Add a signature appender to the log4j2 core

Goal

Merge our implementation of a Signature appender into the log4j2 core.

What is a signature appender?

Hello log4j2 contributors,

I am a working student at Siemens and my superiours were looking for a way to add a signature to their logs. The solution that we came up with is an outer appender that works similar to the failover appender, i.e. it adds a signature and delegates the appending to another appender.

You can see our solution at github as wenn as an example implementation.

We would appreciate any and all feedback, and hope you can guide us to necessary changes, in order to incorporate our appender.

How does it work?

The SignatureAppender takes in an inner appender, which can now use the %sign PatternConverter.

    <Appenders>
        <SignatureAppender name="signatureAppender"
                           signatureAlgorithm="SHA256withRSA"
                           pathToKeyStore="signatureKeyStore.p12"
                           keyStorePassword="password"
        >

            <Console name="console">
                <PatternLayout pattern="[%sign] %m%n"/>
            </Console>
        </SignatureAppender>
    </Appenders>

Creating the signature

The signature is created using the internal java class Signature, which gets a formatted message and the last signature and signs like this

Signature.update(message + lastSignature)

In general the steps are the following:

1. SignatureAppender gets LogEvent creates the formatted message.
2. Using this formatted message and the lastSignature, a signature is created which we use to create a LogEvent with the signature as a property
3. This new LogEvent is then send to the inner appender, where it is used by the SignaturePatternConverter