diff options
author | Tor Brede Vekterli <vekterli@oath.com> | 2019-01-24 16:34:54 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-24 16:34:54 +0100 |
commit | 25f41d6c5fd105b47d9f0d0c1642f25fd9ac8795 (patch) | |
tree | b5e22db7bcee5a9d41da33f261c33f351307cad1 /jrt | |
parent | 1ed75a5681fc19966fdb1940f3f55e6c8f5c2c76 (diff) | |
parent | e9fb2bbd3ceb780b48c9aa60026f4f096ba2cc50 (diff) |
Merge pull request #8218 from vespa-engine/bjorncs/tls
bjorncs/tls
Diffstat (limited to 'jrt')
-rw-r--r-- | jrt/src/com/yahoo/jrt/Acceptor.java | 2 | ||||
-rw-r--r-- | jrt/src/com/yahoo/jrt/Closer.java | 2 | ||||
-rw-r--r-- | jrt/src/com/yahoo/jrt/Connector.java | 2 | ||||
-rw-r--r-- | jrt/src/com/yahoo/jrt/Transport.java | 2 | ||||
-rw-r--r-- | jrt/tests/com/yahoo/jrt/CryptoUtils.java | 11 |
5 files changed, 9 insertions, 10 deletions
diff --git a/jrt/src/com/yahoo/jrt/Acceptor.java b/jrt/src/com/yahoo/jrt/Acceptor.java index d27700a5f8f..3da978fb90e 100644 --- a/jrt/src/com/yahoo/jrt/Acceptor.java +++ b/jrt/src/com/yahoo/jrt/Acceptor.java @@ -30,7 +30,7 @@ public class Acceptor { private final static Logger log = Logger.getLogger(Acceptor.class.getName()); - private final Thread thread = new Thread(new Run(), "<acceptor>"); + private final Thread thread = new Thread(new Run(), "<jrt-acceptor>"); private final CountDownLatch shutdownGate = new CountDownLatch(1); private final Transport parent; private final Supervisor owner; diff --git a/jrt/src/com/yahoo/jrt/Closer.java b/jrt/src/com/yahoo/jrt/Closer.java index aa7dedd8a26..71d99807253 100644 --- a/jrt/src/com/yahoo/jrt/Closer.java +++ b/jrt/src/com/yahoo/jrt/Closer.java @@ -14,7 +14,7 @@ class Closer { } } - private Thread thread = new Thread(new Run(), "<closer>"); + private Thread thread = new Thread(new Run(), "<jrt-closer>"); private Transport parent; private ThreadQueue closeQueue = new ThreadQueue(); diff --git a/jrt/src/com/yahoo/jrt/Connector.java b/jrt/src/com/yahoo/jrt/Connector.java index ee387e732cb..a4cbd07d3f8 100644 --- a/jrt/src/com/yahoo/jrt/Connector.java +++ b/jrt/src/com/yahoo/jrt/Connector.java @@ -14,7 +14,7 @@ class Connector { } } - private Thread thread = new Thread(new Run(), "<connector>"); + private Thread thread = new Thread(new Run(), "<jrt-connector>"); private Transport parent; private ThreadQueue connectQueue = new ThreadQueue(); private boolean done = false; diff --git a/jrt/src/com/yahoo/jrt/Transport.java b/jrt/src/com/yahoo/jrt/Transport.java index 8da4c737f79..0a2f2a4b7cb 100644 --- a/jrt/src/com/yahoo/jrt/Transport.java +++ b/jrt/src/com/yahoo/jrt/Transport.java @@ -170,7 +170,7 @@ public class Transport { this.fatalHandler = fatalHandler; // NB: this must be set first } this.cryptoEngine = cryptoEngine; - thread = new Thread(new Run(), "<transport>"); + thread = new Thread(new Run(), "<jrt-transport>"); queue = new Queue(); myQueue = new Queue(); connector = new Connector(this); diff --git a/jrt/tests/com/yahoo/jrt/CryptoUtils.java b/jrt/tests/com/yahoo/jrt/CryptoUtils.java index 1c2280567cb..6890fe88da5 100644 --- a/jrt/tests/com/yahoo/jrt/CryptoUtils.java +++ b/jrt/tests/com/yahoo/jrt/CryptoUtils.java @@ -18,8 +18,8 @@ import java.security.KeyPair; import java.security.cert.X509Certificate; import java.time.Instant; -import static com.yahoo.security.KeyAlgorithm.RSA; -import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_RSA; +import static com.yahoo.security.KeyAlgorithm.EC; +import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_ECDSA; import static com.yahoo.security.X509CertificateBuilder.generateRandomSerialNumber; import static java.time.Instant.EPOCH; import static java.time.temporal.ChronoUnit.DAYS; @@ -29,13 +29,12 @@ import static java.util.Collections.singletonList; /** * @author bjorncs */ -// TODO Use EC. Java/JSSE is currently unable to find compatible ciphers when using elliptic curve crypto from BouncyCastle class CryptoUtils { - static final KeyPair keyPair = KeyUtils.generateKeypair(RSA); + static final KeyPair keyPair = KeyUtils.generateKeypair(EC); static final X509Certificate certificate = X509CertificateBuilder - .fromKeypair(keyPair, new X500Principal("CN=dummy"), EPOCH, Instant.now().plus(1, DAYS), SHA256_WITH_RSA, generateRandomSerialNumber()) + .fromKeypair(keyPair, new X500Principal("CN=dummy"), EPOCH, Instant.now().plus(1, DAYS), SHA256_WITH_ECDSA, generateRandomSerialNumber()) .build(); static final AuthorizedPeers authorizedPeers = new AuthorizedPeers( @@ -49,7 +48,7 @@ class CryptoUtils { Field.CN, new HostGlobPattern("dummy")))))); static TlsContext createTestTlsContext() { - return new DefaultTlsContext(singletonList(certificate), keyPair.getPrivate(), singletonList(certificate), authorizedPeers, AuthorizationMode.ENFORCE); + return new DefaultTlsContext(singletonList(certificate), keyPair.getPrivate(), singletonList(certificate), authorizedPeers, AuthorizationMode.ENFORCE, DefaultTlsContext.ALLOWED_CIPHER_SUITES); } } |