|
1 /* |
|
2 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. Oracle designates this |
|
8 * particular file as subject to the "Classpath" exception as provided |
|
9 * by Oracle in the LICENSE file that accompanied this code. |
|
10 * |
|
11 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 * version 2 for more details (a copy is included in the LICENSE file that |
|
15 * accompanied this code). |
|
16 * |
|
17 * You should have received a copy of the GNU General Public License version |
|
18 * 2 along with this work; if not, write to the Free Software Foundation, |
|
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 * |
|
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 * or visit www.oracle.com if you need additional information or have any |
|
23 * questions. |
|
24 */ |
|
25 |
|
26 package jdk.internal.event; |
|
27 |
|
28 import java.time.Duration; |
|
29 import java.time.Instant; |
|
30 import java.util.Date; |
|
31 import java.util.stream.Collectors; |
|
32 import java.util.stream.IntStream; |
|
33 |
|
34 /** |
|
35 * A helper class to have events logged to a JDK Event Logger. |
|
36 */ |
|
37 |
|
38 public final class EventHelper { |
|
39 |
|
40 private static final System.Logger.Level LOG_LEVEL = System.Logger.Level.DEBUG; |
|
41 |
|
42 // helper class used for logging security related events for now |
|
43 private static final String SECURITY_LOGGER_NAME = "jdk.event.security"; |
|
44 private static final System.Logger SECURITY_LOGGER = |
|
45 System.getLogger(SECURITY_LOGGER_NAME); |
|
46 private static final boolean LOGGING_SECURITY = |
|
47 SECURITY_LOGGER.isLoggable(LOG_LEVEL); |
|
48 |
|
49 public static void logTLSHandshakeEvent(Instant start, |
|
50 String peerHost, |
|
51 int peerPort, |
|
52 String cipherSuite, |
|
53 String protocolVersion, |
|
54 long peerCertId) { |
|
55 String prepend = getDurationString(start); |
|
56 SECURITY_LOGGER.log(LOG_LEVEL, prepend + |
|
57 " TLSHandshake: {0}:{1,number,#}, {2}, {3}, {4,number,#}", |
|
58 peerHost, peerPort, protocolVersion, cipherSuite, peerCertId); |
|
59 } |
|
60 |
|
61 public static void logSecurityPropertyEvent(String key, |
|
62 String value) { |
|
63 |
|
64 if (isLoggingSecurity()) { |
|
65 SECURITY_LOGGER.log(LOG_LEVEL, |
|
66 "SecurityPropertyModification: key:{0}, value:{1}", key, value); |
|
67 } |
|
68 } |
|
69 |
|
70 public static void logX509ValidationEvent(int anchorCertId, |
|
71 int[] certIds) { |
|
72 String codes = IntStream.of(certIds) |
|
73 .mapToObj(Integer::toString) |
|
74 .collect(Collectors.joining(", ")); |
|
75 SECURITY_LOGGER.log(LOG_LEVEL, |
|
76 "ValidationChain: {0,number,#}, {1}", anchorCertId, codes); |
|
77 } |
|
78 |
|
79 public static void logX509CertificateEvent(String algId, |
|
80 String serialNum, |
|
81 String subject, |
|
82 String issuer, |
|
83 String keyType, |
|
84 int length, |
|
85 long certId, |
|
86 long beginDate, |
|
87 long endDate) { |
|
88 SECURITY_LOGGER.log(LOG_LEVEL, "X509Certificate: Alg:{0}, Serial:{1}" + |
|
89 ", Subject:{2}, Issuer:{3}, Key type:{4}, Length:{5,number,#}" + |
|
90 ", Cert Id:{6,number,#}, Valid from:{7}, Valid until:{8}", |
|
91 algId, serialNum, subject, issuer, keyType, length, |
|
92 certId, new Date(beginDate), new Date(endDate)); |
|
93 } |
|
94 |
|
95 /** |
|
96 * Method to calculate a duration timestamp for events which measure |
|
97 * the start and end times of certain operations. |
|
98 * @param start Instant indicating when event started recording |
|
99 * @return A string representing duraction from start time to |
|
100 * time of this method call. Empty string is start is null. |
|
101 */ |
|
102 private static String getDurationString(Instant start) { |
|
103 if (start != null) { |
|
104 Duration duration = Duration.between(start, Instant.now()); |
|
105 long micros = duration.toNanos() / 1_000; |
|
106 if (micros < 1_000_000) { |
|
107 return "duration = " + (micros / 1_000.0) + " ms:"; |
|
108 } else { |
|
109 return "duration = " + ((micros / 1_000) / 1_000.0) + " s:"; |
|
110 } |
|
111 } else { |
|
112 return ""; |
|
113 } |
|
114 } |
|
115 |
|
116 /** |
|
117 * Helper to determine if security events are being logged |
|
118 * at a preconfigured logging level. The configuration value |
|
119 * is read once at class initialization. |
|
120 * |
|
121 * @return boolean indicating whether an event should be logged |
|
122 */ |
|
123 public static boolean isLoggingSecurity() { |
|
124 return LOGGING_SECURITY; |
|
125 } |
|
126 } |