Package com.linkedin.alpini.netty4.http2

Class SSLContextBuilder

java.lang.Object

com.linkedin.alpini.netty4.http2.SSLContextBuilder

public final class SSLContextBuilder
extends Object

Created by acurtis on 4/19/18.

Field Summary

Fields

Modifier and Type	Field	Description
static final List<String>	CIPHERS
static final List<String>	NO_GCM_CIPHERS	Similiar ciphers as WITH_GCM_CIPHERS except with CBC substituted instead of GCM because GCM is crushingly slow in current Java implementations.
static final List<String>	WITH_GCM_CIPHERS	Modern ciphers as used for HTTP/2 plus three weak ciphers as used within LNKD HTTP/1

Method Summary

Modifier and Type	Method	Description
static io.netty.handler.ssl.SslContext	build(io.netty.handler.ssl.SslContextBuilder builder)
static List<String>	getCiphers(Provider sslContextProvider, io.netty.handler.ssl.SslProvider provider)
static io.netty.handler.ssl.SslContext	makeClientContext(long sessionCacheSize, long sessionTimeout)
static io.netty.handler.ssl.SslContext	makeClientContext(long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static io.netty.handler.ssl.SslContext	makeClientContext(Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout)
static io.netty.handler.ssl.SslContext	makeClientContext(Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static io.netty.handler.ssl.SslContext	makeClientContext(Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static io.netty.handler.ssl.SslContext	makeClientContext(Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)
static io.netty.handler.ssl.SslContext	makeClientContext(Provider sslContextProvider, Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static io.netty.handler.ssl.SslContext	makeClientContext(Provider sslContextProvider, Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)
static io.netty.handler.ssl.SslContext	makeServerContext(long sessionCacheSize, long sessionTimeout)
static io.netty.handler.ssl.SslContext	makeServerContext(long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static io.netty.handler.ssl.SslContext	makeServerContext(Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout)
static io.netty.handler.ssl.SslContext	makeServerContext(Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static io.netty.handler.ssl.SslContext	makeServerContext(Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static io.netty.handler.ssl.SslContext	makeServerContext(Provider sslContextProvider, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)
static io.netty.handler.ssl.SslContext	makeServerContext(Provider sslContextProvider, Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static io.netty.handler.ssl.SslContext	makeServerContext(Provider sslContextProvider, Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)
static Function<Function<KeyManagerFactory,io.netty.handler.ssl.SslContextBuilder>,io.netty.handler.ssl.SslContextBuilder>	setupContext(Provider sslContextProvider, Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2)
static Function<Function<KeyManagerFactory,io.netty.handler.ssl.SslContextBuilder>,io.netty.handler.ssl.SslContextBuilder>	setupContext(Provider sslContextProvider, Object keyStoreFile, String keyStorePassword, String keyStoreType, File trustStoreFile, String trustStorePassword, long sessionCacheSize, long sessionTimeout, boolean permitHttp2, boolean useRefCnt)
static boolean	useOpenSsl()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

NO_GCM_CIPHERS

public static final List<String> NO_GCM_CIPHERS

Similiar ciphers as WITH_GCM_CIPHERS except with CBC substituted instead of GCM because GCM is crushingly slow in current Java implementations.

WITH_GCM_CIPHERS

public static final List<String> WITH_GCM_CIPHERS

Modern ciphers as used for HTTP/2 plus three weak ciphers as used within LNKD HTTP/1

CIPHERS

public static final List<String> CIPHERS

Method Details

useOpenSsl

public static boolean useOpenSsl()

getCiphers

public static List<String> getCiphers(Provider sslContextProvider,
 io.netty.handler.ssl.SslProvider provider)

build

public static io.netty.handler.ssl.SslContext build(io.netty.handler.ssl.SslContextBuilder builder)
                                             throws SSLException

Throws:

SSLException

makeClientContext

public static io.netty.handler.ssl.SslContext makeClientContext(long sessionCacheSize,
 long sessionTimeout)
                                                         throws SSLException

Parameters:

sessionCacheSize - size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - timeout for the cached SSL session objects, in seconds. 0 to use the default value.

Returns:

client SslContext

Throws:

SSLException

makeClientContext

public static io.netty.handler.ssl.SslContext makeClientContext(long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                         throws SSLException

Parameters:

sessionCacheSize - size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - timeout for the cached SSL session objects, in seconds. 0 to use the default value.

permitHttp2 - permits HTTP/2 APLN negotiation when true.

