Package io.envoyproxy.envoy.extensions.transport_sockets.tls.v3

Class TlsParameters.Builder

  • All Implemented Interfaces:
    com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, TlsParametersOrBuilder, Cloneable
    Enclosing class:
    TlsParameters
    public static final class TlsParameters.Builder
extends com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>
implements TlsParametersOrBuilder
    Protobuf type envoy.extensions.transport_sockets.tls.v3.TlsParameters

    • Method Detail

      • getDescriptor

        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

      • internalGetFieldAccessorTable

        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
        Specified by:
        internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • clear

        public TlsParameters.Builder clear()
        Specified by:
        clear in interface com.google.protobuf.Message.Builder
        Specified by:
        clear in interface com.google.protobuf.MessageLite.Builder
        Overrides:
        clear in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • getDescriptorForType

        public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
        Specified by:
        getDescriptorForType in interface com.google.protobuf.Message.Builder
        Specified by:
        getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
        Overrides:
        getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • getDefaultInstanceForType

        public TlsParameters getDefaultInstanceForType()
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

      • build

        public TlsParameters build()
        Specified by:
        build in interface com.google.protobuf.Message.Builder
        Specified by:
        build in interface com.google.protobuf.MessageLite.Builder

      • buildPartial

        public TlsParameters buildPartial()
        Specified by:
        buildPartial in interface com.google.protobuf.Message.Builder
        Specified by:
        buildPartial in interface com.google.protobuf.MessageLite.Builder

      • clone

        public TlsParameters.Builder clone()
        Specified by:
        clone in interface com.google.protobuf.Message.Builder
        Specified by:
        clone in interface com.google.protobuf.MessageLite.Builder
        Overrides:
        clone in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • setField

        public TlsParameters.Builder setField​(com.google.protobuf.Descriptors.FieldDescriptor field,
                                      Object value)
        Specified by:
        setField in interface com.google.protobuf.Message.Builder
        Overrides:
        setField in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • clearField

        public TlsParameters.Builder clearField​(com.google.protobuf.Descriptors.FieldDescriptor field)
        Specified by:
        clearField in interface com.google.protobuf.Message.Builder
        Overrides:
        clearField in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • clearOneof

        public TlsParameters.Builder clearOneof​(com.google.protobuf.Descriptors.OneofDescriptor oneof)
        Specified by:
        clearOneof in interface com.google.protobuf.Message.Builder
        Overrides:
        clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • setRepeatedField

        public TlsParameters.Builder setRepeatedField​(com.google.protobuf.Descriptors.FieldDescriptor field,
                                              int index,
                                              Object value)
        Specified by:
        setRepeatedField in interface com.google.protobuf.Message.Builder
        Overrides:
        setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • addRepeatedField

        public TlsParameters.Builder addRepeatedField​(com.google.protobuf.Descriptors.FieldDescriptor field,
                                              Object value)
        Specified by:
        addRepeatedField in interface com.google.protobuf.Message.Builder
        Overrides:
        addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • mergeFrom

        public TlsParameters.Builder mergeFrom​(com.google.protobuf.Message other)
        Specified by:
        mergeFrom in interface com.google.protobuf.Message.Builder
        Overrides:
        mergeFrom in class com.google.protobuf.AbstractMessage.Builder<TlsParameters.Builder>

      • isInitialized

        public final boolean isInitialized()
        Specified by:
        isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
        Overrides:
        isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • mergeFrom

        public TlsParameters.Builder mergeFrom​(com.google.protobuf.CodedInputStream input,
                                       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                throws IOException
        Specified by:
        mergeFrom in interface com.google.protobuf.Message.Builder
        Specified by:
        mergeFrom in interface com.google.protobuf.MessageLite.Builder
        Overrides:
        mergeFrom in class com.google.protobuf.AbstractMessage.Builder<TlsParameters.Builder>
        Throws:
        IOException

      • getTlsMinimumProtocolVersionValue

        public int getTlsMinimumProtocolVersionValue()
         Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
        Specified by:
        getTlsMinimumProtocolVersionValue in interface TlsParametersOrBuilder
        Returns:
        The enum numeric value on the wire for tlsMinimumProtocolVersion.

