Package io.netty.handler.ssl
Interface OpenSslCertificateCompressionAlgorithm
public interface OpenSslCertificateCompressionAlgorithm
Provides compression and decompression implementations for TLS Certificate Compression
(RFC 8879).
-
Method Summary
Modifier and TypeMethodDescriptionint
Return the ID for the compression algorithm provided for by a given implementation.byte[]
Compress the given input with the specified algorithm and return the compressed bytes.byte[]
decompress
(SSLEngine engine, int uncompressedLen, byte[] compressedCertificate) Decompress the given input with the specified algorithm and return the decompressed bytes.
-
Method Details
-
compress
Compress the given input with the specified algorithm and return the compressed bytes. -
decompress
byte[] decompress(SSLEngine engine, int uncompressedLen, byte[] compressedCertificate) throws Exception Decompress the given input with the specified algorithm and return the decompressed bytes.Implementation Security Considerations
Implementations SHOULD bound the memory usage when decompressing the CompressedCertificate message.
Implementations MUST limit the size of the resulting decompressed chain to the specified
uncompressedLen
, and they MUST abort the connection (throw an exception) if the size of the output of the decompression function exceeds that limit.- Parameters:
engine
- theSSLEngine
uncompressedLen
- the expected length of the decompressed certificate that will be returned.compressedCertificate
- the compressed form of the certificate- Returns:
- the decompressed form of the certificate
- Throws:
Exception
- thrown if an error occurs while decompressing or output size exceedsuncompressedLen
-
algorithmId
int algorithmId()Return the ID for the compression algorithm provided for by a given implementation.- Returns:
- compression algorithm ID as specified by RFC8879.
-