All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.netty.handler.ssl.OpenSslCertificateCompressionAlgorithm Maven / Gradle / Ivy

There is a newer version: 2.38.0
Show newest version
/*
 * Copyright 2022 The Netty Project
 *
 * The Netty Project licenses this file to you under the Apache License,
 * version 2.0 (the "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at:
 *
 *   https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
package io.netty.handler.ssl;

import javax.net.ssl.SSLEngine;

/**
 * Provides compression and decompression implementations for TLS Certificate Compression
 * (RFC 8879).
 */
public interface OpenSslCertificateCompressionAlgorithm {

    /**
     * Compress the given input with the specified algorithm and return the compressed bytes.
     *
     * @param engine                    the {@link SSLEngine}
     * @param uncompressedCertificate   the uncompressed certificate
     * @return                          the compressed form of the certificate
     * @throws Exception                thrown if an error occurs while compressing
     */
    byte[] compress(SSLEngine engine, byte[] uncompressedCertificate) throws Exception;

    /**
     * Decompress the given input with the specified algorithm and return the decompressed bytes.
     *
     * 

Implementation * Security Considerations

*

Implementations SHOULD bound the memory usage when decompressing the CompressedCertificate message.

*

* Implementations MUST limit the size of the resulting decompressed chain to the specified {@code uncompressedLen}, * and they MUST abort the connection (throw an exception) if the size of the output of the decompression * function exceeds that limit. *

* * @param engine the {@link SSLEngine} * @param uncompressedLen the expected length of the decompressed certificate that will be returned. * @param compressedCertificate the compressed form of the certificate * @return the decompressed form of the certificate * @throws Exception thrown if an error occurs while decompressing or output size exceeds * {@code uncompressedLen} */ byte[] decompress(SSLEngine engine, int uncompressedLen, byte[] compressedCertificate) throws Exception; /** * Return the ID for the compression algorithm provided for by a given implementation. * * @return compression algorithm ID as specified by * RFC8879. */ int algorithmId(); }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy