the specified signature algorithms.
       The list is ordered by preference.
       If not specified, the default signature algorithms defined by BoringSSL will be used.
      
       Default signature algorithms selected by BoringSSL (may be out of date):
      
       .. code-block:: none
      
       ecdsa_secp256r1_sha256
       rsa_pss_rsae_sha256
       rsa_pkcs1_sha256
       ecdsa_secp384r1_sha384
       rsa_pss_rsae_sha384
       rsa_pkcs1_sha384
       rsa_pss_rsae_sha512
       rsa_pkcs1_sha512
       rsa_pkcs1_sha1
      
       Signature algorithms supported by BoringSSL (may be out of date):
      
       .. code-block:: none
      
       rsa_pkcs1_sha256
       rsa_pkcs1_sha384
       rsa_pkcs1_sha512
       ecdsa_secp256r1_sha256
       ecdsa_secp384r1_sha384
       ecdsa_secp521r1_sha512
       rsa_pss_rsae_sha256
       rsa_pss_rsae_sha384
       rsa_pss_rsae_sha512
       ed25519
       rsa_pkcs1_sha1
       ecdsa_sha1
       
      repeated string signature_algorithms = 5;
      Specified by:
      getSignatureAlgorithmsCount in interface TlsParametersOrBuilder
      Returns:
      The count of signatureAlgorithms.
    • getSignatureAlgorithms

      public String getSignatureAlgorithms(int index)
       If specified, the TLS connection will only support the specified signature algorithms.
       The list is ordered by preference.
       If not specified, the default signature algorithms defined by BoringSSL will be used.
      
       Default signature algorithms selected by BoringSSL (may be out of date):
      
       .. code-block:: none
      
       ecdsa_secp256r1_sha256
       rsa_pss_rsae_sha256
       rsa_pkcs1_sha256
       ecdsa_secp384r1_sha384
       rsa_pss_rsae_sha384
       rsa_pkcs1_sha384
       rsa_pss_rsae_sha512
       rsa_pkcs1_sha512
       rsa_pkcs1_sha1
      
       Signature algorithms supported by BoringSSL (may be out of date):
      
       .. code-block:: none
      
       rsa_pkcs1_sha256
       rsa_pkcs1_sha384
       rsa_pkcs1_sha512
       ecdsa_secp256r1_sha256
       ecdsa_secp384r1_sha384
       ecdsa_secp521r1_sha512
       rsa_pss_rsae_sha256
       rsa_pss_rsae_sha384
       rsa_pss_rsae_sha512
       ed25519
       rsa_pkcs1_sha1
       ecdsa_sha1
       
      repeated string signature_algorithms = 5;
      Specified by:
      getSignatureAlgorithms in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The signatureAlgorithms at the given index.
    • getSignatureAlgorithmsBytes

      public com.google.protobuf.ByteString getSignatureAlgorithmsBytes(int index)
       If specified, the TLS connection will only support the specified signature algorithms.
       The list is ordered by preference.
       If not specified, the default signature algorithms defined by BoringSSL will be used.
      
       Default signature algorithms selected by BoringSSL (may be out of date):
      
       .. code-block:: none
      
       ecdsa_secp256r1_sha256
       rsa_pss_rsae_sha256
       rsa_pkcs1_sha256
       ecdsa_secp384r1_sha384
       rsa_pss_rsae_sha384
       rsa_pkcs1_sha384
       rsa_pss_rsae_sha512
       rsa_pkcs1_sha512
       rsa_pkcs1_sha1
      
       Signature algorithms supported by BoringSSL (may be out of date):
      
       .. code-block:: none
      
       rsa_pkcs1_sha256
       rsa_pkcs1_sha384
       rsa_pkcs1_sha512
       ecdsa_secp256r1_sha256
       ecdsa_secp384r1_sha384
       ecdsa_secp521r1_sha512
       rsa_pss_rsae_sha256
       rsa_pss_rsae_sha384
       rsa_pss_rsae_sha512
       ed25519
       rsa_pkcs1_sha1
       ecdsa_sha1
       
      repeated string signature_algorithms = 5;
      Specified by:
      getSignatureAlgorithmsBytes in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the signatureAlgorithms at the given index.
    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessage
    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessage
      Throws:
      IOException
    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessage
    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage
    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage
    • parseFrom

      public static TlsParameters parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static TlsParameters parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static TlsParameters parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static TlsParameters parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static TlsParameters parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static TlsParameters parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static TlsParameters parseFrom(InputStream input) throws IOException
      Throws:
      IOException
    • parseFrom

      public static TlsParameters parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • parseDelimitedFrom

      public static TlsParameters parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException
    • parseDelimitedFrom

      public static TlsParameters parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • parseFrom

      public static TlsParameters parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException
    • parseFrom

      public static TlsParameters parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • newBuilderForType

      public TlsParameters.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite
    • newBuilder

      public static TlsParameters.Builder newBuilder()
    • newBuilder

      public static TlsParameters.Builder newBuilder(TlsParameters prototype)
    • toBuilder

      public TlsParameters.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite
    • newBuilderForType

      protected TlsParameters.Builder newBuilderForType(com.google.protobuf.AbstractMessage.BuilderParent parent)
      Overrides:
      newBuilderForType in class com.google.protobuf.AbstractMessage
    • getDefaultInstance

      public static TlsParameters getDefaultInstance()
    • parser

      public static com.google.protobuf.Parser<TlsParameters> parser()
    • getParserForType

      public com.google.protobuf.Parser<TlsParameters> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessage
    • getDefaultInstanceForType

      public TlsParameters getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder