Tags: AlexxNica/msl
Tags
Release of 1.1208.0 - 1605c0b: Ensure at least one element is created for the randomly generated MslObject and MslArray instances. - 0002339: Merge pull request Netflix#118 from Netflix/message-encoding - 5e7db5a: Merge pull request Netflix#142 from Netflix/detailed-UNEXPECTED_MESSAGE_SENDER - e199f74: Create separate internal error codes for unexpected message sender from unexpected local message sender. Mirror change in JavaScript code base; C++ changes pending. - e2f494e: Remove (accidentally remaining) calls to JSON.stringify(). Objects should implement .toString() for translation into string data. - ff5c7c4: Explicit details when sender identity and master token identity don't match - 6b0faac: Minor code reorganization for clarity. - 5841538: Correct MslError references. - 7ffaf1a: Merge branch 'master' into message-encoding - 28dc0fc: Remove duplicate declaration of dataA2. - b9cb369: Migrate handshake check error handling to sendError(). - c02ae1d: Merge branch 'master' into message-encoding - f94b767: Fix typo. - b76d655: Merge branch 'master' into message-encoding - e15fd70: Merge branch 'master' into message-encoding - 819018e: Merge branch 'master' into message-encoding - 4e94539: Documentation fix. - 49e566a: Fix JO -> MO variable names. - dc10939: Use the encoder to properly encode payload MSL objects. - 92d262a: Add optBytes() to match getBytes() logic. - aaf853a: Do not succeed early if object keys are equal. - 83fea49: Merge branch 'master' into message-encoding - 4b532c9: Migrate ECC to encoder abstraction and fix unit tests so they all pass; add EccAuthenticationDataTest.js. - 48f121a: "use strict"; - 89e43ec: Line-break formatting. - cacb544: Replace "JSON key" with "key". - db443f2: Merge branch 'master' into message-encoding - cd84d88: Merge branch 'master' into message-encoding - a751732: Typo: parameter name JO > Mo for JSON to MslObject conversion. - e938443: Do not JSON.stringify() MslObjects in exception message. - 1b5f3f9: Merge branch 'master' into message-encoding - c8a6d58: Fix MSL object hash code generation so the order does not matter but the name and value pairs do matter. - 8ff84e6: Integrate encoder abstraction into example client. - 8ddd351: Remove charset argument from MessageStreamFactory.createOutputStream() that is no longer needed with the encoder abstraction. - 5951466: Fix bug that would attempt to mark the backing ByteArrayInputStream buffer only if undefined. - 3c1841d: Start ByteArrayInputStream mark position at 0 so reset() works immediately. This matches the Java ByteArrayInputStream behavior as is necessary for Url.js to work properly when used by MslEncoderFactory. - 2b54e27: Use the preferred MSL encoder format when converting MSL encodables to MSL objects. - 1d0cf6d: Properly replace the wrapped encryption and HMAC keys as binary data instead of Base64 strings. - d5e155a: Properly access the signature using MslObject.getBytes(). - 6a480a4: Stringify binary data by Base64-encoding it. - 14c8bd1: Switch fingerprint from "base64" to "binary" and use MslObject.getBytes() to access it. - 3c515e2: Use token data MslObject in thrown exceptions instead of Base64-encoded token data binary. - d5cc41e: Change JTON "base64" declarations to "binary". (Excepting X.509 where it changes to "string".) Remove zero-length data from thrown exceptions. - 6c55bb7: Make sure null values influence the hash code of MslArray and MslObject. Use a better hash code computation. - 4e92cd6: JavaScript encoder abstraction migration complete. - e191a7a: Checkpoint JavaScript unit test encoder abstraction migration (149 unit tests failing). - ecb55e5: Checkpoint JavaScript unit test encoder abstraction migration (409 unit tests failing). - b54c2d9: Merge branch 'master' into message-encoding - c16884e: Merge branch 'master' into message-encoding - 0ce0921: Merge branch 'master' into message-encoding - 8ebb31a: Checkpoint JavaScript unit test encoder abstraction migration (userauth,base). Minor code and comment changes. - d79373c: Checkpoint JavaScript unit test encoder abstraction migration (msg,tokens). - a29fcbb: Add equals() and hashCode() to MslObject and MslArray. Allow inclusion of Map, Collection, Object[], Enum in MslEncoderUtils.createArray() to match acceptable types in MslArray.put(). Fix MslEncoderUtils.equalObjects() call to access values in MslObject to allow retrieval of null values. - a790f47: Replace text references to JSON. - 8201e87: Add missing references to encoder or ENCODER_FORMAT to unit tests. - cc6760d: Checkpoint JavaScript unit test encoder abstraction migration (io,keyx). - 14ebf59: Migrate provisioned entity auth to MSL encoder abstraction. - 384a062: Checkpoint JavaScript unit test encoder abstraction migration (crypto,entityauth). - dc8fb2d: Merge branch 'master' into message-encoding - eb89dde: Merge branch 'master' into message-encoding - d5f0c4a: Merge branch 'master' into message-encoding - 3ec5818: Merge branch 'master' into message-encoding - b24a334: Merge branch 'master' into message-encoding - b6537df: Complete JavaScript core migration to newer encoder abstraction. Minor code changes and fixes to Java code—Java unit tests pass. Merge branch 'master' into message-encoding - f5f019b: Merge branch 'master' into message-encoding - 0e11883: Merge branch 'master' into message-encoding - e869a84: Migrate auxiliary projects to encoder abstraction; make sure to return an encoder from the MslControl.DummyMslContext. - 67a5057: Remove unnecessary (commented out) utility functions. - 8ebfac5: Migrate Java unit tests to new encoder abstraction and fix Java code as necessary; all unit tests pass. - 1c60b49: Merge branch 'master' into message-encoding - 9fd865c: Initial implementation of JavaScript JsonMslTokenizer. - da16627: Add MslTokenizer.abort(); - fcee51c: Merge branch 'master' into message-encoding - 87137ae: Add MSL encoder classes to public Javadoc classes. - 90854f5: Minor closure annotation fixes. - 27f174d: Remove declaration of unimplemented and unused KeyExchangeScheme$values. - ba40a59: Initial implementation of MSL encoder abstraction classes. Unit tests and integration into MSL core still remaining.
Release of 1.1207.0 - 9b897bd: Merge pull request Netflix#141 from Netflix/mslctrl-cancelled - 51095d7: Merge pull request Netflix#140 from Netflix/redact-tostring - 5e85ca5: Exclude SocketTimeoutException from exceptions considered a cancellation or application-induced interruption. Add documentation listing the exceptions or errors considered a cancellation or application-induced interruption. - 1661ea1: Add MslUser to public Javadoc. - 8f61767: Replace encrypted data in MSL token toString() methods with "(redacted)" to prevent data leakage. JavaScript JSON.stringify() of tokens does not include all properties, and default toString() prints "[object X]".
Release of 1.1205.0 - eda907f: Merge pull request Netflix#135 from Netflix/ishandshake-exceptions - 3eef822: Catch MslException when ReceiveService.call() calls request.isHandshake() to return a proper error response. - 916f87c: Fix PublicKey$import() call to specify the key format as SPKI. - 278deb7: Minor corrections. - 716f77e: Make sure to provide a timeout and callback to Url's ByteArrayInputStream and MslControl.receive()'s MessageInputStream. - 3bdefe4: Fix close() function to match interface.
Release of 1.1204.0 - b8996ce: Merge pull request Netflix#131 from Netflix/ecc-entityauth-fixes - 9169806: Add EccAuthenticationDataTest.js; add MockEccAuthenticationFactory to MockMslContext. Fix superclass ctor calls in MockRsaAuthenticationFactory and MockEccAuthenticationFactory. - addb96c: Merge pull request Netflix#130 from Netflix/renewal-timeout - 9525108: Throw a TimeoutException if acquireRenewalLock() times out waiting for the master token. - e39713a: Merge pull request Netflix#127 from Netflix/EccEntityAuth - 3f1ce22: Signal condition variable upon key import / fix js include order. - c1ad306: Merge pull request Netflix#128 from quidryan/streamfactory-on-input - 8d0bb9b: Use message stream factory for message input stream creation - 03db8ce: Add ECC Entity authentication support. - 7766eaf: Merge pull request Netflix#126 from Netflix/PKInputFormats-Issue122 - 26be72f: For JWK import check that input is a pure Javascript object. - 551ff69: Re-order script dependencies, cleanup formatting. - 1a843ed: Add format parameter to Pubkey/Privkey import methods. - 1dc8329: Merge pull request Netflix#124 from aliddeke/EccVerifySupport-Issue123 - 94c14b6: ECC should use PrivateKey/PublicKey classes, not raw values. - 31015e7: Change some code structure to match other files to support easy grep/find/replace. Fix initialized = true statement. Add some comments. - a6687f7: Merge pull request Netflix#120 from aliddeke/EccVerifySupport - ae04f7a: Address fixes for ECC verify support. - abdfd28: Add ECC Verification support.
