Package io.envoyproxy.envoy.extensions.filters.listener.tls_inspector.v3

Class TlsInspector

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessageV3
io.envoyproxy.envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, TlsInspectorOrBuilder, Serializable
public final class TlsInspector extends com.google.protobuf.GeneratedMessageV3 implements TlsInspectorOrBuilder
 [#next-free-field: 6]
Protobuf type envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
See Also:

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static final class 
    TlsInspector.Builder
    [#next-free-field: 6]

    Nested classes/interfaces inherited from class com.google.protobuf.GeneratedMessageV3

    com.google.protobuf.GeneratedMessageV3.BuilderParent, com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>,BuilderT extends com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageT,BuilderT>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessageOrBuilder<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessageV3.FieldAccessorTable, com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter

    Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessageLite

    com.google.protobuf.AbstractMessageLite.InternalOneOfEnum

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    CLOSE_CONNECTION_ON_CLIENT_HELLO_PARSING_ERRORS_FIELD_NUMBER
     
    static final int
    ENABLE_JA3_FINGERPRINTING_FIELD_NUMBER
     
    static final int
    ENABLE_JA4_FINGERPRINTING_FIELD_NUMBER
     
    static final int
    INITIAL_READ_BUFFER_SIZE_FIELD_NUMBER
     
    static final int
    MAX_CLIENT_HELLO_SIZE_FIELD_NUMBER
     

    Fields inherited from class com.google.protobuf.GeneratedMessageV3

    alwaysUseFieldBuilders, unknownFields

    Fields inherited from class com.google.protobuf.AbstractMessage

    memoizedSize

    Fields inherited from class com.google.protobuf.AbstractMessageLite

    memoizedHashCode

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    equals(Object obj)
     
    boolean
    getCloseConnectionOnClientHelloParsingErrors()
    Close connection when TLS ClientHello message could not be parsed.
    static TlsInspector
    getDefaultInstance()
     
    TlsInspector
    getDefaultInstanceForType()
     
    static final com.google.protobuf.Descriptors.Descriptor
    getDescriptor()
     
    com.google.protobuf.BoolValue
    getEnableJa3Fingerprinting()
    Populate ``JA3`` fingerprint hash using data from the TLS Client Hello packet.
    com.google.protobuf.BoolValueOrBuilder
    getEnableJa3FingerprintingOrBuilder()
    Populate ``JA3`` fingerprint hash using data from the TLS Client Hello packet.
    com.google.protobuf.BoolValue
    getEnableJa4Fingerprinting()
    Populate ``JA4`` fingerprint hash using data from the TLS Client Hello packet.
    com.google.protobuf.BoolValueOrBuilder
    getEnableJa4FingerprintingOrBuilder()
    Populate ``JA4`` fingerprint hash using data from the TLS Client Hello packet.
    com.google.protobuf.UInt32Value
    getInitialReadBufferSize()
    The size in bytes of the initial buffer requested by the tls_inspector.
    com.google.protobuf.UInt32ValueOrBuilder
    getInitialReadBufferSizeOrBuilder()
    The size in bytes of the initial buffer requested by the tls_inspector.
    com.google.protobuf.UInt32Value
    getMaxClientHelloSize()
    The maximum size in bytes of the ClientHello that the tls_inspector will process.
    com.google.protobuf.UInt32ValueOrBuilder
    getMaxClientHelloSizeOrBuilder()
    The maximum size in bytes of the ClientHello that the tls_inspector will process.
    com.google.protobuf.Parser<TlsInspector>
    getParserForType()
     
    int
    getSerializedSize()
     
    boolean
    hasEnableJa3Fingerprinting()
    Populate ``JA3`` fingerprint hash using data from the TLS Client Hello packet.
    boolean
    hasEnableJa4Fingerprinting()
    Populate ``JA4`` fingerprint hash using data from the TLS Client Hello packet.
    int
    hashCode()
     
    boolean
    hasInitialReadBufferSize()
    The size in bytes of the initial buffer requested by the tls_inspector.
    boolean
    hasMaxClientHelloSize()
    The maximum size in bytes of the ClientHello that the tls_inspector will process.
    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
    internalGetFieldAccessorTable()
     
    final boolean
    isInitialized()
     
    static TlsInspector.Builder
    newBuilder()
     
    static TlsInspector.Builder
    newBuilder(TlsInspector prototype)
     
    TlsInspector.Builder
    newBuilderForType()
     
    protected TlsInspector.Builder
    newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
     
    protected Object
    newInstance(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
     
    static TlsInspector
    parseDelimitedFrom(InputStream input)
     
    static TlsInspector
    parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsInspector
    parseFrom(byte[] data)
     
    static TlsInspector
    parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsInspector
    parseFrom(com.google.protobuf.ByteString data)
     
    static TlsInspector
    parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsInspector
    parseFrom(com.google.protobuf.CodedInputStream input)
     
    static TlsInspector
    parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsInspector
    parseFrom(InputStream input)
     
    static TlsInspector
    parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsInspector
    parseFrom(ByteBuffer data)
     
    static TlsInspector
    parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static com.google.protobuf.Parser<TlsInspector>
    parser()
     
    TlsInspector.Builder
    toBuilder()
     
    void
    writeTo(com.google.protobuf.CodedOutputStream output)
     

    Methods inherited from class com.google.protobuf.GeneratedMessageV3

    canUseUnsafe, computeStringSize, computeStringSizeNoTag, emptyBooleanList, emptyDoubleList, emptyFloatList, emptyIntList, emptyList, emptyLongList, getAllFields, getDescriptorForType, getField, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMapFieldReflection, isStringEmpty, makeExtensionsImmutable, makeMutableCopy, makeMutableCopy, mergeFromAndMakeImmutableInternal, mutableCopy, mutableCopy, mutableCopy, mutableCopy, mutableCopy, newBooleanList, newBuilderForType, newDoubleList, newFloatList, newIntList, newLongList, parseDelimitedWithIOException, parseDelimitedWithIOException, parseUnknownField, parseUnknownFieldProto3, parseWithIOException, parseWithIOException, parseWithIOException, parseWithIOException, serializeBooleanMapTo, serializeIntegerMapTo, serializeLongMapTo, serializeStringMapTo, writeReplace, writeString, writeStringNoTag

    Methods inherited from class com.google.protobuf.AbstractMessage

    findInitializationErrors, getInitializationErrorString, hashBoolean, hashEnum, hashEnumList, hashFields, hashLong, toString

    Methods inherited from class com.google.protobuf.AbstractMessageLite

    addAll, addAll, checkByteStringIsUtf8, toByteArray, toByteString, writeDelimitedTo, writeTo

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    Methods inherited from interface com.google.protobuf.MessageLite

    toByteArray, toByteString, writeDelimitedTo, writeTo

    Methods inherited from interface com.google.protobuf.MessageOrBuilder

    findInitializationErrors, getAllFields, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

  • Field Details

    • ENABLE_JA3_FINGERPRINTING_FIELD_NUMBER

      public static final int ENABLE_JA3_FINGERPRINTING_FIELD_NUMBER
      See Also:

    • ENABLE_JA4_FINGERPRINTING_FIELD_NUMBER

      public static final int ENABLE_JA4_FINGERPRINTING_FIELD_NUMBER
      See Also:

    • INITIAL_READ_BUFFER_SIZE_FIELD_NUMBER

      public static final int INITIAL_READ_BUFFER_SIZE_FIELD_NUMBER
      See Also:

    • CLOSE_CONNECTION_ON_CLIENT_HELLO_PARSING_ERRORS_FIELD_NUMBER

      public static final int CLOSE_CONNECTION_ON_CLIENT_HELLO_PARSING_ERRORS_FIELD_NUMBER
      See Also:

    • MAX_CLIENT_HELLO_SIZE_FIELD_NUMBER

      public static final int MAX_CLIENT_HELLO_SIZE_FIELD_NUMBER
      See Also:

  • Method Details

    • newInstance

      protected Object newInstance(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
      Overrides:
      newInstance in class com.google.protobuf.GeneratedMessageV3

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

    • hasEnableJa3Fingerprinting

      public boolean hasEnableJa3Fingerprinting()
       Populate ``JA3`` fingerprint hash using data from the TLS Client Hello packet. Default is false.
      .google.protobuf.BoolValue enable_ja3_fingerprinting = 1;
      Specified by:
      hasEnableJa3Fingerprinting in interface TlsInspectorOrBuilder
      Returns:
      Whether the enableJa3Fingerprinting field is set.

    • getEnableJa3Fingerprinting

      public com.google.protobuf.BoolValue getEnableJa3Fingerprinting()
       Populate ``JA3`` fingerprint hash using data from the TLS Client Hello packet. Default is false.
      .google.protobuf.BoolValue enable_ja3_fingerprinting = 1;
      Specified by:
      getEnableJa3Fingerprinting in interface TlsInspectorOrBuilder
      Returns:
      The enableJa3Fingerprinting.

    • getEnableJa3FingerprintingOrBuilder

      public com.google.protobuf.BoolValueOrBuilder getEnableJa3FingerprintingOrBuilder()
       Populate ``JA3`` fingerprint hash using data from the TLS Client Hello packet. Default is false.
      .google.protobuf.BoolValue enable_ja3_fingerprinting = 1;
      Specified by:
      getEnableJa3FingerprintingOrBuilder in interface TlsInspectorOrBuilder

    • hasEnableJa4Fingerprinting

      public boolean hasEnableJa4Fingerprinting()
       Populate ``JA4`` fingerprint hash using data from the TLS Client Hello packet.
 ``JA4`` is an improved version of ``JA3`` that includes TLS version, ciphers, extensions,
 and ALPN information in a hex format. Default is false.
      .google.protobuf.BoolValue enable_ja4_fingerprinting = 3;
      Specified by:
      hasEnableJa4Fingerprinting in interface TlsInspectorOrBuilder
      Returns:
      Whether the enableJa4Fingerprinting field is set.

    • getEnableJa4Fingerprinting

      public com.google.protobuf.BoolValue getEnableJa4Fingerprinting()
       Populate ``JA4`` fingerprint hash using data from the TLS Client Hello packet.
 ``JA4`` is an improved version of ``JA3`` that includes TLS version, ciphers, extensions,
 and ALPN information in a hex format. Default is false.
      .google.protobuf.BoolValue enable_ja4_fingerprinting = 3;
      Specified by:
      getEnableJa4Fingerprinting in interface TlsInspectorOrBuilder
      Returns:
      The enableJa4Fingerprinting.

    • getEnableJa4FingerprintingOrBuilder

      public com.google.protobuf.BoolValueOrBuilder getEnableJa4FingerprintingOrBuilder()
       Populate ``JA4`` fingerprint hash using data from the TLS Client Hello packet.
 ``JA4`` is an improved version of ``JA3`` that includes TLS version, ciphers, extensions,
 and ALPN information in a hex format. Default is false.
      .google.protobuf.BoolValue enable_ja4_fingerprinting = 3;
      Specified by:
      getEnableJa4FingerprintingOrBuilder in interface TlsInspectorOrBuilder

    • hasInitialReadBufferSize

      public boolean hasInitialReadBufferSize()
       The size in bytes of the initial buffer requested by the tls_inspector.
 If the filter needs to read additional bytes from the socket, the
 filter will double the buffer up to it's default maximum of 16KiB.
 If this size is not defined, defaults to maximum 16KiB that the
 tls inspector will consume.
      .google.protobuf.UInt32Value initial_read_buffer_size = 2 [(.validate.rules) = { ... }
      Specified by:
      hasInitialReadBufferSize in interface TlsInspectorOrBuilder
      Returns:
      Whether the initialReadBufferSize field is set.

    • getInitialReadBufferSize

      public com.google.protobuf.UInt32Value getInitialReadBufferSize()
       The size in bytes of the initial buffer requested by the tls_inspector.
 If the filter needs to read additional bytes from the socket, the
 filter will double the buffer up to it's default maximum of 16KiB.
 If this size is not defined, defaults to maximum 16KiB that the
 tls inspector will consume.
      .google.protobuf.UInt32Value initial_read_buffer_size = 2 [(.validate.rules) = { ... }
      Specified by:
      getInitialReadBufferSize in interface TlsInspectorOrBuilder
      Returns:
      The initialReadBufferSize.

    • getInitialReadBufferSizeOrBuilder

      public com.google.protobuf.UInt32ValueOrBuilder getInitialReadBufferSizeOrBuilder()
       The size in bytes of the initial buffer requested by the tls_inspector.
 If the filter needs to read additional bytes from the socket, the
 filter will double the buffer up to it's default maximum of 16KiB.
 If this size is not defined, defaults to maximum 16KiB that the
 tls inspector will consume.
      .google.protobuf.UInt32Value initial_read_buffer_size = 2 [(.validate.rules) = { ... }
      Specified by:
      getInitialReadBufferSizeOrBuilder in interface TlsInspectorOrBuilder

    • getCloseConnectionOnClientHelloParsingErrors

      public boolean getCloseConnectionOnClientHelloParsingErrors()
       Close connection when TLS ClientHello message could not be parsed.
 This flag should be enabled only if it is known that incoming connections are expected to use
 TLS protocol, as Envoy does not distinguish between a plain text message or a malformed TLS
 ClientHello message.
 By default this flag is false and TLS ClientHello parsing errors are interpreted as a
 plain text connection.
 Setting this to true will cause connections to be terminated and the ``client_hello_too_large``
 counter to be incremented if the ClientHello message is over implementation defined limit
 (currently 16Kb).
      bool close_connection_on_client_hello_parsing_errors = 4;
      Specified by:
      getCloseConnectionOnClientHelloParsingErrors in interface TlsInspectorOrBuilder
      Returns:
      The closeConnectionOnClientHelloParsingErrors.

    • hasMaxClientHelloSize

      public boolean hasMaxClientHelloSize()
       The maximum size in bytes of the ClientHello that the tls_inspector will
 process. If the ClientHello is larger than this size, the tls_inspector
 will stop processing and indicate failure. If not defined, defaults to
 16KiB.
      .google.protobuf.UInt32Value max_client_hello_size = 5 [(.validate.rules) = { ... }
      Specified by:
      hasMaxClientHelloSize in interface TlsInspectorOrBuilder
      Returns:
      Whether the maxClientHelloSize field is set.

    • getMaxClientHelloSize

      public com.google.protobuf.UInt32Value getMaxClientHelloSize()
       The maximum size in bytes of the ClientHello that the tls_inspector will
 process. If the ClientHello is larger than this size, the tls_inspector
 will stop processing and indicate failure. If not defined, defaults to
 16KiB.
      .google.protobuf.UInt32Value max_client_hello_size = 5 [(.validate.rules) = { ... }
      Specified by:
      getMaxClientHelloSize in interface TlsInspectorOrBuilder
      Returns:
      The maxClientHelloSize.

    • getMaxClientHelloSizeOrBuilder

      public com.google.protobuf.UInt32ValueOrBuilder getMaxClientHelloSizeOrBuilder()
       The maximum size in bytes of the ClientHello that the tls_inspector will
 process. If the ClientHello is larger than this size, the tls_inspector
 will stop processing and indicate failure. If not defined, defaults to
 16KiB.
      .google.protobuf.UInt32Value max_client_hello_size = 5 [(.validate.rules) = { ... }
      Specified by:
      getMaxClientHelloSizeOrBuilder in interface TlsInspectorOrBuilder

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3

    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessageV3
      Throws:
      IOException

    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessageV3

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage

    • parseFrom

      public static TlsInspector parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsInspector parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsInspector parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsInspector parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsInspector parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsInspector parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsInspector parseFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TlsInspector parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static TlsInspector parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static TlsInspector parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TlsInspector parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TlsInspector parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • newBuilderForType

      public TlsInspector.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite

    • newBuilder

      public static TlsInspector.Builder newBuilder()

    • newBuilder

      public static TlsInspector.Builder newBuilder(TlsInspector prototype)

    • toBuilder

      public TlsInspector.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite

    • newBuilderForType

      protected TlsInspector.Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
      Specified by:
      newBuilderForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstance

      public static TlsInspector getDefaultInstance()

    • parser

      public static com.google.protobuf.Parser<TlsInspector> parser()

    • getParserForType

      public com.google.protobuf.Parser<TlsInspector> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstanceForType

      public TlsInspector getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder