Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use 'prime256v1' curve for EC keys | Bjørn Christian Seime | 2019-01-23 | 3 | -7/+18 |
| | | | | | This allows the TLS test in jrt to use elliptic curves crypto in unit tests (fixes issue where JSSE cannot find matching cipher). | ||||
* | Allow configuration of accepted ciphers | Bjørn Christian Seime | 2019-01-23 | 8 | -12/+49 |
| | |||||
* | Add TLSv1.3 cipher suites to whitelist | Bjørn Christian Seime | 2019-01-23 | 1 | -1/+4 |
| | |||||
* | Fix accidental import of java.sql.Date | Bjørn Christian Seime | 2019-01-21 | 1 | -1/+1 |
| | |||||
* | Revert "Bratseth/disallow dash " | Jon Bratseth | 2019-01-16 | 2 | -2/+0 |
| | |||||
* | Change access modifier to 'public' for 'fromConfigValue()' | Bjørn Christian Seime | 2019-01-15 | 2 | -2/+2 |
| | |||||
* | Return default values when env vars are not present | Bjørn Christian Seime | 2019-01-15 | 1 | -10/+6 |
| | |||||
* | Define default value for tls authorization mode | Bjørn Christian Seime | 2019-01-15 | 1 | -0/+8 |
| | |||||
* | Add 'tls_client_tls_server' as tls mixed mode option | Bjørn Christian Seime | 2019-01-15 | 1 | -1/+9 |
| | | | | Also introduce default value for mixed mode. | ||||
* | Nonfunctional changes only | Jon Bratseth | 2019-01-10 | 2 | -0/+2 |
| | |||||
* | Store authorization result in TlsCryptoSocket | Bjørn Christian Seime | 2019-01-08 | 1 | -0/+9 |
| | |||||
* | Change LOG_ONLY config value from 'log-only' to 'log_only' | Bjørn Christian Seime | 2018-12-10 | 1 | -1/+1 |
| | |||||
* | Fix spelling error ('suits' -> 'suites') | Bjørn Christian Seime | 2018-12-05 | 2 | -8/+8 |
| | |||||
* | Remove whitelisting of AES-CBC ciphers | Bjørn Christian Seime | 2018-12-05 | 1 | -5/+1 |
| | |||||
* | Use AuthorizationMode to configure behaviour of PeerAuthorizerTrustManager | Bjørn Christian Seime | 2018-12-05 | 6 | -28/+30 |
| | |||||
* | Add AutorizationMode | Bjørn Christian Seime | 2018-12-05 | 1 | -0/+30 |
| | |||||
* | Move MixedMode to separate class | Bjørn Christian Seime | 2018-12-05 | 2 | -23/+29 |
| | |||||
* | Split ConfigFileManagedTlsContext into ReloadingTlsContext and DefaultTlsContext | Bjørn Christian Seime | 2018-12-05 | 3 | -49/+169 |
| | |||||
* | Specify keystore with certificate chain | Bjørn Christian Seime | 2018-12-05 | 1 | -1/+5 |
| | |||||
* | Only allowed whitelisted cipher suits | Bjørn Christian Seime | 2018-12-05 | 1 | -1/+27 |
| | |||||
* | Add TlsContext interface with a implementation based on tls options | Bjørn Christian Seime | 2018-11-28 | 2 | -0/+105 |
| | |||||
* | Always log warning when authorization fails | Bjørn Christian Seime | 2018-11-27 | 1 | -1/+1 |
| | |||||
* | Propagate authz result through ssl handshake session object | Bjørn Christian Seime | 2018-11-27 | 1 | -8/+12 |
| | |||||
* | Add a X509ExtendedTrustManager based on PeerAuthorizer | Bjørn Christian Seime | 2018-11-27 | 2 | -0/+151 |
| | |||||
* | Allow specifying trust manager factory in SslContextBuilder | Bjørn Christian Seime | 2018-11-27 | 1 | -4/+22 |
| | |||||
* | Add debug logging to PeerAuthorizer | Bjørn Christian Seime | 2018-11-27 | 1 | -0/+5 |