Release of 1.1203.0 - 6b5e544: Merge pull request Netflix#114 from Netflix/base64-secure - 14dec19: Create secure/strict Base64 implementation that rejects invalid Base64 encodings without using a regex, and also without failing early. This implementation encodes about 2.5% faster and decodes about 90% faster than Base64Jaxb. - 795ef1d: Merge pull request Netflix#113 from Netflix/gzip-cleanup - 3011839: Close GZIP and LZW streams in finally block to ensure resources are released when an IOException is thrown.
Release of 1.1202.0 - c876f80: Merge pull request Netflix#109 from rspieldenner/travis - aed1bd4: Tweaks to memory settings for travis - 5f6660d: Specify max memory for tests - b7c559e: Switch to jdk7 - 2222c4e: Travis - b97f3a3: Merge pull request Netflix#108 from Netflix/url-interface - d175648: Create MSL com.netflix.msl.io.Url interface to match JavaScript Url interface. This differs from the Java java.net.URL class but provides the same functionality. Interface name is undesirable as potentially confusing with java.net.URL but it's a starting point. - 74f0293: Merge pull request Netflix#107 from Netflix/masked-exceptions - bd07bcf: Catch and discard any IOException thrown during input/output stream cleanup in RequestService.call() exception handlers. This prevents an I/O exception from masking the original exception. - 6079a2a: Remove incorrect 'new' keyword from createData() function body. - 3dd4f63: Merge pull request Netflix#102 from Netflix/sessioncrypto-nullidentity - 27b04e0: Allow session crypto contexts to be created when the identity is not known. The constructors should only be explicitly called with a null entity identity in special cases, as EntityAuthenticationData is prohibited by contract from returning a null value for its identity. - e96b213: Fix some key exchange exceptions that are not properly setting MslException master token and entity authentication data. - c22ea1e: Merge pull request Netflix#101 from Netflix/base64-improvements - ae3de75: Allow whitespace in Base64 encoded strings; whitespace will be stripped before validating the string. Compile the Base64 regex for repeated use. - a9952ad: Restrict core and tests to Java 1.7 for compatibility with Android. - e044843: Merge pull request Netflix#99 from Netflix/provisioned-entityauth - 07a587e: Remove identity value from key response data—it is not needed and will echo the entity identity insecurely. Remove MslContext.setEntityIdentity() since that function was only added to support returning the entity identity in key response data. - f4cf81c: Merge branch 'master' into provisioned-entityauth - 4d88c19: First draft of returning the master token entity identity in key response data, and the provisioned entity authentication scheme. This is currently added as a sibling key/value pair in the top-level key response data. For privacy reasons this needs to change so the data is encrypted and integrity protected by the session keys in the key response data. MslContext.setEntityIdentity() has been defined to provide the entity identity when key response data is received.
Release of 1.1201.0 - 17e5c93: Remove leftover unused imports for DatatypeConverter. - cefe1df: Merge pull request Netflix#98 from Netflix/base64 - 3a6fc00: Create Base64 abstraction in Java code base, with a default implementation based on DatatypeConverter. Restore Base64 encoding validity check, in sync with the JavaScript implementation (which now also has an improved regex). Update unit tests to match Base64 encoding validity checks. - 537aac5: Merge pull request Netflix#97 from Netflix/encrypt-recipient - 145f7e4: Only include the recipient field when the header will be encrypted. - e1d7491: Change private fields to protected for subclass access. - 7332deb: Consolidate .gitignore into a single top-level file. - b0753a7: Merge branch 'master' of github.com:Netflix/msl - c8930c1: Remove .idea files from repository as they are no longer compatible with the newest version of IntelliJ and cannot provide user-independent web project configuration. IntelliJ users must import the project and configure web contexts manually. Add /.idea to .gitignore. - f9cb4af: Change MSL command line server deployment path from /msl to /mslcli-server to avoid conflicts. - 2180e0e: Updates to Java instructions. - 0f91b70: Merge pull request Netflix#95 from Netflix/circular-dependencies - cd61e2f: Move Java Header JSON key names into HeaderKeys class, to match JavaScript. - 082c51f: Completely move Header JSON key names into HeaderKeys file; include documentation. - b06f49b: Update Java MslException.set*() functions to match JavaScript. - fd153cd: Make sure not to set the MslException entity or user if already set. Update documentation. - 7b84a65: Bring back in check to make sure entity authentication data is null. - 36a189e: Fix up some more MslException.set*() references in unit tests. - 1bceba4: add reference to HeaderKeys.js in SimpleClient.html - 04efcaa: remove the dependency on MasterToken and EntityAuthenticationData from MslException - f774547: remove the dependency on UserIdToken and UserAuthenticationData from MslException - 2c39e11: create HeaderKeys file to store the header keys, avoiding a circular dependency - ff62bdd: Merge pull request Netflix#94 from Netflix/useridtoken-docs - 518fd8f: Correct user ID token 'userdata' JTON mandatory field names. - 5714e5e: Merge pull request Netflix#93 from Netflix/future-exception-docs - 0373fdf: Correct documentation to indicate the Future's thrown exceptions will be carried inside an ExecutionException. - 2d84a6f: Merge pull request Netflix#90 from Netflix/oneshot-fixes - 45818f9: Misc example/oneshot fixes - 6bce0f0: Removing 'JWK' from exception description string now that the class is more generically used.
Release of 1.1200.0 - ba00b26: Merge pull request Netflix#83 from Netflix/aw-rsa-keyx - e089189: Enable support of RSA-OAEP encrypt/decrypt-based asymmetric wrapped key exchange. - c0b5f73: Fix bug in JsonUtilsTest merge with overwriting unit test. - 8812ec5: Fix Java MessageHeader and ErrorHeader .equals() and .hashCode()—this backs out pull request Netflix#77. - b56947a: Merge pull request Netflix#81 from Netflix/issuerdata - 9237276: Add unit tests for JsonUtils; move MockTokenFactory.merge() into new JsonUtils.js. Fix minor typos in existing Java JsonUtilsTest logic. - 30919a0: Handle null issuer data arguments to TokenFactory.renewMasterToken(). Create merge functions to shallow merge two JSON objects, when the two objects may either or both be null. - 09e700b: Add issuer data parameter to TokenFactory.createMasterToken() and .renewMasterToken(). This can be used by a key exchange factory to provide data that will be carried in the master token issuer data. The Javadoc description on renewMasterToken() indicates the issuer data argument may be merged into or overwrite the existing master token issuer data. - e98eaae: Fix MSL crypto context by switching to ClientMslCryptoContext. - 3187c82: Change default keyx scheme+mechanism from AsymmetricWrapped RSA to AsymmetricWrapped JWK_RSA. - ab3f845: Merge pull request Netflix#80 from Netflix/oneshot - ae0c23c: Remove extraneous error println. - e2124c0: Initial commit of oneshot example program. - 38132c5: Merge pull request Netflix#79 from semmypurewal/refactor-example - 30d008d: Merge branch 'master' into refactor-example - 1f4f22b: Merge pull request Netflix#77 from quidryan/string-equals - 4d62384: Avoid bracket on single line if statements - 211c6ee: Use same variable names as javascript - d7e56c9: Merge pull request Netflix#78 from quidryan/make-proxy-build - 10a31df: Use instanceof instead of getClass() checks - 3e4bcf5: Put proxy source into a valid source directory Add dependencies to build.grade Make changes to keep up with changed interfaces - 0ae76b5: setup other onclick handlers in App.js instead of SimpleClient.html - 4855664: Increase readability of equals/hashCode for MessageHeader and ErrorHeader. Also avoid == on strings, even if its to check if both are null.
PreviousNext