Java library for SPIFFE support

Go to file

Max Lambrecht ec681cbf99 Add defensive copy to prevent vulnerability Signed-off-by: Max Lambrecht <maxlambrecht@gmail.com>		2020-05-17 09:54:43 -03:00
gradle/wrapper	[WIP]-Define v2 interface, refactor in modules	2020-04-10 14:21:27 -03:00
java-spiffe-core	Add defensive copy to prevent vulnerability	2020-05-17 09:54:43 -03:00
java-spiffe-helper	Adding and refactoring tests	2020-05-17 09:42:19 -03:00
java-spiffe-provider	Adding and refactoring tests	2020-05-17 09:42:19 -03:00
.gitignore	First commit	2018-05-28 12:39:13 -03:00
LICENSE	Adding LICENSE	2018-08-22 10:53:38 -03:00
README.md	Moving and cleaning dependencies	2020-04-23 07:39:55 -03:00
build.gradle	Moving and cleaning dependencies	2020-04-23 07:39:55 -03:00
gradlew	First commit	2018-05-28 12:39:13 -03:00
gradlew.bat	First commit	2018-05-28 12:39:13 -03:00
settings.gradle	[WIP]-Define v2 interface, refactor in modules	2020-04-10 14:21:27 -03:00

README.md

JAVA-SPIFFE library

Overview

The JAVA-SPIFFE library provides functionality to interact with the Workload API to fetch X509 and JWT SVIDs and Bundles, and a Java Security Provider implementation to be plugged into the Java Security Interface plumbing. This is essentially a X509-SVID based KeyStore and TrustStore implementation that handles the certificates in memory and receives the updates asynchronously from the Workload API. The KeyStore handles the Certificate chain and Private Key to prove identity in a TLS connection, and the TrustStore handles the trusted bundles (supporting federated bundles) and performs peer's certificate and SPIFFE ID verification.

This library is composed of three modules:

java-spiffe-core: core functionality to interact with the Workload API.

java-spiffe-provider: Java Provider implementation.

java-spiffe-helper: Helper to store X509-SVID Certificates in a Java Keystore in disk.

Supports Java 8+

Build the JARs

 $ ./gradlew build
 
 BUILD SUCCESSFUL

jar files are placed in build/libs in each module.