< prev index next >
src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
Print this page
*** 27,37 ****
--- 27,43 ----
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.cert.*;
import java.util.*;
+ import java.util.concurrent.atomic.AtomicLong;
+ import java.util.stream.Collectors;
+ import java.util.stream.IntStream;
+ import java.util.stream.Stream;
+ import jdk.internal.event.X509ValidationEvent;
+ import jdk.internal.event.EventHelper;
import sun.security.provider.certpath.PKIX.ValidatorParams;
import sun.security.validator.Validator;
import sun.security.x509.X509CertImpl;
import sun.security.util.Debug;
*** 45,54 ****
--- 51,61 ----
* @author Yassir Elley
*/
public final class PKIXCertPathValidator extends CertPathValidatorSpi {
private static final Debug debug = Debug.getInstance("certpath");
+ private static final AtomicLong validationEventNumber = new AtomicLong();
/**
* Default constructor.
*/
public PKIXCertPathValidator() {}
*** 232,240 ****
--- 239,273 ----
PKIXMasterCertPathValidator.validate(params.certPath(),
params.certificates(),
certPathCheckers);
+ X509ValidationEvent xve = new X509ValidationEvent();
+ if(xve.shouldCommit() || EventHelper.isLoggingSecurity()) {
+ int[] hashCodes = params.certificates().stream()
+ .mapToInt(x -> x.hashCode())
+ .toArray();
+ int anchorHashId =
+ anchor.getTrustedCert().hashCode();
+ if (xve.shouldCommit()) {
+ xve.hashCode = anchorHashId;
+ int certificatePos = 1; //anchor cert
+ xve.certificatePosition = certificatePos;
+ xve.validationId = validationEventNumber.incrementAndGet();
+ xve.commit();
+ // now, iterate through remaining
+ for (int hashCode : hashCodes) {
+ xve.hashCode = hashCode;
+ xve.certificatePosition = ++certificatePos;
+ xve.commit();
+
+ }
+ }
+ if (EventHelper.isLoggingSecurity()) {
+ EventHelper.logX509ValidationEvent(anchorHashId, hashCodes);
+ }
+ }
return new PKIXCertPathValidatorResult(anchor, pc.getPolicyTree(),
bc.getPublicKey());
}
+
}
< prev index next >