1 /*
2 * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.util;
27
28 import java.io.PrintStream;
29 import java.math.BigInteger;
30 import java.util.Hex;
31 import java.util.regex.Pattern;
32 import java.util.regex.Matcher;
33 import java.util.Locale;
34 import sun.security.action.GetPropertyAction;
35
36 /**
37 * A utility class for debugging.
38 *
39 * @author Roland Schemers
40 */
41 public class Debug {
42
43 private String prefix;
44
45 private static String args;
46
47 static {
48 args = GetPropertyAction.privilegedGetProperty("java.security.debug");
49
50 String args2 = GetPropertyAction
51 .privilegedGetProperty("java.security.auth.debug");
52
53 if (args == null) {
54 args = args2;
55 } else {
56 if (args2 != null)
57 args = args + "," + args2;
58 }
59
60 if (args != null) {
61 args = marshal(args);
62 if (args.equals("help")) {
63 Help();
64 }
65 }
66 }
67
68 public static void Help()
69 {
70 System.err.println();
71 System.err.println("all turn on all debugging");
72 System.err.println("access print all checkPermission results");
73 System.err.println("certpath PKIX CertPathBuilder and");
74 System.err.println(" CertPathValidator debugging");
75 System.err.println("combiner SubjectDomainCombiner debugging");
76 System.err.println("gssloginconfig");
77 System.err.println(" GSS LoginConfigImpl debugging");
78 System.err.println("configfile JAAS ConfigFile loading");
79 System.err.println("configparser JAAS ConfigFile parsing");
80 System.err.println("jar jar verification");
81 System.err.println("logincontext login context results");
82 System.err.println("jca JCA engine class debugging");
83 System.err.println("keystore KeyStore debugging");
84 System.err.println("policy loading and granting");
85 System.err.println("provider security provider debugging");
86 System.err.println("pkcs11 PKCS11 session manager debugging");
87 System.err.println("pkcs11keystore");
88 System.err.println(" PKCS11 KeyStore debugging");
89 System.err.println("pkcs12 PKCS12 KeyStore debugging");
90 System.err.println("sunpkcs11 SunPKCS11 provider debugging");
91 System.err.println("scl permissions SecureClassLoader assigns");
92 System.err.println("securerandom SecureRandom");
93 System.err.println("ts timestamping");
94 System.err.println();
95 System.err.println("The following can be used with access:");
96 System.err.println();
97 System.err.println("stack include stack trace");
98 System.err.println("domain dump all domains in context");
99 System.err.println("failure before throwing exception, dump stack");
100 System.err.println(" and domain that didn't have permission");
101 System.err.println();
102 System.err.println("The following can be used with stack and domain:");
103 System.err.println();
104 System.err.println("permission=<classname>");
105 System.err.println(" only dump output if specified permission");
106 System.err.println(" is being checked");
107 System.err.println("codebase=<URL>");
108 System.err.println(" only dump output if specified codebase");
109 System.err.println(" is being checked");
110 System.err.println();
111 System.err.println("The following can be used with provider:");
112 System.err.println();
113 System.err.println("engine=<engines>");
114 System.err.println(" only dump output for the specified list");
115 System.err.println(" of JCA engines. Supported values:");
116 System.err.println(" Cipher, KeyAgreement, KeyGenerator,");
117 System.err.println(" KeyPairGenerator, KeyStore, Mac,");
118 System.err.println(" MessageDigest, SecureRandom, Signature.");
119 System.err.println();
120 System.err.println("The following can be used with certpath:");
121 System.err.println();
122 System.err.println("ocsp dump the OCSP protocol exchanges");
123 System.err.println("verbose verbose debugging");
124 System.err.println();
125 System.err.println("Note: Separate multiple options with a comma");
126 System.exit(0);
127 }
128
129
130 /**
131 * Get a Debug object corresponding to whether or not the given
132 * option is set. Set the prefix to be the same as option.
133 */
134
135 public static Debug getInstance(String option)
136 {
137 return getInstance(option, option);
138 }
139
140 /**
141 * Get a Debug object corresponding to whether or not the given
142 * option is set. Set the prefix to be prefix.
143 */
144 public static Debug getInstance(String option, String prefix)
145 {
146 if (isOn(option)) {
147 Debug d = new Debug();
148 d.prefix = prefix;
149 return d;
150 } else {
151 return null;
152 }
153 }
154
155 /**
156 * True if the system property "security.debug" contains the
157 * string "option".
158 */
159 public static boolean isOn(String option)
160 {
161 if (args == null)
162 return false;
163 else {
164 if (args.indexOf("all") != -1)
165 return true;
166 else
167 return (args.indexOf(option) != -1);
168 }
169 }
170
171 /**
172 * Check if verbose messages is enabled for extra debugging.
173 */
174 public static boolean isVerbose() {
175 return isOn("verbose");
176 }
177
178 /**
179 * print a message to stderr that is prefixed with the prefix
180 * created from the call to getInstance.
