summaryrefslogtreecommitdiffstats
path: root/security-utils
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #10905 from ↵Bjørn Christian Seime2019-10-071-19/+23
|\ | | | | | | | | vespa-engine/hakonhall/order-authorized-peers-in-json-to-stabilize-tests Order authorized peers in JSON to stabilize tests
| * Order authorized peers in JSON to stabilize testsHåkon Hallingstad2019-10-071-19/+23
| |
* | Decode SAN IP address field from CSRMartin Polden2019-10-071-0/+15
|/
* Revert "Bjorncs/jdisc tls13"Bjørn Christian Seime2019-10-044-4/+4
|
* Enable TLSv1.3 for servers/clients based on TlsContextBjørn Christian Seime2019-10-033-3/+3
|
* Create SSLContext that supports all TLS versionsBjørn Christian Seime2019-10-031-1/+1
| | | | | | - Previous value "TLSv1.2" also enabled older SSL/TLS versions - The actual versions enabled must be restricted on the SSLSocket/SSLEngine instance (using a SSLParameters object).
* Read signature algorithm from keyMorten Tokle2019-10-031-0/+23
|
* Implement equals in Pkcs10CsrMartin Polden2019-09-201-0/+14
|
* Add additional constructor for custom peer authentication modeBjørn Christian Seime2019-09-131-3/+12
|
* Refactor private key serialization testsBjørn Christian Seime2019-08-231-28/+14
|
* Allow output of PEM private keys using PKCS#8Bjørn Christian Seime2019-08-233-7/+66
|
* Use correct key factory for key typeBjørn Christian Seime2019-08-231-1/+2
|
* Use current certificate manager to find certificate expiryBjørn Christian Seime2019-07-041-1/+6
|
* Merge pull request #9951 from vespa-engine/bjorncs/fix-for-race-conditionAndreas Eriksen2019-07-041-13/+26
|\ | | | | Make access to hashmap and current manager synchronized
| * Make access to hashmap and current manager synchronizedBjørn Christian Seime2019-07-031-13/+26
| |
* | Fix typo in class nameBjørn Christian Seime2019-07-043-6/+6
| |
* | Make alias a constantBjørn Christian Seime2019-07-031-1/+3
| |
* | Use withKeyManager instead of withKeyManagerFactoryBjørn Christian Seime2019-07-031-1/+1
| |
* | Allow configuration of x509 key manager instance to SslContextBuilderBjørn Christian Seime2019-07-031-1/+14
| |
* | Make peer authentication in TlsContext configurableBjørn Christian Seime2019-07-034-8/+34
| |
* | Rename 'ReloadingTlsContext' -> 'ConfigFiledBasedTlsContext'Bjørn Christian Seime2019-07-033-7/+8
| |
* | Remove ciphers from DefaultTlsContext public constructorsBjørn Christian Seime2019-07-033-9/+12
| |
* | Change type of constants from list to setBjørn Christian Seime2019-07-034-10/+10
| |
* | Move constants from DefaultTlsContext to TlsContextBjørn Christian Seime2019-07-034-15/+17
|/
* Add overloads taking envvar map as parameterBjørn Christian Seime2019-05-311-7/+28
|
* Allow 'null' as alias to getCertificateChain/getPrivateKeyBjørn Christian Seime2019-05-281-0/+2
|
* Add readmeBjørn Christian Seime2019-05-281-0/+3
|
* Add getSubjectOrganizationalUnits() to X509CertificateUtilsBjørn Christian Seime2019-05-131-6/+12
|
* Add toPem(PublicKey)Bjørn Christian Seime2019-05-032-36/+28
|
* Ensure parsed keys uses 'EC' as algorithmBjørn Christian Seime2019-05-032-8/+26
| | | | Remove use of JcaPEMKeyConverter as it generated keys with 'ECDSA' as algorithm.
* Refactor into createKeyFactory() methodBjørn Christian Seime2019-05-031-3/+8
|
* Move Signature factories to separate classBjørn Christian Seime2019-05-032-37/+37
|
* Comments explaining how EC keys were obtainedJon Marius Venstad2019-04-301-0/+2
|
* BCP for Signature, to handle ECDSA keysJon Marius Venstad2019-04-302-3/+38
|
* Add support for parsing public keys to KeyUtilsJon Marius Venstad2019-04-302-1/+65
|
* Remove TlsAwareHttpClientBuilderBjørn Christian Seime2019-04-084-310/+0
|
* Remove VespaHttpClientBuilder from security-utilsBjørn Christian Seime2019-04-083-158/+0
|
* Revert "Bjorncs/http utils"Håkon Hallingstad2019-04-083-0/+158
|
* Remove VespaHttpClientBuilder from security-utilsBjørn Christian Seime2019-04-053-158/+0
|
* Revert "Remove TlsAwareHttpClientBuilder"Bjørn Christian Seime2019-04-054-0/+310
| | | | This reverts commit e962344ba28b9f84028a129a24c92b40fdc076b8.
* Apache httpclient must be included in compile scopeBjørn Christian Seime2019-04-041-6/+10
| | | | | | The apache http libraries are not osgi bundles. Including them as provided scope does not work as the required import-package statements are not added to the jar manifest.
* Export package 'com.yahoo.security.tls.https'Bjørn Christian Seime2019-04-041-0/+8
|
* Use URIBuilderBjørn Christian Seime2019-04-031-1/+2
|
* Remove TlsAwareHttpClientBuilderBjørn Christian Seime2019-04-035-318/+0
|
* Add VespaHttpClientBuilder based on apache httpclientBjørn Christian Seime2019-04-033-0/+153
|
* Stop reload task when there are no external references to the managersBjørn Christian Seime2019-03-012-18/+126
| | | | | The reload task will shut down the executor service when the GC has determined that there are no other references to the key/trust manager.
* Add utility method to construct http clientBjørn Christian Seime2019-02-251-0/+9
|
* Add withCertificateEntries() to KeyStoreBuilderBjørn Christian Seime2019-02-254-19/+17
|
* Add utility method to construct tls contextBjørn Christian Seime2019-02-251-0/+5
|
* Add constructor without tls context parameterBjørn Christian Seime2019-02-251-3/+7
|