      • setTlsMinimumProtocolVersionValue

        public TlsParameters.Builder setTlsMinimumProtocolVersionValue​(int value)
         Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
        Parameters:
        value - The enum numeric value on the wire for tlsMinimumProtocolVersion to set.
        Returns:
        This builder for chaining.

      • getTlsMinimumProtocolVersion

        public TlsParameters.TlsProtocol getTlsMinimumProtocolVersion()
         Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
        Specified by:
        getTlsMinimumProtocolVersion in interface TlsParametersOrBuilder
        Returns:
        The tlsMinimumProtocolVersion.

      • setTlsMinimumProtocolVersion

        public TlsParameters.Builder setTlsMinimumProtocolVersion​(TlsParameters.TlsProtocol value)
         Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
        Parameters:
        value - The tlsMinimumProtocolVersion to set.
        Returns:
        This builder for chaining.

      • clearTlsMinimumProtocolVersion

        public TlsParameters.Builder clearTlsMinimumProtocolVersion()
         Minimum TLS protocol version. By default, it's ``TLSv1_2`` for both clients and servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }
        Returns:
        This builder for chaining.

      • getTlsMaximumProtocolVersionValue

        public int getTlsMaximumProtocolVersionValue()
         Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
        Specified by:
        getTlsMaximumProtocolVersionValue in interface TlsParametersOrBuilder
        Returns:
        The enum numeric value on the wire for tlsMaximumProtocolVersion.

      • setTlsMaximumProtocolVersionValue

        public TlsParameters.Builder setTlsMaximumProtocolVersionValue​(int value)
         Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
        Parameters:
        value - The enum numeric value on the wire for tlsMaximumProtocolVersion to set.
        Returns:
        This builder for chaining.

      • getTlsMaximumProtocolVersion

        public TlsParameters.TlsProtocol getTlsMaximumProtocolVersion()
         Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
        Specified by:
        getTlsMaximumProtocolVersion in interface TlsParametersOrBuilder
        Returns:
        The tlsMaximumProtocolVersion.

      • setTlsMaximumProtocolVersion

        public TlsParameters.Builder setTlsMaximumProtocolVersion​(TlsParameters.TlsProtocol value)
         Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
        Parameters:
        value - The tlsMaximumProtocolVersion to set.
        Returns:
        This builder for chaining.

      • clearTlsMaximumProtocolVersion

        public TlsParameters.Builder clearTlsMaximumProtocolVersion()
         Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }
        Returns:
        This builder for chaining.

      • getCipherSuitesList

        public com.google.protobuf.ProtocolStringList getCipherSuitesList()
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Specified by:
        getCipherSuitesList in interface TlsParametersOrBuilder
        Returns:
        A list containing the cipherSuites.

      • getCipherSuitesCount

        public int getCipherSuitesCount()
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Specified by:
        getCipherSuitesCount in interface TlsParametersOrBuilder
        Returns:
        The count of cipherSuites.

      • getCipherSuites

        public String getCipherSuites​(int index)
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Specified by:
        getCipherSuites in interface TlsParametersOrBuilder
        Parameters:
        index - The index of the element to return.
        Returns:
        The cipherSuites at the given index.

      • getCipherSuitesBytes

        public com.google.protobuf.ByteString getCipherSuitesBytes​(int index)
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Specified by:
        getCipherSuitesBytes in interface TlsParametersOrBuilder
        Parameters:
        index - The index of the value to return.
        Returns:
        The bytes of the cipherSuites at the given index.

