diff options
author | Thomas <> | 2021-03-25 15:24:48 +0100 |
---|---|---|
committer | Thomas <> | 2021-03-25 15:24:48 +0100 |
commit | 44a005e0e68e882a50d9bc061ca8daef4d84efa0 (patch) | |
tree | f411eb5e7133d2dea3c163f3733000788260f6d7 /moaSig/moa-sig-lib/src/main/java/at/gv/egovernment | |
parent | 56bbd2ea411e050a300b89f47d8787968d244546 (diff) | |
download | moa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.tar.gz moa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.tar.bz2 moa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.zip |
add masking pattern to clear personal information from certificate logging
Diffstat (limited to 'moaSig/moa-sig-lib/src/main/java/at/gv/egovernment')
-rw-r--r-- | moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java | 56 |
1 files changed, 52 insertions, 4 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java index f477588..e4a3921 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java @@ -23,6 +23,13 @@ package at.gv.egovernment.moa.spss.server.logging; +import java.util.ArrayList; +import java.util.List; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import java.util.stream.Collectors; +import java.util.stream.IntStream; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -43,6 +50,24 @@ public class IaikLog implements iaik.logging.Log { /** The node ID to use. */ private String nodeId; + public static final String X509_INFO_CLEARING_PATTERN = "(?!serialNumber)(=)(.*?)(,|\"|$)"; + + private static Pattern multilinePattern; + private static List<String> maskPatterns = new ArrayList<>(); + + /** + * Add masking pattern into logger. + * + * @param maskPattern + */ + public static void addMaskPattern(String maskPattern) { + maskPatterns.add(maskPattern); + multilinePattern = Pattern.compile( + maskPatterns.stream() + .collect(Collectors.joining("|")), Pattern.MULTILINE + ); +} + /** * Create a new <code>IaikLog</code>. * @@ -83,7 +108,7 @@ public class IaikLog implements iaik.logging.Log { */ @Override public void info(TransactionId transactionId, Object message, Throwable t) { - final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message); + final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, maskMessage(message)); log.info(msg.toString(), t); } @@ -101,7 +126,7 @@ public class IaikLog implements iaik.logging.Log { */ @Override public void warn(TransactionId transactionId, Object message, Throwable t) { - final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message); + final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, maskMessage(message)); log.warn(msg.toString(), t); } @@ -119,7 +144,7 @@ public class IaikLog implements iaik.logging.Log { */ @Override public void error(TransactionId transactionId, Object message, Throwable t) { - final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message); + final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, maskMessage(message)); log.error(msg.toString(), t); } @@ -137,7 +162,7 @@ public class IaikLog implements iaik.logging.Log { */ @Override public void fatal(TransactionId transactionId, Object message, Throwable t) { - final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message); + final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, maskMessage(message)); log.error(msg.toString(), t); } @@ -158,4 +183,27 @@ public class IaikLog implements iaik.logging.Log { return nodeId; } + + private String maskMessage(Object message) { + String msg = message != null ? message.toString() : "<null>"; + + if (multilinePattern == null) { + return msg; + + } + + StringBuilder sb = new StringBuilder(msg); + Matcher matcher = multilinePattern.matcher(sb); + while (matcher.find()) { + IntStream.rangeClosed(1, matcher.groupCount()).forEach( + group -> { + if (matcher.group(group) != null) { + IntStream.range(matcher.start(group), + matcher.end(group)).forEach(i -> sb.setCharAt(i, '*')); // replace each character with asterisk + } + }); + } + return sb.toString(); +} + } |