181 */
182
183 public void println(String message)
184 {
185 System.err.println(prefix + ": "+message);
186 }
187
188 /**
189 * print a message to stderr that is prefixed with the prefix
190 * created from the call to getInstance and obj.
191 */
192 public void println(Object obj, String message)
193 {
194 System.err.println(prefix + " [" + obj.getClass().getSimpleName() +
195 "@" + System.identityHashCode(obj) + "]: "+message);
196 }
197
198 /**
199 * print a blank line to stderr that is prefixed with the prefix.
200 */
201
202 public void println()
203 {
204 System.err.println(prefix + ":");
205 }
206
207 /**
208 * print a message to stderr that is prefixed with the prefix.
209 */
210
211 public static void println(String prefix, String message)
212 {
213 System.err.println(prefix + ": "+message);
214 }
215
216 /**
217 * PrintStream for debug methods. Currently only System.err is supported.
218 */
219 public PrintStream getPrintStream() {
220 return System.err;
221 }
222
223 /**
224 * return a hexadecimal printed representation of the specified
225 * BigInteger object. the value is formatted to fit on lines of
226 * at least 75 characters, with embedded newlines. Words are
227 * separated for readability, with eight words (32 bytes) per line.
228 */
229 public static String toHexString(BigInteger b) {
230 String hexValue = b.toString(16);
231 StringBuilder sb = new StringBuilder(hexValue.length()*2);
232
233 if (hexValue.startsWith("-")) {
234 sb.append(" -");
235 hexValue = hexValue.substring(1);
236 } else {
237 sb.append(" "); // four spaces
238 }
239 if ((hexValue.length()%2) != 0) {
240 // add back the leading 0
241 hexValue = "0" + hexValue;
242 }
243 int i=0;
244 while (i < hexValue.length()) {
245 // one byte at a time
246 sb.append(hexValue.substring(i, i + 2));
247 i+=2;
248 if (i!= hexValue.length()) {
249 if ((i%64) == 0) {
250 sb.append("\n "); // line after eight words
251 } else if (i%8 == 0) {
252 sb.append(" "); // space between words
253 }
254 }
255 }
256 return sb.toString();
257 }
258
259 /**
260 * change a string into lower case except permission classes and URLs.
261 */
262 private static String marshal(String args) {
263 if (args != null) {
264 StringBuilder target = new StringBuilder();
265 StringBuffer source = new StringBuffer(args);
266
267 // obtain the "permission=<classname>" options
268 // the syntax of classname: IDENTIFIER.IDENTIFIER
269 // the regular express to match a class name:
270 // "[a-zA-Z_$][a-zA-Z0-9_$]*([.][a-zA-Z_$][a-zA-Z0-9_$]*)*"
271 String keyReg = "[Pp][Ee][Rr][Mm][Ii][Ss][Ss][Ii][Oo][Nn]=";
272 String keyStr = "permission=";
273 String reg = keyReg +
274 "[a-zA-Z_$][a-zA-Z0-9_$]*([.][a-zA-Z_$][a-zA-Z0-9_$]*)*";
275 Pattern pattern = Pattern.compile(reg);
276 Matcher matcher = pattern.matcher(source);
277 StringBuffer left = new StringBuffer();
278 while (matcher.find()) {
279 String matched = matcher.group();
280 target.append(matched.replaceFirst(keyReg, keyStr));
281 target.append(" ");
282
283 // delete the matched sequence
284 matcher.appendReplacement(left, "");
285 }
286 matcher.appendTail(left);
287 source = left;
288
289 // obtain the "codebase=<URL>" options
290 // the syntax of URL is too flexible, and here assumes that the
291 // URL contains no space, comma(','), and semicolon(';'). That
292 // also means those characters also could be used as separator
293 // after codebase option.
294 // However, the assumption is incorrect in some special situation
295 // when the URL contains comma or semicolon
296 keyReg = "[Cc][Oo][Dd][Ee][Bb][Aa][Ss][Ee]=";
297 keyStr = "codebase=";
298 reg = keyReg + "[^, ;]*";
299 pattern = Pattern.compile(reg);
300 matcher = pattern.matcher(source);
301 left = new StringBuffer();
302 while (matcher.find()) {
303 String matched = matcher.group();
304 target.append(matched.replaceFirst(keyReg, keyStr));
305 target.append(" ");
306
307 // delete the matched sequence
308 matcher.appendReplacement(left, "");
309 }
310 matcher.appendTail(left);
311 source = left;
312
313 // convert the rest to lower-case characters
314 target.append(source.toString().toLowerCase(Locale.ENGLISH));
315
316 return target.toString();
317 }
318
319 return null;
320 }
321
322 private static final char[] hexDigits = "0123456789abcdef".toCharArray();
323
324 public static String toString(byte[] b) {
325 if (b == null) {
326 return "(null)";
327 }
328 return Hex.encoder(":", "", "", false).encode(b);
329 }
330
331 }