      • setCipherSuites

        public TlsParameters.Builder setCipherSuites​(int index,
                                             String value)
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Parameters:
        index - The index to set the value at.
        value - The cipherSuites to set.
        Returns:
        This builder for chaining.

      • addCipherSuites

        public TlsParameters.Builder addCipherSuites​(String value)
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Parameters:
        value - The cipherSuites to add.
        Returns:
        This builder for chaining.

      • addAllCipherSuites

        public TlsParameters.Builder addAllCipherSuites​(Iterable<String> values)
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Parameters:
        values - The cipherSuites to add.
        Returns:
        This builder for chaining.

      • clearCipherSuites

        public TlsParameters.Builder clearCipherSuites()
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Returns:
        This builder for chaining.

      • addCipherSuitesBytes

        public TlsParameters.Builder addCipherSuitesBytes​(com.google.protobuf.ByteString value)
         If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
 If not specified, a default list will be used. Defaults are different for server (downstream) and
 client (upstream) TLS configurations.
 Defaults will change over time in response to security considerations; If you care, configure
 it instead of using the default.
 In non-FIPS builds, the default server cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In non-FIPS builds, the default client cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default client cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
        repeated string cipher_suites = 3;
        Parameters:
        value - The bytes of the cipherSuites to add.
        Returns:
        This builder for chaining.

      • getEcdhCurvesList

        public com.google.protobuf.ProtocolStringList getEcdhCurvesList()
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Specified by:
        getEcdhCurvesList in interface TlsParametersOrBuilder
        Returns:
        A list containing the ecdhCurves.

      • getEcdhCurvesCount

        public int getEcdhCurvesCount()
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Specified by:
        getEcdhCurvesCount in interface TlsParametersOrBuilder
        Returns:
        The count of ecdhCurves.

      • getEcdhCurves

        public String getEcdhCurves​(int index)
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Specified by:
        getEcdhCurves in interface TlsParametersOrBuilder
        Parameters:
        index - The index of the element to return.
        Returns:
        The ecdhCurves at the given index.

      • getEcdhCurvesBytes

        public com.google.protobuf.ByteString getEcdhCurvesBytes​(int index)
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Specified by:
        getEcdhCurvesBytes in interface TlsParametersOrBuilder
        Parameters:
        index - The index of the value to return.
        Returns:
        The bytes of the ecdhCurves at the given index.

      • setEcdhCurves

        public TlsParameters.Builder setEcdhCurves​(int index,
                                           String value)
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Parameters:
        index - The index to set the value at.
        value - The ecdhCurves to set.
        Returns:
        This builder for chaining.

      • addEcdhCurves

        public TlsParameters.Builder addEcdhCurves​(String value)
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Parameters:
        value - The ecdhCurves to add.
        Returns:
        This builder for chaining.

      • addAllEcdhCurves

        public TlsParameters.Builder addAllEcdhCurves​(Iterable<String> values)
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Parameters:
        values - The ecdhCurves to add.
        Returns:
        This builder for chaining.

      • clearEcdhCurves

        public TlsParameters.Builder clearEcdhCurves()
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Returns:
        This builder for chaining.

      • addEcdhCurvesBytes

        public TlsParameters.Builder addEcdhCurvesBytes​(com.google.protobuf.ByteString value)
         If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256
        repeated string ecdh_curves = 4;
        Parameters:
        value - The bytes of the ecdhCurves to add.
        Returns:
        This builder for chaining.

      • setUnknownFields

        public final TlsParameters.Builder setUnknownFields​(com.google.protobuf.UnknownFieldSet unknownFields)
        Specified by:
        setUnknownFields in interface com.google.protobuf.Message.Builder
        Overrides:
        setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>

      • mergeUnknownFields

        public final TlsParameters.Builder mergeUnknownFields​(com.google.protobuf.UnknownFieldSet unknownFields)
        Specified by:
        mergeUnknownFields in interface com.google.protobuf.Message.Builder
        Overrides:
        mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<TlsParameters.Builder>