Class SslUtils


  • final class SslUtils
    extends java.lang.Object
    Constants for SSL packets.
    • Field Detail

      • TLSV13_CIPHERS

        static final java.util.Set<java.lang.String> TLSV13_CIPHERS
      • PROTOCOL_SSL_V2_HELLO

        static final java.lang.String PROTOCOL_SSL_V2_HELLO
        See Also:
        Constant Field Values
      • SSL_CONTENT_TYPE_CHANGE_CIPHER_SPEC

        static final int SSL_CONTENT_TYPE_CHANGE_CIPHER_SPEC
        change cipher spec
        See Also:
        Constant Field Values
      • SSL_CONTENT_TYPE_HANDSHAKE

        static final int SSL_CONTENT_TYPE_HANDSHAKE
        handshake
        See Also:
        Constant Field Values
      • SSL_CONTENT_TYPE_APPLICATION_DATA

        static final int SSL_CONTENT_TYPE_APPLICATION_DATA
        application data
        See Also:
        Constant Field Values
      • SSL_CONTENT_TYPE_EXTENSION_HEARTBEAT

        static final int SSL_CONTENT_TYPE_EXTENSION_HEARTBEAT
        HeartBeat Extension
        See Also:
        Constant Field Values
      • SSL_RECORD_HEADER_LENGTH

        static final int SSL_RECORD_HEADER_LENGTH
        the length of the ssl record header (in bytes)
        See Also:
        Constant Field Values
      • NOT_ENOUGH_DATA

        static final int NOT_ENOUGH_DATA
        Not enough data in buffer to parse the record length
        See Also:
        Constant Field Values
      • DEFAULT_CIPHER_SUITES

        static final java.lang.String[] DEFAULT_CIPHER_SUITES
      • DEFAULT_TLSV13_CIPHER_SUITES

        static final java.lang.String[] DEFAULT_TLSV13_CIPHER_SUITES
      • TLSV13_CIPHER_SUITES

        static final java.lang.String[] TLSV13_CIPHER_SUITES
    • Constructor Detail

      • SslUtils

        private SslUtils()
    • Method Detail

      • addIfSupported

        static void addIfSupported​(java.util.Set<java.lang.String> supported,
                                   java.util.List<java.lang.String> enabled,
                                   java.lang.String... names)
        Add elements from names into enabled if they are in supported.
      • useFallbackCiphersIfDefaultIsEmpty

        static void useFallbackCiphersIfDefaultIsEmpty​(java.util.List<java.lang.String> defaultCiphers,
                                                       java.lang.Iterable<java.lang.String> fallbackCiphers)
      • useFallbackCiphersIfDefaultIsEmpty

        static void useFallbackCiphersIfDefaultIsEmpty​(java.util.List<java.lang.String> defaultCiphers,
                                                       java.lang.String... fallbackCiphers)
      • toSSLHandshakeException

        static javax.net.ssl.SSLHandshakeException toSSLHandshakeException​(java.lang.Throwable e)
        Converts the given exception to a SSLHandshakeException, if it isn't already.
      • getEncryptedPacketLength

        static int getEncryptedPacketLength​(ByteBuf buffer,
                                            int offset)
        Return how much bytes can be read out of the encrypted data. Be aware that this method will not increase the readerIndex of the given ByteBuf.
        Parameters:
        buffer - The ByteBuf to read from. Be aware that it must have at least SSL_RECORD_HEADER_LENGTH bytes to read, otherwise it will throw an IllegalArgumentException.
        Returns:
        length The length of the encrypted packet that is included in the buffer or {@link #SslUtils#NOT_ENOUGH_DATA} if not enough data is present in the ByteBuf. This will return NOT_ENCRYPTED if the given ByteBuf is not encrypted at all.
        Throws:
        java.lang.IllegalArgumentException - Is thrown if the given ByteBuf has not at least SSL_RECORD_HEADER_LENGTH bytes to read.
      • unsignedShortBE

        private static int unsignedShortBE​(ByteBuf buffer,
                                           int offset)
      • shortBE

        private static short shortBE​(ByteBuf buffer,
                                     int offset)
      • unsignedByte

        private static short unsignedByte​(byte b)
      • unsignedShortBE

        private static int unsignedShortBE​(java.nio.ByteBuffer buffer,
                                           int offset)
      • shortBE

        private static short shortBE​(java.nio.ByteBuffer buffer,
                                     int offset)
      • getEncryptedPacketLength

        static int getEncryptedPacketLength​(java.nio.ByteBuffer[] buffers,
                                            int offset)
      • getEncryptedPacketLength

        private static int getEncryptedPacketLength​(java.nio.ByteBuffer buffer)
      • handleHandshakeFailure

        static void handleHandshakeFailure​(ChannelHandlerContext ctx,
                                           java.lang.Throwable cause,
                                           boolean notify)
      • zeroout

        static void zeroout​(ByteBuf buffer)
        Fills the ByteBuf with zero bytes.
      • zerooutAndRelease

        static void zerooutAndRelease​(ByteBuf buffer)
        Fills the ByteBuf with zero bytes and releases it.
      • isValidHostNameForSNI

        static boolean isValidHostNameForSNI​(java.lang.String hostname)
        Validate that the given hostname can be used in SNI extension.
      • isTLSv13Cipher

        static boolean isTLSv13Cipher​(java.lang.String cipher)
        Returns true if the the given cipher (in openssl format) is for TLSv1.3, false otherwise.