Returns:

client SslContext

Throws:

SSLException

makeClientContext

public static io.netty.handler.ssl.SslContext makeClientContext(Provider sslContextProvider,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                         throws SSLException

Throws:

SSLException

makeClientContext

public static io.netty.handler.ssl.SslContext makeClientContext(Provider sslContextProvider,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2,
 boolean useRefCnt)
                                                         throws SSLException

Throws:

SSLException

makeClientContext

public static io.netty.handler.ssl.SslContext makeClientContext(Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout)
                                                         throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Parameters:

keyStoreFile - keystore file

keyStorePassword - keystore password

keyStoreType - keystore type

trustStoreFile - truststore file

trustStorePassword - truststore password

sessionCacheSize - size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - timeout for the cached SSL session objects, in seconds. 0 to use the default value.

Returns:

client SslContext

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

makeClientContext

public static io.netty.handler.ssl.SslContext makeClientContext(Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                         throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Parameters:

keyStoreFile - keystore file

keyStorePassword - keystore password

keyStoreType - keystore type

trustStoreFile - truststore file

trustStorePassword - truststore password

sessionCacheSize - size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - timeout for the cached SSL session objects, in seconds. 0 to use the default value.

permitHttp2 - permits HTTP/2 APLN negotiation when true.

Returns:

client SslContext

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

makeClientContext

public static io.netty.handler.ssl.SslContext makeClientContext(Provider sslContextProvider,
 Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                         throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

makeClientContext

public static io.netty.handler.ssl.SslContext makeClientContext(Provider sslContextProvider,
 Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2,
 boolean useRefCnt)
                                                         throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

makeServerContext

public static io.netty.handler.ssl.SslContext makeServerContext(long sessionCacheSize,
 long sessionTimeout)
                                                         throws SSLException

Parameters:

sessionCacheSize - size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - timeout for the cached SSL session objects, in seconds. 0 to use the default value.

Returns:

server SslContext

Throws:

SSLException

makeServerContext

public static io.netty.handler.ssl.SslContext makeServerContext(long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                         throws SSLException

Parameters:

sessionCacheSize - size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - timeout for the cached SSL session objects, in seconds. 0 to use the default value.

permitHttp2 - permits HTTP/2 APLN negotiation when true.

Returns:

server SslContext

Throws:

SSLException

makeServerContext

public static io.netty.handler.ssl.SslContext makeServerContext(Provider sslContextProvider,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                         throws SSLException

Throws:

SSLException

makeServerContext

public static io.netty.handler.ssl.SslContext makeServerContext(Provider sslContextProvider,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2,
 boolean useRefCnt)
                                                         throws SSLException

Throws:

SSLException

makeServerContext

public static io.netty.handler.ssl.SslContext makeServerContext(Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout)
                                                         throws UnrecoverableKeyException,
CertificateException,
NoSuchAlgorithmException,
KeyStoreException,
IOException

Parameters:

keyStoreFile - keystore file

keyStorePassword - keystore password

keyStoreType - keystore type

trustStoreFile - truststore file

trustStorePassword - truststore password

sessionCacheSize - size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - timeout for the cached SSL session objects, in seconds. 0 to use the default value.

Returns:

server SslContext

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

makeServerContext

public static io.netty.handler.ssl.SslContext makeServerContext(Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                         throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Parameters:

keyStoreFile - keystore file

keyStorePassword - keystore password

keyStoreType - keystore type

trustStoreFile - truststore file

trustStorePassword - truststore password

sessionCacheSize - size of the cache used for storing SSL session objects. 0 to use the default value.

sessionTimeout - timeout for the cached SSL session objects, in seconds. 0 to use the default value.

permitHttp2 - permits HTTP/2 APLN negotiation when true.

Returns:

server SslContext

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

makeServerContext

public static io.netty.handler.ssl.SslContext makeServerContext(Provider sslContextProvider,
 Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                         throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

makeServerContext

public static io.netty.handler.ssl.SslContext makeServerContext(Provider sslContextProvider,
 Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2,
 boolean useRefCnt)
                                                         throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

setupContext

public static Function<Function<KeyManagerFactory,io.netty.handler.ssl.SslContextBuilder>,io.netty.handler.ssl.SslContextBuilder> setupContext(Provider sslContextProvider,
 Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2)
                                                                                                                                        throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException

setupContext

public static Function<Function<KeyManagerFactory,io.netty.handler.ssl.SslContextBuilder>,io.netty.handler.ssl.SslContextBuilder> setupContext(Provider sslContextProvider,
 Object keyStoreFile,
 String keyStorePassword,
 String keyStoreType,
 File trustStoreFile,
 String trustStorePassword,
 long sessionCacheSize,
 long sessionTimeout,
 boolean permitHttp2,
 boolean useRefCnt)
                                                                                                                                        throws IOException,
KeyStoreException,
UnrecoverableKeyException,
NoSuchAlgorithmException,
CertificateException

Throws:

IOException

KeyStoreException

UnrecoverableKeyException

NoSuchAlgorithmException

CertificateException