< prev index next >
src/java.base/share/classes/sun/security/ssl/Finished.java
Print this page
*** 38,47 ****
--- 38,51 ----
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
+ import javax.net.ssl.SSLPeerUnverifiedException;
+
+ import jdk.internal.event.EventHelper;
+ import jdk.internal.event.TLSHandshakeEvent;
import sun.security.internal.spec.TlsPrfParameterSpec;
import sun.security.ssl.CipherSuite.HashAlg;
import static sun.security.ssl.CipherSuite.HashAlg.H_NONE;
import sun.security.ssl.SSLBasicKeyDerivation.SecretSizeSpec;
import sun.security.ssl.SSLCipher.SSLReadCipher;
*** 546,555 ****
--- 550,560 ----
chc.conContext.conSession = chc.handshakeSession.finish();
chc.conContext.protocolVersion = chc.negotiatedProtocol;
// handshake context cleanup.
chc.handshakeFinished = true;
+ recordEvent(chc.conContext.conSession);
// May need to retransmit the last flight for DTLS.
if (!chc.sslContext.isDTLS()) {
chc.conContext.finishHandshake();
}
*** 595,604 ****
--- 600,610 ----
shc.conContext.conSession = shc.handshakeSession.finish();
shc.conContext.protocolVersion = shc.negotiatedProtocol;
// handshake context cleanup.
shc.handshakeFinished = true;
+ recordEvent(shc.conContext.conSession);
// May need to retransmit the last flight for DTLS.
if (!shc.sslContext.isDTLS()) {
shc.conContext.finishHandshake();
}
*** 728,737 ****
--- 734,745 ----
chc.conContext.protocolVersion = chc.negotiatedProtocol;
// handshake context cleanup.
chc.handshakeFinished = true;
chc.conContext.finishHandshake();
+ recordEvent(chc.conContext.conSession);
+
// The handshake message has been delivered.
return null;
}
*** 1061,1070 ****
--- 1069,1079 ----
// May need to retransmit the last flight for DTLS.
if (!shc.sslContext.isDTLS()) {
shc.conContext.finishHandshake();
}
+ recordEvent(shc.conContext.conSession);
//
// produce
if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
SSLLogger.fine(
*** 1072,1077 ****
--- 1081,1117 ----
}
NewSessionTicket.kickstartProducer.produce(shc);
}
}
+
+ private static void recordEvent(SSLSessionImpl session) {
+ TLSHandshakeEvent event = new TLSHandshakeEvent();
+ if (event.shouldCommit() || EventHelper.isLoggingSecurity()) {
+ String peerCertID = "";
+ try {
+ peerCertID = session
+ .getCertificateChain()[0]
+ .getSerialNumber()
+ .toString(16);
+ } catch (SSLPeerUnverifiedException e) {
+ peerCertID = e.getMessage(); // not verified msg
+ }
+ if(event.shouldCommit()) {
+ event.peerHost = session.getPeerHost();
+ event.peerPort = session.getPeerPort();
+ event.cipherSuite = session.getCipherSuite();
+ event.protocolVersion = session.getProtocol();
+ event.peerCertId = peerCertID;
+ event.commit();
+ }
+ if (EventHelper.isLoggingSecurity()) {
+ EventHelper.logTLSHandshakeEvent(null,
+ session.getPeerHost(),
+ session.getPeerPort(),
+ session.getCipherSuite(),
+ session.getProtocol(),
+ peerCertID);
+ }
+ }
+ }
}
< prev index next >