netty Architecture Docs
Home / Class/ SslUtils Class — netty Architecture

SslUtils Class — netty Architecture

Architecture documentation for the SslUtils class in SslUtils.java from the netty codebase.

Class java

Entity Profile

Dependency Diagram

graph TD
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e["SslUtils"]
  511db68b_8ebf_d08f_7cbd_232c870d1571["SslUtils.java"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|defined in| 511db68b_8ebf_d08f_7cbd_232c870d1571
  cc066e4a_6441_92c3_2d46_ee0e3e0924f4["isTLSv13SupportedByJDK()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| cc066e4a_6441_92c3_2d46_ee0e3e0924f4
  08392587_55a3_d947_9cd0_736ad18c9d48["isTLSv13SupportedByJDK0()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| 08392587_55a3_d947_9cd0_736ad18c9d48
  ebedf647_cc08_3eb3_6c9e_6f983f5bee53["isTLSv13EnabledByJDK()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| ebedf647_cc08_3eb3_6c9e_6f983f5bee53
  fea54e04_a7d1_b3c2_b4ac_232f88b38302["isTLSv13EnabledByJDK0()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| fea54e04_a7d1_b3c2_b4ac_232f88b38302
  72aaaa9f_54c7_6810_39c7_5bbad29a1985["SSLContext()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| 72aaaa9f_54c7_6810_39c7_5bbad29a1985
  8511bb22_c408_1f4e_99b9_da64d2fca8e2["String()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| 8511bb22_c408_1f4e_99b9_da64d2fca8e2
  65bda087_3730_e853_e17c_3338580d6ae8["arrayContains()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| 65bda087_3730_e853_e17c_3338580d6ae8
  faf66fd0_9faf_b92a_dde7_de606c536a79["addIfSupported()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| faf66fd0_9faf_b92a_dde7_de606c536a79
  3d951967_9cc0_c61f_17d3_234c67c81d8a["useFallbackCiphersIfDefaultIsEmpty()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| 3d951967_9cc0_c61f_17d3_234c67c81d8a
  6019821f_5ae4_0759_9662_c9d6c2a19d1a["SSLHandshakeException()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| 6019821f_5ae4_0759_9662_c9d6c2a19d1a
  b3dfbeee_ea43_2ac2_8456_df612fe27732["getEncryptedPacketLength()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| b3dfbeee_ea43_2ac2_8456_df612fe27732
  24d300d4_d690_6d2a_fdb8_f77f905d267e["unsignedShortBE()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| 24d300d4_d690_6d2a_fdb8_f77f905d267e
  580d16b5_ef46_b549_e1a1_e390d8faf580["shortBE()"]
  8b8e2625_56a3_eef0_1cb3_fa21bb9b476e -->|method| 580d16b5_ef46_b549_e1a1_e390d8faf580

Relationship Graph

Source Code

handler/src/main/java/io/netty/handler/ssl/SslUtils.java lines 52–601

final class SslUtils {
    private static final InternalLogger logger = InternalLoggerFactory.getInstance(SslUtils.class);

    // See https://tools.ietf.org/html/rfc8446#appendix-B.4
    static final Set<String> TLSV13_CIPHERS = Collections.unmodifiableSet(new LinkedHashSet<String>(
            asList("TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256",
                          "TLS_AES_128_GCM_SHA256", "TLS_AES_128_CCM_8_SHA256",
                          "TLS_AES_128_CCM_SHA256")));

    static final short DTLS_1_0 = (short) 0xFEFF;
    static final short DTLS_1_2 = (short) 0xFEFD;
    static final short DTLS_1_3 = (short) 0xFEFC;
    static final short DTLS_RECORD_HEADER_LENGTH = 13;

    private static final String DEFAULT_ENDPOINT_VERIFICATION_ALGORITHM_PROPERTY =
            "io.netty.handler.ssl.defaultEndpointVerificationAlgorithm";
    /**
     * Endpoint verification is enabled by default from Netty 4.2 onward, but it wasn't in Netty 4.1 and earlier.
     * The {@value #DEFAULT_ENDPOINT_VERIFICATION_ALGORITHM_PROPERTY} can be set to one of the following
     * values to control this behavior:
     * <ul>
     *     <li>{@code "HTTPS"} — verify subject by DNS hostnames; this is the Netty 4.2 default.</li>
     *     <li>{@code "LDAP"} — verify subject by LDAP identity.</li>
     *     <li>{@code "NONE"} — don't enable endpoint verification by default; this is the Netty 4.1 behavior.</li>
     * </ul>
     */
    static final String defaultEndpointVerificationAlgorithm;

    /**
     * GMSSL Protocol Version
     */
    static final int GMSSL_PROTOCOL_VERSION = 0x101;

    static final String INVALID_CIPHER = "SSL_NULL_WITH_NULL_NULL";

    /**
     * change cipher spec
     */
    static final int SSL_CONTENT_TYPE_CHANGE_CIPHER_SPEC = 20;

    /**
     * alert
     */
    static final int SSL_CONTENT_TYPE_ALERT = 21;

    /**
     * handshake
     */
    static final int SSL_CONTENT_TYPE_HANDSHAKE = 22;

    /**
     * application data
     */
    static final int SSL_CONTENT_TYPE_APPLICATION_DATA = 23;

    /**
     * HeartBeat Extension
     */
    static final int SSL_CONTENT_TYPE_EXTENSION_HEARTBEAT = 24;

    /**
     * the length of the ssl record header (in bytes)
     */
    static final int SSL_RECORD_HEADER_LENGTH = 5;

    /**
     * Not enough data in buffer to parse the record length
     */
    static final int NOT_ENOUGH_DATA = -1;

    /**
     * data is not encrypted
     */
    static final int NOT_ENCRYPTED = -2;

    static final String[] DEFAULT_CIPHER_SUITES;
    static final String[] DEFAULT_TLSV13_CIPHER_SUITES;
    static final String[] TLSV13_CIPHER_SUITES = { "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384" };

    // self-signed certificate for netty.io and the matching private-key
    static final String PROBING_CERT = "-----BEGIN CERTIFICATE-----\n" +

Defined In

Source

Frequently Asked Questions

What is the SslUtils class?
SslUtils is a class in the netty codebase, defined in handler/src/main/java/io/netty/handler/ssl/SslUtils.java.
Where is SslUtils defined?
SslUtils is defined in handler/src/main/java/io/netty/handler/ssl/SslUtils.java at line 52.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free