aboutsummaryrefslogtreecommitdiff
path: root/moaSig/moa-sig-lib/src/main/java/at
diff options
context:
space:
mode:
authorThomas <>2021-03-25 15:24:48 +0100
committerThomas <>2021-03-25 15:24:48 +0100
commit44a005e0e68e882a50d9bc061ca8daef4d84efa0 (patch)
treef411eb5e7133d2dea3c163f3733000788260f6d7 /moaSig/moa-sig-lib/src/main/java/at
parent56bbd2ea411e050a300b89f47d8787968d244546 (diff)
downloadmoa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.tar.gz
moa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.tar.bz2
moa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.zip
add masking pattern to clear personal information from certificate logging
Diffstat (limited to 'moaSig/moa-sig-lib/src/main/java/at')
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java56
1 files changed, 52 insertions, 4 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
index f477588..e4a3921 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLog.java
@@ -23,6 +23,13 @@
package at.gv.egovernment.moa.spss.server.logging;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+import java.util.stream.Collectors;
+import java.util.stream.IntStream;
+
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -43,6 +50,24 @@ public class IaikLog implements iaik.logging.Log {
/** The node ID to use. */
private String nodeId;
+ public static final String X509_INFO_CLEARING_PATTERN = "(?!serialNumber)(=)(.*?)(,|\"|$)";
+
+ private static Pattern multilinePattern;
+ private static List<String> maskPatterns = new ArrayList<>();
+
+ /**
+ * Add masking pattern into logger.
+ *
+ * @param maskPattern
+ */
+ public static void addMaskPattern(String maskPattern) {
+ maskPatterns.add(maskPattern);
+ multilinePattern = Pattern.compile(
+ maskPatterns.stream()
+ .collect(Collectors.joining("|")), Pattern.MULTILINE
+ );
+}
+
/**
* Create a new <code>IaikLog</code>.
*
@@ -83,7 +108,7 @@ public class IaikLog implements iaik.logging.Log {
*/
@Override
public void info(TransactionId transactionId, Object message, Throwable t) {
- final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, maskMessage(message));
log.info(msg.toString(), t);
}
@@ -101,7 +126,7 @@ public class IaikLog implements iaik.logging.Log {
*/
@Override
public void warn(TransactionId transactionId, Object message, Throwable t) {
- final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, maskMessage(message));
log.warn(msg.toString(), t);
}
@@ -119,7 +144,7 @@ public class IaikLog implements iaik.logging.Log {
*/
@Override
public void error(TransactionId transactionId, Object message, Throwable t) {
- final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, maskMessage(message));
log.error(msg.toString(), t);
}
@@ -137,7 +162,7 @@ public class IaikLog implements iaik.logging.Log {
*/
@Override
public void fatal(TransactionId transactionId, Object message, Throwable t) {
- final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, message);
+ final IaikLogMsg msg = new IaikLogMsg(transactionId, nodeId, maskMessage(message));
log.error(msg.toString(), t);
}
@@ -158,4 +183,27 @@ public class IaikLog implements iaik.logging.Log {
return nodeId;
}
+
+ private String maskMessage(Object message) {
+ String msg = message != null ? message.toString() : "<null>";
+
+ if (multilinePattern == null) {
+ return msg;
+
+ }
+
+ StringBuilder sb = new StringBuilder(msg);
+ Matcher matcher = multilinePattern.matcher(sb);
+ while (matcher.find()) {
+ IntStream.rangeClosed(1, matcher.groupCount()).forEach(
+ group -> {
+ if (matcher.group(group) != null) {
+ IntStream.range(matcher.start(group),
+ matcher.end(group)).forEach(i -> sb.setCharAt(i, '*')); // replace each character with asterisk
+ }
+ });
+ }
+ return sb.toString();
+}
+
}