aboutsummaryrefslogtreecommitdiffstats
path: root/security-utils/src/main/java/com/yahoo
Commit message (Expand)AuthorAgeFilesLines
* Merge pull request #26168 from vespa-engine/revert-26152-revert-26139-vekterl...Tor Brede Vekterli2023-02-242-2/+4
|\
| * Revert "Revert "Add `vespa.content.state_api` capability" MERGEOK"Tor Brede Vekterli2023-02-232-2/+4
* | Revert "Revert "Store original capability (set) names from JSON config in Pee...Bjørn Christian Seime2023-02-235-20/+69
|/
* Merge pull request #26153 from vespa-engine/revert-26145-bjorncs/capabilitiesBjørn Christian Seime2023-02-235-69/+20
|\
| * Revert "Store original capability (set) names from JSON config in PeerPolicy"Bjørn Christian Seime2023-02-235-69/+20
* | Revert "Add `vespa.content.state_api` capability"Bjørn Christian Seime2023-02-232-4/+2
|/
* Merge pull request #26139 from vespa-engine/vekterli/add-content-state-api-ca...Tor Brede Vekterli2023-02-222-2/+4
|\
| * Add `vespa.content.state_api` capability to JavaTor Brede Vekterli2023-02-222-2/+4
* | Store original capability (set) names from JSON config in PeerPolicyBjørn Christian Seime2023-02-225-20/+69
|/
* Grant container nodes access to container document apiBjørn Christian Seime2023-02-201-1/+2
* Specify that '/logs' requires logserver capabilityBjørn Christian Seime2023-02-171-1/+2
* Warn instead of fail for unknown capability (set)Bjørn Christian Seime2023-02-172-9/+10
* Improve metric names, fix wiringBjørn Christian Seime2023-02-161-9/+9
* Add capability 'vespa.sentinel.inspect_services'Bjørn Christian Seime2023-02-161-0/+1
* Add metrics for capability checksBjørn Christian Seime2023-02-162-0/+39
* Add capability 'vespa.content.proton_admin_api'Bjørn Christian Seime2023-02-151-0/+1
* Add slobrok capability to all application nodesBjørn Christian Seime2023-02-151-2/+2
* Add new capabilities to existing capability setsBjørn Christian Seime2023-02-151-6/+10
* Use explicit `equals` and `hashCode` to use contents of arrays, not just refsTor Brede Vekterli2023-02-141-0/+35
* Require capabilities for built-in request handlersBjørn Christian Seime2023-02-141-0/+4
* Revert "Revert "Bjorncs/capabilities""Henning Baldersheim2023-02-142-14/+28
* Revert "Bjorncs/capabilities"Henning Baldersheim2023-02-142-28/+14
* Add new capabilities in node specific capability setsBjørn Christian Seime2023-02-132-8/+22
* Rename 'from()' to 'of()'Bjørn Christian Seime2023-02-132-6/+6
* Define required capabilities for existing JRT RPC methodsBjørn Christian Seime2023-02-091-0/+12
* Introduce capbilities for unclassified APIsBjørn Christian Seime2023-02-091-0/+3
* Move definition of predefined capability set to parent classBjørn Christian Seime2023-02-093-29/+45
* Add 'vespa.none' capabilityBjørn Christian Seime2023-02-061-0/+1
* Add an "interactive" token resealing protocol and basic tooling supportTor Brede Vekterli2023-01-313-9/+173
* Add y64 encoderBjørn Christian Seime2023-01-301-0/+38
* Unify on Streams.toListHenning Baldersheim2023-01-175-10/+5
* Ensure that HTTPS clients only use allowed ciphers and protocol versionsBjørn Christian Seime2023-01-092-2/+25
* Revert "Ensure that HTTPS clients only use allowed ciphers and protocol versi...Andreas Eriksen2023-01-062-25/+2
* Ensure that HTTPS clients only use allowed ciphers and protocol versionsBjørn Christian Seime2023-01-062-2/+25
* Use ChaCha20-Poly1305 instead of AES-GCM for shared key-based cryptoTor Brede Vekterli2023-01-054-17/+167
* Correct class name to reflect actual cipher name orderTor Brede Vekterli2022-12-014-7/+7
* Use BouncyCastle AES GCM cipher and I/O streams instead of JCATor Brede Vekterli2022-11-162-21/+60
* Add support for token resealingTor Brede Vekterli2022-11-111-4/+12
* Use Base62 for tokens and Base58 for keysTor Brede Vekterli2022-11-092-7/+40
* Add a codec that enables conversion to and from a base N representationTor Brede Vekterli2022-11-083-0/+194
* Array clone() -> Arrays.copyOf()Tor Brede Vekterli2022-11-021-1/+1
* Encapsulate key identifier in own objectTor Brede Vekterli2022-11-023-25/+100
* Let token key IDs be UTF-8 byte strings instead of just an integerTor Brede Vekterli2022-11-012-27/+48
* Use JDK17's own hex utilities instead of BouncyCastle'sTor Brede Vekterli2022-10-251-4/+3
* Use HPKE instead of ECIES for shared single-use keysTor Brede Vekterli2022-10-202-56/+51
* Add X25519 private to public key extraction and use for HPKE openingTor Brede Vekterli2022-10-194-16/+18
* Minimal implementation of RFC 9180 Hybrid Public Key Encryption (HPKE)Tor Brede Vekterli2022-10-1813-1/+1040
* Add some utilities for comparing arrays without data-dependent branchesTor Brede Vekterli2022-10-171-0/+54
* Implement RFC-5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF)Tor Brede Vekterli2022-10-131-0/+221
* Enforce SHA-256 and AES-CBC for ECIES key wrappingTor Brede Vekterli2022-10-132-18/+35