| | |||||
* | Use AssertJ to improve assertions | Bjørn Christian Seime | 2018-11-27 | 1 | -17/+15 |
| | |||||
* | Add PeerAuthorizer | Bjørn Christian Seime | 2018-11-26 | 4 | -0/+278 |
| | |||||
* | Escape '!' which is also a regex meta character | Bjørn Christian Seime | 2018-11-26 | 2 | -6/+6 |
| | |||||
* | Allow empty 'required-credentials' | Bjørn Christian Seime | 2018-11-26 | 2 | -3/+3 |
| | |||||
* | Make 'roles' field optional | Bjørn Christian Seime | 2018-11-26 | 2 | -5/+7 |
| | |||||
* | Disallow empty 'authorized-peers' field | Bjørn Christian Seime | 2018-11-26 | 3 | -5/+41 |
| | | | | | - Fail deserializing if 'authorized-peers' is an empty list - Only serialize 'authorized-peers' field when necessary | ||||
* | Add glob pattern matching for host expressions | Bjørn Christian Seime | 2018-11-26 | 2 | -0/+101 |
| | |||||
* | Add missing ExportPackage annotation for security-utils packages | Bjørn Christian Seime | 2018-11-23 | 2 | -0/+16 |
| | |||||
* | Add missing copyright header on unit tests | Bjørn Christian Seime | 2018-11-22 | 2 | -1/+3 |
| | |||||
* | Rename peerName->policyName, add assumed roles to PeerPolicy | Bjørn Christian Seime | 2018-11-22 | 7 | -13/+113 |
| | |||||
* | Fix NPE bug - use Optional.ofNullable | Bjørn Christian Seime | 2018-11-21 | 1 | -4/+4 |
| | |||||
* | Add getter for configValue | Bjørn Christian Seime | 2018-11-21 | 1 | -0/+4 |
| | |||||
* | Rename 'allowed-peers' to 'authorized-peers' | Bjørn Christian Seime | 2018-11-21 | 1 | -1/+1 |
| | |||||
* | Misc minor code improvements | Bjørn Christian Seime | 2018-11-21 | 4 | -14/+13 |
| | | | | | | | - Improve naming of some methods and parameters - Add missing trailing newline - Use missingFieldException(String) - Remove dead code | ||||
* | Rewrite JSON serialization of TransportSecurityOptions | Bjørn Christian Seime | 2018-11-19 | 5 | -37/+301 |
| | | | | | | - Use Jackson data bindings on TransportSecurityOptionsEntity - Add serialization to JSON - Add AuthorizedPeers to TransportSecurityOptions | ||||
* | Add data model for AuthorizedPeers | Bjørn Christian Seime | 2018-11-19 | 4 | -0/+182 |
| | |||||
* | Revert "Bjorncs/accepted ciphers" | Harald Musum | 2018-11-07 | 3 | -51/+12 |
| | |||||
* | Fix structure of transport-security-options.json test file | Bjørn Christian Seime | 2018-11-06 | 1 | -3/+3 |
| | |||||
* | Include 'acceptedCiphers' in toString/hashCode/equals | Bjørn Christian Seime | 2018-11-06 | 1 | -2/+4 |
| | |||||
* | Add 'accepted-ciphers' to transport security options | Bjørn Christian Seime | 2018-11-06 | 3 | -10/+47 |
| | |||||
* | Skip non-key objects (e.g. ec params) when parsing private key from pem | Bjørn Christian Seime | 2018-10-30 | 1 | -11/+18 |
| | |||||
* | Add TransportSecurityOptions.fromJson(String) | Bjørn Christian Seime | 2018-10-30 | 2 | -6/+28 |
| | |||||
* | Move classes in com.yahoo.security to security-utils | Bjørn Christian Seime | 2018-10-19 | 31 | -0/+1872 |
| | |||||
* | Revert "Move classes in com.yahoo.security to security-utils" | Harald Musum | 2018-10-19 | 31 | -1872/+0 |
| |