Path: blob/master/src/java.base/share/classes/sun/security/util/Debug.java
41159 views
/*1* Copyright (c) 1998, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.util;2627import java.io.PrintStream;28import java.math.BigInteger;29import java.util.HexFormat;30import java.util.regex.Pattern;31import java.util.regex.Matcher;32import java.util.Locale;33import sun.security.action.GetPropertyAction;3435/**36* A utility class for debugging.37*38* @author Roland Schemers39*/40public class Debug {4142private String prefix;4344private static String args;4546static {47args = GetPropertyAction.privilegedGetProperty("java.security.debug");4849String args2 = GetPropertyAction50.privilegedGetProperty("java.security.auth.debug");5152if (args == null) {53args = args2;54} else {55if (args2 != null)56args = args + "," + args2;57}5859if (args != null) {60args = marshal(args);61if (args.equals("help")) {62Help();63}64}65}6667public static void Help()68{69System.err.println();70System.err.println("all turn on all debugging");71System.err.println("access print all checkPermission results");72System.err.println("certpath PKIX CertPathBuilder and");73System.err.println(" CertPathValidator debugging");74System.err.println("combiner SubjectDomainCombiner debugging");75System.err.println("gssloginconfig");76System.err.println(" GSS LoginConfigImpl debugging");77System.err.println("configfile JAAS ConfigFile loading");78System.err.println("configparser JAAS ConfigFile parsing");79System.err.println("jar jar verification");80System.err.println("logincontext login context results");81System.err.println("jca JCA engine class debugging");82System.err.println("keystore KeyStore debugging");83System.err.println("policy loading and granting");84System.err.println("provider security provider debugging");85System.err.println("pkcs11 PKCS11 session manager debugging");86System.err.println("pkcs11keystore");87System.err.println(" PKCS11 KeyStore debugging");88System.err.println("pkcs12 PKCS12 KeyStore debugging");89System.err.println("sunpkcs11 SunPKCS11 provider debugging");90System.err.println("scl permissions SecureClassLoader assigns");91System.err.println("securerandom SecureRandom");92System.err.println("ts timestamping");93System.err.println();94System.err.println("The following can be used with access:");95System.err.println();96System.err.println("stack include stack trace");97System.err.println("domain dump all domains in context");98System.err.println("failure before throwing exception, dump stack");99System.err.println(" and domain that didn't have permission");100System.err.println();101System.err.println("The following can be used with stack and domain:");102System.err.println();103System.err.println("permission=<classname>");104System.err.println(" only dump output if specified permission");105System.err.println(" is being checked");106System.err.println("codebase=<URL>");107System.err.println(" only dump output if specified codebase");108System.err.println(" is being checked");109System.err.println();110System.err.println("The following can be used with provider:");111System.err.println();112System.err.println("engine=<engines>");113System.err.println(" only dump output for the specified list");114System.err.println(" of JCA engines. Supported values:");115System.err.println(" Cipher, KeyAgreement, KeyGenerator,");116System.err.println(" KeyPairGenerator, KeyStore, Mac,");117System.err.println(" MessageDigest, SecureRandom, Signature.");118System.err.println();119System.err.println("The following can be used with certpath:");120System.err.println();121System.err.println("ocsp dump the OCSP protocol exchanges");122System.err.println("verbose verbose debugging");123System.err.println();124System.err.println("Note: Separate multiple options with a comma");125System.exit(0);126}127128129/**130* Get a Debug object corresponding to whether or not the given131* option is set. Set the prefix to be the same as option.132*/133134public static Debug getInstance(String option)135{136return getInstance(option, option);137}138139/**140* Get a Debug object corresponding to whether or not the given141* option is set. Set the prefix to be prefix.142*/143public static Debug getInstance(String option, String prefix)144{145if (isOn(option)) {146Debug d = new Debug();147d.prefix = prefix;148return d;149} else {150return null;151}152}153154/**155* True if the system property "security.debug" contains the156* string "option".157*/158public static boolean isOn(String