Package io.envoyproxy.envoy.extensions.transport_sockets.tls.v3

Class TlsParameters

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessageV3
io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.TlsParameters
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, TlsParametersOrBuilder, Serializable
public final class TlsParameters extends com.google.protobuf.GeneratedMessageV3 implements TlsParametersOrBuilder
 [#next-free-field: 7]
Protobuf type envoy.extensions.transport_sockets.tls.v3.TlsParameters
See Also:

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static final class 
    TlsParameters.Builder
    [#next-free-field: 7]
    static enum 
    TlsParameters.CompliancePolicy
    Protobuf enum envoy.extensions.transport_sockets.tls.v3.TlsParameters.CompliancePolicy
    static enum 
    TlsParameters.TlsProtocol
    Protobuf enum envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol

    Nested classes/interfaces inherited from class com.google.protobuf.GeneratedMessageV3

    com.google.protobuf.GeneratedMessageV3.BuilderParent, com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>,BuilderT extends com.google.protobuf.GeneratedMessageV3.ExtendableBuilder<MessageT,BuilderT>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessageV3.ExtendableMessageOrBuilder<MessageT extends com.google.protobuf.GeneratedMessageV3.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessageV3.FieldAccessorTable, com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter

    Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessageLite

    com.google.protobuf.AbstractMessageLite.InternalOneOfEnum

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    CIPHER_SUITES_FIELD_NUMBER
     
    static final int
    COMPLIANCE_POLICIES_FIELD_NUMBER
     
    static final int
    ECDH_CURVES_FIELD_NUMBER
     
    static final int
    SIGNATURE_ALGORITHMS_FIELD_NUMBER
     
    static final int
    TLS_MAXIMUM_PROTOCOL_VERSION_FIELD_NUMBER
     
    static final int
    TLS_MINIMUM_PROTOCOL_VERSION_FIELD_NUMBER
     

    Fields inherited from class com.google.protobuf.GeneratedMessageV3

    alwaysUseFieldBuilders, unknownFields

    Fields inherited from class com.google.protobuf.AbstractMessage

    memoizedSize

    Fields inherited from class com.google.protobuf.AbstractMessageLite

    memoizedHashCode

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    equals(Object obj)
     
    String
    getCipherSuites(int index)
    If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
    com.google.protobuf.ByteString
    getCipherSuitesBytes(int index)
    If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
    int
    getCipherSuitesCount()
    If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
    com.google.protobuf.ProtocolStringList
    getCipherSuitesList()
    If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
    TlsParameters.CompliancePolicy
    getCompliancePolicies(int index)
    Compliance policies configure various aspects of the TLS based on the given policy.
    int
    getCompliancePoliciesCount()
    Compliance policies configure various aspects of the TLS based on the given policy.
    List<TlsParameters.CompliancePolicy>
    getCompliancePoliciesList()
    Compliance policies configure various aspects of the TLS based on the given policy.
    int
    getCompliancePoliciesValue(int index)
    Compliance policies configure various aspects of the TLS based on the given policy.
    List<Integer>
    getCompliancePoliciesValueList()
    Compliance policies configure various aspects of the TLS based on the given policy.
    static TlsParameters
    getDefaultInstance()
     
    TlsParameters
    getDefaultInstanceForType()
     
    static final com.google.protobuf.Descriptors.Descriptor
    getDescriptor()
     
    String
    getEcdhCurves(int index)
    If specified, the TLS connection will only support the specified ECDH curves.
    com.google.protobuf.ByteString
    getEcdhCurvesBytes(int index)
    If specified, the TLS connection will only support the specified ECDH curves.
    int
    getEcdhCurvesCount()
    If specified, the TLS connection will only support the specified ECDH curves.
    com.google.protobuf.ProtocolStringList
    getEcdhCurvesList()
    If specified, the TLS connection will only support the specified ECDH curves.
    com.google.protobuf.Parser<TlsParameters>
    getParserForType()
     
    int
    getSerializedSize()
     
