All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.netty.handler.ssl.OpenSslCertificateCompressionAlgorithm Maven / Gradle / Ivy

Go to download

This artifact provides a single jar that contains all classes required to use remote EJB and JMS, including all dependencies. It is intended for use by those not using maven, maven users should just import the EJB and JMS BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up with different versions on classes on the class path).

There is a newer version: 34.0.0.Final
Show newest version
/*
 * Copyright 2022 The Netty Project
 *
 * The Netty Project licenses this file to you under the Apache License,
 * version 2.0 (the "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at:
 *
 *   https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
package io.netty.handler.ssl;

import javax.net.ssl.SSLEngine;

/**
 * Provides compression and decompression implementations for TLS Certificate Compression
 * (RFC 8879).
 */
public interface OpenSslCertificateCompressionAlgorithm {

    /**
     * Compress the given input with the specified algorithm and return the compressed bytes.
     *
     * @param engine                    the {@link SSLEngine}
     * @param uncompressedCertificate   the uncompressed certificate
     * @return                          the compressed form of the certificate
     * @throws Exception                thrown if an error occurs while compressing
     */
    byte[] compress(SSLEngine engine, byte[] uncompressedCertificate) throws Exception;

    /**
     * Decompress the given input with the specified algorithm and return the decompressed bytes.
     *
     * 
Implementation
     * Security Considerations

     * 
Implementations SHOULD bound the memory usage when decompressing the CompressedCertificate message.

     * 

     * Implementations MUST limit the size of the resulting decompressed chain to the specified {@code uncompressedLen},
     * and they MUST abort the connection (throw an exception) if the size of the output of the decompression
     * function exceeds that limit.
     * 

     *
     * @param engine                    the {@link SSLEngine}
     * @param uncompressedLen           the expected length of the decompressed certificate that will be returned.
     * @param compressedCertificate     the compressed form of the certificate
     * @return                          the decompressed form of the certificate
     * @throws Exception                thrown if an error occurs while decompressing or output size exceeds
     *                                  {@code uncompressedLen}
     */
    byte[] decompress(SSLEngine engine, int uncompressedLen, byte[] compressedCertificate) throws Exception;

    /**
     * Return the ID for the compression algorithm provided for by a given implementation.
     *
     * @return compression algorithm ID as specified by
     * RFC8879.
     */
    int algorithmId();
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy