index
:
vespa
6
7
andreer/permanent-enclave-flag
aressem/test-dummy
aressem/test-pr-bk
aressem/test-pr-build-3
aressem/test-valgrind
arnej/add-feature-flag
arnej/cosmetic-message-fix
arnej/golang-slime-port-1
arnej/remove-convert-in-calculator
arnej/use-our-shell-quote
arnej/wip-sand-fixups
balder/apply-termwise-filters-on-match-phase-2
balder/cpu-specific-compiles-for-bit-operations
balder/deinline
balder/enable-std-stding-as-default
balder/hosted-always-convert-percentages-in-config-model
balder/no-longer-need-commit-and-wait
balder/prepare-for-hw-specialized-hamming-distance
balder/prepare-for-string_view-1
balder/thread-local-jetty-bytebuffer-pool
balder/update-defaults-for-use-xxx-fetch-postings
balder/zncurve
bjormel/aws-main-controller
bjormel/aws-main-controller-take2
bratseth/grouping-trace
bratseth/linguistics-context-rebased
bratseth/more-exclusive-take-2
bratseth/stem-prefixes
bratseth/streamed-fill
hakonhall/enumerate-all-prod-regions
hakonhall/fix-remembertoupdatesystemflagsdataarchive-javadoc
havardpe/enable-nested-ctf-meta-data
havardpe/extract-default-query-feature-values
havardpe/protoc-gen-csi
interns/languageserver
interns/magnus/symbols
jdk21-preparations
jonmv/allow-private-endpoints-in-dev-perf
jonmv/dependency-inversion-for-mbus-config
jvenstad/utils
kkraune/ci-warning
ldalves/querybuilder
leandroalves/prod-controller
lesters/bert-testing
lesters/external-llms
lesters/stateless-onnx-eval-once
master
mortent/calypso
mortent/new-public-cd-endpoint
mpolden/update-abi
olaa/delete-flags
olaa/otel-config-model
renovate/junit5-monorepo
renovate/major-protobuf.vespa.version
renovate/maven-shade-plugin.vespa.version
renovate/plexus-archiver.vespa.version
revert-26576-revert-26567-bjorncs/cloud-app-validation
revert-26584-revert-26578-bjorncs/tlsv13
revert-27857-bjorncs/tls13
revert-28660-revert-28656-hmusum/fix-onnx-model-cost
revert-30559-toregge/require-vespa-build-dependencies-for-vespa-devel
toregge/port-to-appleclang
vekterli/change-test-and-set-update-not-found-semantics
yngveaasheim/skeleton-for-component-in-metrics-enum
An engine for low-latency computation over large data sets
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
security-utils
/
src
/
main
/
java
/
com
/
yahoo
Commit message (
Expand
)
Author
Age
Files
Lines
...
*
Add an "interactive" token resealing protocol and basic tooling support
Tor Brede Vekterli
2023-01-31
3
-9
/
+173
*
Add y64 encoder
Bjørn Christian Seime
2023-01-30
1
-0
/
+38
*
Unify on Streams.toList
Henning Baldersheim
2023-01-17
5
-10
/
+5
*
Ensure that HTTPS clients only use allowed ciphers and protocol versions
Bjørn Christian Seime
2023-01-09
2
-2
/
+25
*
Revert "Ensure that HTTPS clients only use allowed ciphers and protocol versi...
Andreas Eriksen
2023-01-06
2
-25
/
+2
*
Ensure that HTTPS clients only use allowed ciphers and protocol versions
Bjørn Christian Seime
2023-01-06
2
-2
/
+25
*
Use ChaCha20-Poly1305 instead of AES-GCM for shared key-based crypto
Tor Brede Vekterli
2023-01-05
4
-17
/
+167
*
Correct class name to reflect actual cipher name order
Tor Brede Vekterli
2022-12-01
4
-7
/
+7
*
Use BouncyCastle AES GCM cipher and I/O streams instead of JCA
Tor Brede Vekterli
2022-11-16
2
-21
/
+60
*
Add support for token resealing
Tor Brede Vekterli
2022-11-11
1
-4
/
+12
*
Use Base62 for tokens and Base58 for keys
Tor Brede Vekterli
2022-11-09
2
-7
/
+40
*
Add a codec that enables conversion to and from a base N representation
Tor Brede Vekterli
2022-11-08
3
-0
/
+194
*
Array clone() -> Arrays.copyOf()
Tor Brede Vekterli
2022-11-02
1
-1
/
+1
*
Encapsulate key identifier in own object
Tor Brede Vekterli
2022-11-02
3
-25
/
+100
*
Let token key IDs be UTF-8 byte strings instead of just an integer
Tor Brede Vekterli
2022-11-01
2
-27
/
+48
*
Use JDK17's own hex utilities instead of BouncyCastle's
Tor Brede Vekterli
2022-10-25
1
-4
/
+3
*
Use HPKE instead of ECIES for shared single-use keys
Tor Brede Vekterli
2022-10-20
2
-56
/
+51
*
Add X25519 private to public key extraction and use for HPKE opening
Tor Brede Vekterli
2022-10-19
4
-16
/
+18
*
Minimal implementation of RFC 9180 Hybrid Public Key Encryption (HPKE)
Tor Brede Vekterli
2022-10-18
13
-1
/
+1040
*
Add some utilities for comparing arrays without data-dependent branches
Tor Brede Vekterli
2022-10-17
1
-0
/
+54
*
Implement RFC-5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
Tor Brede Vekterli
2022-10-13
1
-0
/
+221
*
Enforce SHA-256 and AES-CBC for ECIES key wrapping
Tor Brede Vekterli
2022-10-13
2
-18
/
+35
*
Merge pull request #24403 from vespa-engine/bjorncs/upgrade-bc
Bjørn Christian Seime
2022-10-12
1
-2
/
+2
|
\
|
*
Upgrade BouncyCastle to 1.72
Bjørn Christian Seime
2022-10-12
1
-2
/
+2
*
|
Address PR comments
Tor Brede Vekterli
2022-10-12
1
-3
/
+5
*
|
Add utilities for secure one-way single-use key exchange tokens using ECIES
Tor Brede Vekterli
2022-10-11
3
-0
/
+207
|
/
*
Ignore calls to SystemTlsContext.close()
Bjørn Christian Seime
2022-08-30
1
-2
/
+1
*
Force caller to handle failed capability verification check
Bjørn Christian Seime
2022-07-21
2
-14
/
+28
*
Improve error message
Bjørn Christian Seime
2022-07-21
1
-1
/
+1
*
Move logic for capability checking/logging to ConnectionAuthContext
Bjørn Christian Seime
2022-07-21
3
-9
/
+63
*
Use getSubjectCommonName()
Bjørn Christian Seime
2022-07-21
1
-7
/
+1
*
Get ConnectionAuthContext from SSL session after handshake is complete
Bjørn Christian Seime
2022-07-21
3
-28
/
+67
*
Include client certificate chain even when authorization is disabled
Bjørn Christian Seime
2022-07-20
3
-4
/
+11
*
Implement RequireCapabilitiesFilter in jrt + misc
Bjørn Christian Seime
2022-07-20
3
-8
/
+9
*
Add to-string helper to ConnectionAuthContext
Bjørn Christian Seime
2022-07-20
1
-1
/
+38
*
Simplify type definition for subject alternative names
Bjørn Christian Seime
2022-07-20
4
-17
/
+17
*
Add 'X509CertificateUtils.getSubjectCommonName()'
Bjørn Christian Seime
2022-07-20
1
-1
/
+7
*
Move generic crypto helpers from 'c.y.s.tls' to 'c.y.s'
Bjørn Christian Seime
2022-07-20
9
-20
/
+10
*
Merge Java package 'c.y.s.tls.{auth,json,policy}' into 'c.y.s.tls'
Bjørn Christian Seime
2022-07-20
19
-66
/
+20
*
Remove empty package
Bjørn Christian Seime
2022-07-20
1
-8
/
+0
*
Add 'CapabilitySet.has()' methods
Bjørn Christian Seime
2022-07-20
1
-0
/
+3
*
Add environment variable for capabilities enforcement mode
Bjørn Christian Seime
2022-07-20
2
-0
/
+33
*
Rename method/variable names to match new class name
Bjørn Christian Seime
2022-07-19
1
-1
/
+1
*
Include mode in log message
Bjørn Christian Seime
2022-07-15
1
-3
/
+4
*
Rename 'toCapabilityNames()' to 'toNames()'
Bjørn Christian Seime
2022-07-15
2
-2
/
+2
*
Always run PeerAutorizer
Bjørn Christian Seime
2022-07-15
9
-45
/
+44
*
Rename 'hasAllCapabilities()' => 'hasAll()'
Bjørn Christian Seime
2022-07-15
2
-2
/
+2
*
Change type from SortedSet to Set
Bjørn Christian Seime
2022-07-15
2
-7
/
+4
*
Rename 'succeeded' => 'authorized'
Bjørn Christian Seime
2022-07-15
2
-2
/
+2
*
Include full certificate chain in auth context
Bjørn Christian Seime
2022-07-15
3
-15
/
+26
[prev]
[next]