open Cdiff src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java

src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java


*** 27,37 ****
--- 27,43 ----
  
  import java.io.IOException;
  import java.security.InvalidAlgorithmParameterException;
  import java.security.cert.*;
  import java.util.*;
+ import java.util.concurrent.atomic.AtomicLong;
+ import java.util.stream.Collectors;
+ import java.util.stream.IntStream;
+ import java.util.stream.Stream;
  
+ import jdk.internal.event.X509ValidationEvent;
+ import jdk.internal.event.EventHelper;
  import sun.security.provider.certpath.PKIX.ValidatorParams;
  import sun.security.validator.Validator;
  import sun.security.x509.X509CertImpl;
  import sun.security.util.Debug;
  
*** 45,54 ****
--- 51,61 ----
   * @author      Yassir Elley
   */
  public final class PKIXCertPathValidator extends CertPathValidatorSpi {
  
      private static final Debug debug = Debug.getInstance("certpath");
+     private static final AtomicLong validationEventNumber = new AtomicLong();
  
      /**
       * Default constructor.
       */
      public PKIXCertPathValidator() {}
*** 232,240 ****
--- 239,273 ----
  
          PKIXMasterCertPathValidator.validate(params.certPath(),
                                               params.certificates(),
                                               certPathCheckers);
  
+         X509ValidationEvent xve = new X509ValidationEvent();
+         if(xve.shouldCommit() || EventHelper.isLoggingSecurity()) {
+             int[] hashCodes = params.certificates().stream()
+                     .mapToInt(x -> x.hashCode())
+                     .toArray();
+             int anchorHashId =
+                     anchor.getTrustedCert().hashCode();
+             if (xve.shouldCommit()) {
+                 xve.hashCode = anchorHashId;
+                 int certificatePos = 1; //anchor cert
+                 xve.certificatePosition = certificatePos;
+                 xve.validationId = validationEventNumber.incrementAndGet();
+                 xve.commit();
+                 // now, iterate through remaining
+                 for (int hashCode : hashCodes) {
+                     xve.hashCode = hashCode;
+                     xve.certificatePosition = ++certificatePos;
+                     xve.commit();
+ 
+                 }
+             }
+             if (EventHelper.isLoggingSecurity()) {
+                 EventHelper.logX509ValidationEvent(anchorHashId, hashCodes);
+             }
+         }
          return new PKIXCertPathValidatorResult(anchor, pc.getPolicyTree(),
                                                 bc.getPublicKey());
      }
+ 
  }
< prev index next >