1 /* 2 * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.util; 27 28 import java.io.PrintStream; 29 import java.math.BigInteger; 30 import java.util.Hex; 31 import java.util.regex.Pattern; 32 import java.util.regex.Matcher; 33 import java.util.Locale; 34 import sun.security.action.GetPropertyAction; 35 36 /** 37 * A utility class for debugging. 38 * 39 * @author Roland Schemers 40 */ 41 public class Debug { 42 43 private String prefix; 44 45 private static String args; 46 47 static { 48 args = GetPropertyAction.privilegedGetProperty("java.security.debug"); 49 50 String args2 = GetPropertyAction 51 .privilegedGetProperty("java.security.auth.debug"); 52 53 if (args == null) { 54 args = args2; 55 } else { 56 if (args2 != null) 57 args = args + "," + args2; 58 } 59 60 if (args != null) { 61 args = marshal(args); 62 if (args.equals("help")) { 63 Help(); 64 } 65 } 66 } 67 68 public static void Help() 69 { 70 System.err.println(); 71 System.err.println("all turn on all debugging"); 72 System.err.println("access print all checkPermission results"); 73 System.err.println("certpath PKIX CertPathBuilder and"); 74 System.err.println(" CertPathValidator debugging"); 75 System.err.println("combiner SubjectDomainCombiner debugging"); 76 System.err.println("gssloginconfig"); 77 System.err.println(" GSS LoginConfigImpl debugging"); 78 System.err.println("configfile JAAS ConfigFile loading"); 79 System.err.println("configparser JAAS ConfigFile parsing"); 80 System.err.println("jar jar verification"); 81 System.err.println("logincontext login context results"); 82 System.err.println("jca JCA engine class debugging"); 83 System.err.println("keystore KeyStore debugging"); 84 System.err.println("policy loading and granting"); 85 System.err.println("provider security provider debugging"); 86 System.err.println("pkcs11 PKCS11 session manager debugging"); 87 System.err.println("pkcs11keystore"); 88 System.err.println(" PKCS11 KeyStore debugging"); 89 System.err.println("pkcs12 PKCS12 KeyStore debugging"); 90 System.err.println("sunpkcs11 SunPKCS11 provider debugging"); 91 System.err.println("scl permissions SecureClassLoader assigns"); 92 System.err.println("securerandom SecureRandom"); 93 System.err.println("ts timestamping"); 94 System.err.println(); 95 System.err.println("The following can be used with access:"); 96 System.err.println(); 97 System.err.println("stack include stack trace"); 98 System.err.println("domain dump all domains in context"); 99 System.err.println("failure before throwing exception, dump stack"); 100 System.err.println(" and domain that didn't have permission"); 101 System.err.println(); 102 System.err.println("The following can be used with stack and domain:"); 103 System.err.println(); 104 System.err.println("permission=<classname>"); 105 System.err.println(" only dump output if specified permission"); 106 System.err.println(" is being checked"); 107 System.err.println("codebase=<URL>"); 108 System.err.println(" only dump output if specified codebase"); 109 System.err.println(" is being checked"); 110 System.err.println(); 111 System.err.println("The following can be used with provider:"); 112 System.err.println(); 113 System.err.println("engine=<engines>"); 114 System.err.println(" only dump output for the specified list"); 115 System.err.println(" of JCA engines. Supported values:"); 116 System.err.println(" Cipher, KeyAgreement, KeyGenerator,"); 117 System.err.println(" KeyPairGenerator, KeyStore, Mac,"); 118 System.err.println(" MessageDigest, SecureRandom, Signature."); 119 System.err.println(); 120 System.err.println("The following can be used with certpath:"); 121 System.err.println(); 122 System.err.println("ocsp dump the OCSP protocol exchanges"); 123 System.err.println("verbose verbose debugging"); 124 System.err.println(); 125 System.err.println("Note: Separate multiple options with a comma"); 126 System.exit(0); 127 } 128 129 130 /** 131 * Get a Debug object corresponding to whether or not the given 132 * option is set. Set the prefix to be the same as option. 133 */ 134 135 public static Debug getInstance(String option) 136 { 137 return getInstance(option, option); 138 } 139 140 /** 141 * Get a Debug object corresponding to whether or not the given 142 * option is set. Set the prefix to be prefix. 143 */ 144 public static Debug getInstance(String option, String prefix) 145 { 146 if (isOn(option)) { 147 Debug d = new Debug(); 148 d.prefix = prefix; 149 return d; 150 } else { 151 return null; 152 } 153 } 154 155 /** 156 * True if the system property "security.debug" contains the 157 * string "option". 158 */ 159 public static boolean isOn(String option) 160 { 161 if (args == null) 162 return false; 163 else { 164 if (args.indexOf("all") != -1) 165 return true; 166 else 167 return (args.indexOf(option) != -1); 168 } 169 } 170 171 /** 172 * Check if verbose messages is enabled for extra debugging. 