RFR: 8292033: Move jdk.X509Certificate event logic to JCA layer [v4]

Sean Coffey coffeys at openjdk.org
Wed Nov 2 15:42:08 UTC 2022


> By moving the JFR event up to the java.security.cert.CertificateFactory class, we can record all generate cert events, including those from 3rd party providers. I've also altered the logic so that an event is genertate for every generate cert call (not just ones missing from the JDK provider implementation cache)
> 
> test case also updated to capture new logic

Sean Coffey has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 21 commits:

 - code clean up
 - funnel cert events via generateCertificate only
 - Revert use of x509 constructor helper in some areas. Clean up tests
 - modules fix up in test
 - Capture CertAndKeyGen certs
 - import clean up
 - Copyright year update
 - Merge branch 'master' into 8292033-x509Event
 - record events for internal constructor calls. Expand testing
 - Use X500Principal#toString()
 - ... and 11 more: https://git.openjdk.org/jdk/compare/cf5546b3...f430a3ee

-------------

Changes: https://git.openjdk.org/jdk/pull/10422/files
 Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=10422&range=03
  Stats: 222 lines in 13 files changed: 134 ins; 54 del; 34 mod
  Patch: https://git.openjdk.org/jdk/pull/10422.diff
  Fetch: git fetch https://git.openjdk.org/jdk pull/10422/head:pull/10422

PR: https://git.openjdk.org/jdk/pull/10422


More information about the security-dev mailing list