--- a/src/java.base/share/classes/sun/security/provider/X509Factory.java Tue Nov 20 10:08:19 2018 +0100
+++ b/src/java.base/share/classes/sun/security/provider/X509Factory.java Tue Nov 20 13:12:48 2018 +0000
@@ -26,12 +26,15 @@
package sun.security.provider;
import java.io.*;
+import java.security.PublicKey;
import java.util.*;
import java.security.cert.*;
+import jdk.internal.event.EventHelper;
+import jdk.internal.event.X509CertificateEvent;
+import sun.security.util.KeyUtil;
import sun.security.util.Pem;
-import sun.security.x509.X509CertImpl;
-import sun.security.x509.X509CRLImpl;
+import sun.security.x509.*;
import sun.security.pkcs.PKCS7;
import sun.security.provider.certpath.X509CertPath;
import sun.security.provider.certpath.X509CertificatePair;
@@ -101,6 +104,8 @@
}
cert = new X509CertImpl(encoding);
addToCache(certCache, cert.getEncodedInternal(), cert);
+ // record cert details if necessary
+ commitEvent(cert);
return cert;
} else {
throw new IOException("Empty input");
@@ -762,4 +767,43 @@
}
return tag;
}
+
+ private void commitEvent(X509CertImpl info) {
+ X509CertificateEvent xce = new X509CertificateEvent();
+ if (xce.shouldCommit() || EventHelper.isLoggingSecurity()) {
+ PublicKey pKey = info.getPublicKey();
+ String algId = info.getSigAlgName();
+ String serNum = info.getSerialNumber().toString(16);
+ String subject = info.getSubjectDN().getName();
+ String issuer = info.getIssuerDN().getName();
+ String keyType = pKey.getAlgorithm();
+ int length = KeyUtil.getKeySize(pKey);
+ int hashCode = info.hashCode();
+ long beginDate = info.getNotBefore().getTime();
+ long endDate = info.getNotAfter().getTime();
+ if (xce.shouldCommit()) {
+ xce.algorithm = algId;
+ xce.serialNumber = serNum;
+ xce.subject = subject;
+ xce.issuer = issuer;
+ xce.keyType = keyType;
+ xce.keyLength = length;
+ xce.certificateId = hashCode;
+ xce.validFrom = beginDate;
+ xce.validUntil = endDate;
+ xce.commit();
+ }
+ if (EventHelper.isLoggingSecurity()) {
+ EventHelper.logX509CertificateEvent(algId,
+ serNum,
+ subject,
+ issuer,
+ keyType,
+ length,
+ hashCode,
+ beginDate,
+ endDate);
+ }
+ }
+ }
}