173 */ 174 public static boolean isVerbose() { 175 return isOn("verbose"); 176 } 177 178 /** 179 * print a message to stderr that is prefixed with the prefix 180 * created from the call to getInstance. 181 */ 182 183 public void println(String message) 184 { 185 System.err.println(prefix + ": "+message); 186 } 187 188 /** 189 * print a message to stderr that is prefixed with the prefix 190 * created from the call to getInstance and obj. 191 */ 192 public void println(Object obj, String message) 193 { 194 System.err.println(prefix + " [" + obj.getClass().getSimpleName() + 195 "@" + System.identityHashCode(obj) + "]: "+message); 196 } 197 198 /** 199 * print a blank line to stderr that is prefixed with the prefix. 200 */ 201 202 public void println() 203 { 204 System.err.println(prefix + ":"); 205 } 206 207 /** 208 * print a message to stderr that is prefixed with the prefix. 209 */ 210 211 public static void println(String prefix, String message) 212 { 213 System.err.println(prefix + ": "+message); 214 } 215 216 /** 217 * PrintStream for debug methods. Currently only System.err is supported. 218 */ 219 public PrintStream getPrintStream() { 220 return System.err; 221 } 222 223 /** 224 * return a hexadecimal printed representation of the specified 225 * BigInteger object. the value is formatted to fit on lines of 226 * at least 75 characters, with embedded newlines. Words are 227 * separated for readability, with eight words (32 bytes) per line. 228 */ 229 public static String toHexString(BigInteger b) { 230 String hexValue = b.toString(16); 231 StringBuilder sb = new StringBuilder(hexValue.length()*2); 232 233 if (hexValue.startsWith("-")) { 234 sb.append(" -"); 235 hexValue = hexValue.substring(1); 236 } else { 237 sb.append(" "); // four spaces 238 } 239 if ((hexValue.length()%2) != 0) { 240 // add back the leading 0 241 hexValue = "0" + hexValue; 242 } 243 int i=0; 244 while (i < hexValue.length()) { 245 // one byte at a time 246 sb.append(hexValue.substring(i, i + 2)); 247 i+=2; 248 if (i!= hexValue.length()) { 249 if ((i%64) == 0) { 250 sb.append("\n "); // line after eight words 251 } else if (i%8 == 0) { 252 sb.append(" "); // space between words 253 } 254 } 255 } 256 return sb.toString(); 257 } 258 259 /** 260 * change a string into lower case except permission classes and URLs. 261 */ 262 private static String marshal(String args) { 263 if (args != null) { 264 StringBuilder target = new StringBuilder(); 265 StringBuffer source = new StringBuffer(args); 266 267 // obtain the "permission=<classname>" options 268 // the syntax of classname: IDENTIFIER.IDENTIFIER 269 // the regular express to match a class name: 270 // "[a-zA-Z_$][a-zA-Z0-9_$]*([.][a-zA-Z_$][a-zA-Z0-9_$]*)*" 271 String keyReg = "[Pp][Ee][Rr][Mm][Ii][Ss][Ss][Ii][Oo][Nn]="; 272 String keyStr = "permission="; 273 String reg = keyReg + 274 "[a-zA-Z_$][a-zA-Z0-9_$]*([.][a-zA-Z_$][a-zA-Z0-9_$]*)*"; 275 Pattern pattern = Pattern.compile(reg); 276 Matcher matcher = pattern.matcher(source); 277 StringBuffer left = new StringBuffer(); 278 while (matcher.find()) { 279 String matched = matcher.group(); 280 target.append(matched.replaceFirst(keyReg, keyStr)); 281 target.append(" "); 282 283 // delete the matched sequence 284 matcher.appendReplacement(left, ""); 285 } 286 matcher.appendTail(left); 287 source = left; 288 289 // obtain the "codebase=<URL>" options 290 // the syntax of URL is too flexible, and here assumes that the 291 // URL contains no space, comma(','), and semicolon(';'). That 292 // also means those characters also could be used as separator 293 // after codebase option. 294 // However, the assumption is incorrect in some special situation 295 // when the URL contains comma or semicolon 296 keyReg = "[Cc][Oo][Dd][Ee][Bb][Aa][Ss][Ee]="; 297 keyStr = "codebase="; 298 reg = keyReg + "[^, ;]*"; 299 pattern = Pattern.compile(reg); 300 matcher = pattern.matcher(source); 301 left = new StringBuffer(); 302 while (matcher.find()) { 303 String matched = matcher.group(); 304 target.append(matched.replaceFirst(keyReg, keyStr)); 305 target.append(" "); 306 307 // delete the matched sequence 308 matcher.appendReplacement(left, ""); 309 } 310 matcher.appendTail(left); 311 source = left; 312 313 // convert the rest to lower-case characters 314 target.append(source.toString().toLowerCase(Locale.ENGLISH)); 315 316 return target.toString(); 317 } 318 319 return null; 320 } 321 322 private static final char[] hexDigits = "0123456789abcdef".toCharArray(); 323 324 public static String toString(byte[] b) { 325 if (b == null) { 326 return "(null)"; 327 } 328 return Hex.encoder(":", "", "", false).encode(b); 329 } 330 331 }