    String
    getSignatureAlgorithms(int index)
    If specified, the TLS connection will only support the specified signature algorithms.
    com.google.protobuf.ByteString
    getSignatureAlgorithmsBytes(int index)
    If specified, the TLS connection will only support the specified signature algorithms.
    int
    getSignatureAlgorithmsCount()
    If specified, the TLS connection will only support the specified signature algorithms.
    com.google.protobuf.ProtocolStringList
    getSignatureAlgorithmsList()
    If specified, the TLS connection will only support the specified signature algorithms.
    TlsParameters.TlsProtocol
    getTlsMaximumProtocolVersion()
    Maximum TLS protocol version.
    int
    getTlsMaximumProtocolVersionValue()
    Maximum TLS protocol version.
    TlsParameters.TlsProtocol
    getTlsMinimumProtocolVersion()
    Minimum TLS protocol version.
    int
    getTlsMinimumProtocolVersionValue()
    Minimum TLS protocol version.
    int
    hashCode()
     
    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
    internalGetFieldAccessorTable()
     
    final boolean
    isInitialized()
     
    static TlsParameters.Builder
    newBuilder()
     
    static TlsParameters.Builder
    newBuilder(TlsParameters prototype)
     
    TlsParameters.Builder
    newBuilderForType()
     
    protected TlsParameters.Builder
    newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
     
    protected Object
    newInstance(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
     
    static TlsParameters
    parseDelimitedFrom(InputStream input)
     
    static TlsParameters
    parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsParameters
    parseFrom(byte[] data)
     
    static TlsParameters
    parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsParameters
    parseFrom(com.google.protobuf.ByteString data)
     
    static TlsParameters
    parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsParameters
    parseFrom(com.google.protobuf.CodedInputStream input)
     
    static TlsParameters
    parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsParameters
    parseFrom(InputStream input)
     
    static TlsParameters
    parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static TlsParameters
    parseFrom(ByteBuffer data)
     
    static TlsParameters
    parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    static com.google.protobuf.Parser<TlsParameters>
    parser()
     
    TlsParameters.Builder
    toBuilder()
     
    void
    writeTo(com.google.protobuf.CodedOutputStream output)
     

    Methods inherited from class com.google.protobuf.GeneratedMessageV3

    canUseUnsafe, computeStringSize, computeStringSizeNoTag, emptyBooleanList, emptyDoubleList, emptyFloatList, emptyIntList, emptyList, emptyLongList, getAllFields, getDescriptorForType, getField, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMapFieldReflection, isStringEmpty, makeExtensionsImmutable, makeMutableCopy, makeMutableCopy, mergeFromAndMakeImmutableInternal, mutableCopy, mutableCopy, mutableCopy, mutableCopy, mutableCopy, newBooleanList, newBuilderForType, newDoubleList, newFloatList, newIntList, newLongList, parseDelimitedWithIOException, parseDelimitedWithIOException, parseUnknownField, parseUnknownFieldProto3, parseWithIOException, parseWithIOException, parseWithIOException, parseWithIOException, serializeBooleanMapTo, serializeIntegerMapTo, serializeLongMapTo, serializeStringMapTo, writeReplace, writeString, writeStringNoTag

    Methods inherited from class com.google.protobuf.AbstractMessage

    findInitializationErrors, getInitializationErrorString, hashBoolean, hashEnum, hashEnumList, hashFields, hashLong, toString

    Methods inherited from class com.google.protobuf.AbstractMessageLite

    addAll, addAll, checkByteStringIsUtf8, toByteArray, toByteString, writeDelimitedTo, writeTo

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    Methods inherited from interface com.google.protobuf.MessageLite

    toByteArray, toByteString, writeDelimitedTo, writeTo

    Methods inherited from interface com.google.protobuf.MessageOrBuilder

    findInitializationErrors, getAllFields, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

  • Field Details

    • TLS_MINIMUM_PROTOCOL_VERSION_FIELD_NUMBER

      public static final int TLS_MINIMUM_PROTOCOL_VERSION_FIELD_NUMBER
      See Also:

    • TLS_MAXIMUM_PROTOCOL_VERSION_FIELD_NUMBER

      public static final int TLS_MAXIMUM_PROTOCOL_VERSION_FIELD_NUMBER
      See Also:

    • CIPHER_SUITES_FIELD_NUMBER

      public static final int CIPHER_SUITES_FIELD_NUMBER
      See Also:

    • ECDH_CURVES_FIELD_NUMBER

      public static final int ECDH_CURVES_FIELD_NUMBER
      See Also:

    • SIGNATURE_ALGORITHMS_FIELD_NUMBER

      public static final int SIGNATURE_ALGORITHMS_FIELD_NUMBER
      See Also:

    • COMPLIANCE_POLICIES_FIELD_NUMBER

      public static final int COMPLIANCE_POLICIES_FIELD_NUMBER
      See Also:

  • Method Details

    • newInstance

      protected Object newInstance(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
      Overrides:
      newInstance in class com.google.protobuf.GeneratedMessageV3

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

    • getTlsMinimumProtocolVersionValue

      public int getTlsMinimumProtocolVersionValue()
       Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.

 TLS protocol versions below TLSv1_2 require setting compatible ciphers with the
 ``cipher_suites`` setting as the default ciphers no longer include compatible ciphers.

 .. attention::

   Using TLS protocol versions below TLSv1_2 has serious security considerations and risks.
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
      Specified by:
      getTlsMinimumProtocolVersionValue in interface TlsParametersOrBuilder
      Returns:
      The enum numeric value on the wire for tlsMinimumProtocolVersion.

    • getTlsMinimumProtocolVersion

      public TlsParameters.TlsProtocol getTlsMinimumProtocolVersion()
       Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.

 TLS protocol versions below TLSv1_2 require setting compatible ciphers with the
 ``cipher_suites`` setting as the default ciphers no longer include compatible ciphers.

 .. attention::

   Using TLS protocol versions below TLSv1_2 has serious security considerations and risks.
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
      Specified by:
      getTlsMinimumProtocolVersion in interface TlsParametersOrBuilder
      Returns:
      The tlsMinimumProtocolVersion.

    • getTlsMaximumProtocolVersionValue

      public int getTlsMaximumProtocolVersionValue()
       Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
      Specified by:
      getTlsMaximumProtocolVersionValue in interface TlsParametersOrBuilder
      Returns:
      The enum numeric value on the wire for tlsMaximumProtocolVersion.

    • getTlsMaximumProtocolVersion

      public TlsParameters.TlsProtocol getTlsMaximumProtocolVersion()
       Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
      Specified by:
      getTlsMaximumProtocolVersion in interface TlsParametersOrBuilder
      Returns:
      The tlsMaximumProtocolVersion.

    • getCipherSuitesList

      public com.google.protobuf.ProtocolStringList getCipherSuitesList()
       If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).

 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.

 In non-FIPS builds, the default server cipher list is:

 .. code-block:: none

   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:

 .. code-block:: none

   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In non-FIPS builds, the default client cipher list is:

 .. code-block:: none

   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:

 .. code-block:: none

   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
      repeated string cipher_suites = 3;
      Specified by:
      getCipherSuitesList in interface TlsParametersOrBuilder
      Returns:
      A list containing the cipherSuites.

    • getCipherSuitesCount

      public int getCipherSuitesCount()
       If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).

 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.

 In non-FIPS builds, the default server cipher list is:

 .. code-block:: none

   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:

 .. code-block:: none

   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In non-FIPS builds, the default client cipher list is:

 .. code-block:: none

   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:

 .. code-block:: none

   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
      repeated string cipher_suites = 3;
      Specified by:
      getCipherSuitesCount in interface TlsParametersOrBuilder
      Returns:
      The count of cipherSuites.

