< prev index next >

src/java.base/share/classes/sun/security/ssl/Finished.java

Print this page

        

*** 38,47 **** --- 38,51 ---- import javax.crypto.KeyGenerator; import javax.crypto.Mac; import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; + import javax.net.ssl.SSLPeerUnverifiedException; + + import jdk.internal.event.EventHelper; + import jdk.internal.event.TLSHandshakeEvent; import sun.security.internal.spec.TlsPrfParameterSpec; import sun.security.ssl.CipherSuite.HashAlg; import static sun.security.ssl.CipherSuite.HashAlg.H_NONE; import sun.security.ssl.SSLBasicKeyDerivation.SecretSizeSpec; import sun.security.ssl.SSLCipher.SSLReadCipher;
*** 546,555 **** --- 550,560 ---- chc.conContext.conSession = chc.handshakeSession.finish(); chc.conContext.protocolVersion = chc.negotiatedProtocol; // handshake context cleanup. chc.handshakeFinished = true; + recordEvent(chc.conContext.conSession); // May need to retransmit the last flight for DTLS. if (!chc.sslContext.isDTLS()) { chc.conContext.finishHandshake(); }
*** 595,604 **** --- 600,610 ---- shc.conContext.conSession = shc.handshakeSession.finish(); shc.conContext.protocolVersion = shc.negotiatedProtocol; // handshake context cleanup. shc.handshakeFinished = true; + recordEvent(shc.conContext.conSession); // May need to retransmit the last flight for DTLS. if (!shc.sslContext.isDTLS()) { shc.conContext.finishHandshake(); }
*** 728,737 **** --- 734,745 ---- chc.conContext.protocolVersion = chc.negotiatedProtocol; // handshake context cleanup. chc.handshakeFinished = true; chc.conContext.finishHandshake(); + recordEvent(chc.conContext.conSession); + // The handshake message has been delivered. return null; }
*** 1061,1070 **** --- 1069,1079 ---- // May need to retransmit the last flight for DTLS. if (!shc.sslContext.isDTLS()) { shc.conContext.finishHandshake(); } + recordEvent(shc.conContext.conSession); // // produce if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { SSLLogger.fine(
*** 1072,1077 **** --- 1081,1117 ---- } NewSessionTicket.kickstartProducer.produce(shc); } } + + private static void recordEvent(SSLSessionImpl session) { + TLSHandshakeEvent event = new TLSHandshakeEvent(); + if (event.shouldCommit() || EventHelper.isLoggingSecurity()) { + String peerCertID = ""; + try { + peerCertID = session + .getCertificateChain()[0] + .getSerialNumber() + .toString(16); + } catch (SSLPeerUnverifiedException e) { + peerCertID = e.getMessage(); // not verified msg + } + if(event.shouldCommit()) { + event.peerHost = session.getPeerHost(); + event.peerPort = session.getPeerPort(); + event.cipherSuite = session.getCipherSuite(); + event.protocolVersion = session.getProtocol(); + event.peerCertId = peerCertID; + event.commit(); + } + if (EventHelper.isLoggingSecurity()) { + EventHelper.logTLSHandshakeEvent(null, + session.getPeerHost(), + session.getPeerPort(), + session.getCipherSuite(), + session.getProtocol(), + peerCertID); + } + } + } }
< prev index next >