Module io.netty5.handler
Package io.netty5.handler.ssl

Interface OpenSslCertificateCompressionAlgorithm

  • public interface OpenSslCertificateCompressionAlgorithm
    Provides compression and decompression implementations for TLS Certificate Compression (RFC 8879).

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      int algorithmId()
      Return the ID for the compression algorithm provided for by a given implementation.
      byte[] compress​(SSLEngine engine, byte[] uncompressedCertificate)
      Compress the given input with the specified algorithm and return the compressed bytes.
      byte[] decompress​(SSLEngine engine, int uncompressedLen, byte[] compressedCertificate)
      Decompress the given input with the specified algorithm and return the decompressed bytes.

    • Method Detail

      • compress

        byte[] compress​(SSLEngine engine,
                byte[] uncompressedCertificate)
         throws Exception
        Compress the given input with the specified algorithm and return the compressed bytes.
        Parameters:
        engine - the SSLEngine
        uncompressedCertificate - the uncompressed certificate
        Returns:
        the compressed form of the certificate
        Throws:
        Exception - thrown if an error occurs while compressing

      • decompress

        byte[] decompress​(SSLEngine engine,
                  int uncompressedLen,
                  byte[] compressedCertificate)
           throws Exception
        Decompress the given input with the specified algorithm and return the decompressed bytes.

        Implementation Security Considerations

        Implementations SHOULD bound the memory usage when decompressing the CompressedCertificate message.

        Implementations MUST limit the size of the resulting decompressed chain to the specified uncompressedLen, and they MUST abort the connection (throw an exception) if the size of the output of the decompression function exceeds that limit.

        Parameters:
        engine - the SSLEngine
        uncompressedLen - the expected length of the decompressed certificate that will be returned.
        compressedCertificate - the compressed form of the certificate
        Returns:
        the decompressed form of the certificate
        Throws:
        Exception - thrown if an error occurs while decompressing or output size exceeds uncompressedLen

      • algorithmId

        int algorithmId()
        Return the ID for the compression algorithm provided for by a given implementation.
        Returns:
        compression algorithm ID as specified by RFC8879.