    • getCipherSuites

      public String getCipherSuites(int index)
       If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).

 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.

 In non-FIPS builds, the default server cipher list is:

 .. code-block:: none

   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:

 .. code-block:: none

   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In non-FIPS builds, the default client cipher list is:

 .. code-block:: none

   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:

 .. code-block:: none

   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
      repeated string cipher_suites = 3;
      Specified by:
      getCipherSuites in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The cipherSuites at the given index.

    • getCipherSuitesBytes

      public com.google.protobuf.ByteString getCipherSuitesBytes(int index)
       If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).

 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.

 In non-FIPS builds, the default server cipher list is:

 .. code-block:: none

   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:

 .. code-block:: none

   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In non-FIPS builds, the default client cipher list is:

 .. code-block:: none

   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:

 .. code-block:: none

   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
      repeated string cipher_suites = 3;
      Specified by:
      getCipherSuitesBytes in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the cipherSuites at the given index.

    • getEcdhCurvesList

      public com.google.protobuf.ProtocolStringList getEcdhCurvesList()
       If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.

 In non-FIPS builds, the default curves are:

 .. code-block:: none

   X25519
   P-256

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:

 .. code-block:: none

   P-256
      repeated string ecdh_curves = 4;
      Specified by:
      getEcdhCurvesList in interface TlsParametersOrBuilder
      Returns:
      A list containing the ecdhCurves.

    • getEcdhCurvesCount

      public int getEcdhCurvesCount()
       If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.

 In non-FIPS builds, the default curves are:

 .. code-block:: none

   X25519
   P-256

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:

 .. code-block:: none

   P-256
      repeated string ecdh_curves = 4;
      Specified by:
      getEcdhCurvesCount in interface TlsParametersOrBuilder
      Returns:
      The count of ecdhCurves.

    • getEcdhCurves

      public String getEcdhCurves(int index)
       If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.

 In non-FIPS builds, the default curves are:

 .. code-block:: none

   X25519
   P-256

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:

 .. code-block:: none

   P-256
      repeated string ecdh_curves = 4;
      Specified by:
      getEcdhCurves in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The ecdhCurves at the given index.

    • getEcdhCurvesBytes

      public com.google.protobuf.ByteString getEcdhCurvesBytes(int index)
       If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.

 In non-FIPS builds, the default curves are:

 .. code-block:: none

   X25519
   P-256

 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:

 .. code-block:: none

   P-256
      repeated string ecdh_curves = 4;
      Specified by:
      getEcdhCurvesBytes in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the ecdhCurves at the given index.

    • getSignatureAlgorithmsList

      public com.google.protobuf.ProtocolStringList getSignatureAlgorithmsList()
       If specified, the TLS connection will only support the specified signature algorithms.
 The list is ordered by preference.
 If not specified, the default signature algorithms defined by BoringSSL will be used.

 Default signature algorithms selected by BoringSSL (may be out of date):

 .. code-block:: none

   ecdsa_secp256r1_sha256
   rsa_pss_rsae_sha256
   rsa_pkcs1_sha256
   ecdsa_secp384r1_sha384
   rsa_pss_rsae_sha384
   rsa_pkcs1_sha384
   rsa_pss_rsae_sha512
   rsa_pkcs1_sha512
   rsa_pkcs1_sha1

 Signature algorithms supported by BoringSSL (may be out of date):

 .. code-block:: none

   rsa_pkcs1_sha256
   rsa_pkcs1_sha384
   rsa_pkcs1_sha512
   ecdsa_secp256r1_sha256
   ecdsa_secp384r1_sha384
   ecdsa_secp521r1_sha512
   rsa_pss_rsae_sha256
   rsa_pss_rsae_sha384
   rsa_pss_rsae_sha512
   ed25519
   rsa_pkcs1_sha1
   ecdsa_sha1
      repeated string signature_algorithms = 5;
      Specified by:
      getSignatureAlgorithmsList in interface TlsParametersOrBuilder
      Returns:
      A list containing the signatureAlgorithms.