option)159{160if (args == null)161return false;162else {163if (args.indexOf("all") != -1)164return true;165else166return (args.indexOf(option) != -1);167}168}169170/**171* Check if verbose messages is enabled for extra debugging.172*/173public static boolean isVerbose() {174return isOn("verbose");175}176177/**178* print a message to stderr that is prefixed with the prefix179* created from the call to getInstance.180*/181182public void println(String message)183{184System.err.println(prefix + ": "+message);185}186187/**188* print a message to stderr that is prefixed with the prefix189* created from the call to getInstance and obj.190*/191public void println(Object obj, String message)192{193System.err.println(prefix + " [" + obj.getClass().getSimpleName() +194"@" + System.identityHashCode(obj) + "]: "+message);195}196197/**198* print a blank line to stderr that is prefixed with the prefix.199*/200201public void println()202{203System.err.println(prefix + ":");204}205206/**207* print a message to stderr that is prefixed with the prefix.208*/209210public static void println(String prefix, String message)211{212System.err.println(prefix + ": "+message);213}214215/**216* PrintStream for debug methods. Currently only System.err is supported.217*/218public PrintStream getPrintStream() {219return System.err;220}221222/**223* return a hexadecimal printed representation of the specified224* BigInteger object. the value is formatted to fit on lines of225* at least 75 characters, with embedded newlines. Words are226* separated for readability, with eight words (32 bytes) per line.227*/228public static String toHexString(BigInteger b) {229String hexValue = b.toString(16);230StringBuilder sb = new StringBuilder(hexValue.length()*2);231232if (hexValue.startsWith("-")) {233sb.append(" -");234hexValue = hexValue.substring(1);235} else {236sb.append(" "); // four spaces237}238if ((hexValue.length()%2) != 0) {239// add back the leading 0240hexValue = "0" + hexValue;241}242int i=0;243while (i < hexValue.length()) {244// one byte at a time245sb.append(hexValue.substring(i, i + 2));246i+=2;247if (i!= hexValue.length()) {248if ((i%64) == 0) {249sb.append("\n "); // line after eight words250} else if (i%8 == 0) {251sb.append(" "); // space between words252}253}254}255return sb.toString();256}257258/**259* change a string into lower case except permission classes and URLs.260*/261private static String marshal(String args) {262if (args != null) {263StringBuilder target = new StringBuilder();264StringBuffer source = new StringBuffer(args);265266// obtain the "permission=<classname>" options267// the syntax of classname: IDENTIFIER.IDENTIFIER268// the regular express to match a class name:269// "[a-zA-Z_$][a-zA-Z0-9_$]*([.][a-zA-Z_$][a-zA-Z0-9_$]*)*"270String keyReg = "[Pp][Ee][Rr][Mm][Ii][Ss][Ss][Ii][Oo][Nn]=";271String keyStr = "permission=";272String reg = keyReg +273"[a-zA-Z_$][a-zA-Z0-9_$]*([.][a-zA-Z_$][a-zA-Z0-9_$]*)*";274Pattern pattern = Pattern.compile(reg);275Matcher matcher = pattern.matcher(source);276StringBuffer left = new StringBuffer();277while (matcher.find()) {278String matched = matcher.group();279target.append(matched.replaceFirst(keyReg, keyStr));280target.append(" ");281282// delete the matched sequence283matcher.appendReplacement(left, "");284}285matcher.appendTail(left);286source = left;287288// obtain the "codebase=<URL>" options289// the syntax of URL is too flexible, and here assumes that the290// URL contains no space, comma(','), and semicolon(';'). That291// also means those characters also could be used as separator292// after codebase option.293// However, the assumption is incorrect in some special situation294// when the URL contains comma or semicolon295keyReg = "[Cc][Oo][Dd][Ee][Bb][Aa][Ss][Ee]=";296keyStr = "codebase=";297reg = keyReg + "[^, ;]*";298pattern = Pattern.compile(reg);299matcher = pattern.matcher(source);300left = new StringBuffer();301while (matcher.find()) {302String matched = matcher.group();303target.append(matched.replaceFirst(keyReg, keyStr));304target.append(" ");305306// delete the matched sequence307matcher.appendReplacement(left, "");308}309matcher.appendTail(left);310source = left;311312// convert the rest to lower-case characters313target.append(source.toString().toLowerCase(Locale.ENGLISH));314315return target.toString();316}317318return null;319}320321public static String toString(byte[] b) {322if (b == null) {323return "(null)";324}325return HexFormat.ofDelimiter(":").formatHex(b);326}327328}329330331