[jira] [Commented] (LOG4J2-3508) Add a signature appender to the log4j2 core

[Rufus Buschart (Jira)]

    [ 
https://issues.apache.org/jira/browse/LOG4J2-3508?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17538630#comment-17538630
 ] 

Rufus Buschart commented on LOG4J2-3508:
----------------------------------------

[~vy] I believe most organizations will be hesitating to use sources from 
outside the core libraries, since they might not be maintained eventually.

> Add a signature appender to the log4j2 core
> -------------------------------------------
>
>                 Key: LOG4J2-3508
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-3508
>             Project: Log4j 2
>          Issue Type: New Feature
>          Components: Appenders
>            Reporter: Simon Huang
>            Priority: Minor
>
> h2. Goal
> Merge our implementation of a Signature appender into the log4j2 core.
> h2. What is a signature appender?
> Hello log4j2 contributors,
> I am a working student at Siemens and my superiours were looking for a way to 
> add a signature to their logs. The solution that we came up with is an outer 
> appender that works similar to the failover appender, i.e. it adds a 
> signature and delegates the appending to another appender.
> You can see our solution at 
> [github|https://github.com/simon-hng-smns/log4j2_signature_appender/tree/main]
>  as wenn as an [example 
> implementation|https://github.com/simon-hng-smns/log4j2_signature_appender/tree/example-implementation].
> We would appreciate any and all feedback, and hope you can guide us to 
> necessary changes, in order to incorporate our appender.
> h2. How does it work?
> The SignatureAppender takes in an inner appender, which can now use the 
> {{%sign}} PatternConverter.
> {code:xml}
>     <Appenders>
>         <SignatureAppender name="signatureAppender"
>                            signatureAlgorithm="SHA256withRSA"
>                            pathToKeyStore="signatureKeyStore.p12"
>                            keyStorePassword="password"
>         >
>             <Console name="console">
>                 <PatternLayout pattern="[%sign] %m%n"/>
>             </Console>
>         </SignatureAppender>
>     </Appenders>
> {code}
> h3. Creating the signature
> The signature is created using the internal java class {{Signature}}, which 
> gets a formatted message and the last signature and signs like this 
> {code:java}
> Signature.update(message + lastSignature)
> {code}
> h3. In general the steps are the following:
>  # SignatureAppender gets LogEvent creates the formatted message.
>  # Using this formatted message and the lastSignature, a signature is created 
> which we use to create a LogEvent with the signature as a property
>  # This new LogEvent is then send to the inner appender, where it is used by 
> the SignaturePatternConverter
>  



--
This message was sent by Atlassian Jira
(v8.20.7#820007)