    • getSignatureAlgorithmsCount

      public int getSignatureAlgorithmsCount()
       If specified, the TLS connection will only support the specified signature algorithms.
 The list is ordered by preference.
 If not specified, the default signature algorithms defined by BoringSSL will be used.

 Default signature algorithms selected by BoringSSL (may be out of date):

 .. code-block:: none

   ecdsa_secp256r1_sha256
   rsa_pss_rsae_sha256
   rsa_pkcs1_sha256
   ecdsa_secp384r1_sha384
   rsa_pss_rsae_sha384
   rsa_pkcs1_sha384
   rsa_pss_rsae_sha512
   rsa_pkcs1_sha512
   rsa_pkcs1_sha1

 Signature algorithms supported by BoringSSL (may be out of date):

 .. code-block:: none

   rsa_pkcs1_sha256
   rsa_pkcs1_sha384
   rsa_pkcs1_sha512
   ecdsa_secp256r1_sha256
   ecdsa_secp384r1_sha384
   ecdsa_secp521r1_sha512
   rsa_pss_rsae_sha256
   rsa_pss_rsae_sha384
   rsa_pss_rsae_sha512
   ed25519
   rsa_pkcs1_sha1
   ecdsa_sha1
      repeated string signature_algorithms = 5;
      Specified by:
      getSignatureAlgorithmsCount in interface TlsParametersOrBuilder
      Returns:
      The count of signatureAlgorithms.

    • getSignatureAlgorithms

      public String getSignatureAlgorithms(int index)
       If specified, the TLS connection will only support the specified signature algorithms.
 The list is ordered by preference.
 If not specified, the default signature algorithms defined by BoringSSL will be used.

 Default signature algorithms selected by BoringSSL (may be out of date):

 .. code-block:: none

   ecdsa_secp256r1_sha256
   rsa_pss_rsae_sha256
   rsa_pkcs1_sha256
   ecdsa_secp384r1_sha384
   rsa_pss_rsae_sha384
   rsa_pkcs1_sha384
   rsa_pss_rsae_sha512
   rsa_pkcs1_sha512
   rsa_pkcs1_sha1

 Signature algorithms supported by BoringSSL (may be out of date):

 .. code-block:: none

   rsa_pkcs1_sha256
   rsa_pkcs1_sha384
   rsa_pkcs1_sha512
   ecdsa_secp256r1_sha256
   ecdsa_secp384r1_sha384
   ecdsa_secp521r1_sha512
   rsa_pss_rsae_sha256
   rsa_pss_rsae_sha384
   rsa_pss_rsae_sha512
   ed25519
   rsa_pkcs1_sha1
   ecdsa_sha1
      repeated string signature_algorithms = 5;
      Specified by:
      getSignatureAlgorithms in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The signatureAlgorithms at the given index.

    • getSignatureAlgorithmsBytes

      public com.google.protobuf.ByteString getSignatureAlgorithmsBytes(int index)
       If specified, the TLS connection will only support the specified signature algorithms.
 The list is ordered by preference.
 If not specified, the default signature algorithms defined by BoringSSL will be used.

 Default signature algorithms selected by BoringSSL (may be out of date):

 .. code-block:: none

   ecdsa_secp256r1_sha256
   rsa_pss_rsae_sha256
   rsa_pkcs1_sha256
   ecdsa_secp384r1_sha384
   rsa_pss_rsae_sha384
   rsa_pkcs1_sha384
   rsa_pss_rsae_sha512
   rsa_pkcs1_sha512
   rsa_pkcs1_sha1

 Signature algorithms supported by BoringSSL (may be out of date):

 .. code-block:: none

   rsa_pkcs1_sha256
   rsa_pkcs1_sha384
   rsa_pkcs1_sha512
   ecdsa_secp256r1_sha256
   ecdsa_secp384r1_sha384
   ecdsa_secp521r1_sha512
   rsa_pss_rsae_sha256
   rsa_pss_rsae_sha384
   rsa_pss_rsae_sha512
   ed25519
   rsa_pkcs1_sha1
   ecdsa_sha1
      repeated string signature_algorithms = 5;
      Specified by:
      getSignatureAlgorithmsBytes in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the signatureAlgorithms at the given index.

