summaryrefslogtreecommitdiffstats
path: root/security-utils
Commit message (Expand)AuthorAgeFilesLines
* Allow TLSv1.3Bjørn Christian Seime2021-02-181-1/+1
* Use singleton already present.Henning Baldersheim2021-01-281-4/+0
* Use a single, shared TlsContext instanceBjørn Christian Seime2021-01-142-18/+31
* Revert "Use a single reloader per tls config file, and not one per instance."Bjørn Christian Seime2021-01-142-162/+135
* Revert "Use reference counting to avoid relying on GC to drop threads."Bjørn Christian Seime2021-01-142-36/+8
* Test that certificate with non-matching SAN URI is rejectedBjørn Christian Seime2020-11-261-0/+2
* Support SAN URI based rules in authorization policiesBjørn Christian Seime2020-11-268-19/+121
* Add convenience method for adding SANBjørn Christian Seime2020-11-251-0/+5
* Encapsulate pattern implementation in RequiredPeerCredentialBjørn Christian Seime2020-11-257-16/+33
* Revert "Revert "Bjorncs/health check proxy https""Bjørn Christian Seime2020-10-151-0/+27
* Revert "Bjorncs/health check proxy https"Arnstein Ressem2020-10-151-27/+0
* Add trust manager that accepts any server certificateBjørn Christian Seime2020-10-141-0/+27
* Revert "Revert "Expose underlying certificate and private key from SiaIdentit...Bjørn Christian Seime2020-06-022-1/+42
* Revert "Expose underlying certificate and private key from SiaIdentityProvider "Harald Musum2020-05-282-42/+1
* Merge pull request #13257 from vespa-engine/bjorncs/service-identity-provider...Bjørn Christian Seime2020-05-282-1/+42
|\
| * Expose underlying certificate and private key from SiaIdentityProviderBjørn Christian Seime2020-05-182-1/+42
* | Ignore unknown fields in subclasses as wellBjørn Christian Seime2020-05-181-0/+3
|/
* Support construction of PeerPolicy with descriptionBjørn Christian Seime2020-05-134-3/+17
* Use reference counting to avoid relying on GC to drop threads.Henning Baldersheim2020-04-232-8/+36
* Use a single reloader per tls config file, and not one per instance.Henning Baldersheim2020-04-232-135/+162
* Override hostname verification in PeerAuthorizerTrustManagerBjørn Christian Seime2020-02-175-29/+59
* Use 'withTrustManager' in ConfigFileBasedTlsContextBjørn Christian Seime2020-02-171-5/+5
* Allow specifying custom trust manager instance to SslContextBuilderBjørn Christian Seime2020-02-171-3/+14
* Introduce 'disable-hostname-validation' to TLS json formatBjørn Christian Seime2020-02-137-5/+53
* Allow SSLContext implementation that supports TLSv1.3+Bjørn Christian Seime2020-01-311-1/+1
* Revert "Revert "accept and store json endpoint cert metadata on deploy""Andreas Eriksen2020-01-212-0/+37
* Revert "accept and store json endpoint cert metadata on deploy"Jon Marius Venstad2020-01-202-37/+0
* verify public key matches private keyandreer2020-01-202-0/+37
* Non-functional changesJon Bratseth2020-01-062-0/+7
* Add/corect copyright headersJon Bratseth2020-01-031-1/+2
* Revert "Allow SSLContext implementation that supports TLSv1.3+"Valerij Fredriksen2019-12-091-1/+1
* Merge branch 'master' into bjorncs/sslcontext-versionBjørn Christian Seime2019-12-0318-28/+140
|\
| * Use JDK8 as build target for security-utilsBjørn Christian Seime2019-12-0218-28/+140
* | Allow SSLContext implementation that supports TLSv1.3+Bjørn Christian Seime2019-12-031-1/+1
|/
* Add constant for SSLContext versionBjørn Christian Seime2019-11-252-1/+3
* Add helper methods in TlsContext to determine allowed ciphers/protocolsBjørn Christian Seime2019-11-252-26/+49
* Remove more cipher suites not supported by Java 11 from set configured for us...Harald Musum2019-11-211-1/+10
* Remove cipher suite not supported by JavaHarald Musum2019-11-201-0/+1
* Remove unneeded install of java artifact dependencies.Tor Egge2019-11-181-1/+0
* Use mockito-core 3.1.0Håkon Hallingstad2019-10-181-2/+2
* Merge pull request #10905 from vespa-engine/hakonhall/order-authorized-peers-...Bjørn Christian Seime2019-10-071-19/+23
|\
| * Order authorized peers in JSON to stabilize testsHåkon Hallingstad2019-10-071-19/+23
* | Decode SAN IP address field from CSRMartin Polden2019-10-071-0/+15
|/
* Revert "Bjorncs/jdisc tls13"Bjørn Christian Seime2019-10-044-4/+4
* Enable TLSv1.3 for servers/clients based on TlsContextBjørn Christian Seime2019-10-033-3/+3
* Create SSLContext that supports all TLS versionsBjørn Christian Seime2019-10-031-1/+1
* Read signature algorithm from keyMorten Tokle2019-10-031-0/+23
* Implement equals in Pkcs10CsrMartin Polden2019-09-201-0/+14
* Add additional constructor for custom peer authentication modeBjørn Christian Seime2019-09-131-3/+12
* Refactor private key serialization testsBjørn Christian Seime2019-08-231-28/+14