    • getCompliancePoliciesList

      public List<TlsParameters.CompliancePolicy> getCompliancePoliciesList()
       Compliance policies configure various aspects of the TLS based on the given policy.
 The policies are applied last during configuration and may override the other TLS
 parameters, or any previous policy.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsParameters.CompliancePolicy compliance_policies = 6 [(.validate.rules) = { ... }
      Specified by:
      getCompliancePoliciesList in interface TlsParametersOrBuilder
      Returns:
      A list containing the compliancePolicies.

    • getCompliancePoliciesCount

      public int getCompliancePoliciesCount()
       Compliance policies configure various aspects of the TLS based on the given policy.
 The policies are applied last during configuration and may override the other TLS
 parameters, or any previous policy.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsParameters.CompliancePolicy compliance_policies = 6 [(.validate.rules) = { ... }
      Specified by:
      getCompliancePoliciesCount in interface TlsParametersOrBuilder
      Returns:
      The count of compliancePolicies.

    • getCompliancePolicies

      public TlsParameters.CompliancePolicy getCompliancePolicies(int index)
       Compliance policies configure various aspects of the TLS based on the given policy.
 The policies are applied last during configuration and may override the other TLS
 parameters, or any previous policy.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsParameters.CompliancePolicy compliance_policies = 6 [(.validate.rules) = { ... }
      Specified by:
      getCompliancePolicies in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The compliancePolicies at the given index.

    • getCompliancePoliciesValueList

      public List<Integer> getCompliancePoliciesValueList()
       Compliance policies configure various aspects of the TLS based on the given policy.
 The policies are applied last during configuration and may override the other TLS
 parameters, or any previous policy.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsParameters.CompliancePolicy compliance_policies = 6 [(.validate.rules) = { ... }
      Specified by:
      getCompliancePoliciesValueList in interface TlsParametersOrBuilder
      Returns:
      A list containing the enum numeric values on the wire for compliancePolicies.

    • getCompliancePoliciesValue

      public int getCompliancePoliciesValue(int index)
       Compliance policies configure various aspects of the TLS based on the given policy.
 The policies are applied last during configuration and may override the other TLS
 parameters, or any previous policy.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsParameters.CompliancePolicy compliance_policies = 6 [(.validate.rules) = { ... }
      Specified by:
      getCompliancePoliciesValue in interface TlsParametersOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The enum numeric value on the wire of compliancePolicies at the given index.

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3

    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessageV3
      Throws:
      IOException

    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessageV3

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage

    • parseFrom

      public static TlsParameters parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsParameters parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsParameters parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsParameters parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsParameters parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsParameters parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TlsParameters parseFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TlsParameters parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static TlsParameters parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static TlsParameters parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TlsParameters parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TlsParameters parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • newBuilderForType

      public TlsParameters.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite

    • newBuilder

      public static TlsParameters.Builder newBuilder()

    • newBuilder

      public static TlsParameters.Builder newBuilder(TlsParameters prototype)

    • toBuilder

      public TlsParameters.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite

    • newBuilderForType

      protected TlsParameters.Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
      Specified by:
      newBuilderForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstance

      public static TlsParameters getDefaultInstance()

    • parser

      public static com.google.protobuf.Parser<TlsParameters> parser()

    • getParserForType

      public com.google.protobuf.Parser<TlsParameters> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessageV3

    • getDefaultInstanceForType

      public TlsParameters getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder