FCL/sf/app/jrt: javacommons/security/javasrc/com/nokia/mj/impl/security/midp/authentication/AuthenticationModule.java@773449708c84 (annotated)

21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1	/*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2	* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	3	* All rights reserved.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	4	* This component and the accompanying materials are made available
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	5	* under the terms of "Eclipse Public License v1.0"
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	6	* which accompanies this distribution, and is available
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	8	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	9	* Initial Contributors:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	10	* Nokia Corporation - initial contribution.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	11	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	12	* Contributors:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	13	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	14	* Description:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	15	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	16	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	17
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	18	package com.nokia.mj.impl.security.midp.authentication;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	19
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	20	import com.nokia.mj.impl.utils.Uid;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	21	import com.nokia.mj.impl.utils.Tokenizer;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	22	import com.nokia.mj.impl.security.common.InstallerSecurityException;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	23	import com.nokia.mj.impl.security.common.RuntimeSecurityException;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	24	import com.nokia.mj.impl.utils.InstallerDetailedErrorMessage;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	25	import com.nokia.mj.impl.utils.InstallerErrorMessage;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	26	import com.nokia.mj.impl.utils.OtaStatusCode;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	27	import com.nokia.mj.impl.security.utils.SecurityErrorMessage;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	28	import com.nokia.mj.impl.security.utils.SecurityDetailedErrorMessage;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	29	import com.nokia.mj.impl.security.utils.TelUtils;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	30	import com.nokia.mj.impl.security.midp.common.AuthenticationCredentials;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	31	import com.nokia.mj.impl.security.midp.common.AuthenticationInfo;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	32	import com.nokia.mj.impl.security.midp.common.AuthenticationAttribute;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	33	import com.nokia.mj.impl.security.midp.common.SecurityAttributes;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	34	import com.nokia.mj.impl.security.common.Certificate;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	35	import com.nokia.mj.impl.security.common.SecurityCommsMessages;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	36	import com.nokia.mj.impl.security.midp.common.ProtectionDomain;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	37	import com.nokia.mj.impl.security.midp.common.SigningCertificate;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	38	import com.nokia.mj.impl.security.midp.common.SigningInfo;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	39	import com.nokia.mj.impl.security.midp.common.GeneralSecuritySettings;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	40	import com.nokia.mj.impl.security.midp.storage.*;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	41	import com.nokia.mj.impl.storage.StorageSession;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	42	import com.nokia.mj.impl.rt.support.Jvm;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	43	import com.nokia.mj.impl.rt.support.ApplicationInfo;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	44	import com.nokia.mj.impl.security.utils.Logger;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	45	import com.nokia.mj.impl.comms.CommsEndpoint;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	46	import com.nokia.mj.impl.comms.CommsMessage;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	47	import com.nokia.mj.impl.comms.exception.CommsException;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	48	import com.nokia.mj.impl.fileutils.DriveUtilities;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	49	import com.nokia.mj.impl.fileutils.DriveInfo;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	50	import java.util.Hashtable;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	51	import java.util.Vector;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	52
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	53	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	54	* MIDP authentication is build around X.509 Public Key Infrastructure so that
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	55	* MIDlet suites are signed using public key certificates and therefore
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	56	* authenticated by verifying the authenticity of the MIDlet suite's signing
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	57	* certificates with the help of trusted (root) certificates.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	58	* As a result of authentication a MIDlet suite is bound to a protection domain
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	59	* which will be used as a criteria for granting the MIDlet access to protected
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	60	* functionality.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	61	* This class is used for authenticating MIDlet suites.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	62	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	63	public final class AuthenticationModule
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	64	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	65	static
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	66	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	67	Jvm.loadSystemLibrary("javasecurity");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	68	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	69
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	70	/*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	71	* Hashtable containing the all of the authentication credentials
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	72	* of different aplications being installed
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	73	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	74	private Hashtable iAuthCredentials;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	75
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	76	/*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	77	* Hashtable containing the selected authentication credentials of
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	78	* different aplications being installed
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	79	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	80	private Hashtable iSelectedAuthCredentials;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	81
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	82	/*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	83	* Hashtable containing the ocsp checkers corresponding to
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	84	* installation of various MIDlet suites
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	85	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	86	private Hashtable iOcspCheckers;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	87
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	88	/*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	89	* Hashtable containing the ocsp event listeners corresponding to
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	90	* ocsp checks of various MIDlet suites
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	91	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	92	private Hashtable iOcspEventListeners;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	93
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	94	// self
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	95	private static AuthenticationModule self;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	96
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	97	// data structure which holds the flags about different suites
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	98	// being legacy suites or not; the flag info is available at
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	99	// authentication JAD operation time, but not available at
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	100	// authentication JAR operation time -> this hashtable carries
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	101	// the flag between authenticating JAD and JAR operations for
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	102	// same suite
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	103	private static Hashtable iLegacySuiteFlags = new Hashtable();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	104
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	105	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	106	* The ocsp settings
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	107	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	108	private static OcspSettings iOcspSettings;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	109	private static OcspUserPreferences iOcspUserPreferences;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	110
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	111	/*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	112	* The security warnings mode
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	113	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	114	private static int iSecurityWarningsMode = GeneralSecuritySettings.UNINITIALIZED_SECURITY_MODE;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	115
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	116	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	117	* Creates an instance of the AuthenticationModule
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	118	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	119	* @return An instance of AuthenticationModule
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	120	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	121	public static AuthenticationModule getInstance()
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	122	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	123	if (self == null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	124	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	125	self = new AuthenticationModule();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	126	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	127	return self;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	128	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	129
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	130	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	131	* Authenticates a certain MIDlet suite. This method is called
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	132	* when/if the JAD is available
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	133	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	134	* @param msUID the UID if the MIDlet suite being authenticated
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	135	* @param oldMSUID the UID if the MIDlet suite being updated
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	136	* (if applicable)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	137	* @param authInfo the authentication info based on which the MIDlet suite
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	138	* is authenticated
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	139	* @return a set of credentials assigned to the MIDlet suite
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	140	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	141	public AuthenticationCredentials[] authenticateJad(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	142	Uid msUID,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	143	Uid oldMSUID,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	144	AuthenticationInfo[] authInfo)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	145	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	146	Vector allAuthCredentials = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	147	if (authInfo == null \|\| authInfo.length == 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	148	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	149	// this is untrusted MIDlet -> save the protection domain only
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	150	allAuthCredentials = verifyUpdate(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	151	new Credentials[] {new Credentials("UnidentifiedThirdParty",
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	152	ApplicationInfo.UNIDENTIFIED_THIRD_PARTY_DOMAIN,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	153	null, null, -1, null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	154	}, oldMSUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	155	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	156	else
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	157	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	158	try
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	159	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	160	// save all the credentials as candidates -> after having the JAR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	161	// based on its hash we will select the protection_domain,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	162	// root_hash and the validated_chain_indexes
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	163	allAuthCredentials = verifyUpdate(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	164	authInfo[0].getLegacyInfo(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	165	_validateChainsAndSignatures(authInfo), oldMSUID,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	166	true /* order the result */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	167	// start an OCSP client if the ocsp checks are enabled
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	168	if (performOcsp())
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	169	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	170	// start the OCSP checks for all the succesfully validated chains
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	171	if (allAuthCredentials.size() > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	172	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	173	OcspData[] ocspData = new OcspData[allAuthCredentials.size()];
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	174	for (int i=0; i<allAuthCredentials.size(); i++)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	175	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	176	Credentials authCredentials =
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	177	(Credentials)allAuthCredentials.elementAt(i);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	178	// need to add the root the to chain when doing the ocsp checks
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	179	String[] certChain = authInfo[(authCredentials
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	180	.validatedChainIndex - 1)].getCertChain();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	181	String root = getRoot(authCredentials.rootHashValue);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	182	if (root != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	183	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	184	String[] completeCertChain =
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	185	new String[certChain.length + 1];
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	186	int j;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	187	for (j=0; j<certChain.length; j++)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	188	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	189	completeCertChain[j] = certChain[j];
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	190	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	191	completeCertChain[j] = root;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	192	certChain = completeCertChain;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	193	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	194	ocspData[i] = new OcspData(certChain);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	195	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	196	// build the ocspChecker with the newly built cert chains
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	197	OcspChecker ocspChecker = new OcspChecker(ocspData,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	198	iOcspSettings,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	199	iOcspUserPreferences,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	200	(OcspEventListener)iOcspEventListeners.get(msUID));
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	201	iOcspCheckers.put(msUID, ocspChecker);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	202	// start the OCSP check
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	203	ocspChecker.start();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	204	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	205	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	206	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	207	catch (AuthenticationException e)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	208	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	209	Logger.log(e);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	210	switch (e.getErrorCode())
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	211	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	212	case AuthenticationException.CONNECTION_TO_CAPTAIN_FAILED:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	213	case AuthenticationException.SENDING_MSG_TO_CAPTAIN_FAILED:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	214	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	215	InstallerErrorMessage.INST_UNEXPECTED_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	216	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	217	InstallerDetailedErrorMessage.INTERNAL_ERROR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	218	new String[] {"Internal communication problem."},
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	219	OtaStatusCode.INTERNAL_ERROR);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	220	case AuthenticationException.CERT_VERIFICATION_FAILED:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	221	case AuthenticationException.CERT_NOT_YET_VALID:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	222	case AuthenticationException.CERT_EXPIRED:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	223	case AuthenticationException.ROOT_CERT_IN_CHAIN:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	224	case AuthenticationException.MISSING_ROOT:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	225	case AuthenticationException.UNKNOWN_EXT_KEY_USAGE:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	226	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	227	InstallerErrorMessage.INST_AUTHENTICATION_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	228	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	229	InstallerDetailedErrorMessage.CERT_UNSUPPORTED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	230	null, /* no params for detailed msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	231	OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	232	case AuthenticationException.SIG_VERIFICATION_FAILED:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	233	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	234	InstallerErrorMessage.INST_AUTHORIZATION_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	235	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	236	InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	237	new String[] {AuthenticationAttribute
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	238	.SECOND_LEGACY_ATTRIBUTE_NAME
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	239	},
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	240	OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	241	case AuthenticationException.MISSING_DOMAIN_MAPPING:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	242	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	243	InstallerErrorMessage.INST_AUTHORIZATION_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	244	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	245	InstallerDetailedErrorMessage.CERT_UNSUPPORTED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	246	null, /* no params for detailed msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	247	OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	248	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	249	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	250	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	251	iAuthCredentials.put(msUID, allAuthCredentials);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	252	Credentials[] credentials = new Credentials[allAuthCredentials.size()];
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	253	allAuthCredentials.copyInto(credentials);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	254	Logger.logAuthenticationCredentials(allAuthCredentials);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	255	return credentials;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	256	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	257
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	258	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	259	* Authenticates a certain MIDlet suite. This method is called
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	260	* when the JAR is available
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	261	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	262	* @param storageSession the JavaStorage session to be used when
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	263	* storing security data
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	264	* @param msUID the UID if the MIDlet suite being authenticated
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	265	* @param oldMSUID the UID if the MIDlet suite being updated
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	266	* (if applicable)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	267	* @param appJARPath the path to the JAR being authenticated
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	268	*/
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	269	public AuthenticationCredentials[] authenticateJar(
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	270	Uid msUID,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	271	Uid oldMSUID,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	272	String appJARPath,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	273	boolean drmContent)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	274	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	275	AuthenticationStorageData data = null;
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	276	Credentials selectedCredentials = null;
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	277	try
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	278	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	279	Vector allAuthCredentials = (Vector)iAuthCredentials.get(msUID);
48 e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	280	String jarHash = null;
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	281	try
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	282	{
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	283	jarHash = _computeHash(appJARPath);
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	284	}catch(AuthenticationException e) {}
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	285	if (jarHash == null \|\| jarHash.length() == 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	286	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	287	// could not compute hash for the given application
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	288	Logger.logWarning("Could not compute hash for " + appJARPath);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	289	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	290	InstallerErrorMessage.INST_UNEXPECTED_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	291	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	292	InstallerDetailedErrorMessage.INTERNAL_ERROR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	293	new String[] {"Could not compute hash for " + appJARPath},
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	294	OtaStatusCode.INTERNAL_ERROR);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	295	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	296	if (allAuthCredentials == null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	297	\|\| (allAuthCredentials.size() == 1
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	298	&& ((Credentials)allAuthCredentials.elementAt(0))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	299	.getProtectionDomainCategory().equals(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	300	ApplicationInfo.UNIDENTIFIED_THIRD_PARTY_DOMAIN)))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	301	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	302	data = new AuthenticationStorageData(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	303	"UnidentifiedThirdParty",
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	304	ApplicationInfo.UNIDENTIFIED_THIRD_PARTY_DOMAIN,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	305	jarHash,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	306	null /rootHashValue/,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	307	null /validatedChainIndexes/,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	308	null /* jarPath*/,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	309	iSecurityWarningsMode);
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	310	selectedCredentials = new Credentials(
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	311	data.getProtectionDomain(),
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	312	data.getProtectionDomainCategory(),
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	313	jarHash,
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	314	null /* root hash */,
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	315	-1 /* validated chain index*/,
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	316	null /* signing cert */);
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	317	verifyUpdate(
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	318	new Credentials[] {selectedCredentials},
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	319	oldMSUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	320	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	321	else
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	322	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	323	// get the authentication credential candidates and select the right
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	324	// domain/root_hash and validated_chain_index based on the hash of
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	325	// the JAR
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	326	String protectionDomainName = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	327	String protectionDomainCategory = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	328	String jarHashValue = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	329	String rootHashValue = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	330	Vector validatedChainIndexes = new Vector();
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	331	selectedCredentials = selectCredentials(jarHash, allAuthCredentials, validatedChainIndexes);
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	332	if (selectedCredentials == null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	333	\|\| selectedCredentials.getProtectionDomainName() == null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	334	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	335	if (!drmContent)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	336	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	337	Logger.logWarning("Signature verification failure: the computed and the decrypted JAR hashes do not match");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	338	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	339	InstallerErrorMessage.INST_AUTHORIZATION_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	340	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	341	InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	342	new String[] {AuthenticationAttribute
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	343	.SECOND_LEGACY_ATTRIBUTE_NAME
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	344	},
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	345	OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	346	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	347	else
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	348	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	349	// give it one more try
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	350	String drmJarHash = _drmDecryptAndComputeHash(appJARPath);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	351	validatedChainIndexes.removeAllElements();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	352	selectedCredentials = selectCredentials(drmJarHash, allAuthCredentials, validatedChainIndexes);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	353	if (selectedCredentials == null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	354	\|\| selectedCredentials.getProtectionDomainName() == null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	355	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	356	Logger.logWarning("Signature verification failure: the computed and the decrypted JAR hashes do not match");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	357	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	358	InstallerErrorMessage.INST_AUTHORIZATION_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	359	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	360	InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	361	new String[] {AuthenticationAttribute
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	362	.SECOND_LEGACY_ATTRIBUTE_NAME
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	363	},
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	364	OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	365	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	366	// re-set the jar hash to the hash of what acts as JAR
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	367	// (not the JAR from inside the DRM content), so no
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	368	// need to do the DRM decrypting when doing the
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	369	// tamper detection at runtime
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	370	selectedCredentials.jarHashValue = jarHash;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	371	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	372	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	373	data = new AuthenticationStorageData(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	374	selectedCredentials.getProtectionDomainName(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	375	selectedCredentials.getProtectionDomainCategory(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	376	selectedCredentials.jarHashValue,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	377	selectedCredentials.rootHashValue,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	378	validatedChainIndexes,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	379	iSecurityWarningsMode);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	380	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	381	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	382	finally
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	383	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	384	// remove all the auth credentials with the selection
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	385	if (data != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	386	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	387	iSelectedAuthCredentials.put(msUID, data);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	388	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	389	}
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	390	return new AuthenticationCredentials[] {selectedCredentials};
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	391	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	392
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	393	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	394	*/
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	395	public AuthenticationCredentials[] authenticateJar(
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	396	Uid uid,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	397	Uid oldUid,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	398	ProtectionDomain protectionDomain,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	399	String appJARPath)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	400	{
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	401	Credentials selectedCredentials = null;
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	402	if (protectionDomain == null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	403	\|\| (!protectionDomain.equals(ProtectionDomain.getManufacturerDomain())
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	404	&& !protectionDomain.equals(ProtectionDomain.getOperatorDomain())
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	405	&& !protectionDomain.equals(ProtectionDomain.getIdentifiedThirdPartyDomain())
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	406	&& !protectionDomain.equals(ProtectionDomain.getUnidentifiedThirdPartyDomain())))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	407	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	408	Logger.logWarning("Unknown protection domain " + protectionDomain);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	409	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	410	InstallerErrorMessage.INST_UNEXPECTED_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	411	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	412	InstallerDetailedErrorMessage.INTERNAL_ERROR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	413	new String[] {"Unknown protection domain " + protectionDomain},
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	414	OtaStatusCode.INTERNAL_ERROR);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	415	}
48 e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	416	String jarHash = null;
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	417	try
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	418	{
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	419	jarHash = _computeHash(appJARPath);
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	420	}catch(AuthenticationException e) {}
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	421	if (jarHash == null \|\| jarHash.length() == 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	422	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	423	// could not compute hash for the given application
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	424	Logger.logWarning("Could not compute hash for " + appJARPath);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	425	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	426	InstallerErrorMessage.INST_UNEXPECTED_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	427	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	428	InstallerDetailedErrorMessage.INTERNAL_ERROR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	429	new String[] {"Could not compute hash for " + appJARPath},
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	430	OtaStatusCode.INTERNAL_ERROR);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	431	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	432	AuthenticationStorageData data = new AuthenticationStorageData(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	433	protectionDomain.getName(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	434	protectionDomain.getCategory(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	435	jarHash,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	436	null /rootHashValue/,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	437	null /validatedChainIndexes/,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	438	null /* jarPath*/,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	439	iSecurityWarningsMode);
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	440	selectedCredentials = new Credentials(
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	441	data.getProtectionDomain(),
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	442	data.getProtectionDomainCategory(),
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	443	jarHash,
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	444	null /* root hash */,
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	445	-1 /* validated chain index*/,
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	446	null /* signing cert */);
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	447	verifyUpdate(
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	448	new Credentials[] {selectedCredentials},
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	449	oldUid);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	450
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	451	iSelectedAuthCredentials.put(uid, data);
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	452
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	453	return new AuthenticationCredentials[] {selectedCredentials};
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	454	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	455
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	456	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	457	* Registers a listener for ocsp events corresponding to the
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	458	* installation of a certain MIDlet suite
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	459	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	460	* @param aMsUid the uid of the MIDlet suite on behalf
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	461	* of which the listener is registered
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	462	* @param aListener the ocsp events listener
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	463	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	464	public void registerOcspEventListener(Uid aMsUid,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	465	OcspEventListener aListener)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	466	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	467	if (aMsUid != null && aListener != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	468	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	469	Logger.log("OcspEventListener registered on behalf of the suite " + aMsUid.toString());
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	470	iOcspEventListeners.put(aMsUid, aListener);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	471	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	472	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	473
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	474	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	475	* Unregisters the listener for ocsp events corresponding to the
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	476	* installation of a certain MIDlet suite
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	477	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	478	* @param aMsUid the uid of the MIDlet suite on behalf
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	479	* of which the listener is unregistered
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	480	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	481	public void unregisterOcspEventListener(Uid aMsUid)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	482	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	483	if (aMsUid != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	484	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	485	Logger.log("OcspEventListener unregistered on behalf of the suite " + aMsUid.toString());
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	486	iOcspEventListeners.remove(aMsUid);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	487	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	488	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	489
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	490	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	491	* Cancels any Ocsp checks (if any)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	492	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	493	* @param msUid the UID if the MIDlet suite oh whose behalf the ocsp
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	494	* checks are canceled
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	495	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	496	public void cancelOcspCheck(Uid msUid)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	497	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	498	OcspChecker ocspChecker = (OcspChecker)iOcspCheckers.get(msUid);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	499	if (ocspChecker != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	500	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	501	ocspChecker.cancel();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	502	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	503	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	504
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	505	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	506	* Returns the signing info of certain application suite
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	507	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	508	* @param aAppSuiteName the name of the application suite for which the
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	509	signing info is queried
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	510	* @param aAppSuiteVersion the version of the application suite for which
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	511	* the signing info is queried
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	512	* @param aAppSuiteVendor the vendor of the application suite for which
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	513	the signing info is queried
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	514	* @return The signing info if the queried application
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	515	* suite has been signed or NULL otherwise
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	516	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	517	public SigningInfo getSigningInfo(String aAppSuiteName,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	518	String aAppSuiteVersion,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	519	String aAppSuiteVendor)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	520	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	521	SecurityStorage storage = new SecurityStorage();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	522	try
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	523	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	524	AuthenticationStorageData authData = storage.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	525	readAuthenticationStorageData(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	526	aAppSuiteName, aAppSuiteVersion, aAppSuiteVendor,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	527	SecurityStorage.AUTHENTICATION_DOMAIN_NAME_QUERY
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	528	\| SecurityStorage.AUTHENTICATION_DOMAIN_CATEGORY_QUERY
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	529	\| SecurityStorage.AUTHENTICATION_ROOT_HASH_QUERY);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	530	if (authData != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	531	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	532	Certificate signingCert = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	533	Certificate rootCert = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	534	AppAccessAuthorizationStorageData appAccesAuthData = storage
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	535	.readAppAccessAuthorizationStorageData(aAppSuiteName,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	536	aAppSuiteVersion, aAppSuiteVendor,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	537	SecurityStorage.APP_ACCESS_AUTH_SIGNERS_LIST_QUERY);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	538	if (appAccesAuthData != null && appAccesAuthData.getSignersList() != null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	539	&& appAccesAuthData.getSignersList().length > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	540	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	541	signingCert = _parseCertificate(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	542	appAccesAuthData.getSignersList()[0]);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	543	rootCert = _getRootCertificate(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	544	authData.getRootHashValue());
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	545	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	546	return new SigningInfo(signingCert, rootCert,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	547	new ProtectionDomain(authData.getProtectionDomain(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	548	authData.getProtectionDomainCategory()));
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	549	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	550	return null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	551	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	552	finally
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	553	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	554	storage.close();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	555	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	556	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	557
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	558
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	559	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	560	* Removes all the security data related to a certain MIDlet suite
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	561	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	562	* @param sessionID the JavaStorage session to be used when
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	563	* removing the security data
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	564	* @param msUID the UID if the MIDlet suite whose security data is
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	565	* being removed
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	566	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	567	public void removeSecurityData(StorageSession storageSession, Uid msUID)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	568	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	569	Logger.log("Remove authentication data");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	570	SecurityStorage storage = new SecurityStorage(storageSession);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	571	storage.removeAuthenticationStorageData(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	572	// clean the caches as well
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	573	iAuthCredentials.remove(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	574	iSelectedAuthCredentials.remove(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	575	iLegacySuiteFlags.remove(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	576	OcspChecker ocspChecker = (OcspChecker)iOcspCheckers.remove(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	577	if (ocspChecker != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	578	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	579	ocspChecker.destroy();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	580	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	581	iOcspEventListeners.remove(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	582	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	583
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	584	/**
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	585	* Writes to storage all the security data related to a certain MIDlet suite
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	586	*
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	587	* @param sessionID the JavaStorage session to be used when
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	588	* writing the security data into storage
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	589	* @param msUID the UID if the MIDlet suite whose security data is
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	590	* being written
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	591	*/
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	592	public void addSecurityData(StorageSession storageSession, Uid msUID, Uid oldMsUID)
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	593	{
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	594	Logger.log("Write authentication data to storage");
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	595	AuthenticationStorageData authStorageData =
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	596	(AuthenticationStorageData)iSelectedAuthCredentials.remove(
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	597	msUID);
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	598	writeAuthenticationStorageData(storageSession, msUID, authStorageData,
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	599	(oldMsUID != null && oldMsUID.equals(msUID)));
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	600	}
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	601
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	602	/**
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	603	* Returns the details of the certificates used for authenticating a
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	604	* MIDlet suite. This method is used at installation time.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	605	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	606	* @param sessionID the JavaStorage session to be used when
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	607	* retrieving the certificates details
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	608	* @param msUID the UID if the MIDlet suite whose certificate details
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	609	* are queried
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	610	* @return the details of the certificate used for authenticating
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	611	* the MIDlet suite or null if the details are not
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	612	* available
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	613	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	614	public SigningCertificate[] getCertificatesDetails(StorageSession storageSession, Uid msUID)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	615	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	616	Vector allAuthCredentials = (Vector)iAuthCredentials.get(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	617	SigningCertificate[] certDetails = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	618	if (allAuthCredentials != null && allAuthCredentials.size() > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	619	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	620	Vector vCertDetails = new Vector();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	621	for (int i=0; i<allAuthCredentials.size(); i++)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	622	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	623	Credentials credentials = ((Credentials)allAuthCredentials
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	624	.elementAt(i));
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	625	Certificate cert = credentials.signingCert;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	626	if (cert != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	627	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	628	vCertDetails.addElement(new SigningCertificate(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	629	cert, credentials.rootHashValue,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	630	credentials.getProtectionDomainName(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	631	credentials.getProtectionDomainCategory()));
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	632	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	633	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	634	if (vCertDetails.size() > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	635	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	636	certDetails = new SigningCertificate[vCertDetails.size()];
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	637	vCertDetails.copyInto(certDetails);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	638	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	639	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	640	else
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	641	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	642	// if cert details are not found in cache, retrieve the signing
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	643	// certificate from storage and extract the details from it
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	644	SecurityStorage storage = new SecurityStorage(storageSession);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	645	SigningCertificate signingCertificate = retrieveSigningCertificate(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	646	storage, msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	647	if (signingCertificate != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	648	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	649	certDetails = new SigningCertificate[1];
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	650	certDetails[0] = signingCertificate;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	651	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	652	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	653	return certDetails;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	654	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	655
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	656	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	657	* Returns the protection domain info of a certain MIDlet suite. This
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	658	* method is used at uninstallation time.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	659	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	660	* @param sessionID the JavaStorage session to be used when
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	661	* retrieving the domain category
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	662	* @param msUID the UID if the MIDlet suite whose protection
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	663	* domain info is queried
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	664	* @param one of the constants defined in ApplicationInfo
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	665	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	666	public String getProtectionDomainCategory(StorageSession storageSession, Uid msUID)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	667	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	668	SecurityStorage storage = new SecurityStorage(storageSession);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	669	return storage.readProtectionDomainCategory(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	670	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	671
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	672	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	673	* Notification about the media where a certain MIDlet suite is installed.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	674	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	675	* @param aStorageSession the JavaStorage session to be used when/if
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	676	* making storage operations related to this
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	677	* notification
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	678	* @param aMsUid the UID of the MIDlet suite whose media info is
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	679	* notified
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	680	* @param aMediaId the identifier of the media where the MIDlet
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	681	* suite is installed
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	682	*/
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	683	public void setMediaId(Uid aMsUid, int aMediaId)
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	684	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	685	// store the jar hash only if the suite was installed on a non-protected media
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	686	if (isDriveProtected(aMediaId))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	687	{
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	688	AuthenticationStorageData authStorageData =
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	689	(AuthenticationStorageData)iSelectedAuthCredentials.get(
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	690	aMsUid);
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	691	if (authStorageData != null)
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	692	{
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	693	Logger.log("Suite installed on protected media -> the runtime tamper detection is disabled");
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	694	authStorageData.setJarHashValue(null);
773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	695	iSelectedAuthCredentials.put(aMsUid, authStorageData);
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	696	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	697	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	698	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	699
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	700	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	701	* Setter for the OCSP settings
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	702	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	703	public void setOCSPFlags(OcspSettings ocspSettings)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	704	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	705	Logger.log("Ocsp settings = " + ocspSettings.toString());
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	706	iOcspSettings = ocspSettings;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	707	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	708
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	709	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	710	* Performs a cleanup (e.g. on cached data)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	711	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	712	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	713	public void cleanup()
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	714	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	715	Logger.log("Cleanup authentication module cache");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	716	iAuthCredentials.clear();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	717	iSelectedAuthCredentials.clear();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	718	iLegacySuiteFlags.clear();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	719	iOcspCheckers.clear();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	720	iOcspEventListeners.clear();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	721	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	722
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	723	/**
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	724	* Verifies the authenticity of MIDlet suites
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	725	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	726	* @param msUid The Uid of the MIDlet suite whose authenticity
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	727	* is verified
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	728	* @param authStorageData The stored authentication data assigned to the
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	729	* MIDlet suite whose authenticity is verified
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	730	*
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	731	*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	732	public void verifyMIDletSuiteAuthenticity(Uid msUid, AuthenticationStorageData authStorageData)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	733	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	734	Logger.log("Verifying the authenticity of the suite " + msUid.toString());
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	735	// for the operator MIDlets, check if there are any network restrictions
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	736	if (ApplicationInfo.OPERATOR_DOMAIN.equals(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	737	authStorageData.getProtectionDomainCategory()))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	738	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	739	Logger.log(" Checking network restrictions for operator signed suites");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	740	// get the restrictions from storage
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	741	SecurityStorage storage = new SecurityStorage();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	742	String networkRestrictions = storage.readNetworkRestrictions(msUid);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	743	storage.close();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	744	if (networkRestrictions != null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	745	&& networkRestrictions.length() > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	746	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	747	// get the real network codes
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	748	TelUtils.NetworkCodes networkCodes = TelUtils.getNetworkCodes();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	749	boolean found = false;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	750	if (networkCodes != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	751	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	752	Logger.log(" Network restrictions: " + networkRestrictions);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	753	Logger.log(" Network codes: mcc(" + networkCodes.mcc + ") mnc(" + networkCodes.mnc + ")");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	754	// go through the list of restrictions and try to find a match
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	755	// the list of restrictions is a space-separated list of MCC-MNC*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	756	String[] tuples = Tokenizer.split(networkRestrictions, " ");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	757	if (tuples != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	758	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	759	for (int i=0; i<tuples.length; i++)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	760	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	761	int mccEndPos = tuples[i].indexOf('-');
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	762	String mcc = tuples[i].substring(0, mccEndPos);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	763	String mnc = tuples[i].substring(mccEndPos + 1);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	764	if (mcc.equals(networkCodes.mcc)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	765	&& mnc.equals(networkCodes.mnc))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	766	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	767	found = true;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	768	break;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	769	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	770	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	771	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	772	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	773	if (!found)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	774	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	775	Logger.logWarning(" -> the network restrictions are violated");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	776	throw new RuntimeSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	777	SecurityErrorMessage.NETWORK_RESTRICTION_VIOLATION,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	778	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	779	SecurityDetailedErrorMessage.NETWORK_RESTRICTION_VIOLATION,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	780	null /* no params for detailed msg */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	781	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	782	Logger.log(" -> the network restrictions are obeyed");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	783	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	784	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	785
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	786	// check the root validity (if applicable)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	787	if (authStorageData.getRootHashValue() != null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	788	&& authStorageData.getRootHashValue().length() > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	789	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	790	Logger.log(" Checking validity of the root certificate used in authentication");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	791	switch (retrieveRootState(authStorageData.getRootHashValue()))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	792	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	793	case SecurityCommsMessages.JAVA_CERT_STORE_STATE_ENABLED:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	794	// ok -> just go on
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	795	Logger.log(" Root ok");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	796	break;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	797	case SecurityCommsMessages.JAVA_CERT_STORE_STATE_DISABLED:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	798	Logger.logWarning(" Root disabled");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	799	throw new RuntimeSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	800	SecurityErrorMessage.CERT_NOT_AVAILABLE,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	801	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	802	SecurityDetailedErrorMessage.CERT_DISABLED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	803	null /* no params for detailed msg */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	804	case SecurityCommsMessages.JAVA_CERT_STORE_STATE_DELETED:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	805	Logger.logWarning(" Root deleted");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	806	throw new RuntimeSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	807	SecurityErrorMessage.CERT_NOT_AVAILABLE,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	808	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	809	SecurityDetailedErrorMessage.CERT_DELETED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	810	null /* no params for detailed msg */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	811	case SecurityCommsMessages.JAVA_CERT_STORE_STATE_NOT_PRESENT:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	812	Logger.logWarning(" Root not available");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	813	throw new RuntimeSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	814	SecurityErrorMessage.CERT_NOT_AVAILABLE,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	815	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	816	SecurityDetailedErrorMessage.SIM_CHANGED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	817	null /* no params for detailed msg */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	818	case SecurityCommsMessages.JAVA_CERT_STORE_STATE_UNKNOWN:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	819	Logger.logWarning(" Root unknown");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	820	throw new RuntimeSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	821	SecurityErrorMessage.CERT_NOT_AVAILABLE,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	822	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	823	SecurityDetailedErrorMessage.UNIDENTIFIED_APPLICATION,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	824	null /* no params for detailed msg */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	825	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	826	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	827
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	828	if (authStorageData.getJarPath() == null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	829	\|\| authStorageData.getJarPath().length() == 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	830	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	831	Logger.logWarning(" JarPath not available");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	832	throw new RuntimeSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	833	SecurityErrorMessage.UNEXPECTED_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	834	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	835	SecurityDetailedErrorMessage.UNIDENTIFIED_APPLICATION,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	836	null /* no params for detailed msg */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	837	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	838
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	839	// do the tamper detection
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	840	if (authStorageData.getJarHashValue() != null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	841	&& authStorageData.getJarHashValue().length() > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	842	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	843	Logger.log(" Doing tamper detection");
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	844	String computedJarHash = null;
48 e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	845	try
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	846	{
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	847	computedJarHash = _computeHash(authStorageData.getJarPath());
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	848	}catch(AuthenticationException e)
48 e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	849	{
69 773449708c84 Revision: v2.2.11 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 48 diff changeset	850	if (e.getErrorCode()
48 e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	851	== AuthenticationException.JAR_NOT_FOUND)
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	852	{
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	853	Logger.logWarning(" Jar not found while trying to compute hash");
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	854	throw new RuntimeSecurityException(
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	855	SecurityErrorMessage.JAR_NOT_FOUND,
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	856	null, /* no params for short msg */
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	857	SecurityDetailedErrorMessage.JAR_NOT_FOUND,
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	858	null /* no params for detailed msg */);
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	859	}
e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	860	}
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	861	// do the tampering check: compute the hash and compare it with the stored hash
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	862	if (computedJarHash == null \|\| !computedJarHash.equals(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	863	authStorageData.getJarHashValue()))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	864	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	865	Logger.logWarning(" Application has been tampered");
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	866	throw new RuntimeSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	867	SecurityErrorMessage.JAR_TAMPERED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	868	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	869	SecurityDetailedErrorMessage.JAR_TAMPERED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	870	null /* no params for detailed msg */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	871	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	872	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	873	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	874
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	875	private AuthenticationModule()
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	876	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	877	iAuthCredentials = new Hashtable();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	878	iSelectedAuthCredentials = new Hashtable();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	879	iOcspCheckers = new Hashtable();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	880	iOcspEventListeners = new Hashtable();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	881	// default ocsp settings
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	882	iOcspSettings = new OcspSettings(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	883	OcspSettings.OCSP_MODE_UNDEFINED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	884	OcspSettings.OCSP_WARNING_UNDEFINED,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	885	false /* silent*/,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	886	"0" /* iap */,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	887	"0" /* snap */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	888	iOcspUserPreferences = new OcspUserPreferences();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	889	iSecurityWarningsMode = GeneralSecuritySettings
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	890	.getDefaultSecurityWarningsMode();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	891	Logger.log("Ocsp user preferences = " + iOcspUserPreferences.toString());
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	892	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	893
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	894	private SigningCertificate retrieveSigningCertificate(SecurityStorage storage, Uid msUID)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	895	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	896	SigningCertificate signingCertificate = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	897	AppAccessAuthorizationStorageData authData = storage
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	898	.readAppAccessAuthorizationStorageData(msUID,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	899	SecurityStorage.APP_ACCESS_AUTH_SIGNERS_LIST_QUERY);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	900	if (authData != null && authData.getSignersList() != null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	901	&& authData.getSignersList().length > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	902	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	903	Certificate cert = _parseCertificate(authData
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	904	.getSignersList()[0]);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	905	if (cert != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	906	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	907	AuthenticationStorageData signingData = storage.
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	908	readAuthenticationStorageData(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	909	signingCertificate = new SigningCertificate(cert,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	910	signingData.getRootHashValue(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	911	signingData.getProtectionDomain(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	912	signingData.getProtectionDomainCategory());
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	913	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	914	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	915	return signingCertificate;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	916	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	917
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	918	private Vector verifyUpdate(Credentials[] credentials, Uid oldMSUID)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	919	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	920	return verifyUpdate(isLegacySuite(oldMSUID), credentials, oldMSUID, false /* don't order the returned credentials */);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	921	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	922
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	923	// Security rules for update:
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	924	// 1. the old and the new MIDlet suites must be bound to the same
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	925	// protection domain
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	926	// 2. Only for MIDP3 MIDlets, the the old and the new MIDlet
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	927	// suites MUST share at least one common signer (for legacy MIDlets
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	928	// it is ok not to share a common signer, case in which the update
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	929	// is decided by the user)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	930	//
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	931	// Common signer is defined as matching the Organization field
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	932	// within the Subject field of the signing certificate of MIDlet
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	933	// Suite update and the signing certificate of the original MIDlet
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	934	// Suite, where the signing certificates are validated against
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	935	// the same Protection Domain Root Certificate)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	936	//
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	937	// This method discards the credentials which do not obey the rules
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	938	// mentioned above and returns either all credentials which have same
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	939	// signer OR all credentials which do NOT have same signer,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	940	// but not any combination
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	941	private Vector verifyUpdate(boolean legacyMIDletSuite, Credentials[] credentials, Uid oldMSUID, boolean orderResult)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	942	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	943	Vector allCredentials = new Vector(credentials.length);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	944	for (int i=0; i<credentials.length; i++)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	945	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	946	allCredentials.addElement(credentials[i]);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	947	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	948	if (oldMSUID != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	949	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	950	SecurityStorage storage = new SecurityStorage();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	951	Vector sameSignerCredentials = new Vector();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	952	Vector differentSignerCredentials = new Vector();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	953	try
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	954	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	955	ProtectionDomain oldProtectionDomain = new ProtectionDomain(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	956	storage.readProtectionDomain(oldMSUID),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	957	storage.readProtectionDomainCategory(oldMSUID));
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	958	for (int i=0; i<credentials.length; i++)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	959	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	960	if (oldProtectionDomain.equals(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	961	credentials[i].getProtectionDomain()))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	962	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	963	SigningCertificate oldSigningCertificate =
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	964	retrieveSigningCertificate(storage, oldMSUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	965	SigningCertificate newSigningCertificate =
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	966	new SigningCertificate(credentials[i].signingCert,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	967	credentials[i].rootHashValue,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	968	credentials[i].getProtectionDomainName(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	969	credentials[i].getProtectionDomainCategory());
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	970	if (newSigningCertificate.isSameSigner(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	971	oldSigningCertificate))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	972	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	973	sameSignerCredentials.addElement(credentials[i]);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	974	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	975	else if (legacyMIDletSuite)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	976	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	977	differentSignerCredentials.addElement(credentials[i]);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	978	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	979	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	980	else if (legacyMIDletSuite
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	981	&& !ApplicationInfo.UNIDENTIFIED_THIRD_PARTY_DOMAIN.equals(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	982	credentials[i].getProtectionDomain().getCategory()))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	983	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	984	differentSignerCredentials.addElement(credentials[i]);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	985	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	986	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	987	if (sameSignerCredentials.size() != 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	988	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	989	allCredentials = sameSignerCredentials;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	990	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	991	else if (differentSignerCredentials.size() != 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	992	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	993	allCredentials = differentSignerCredentials;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	994	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	995	else
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	996	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	997	throw new InstallerSecurityException(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	998	InstallerErrorMessage.INST_AUTHORIZATION_ERR,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	999	null, /* no params for short msg */
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1000	InstallerDetailedErrorMessage.DIFFERENT_SIGNERS,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1001	null, /* no params for the detailed msg*/
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1002	OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1003	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1004	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1005	finally
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1006	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1007	storage.close();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1008	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1009	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1010	if (orderResult)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1011	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1012	// put the credentials with domain info first
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1013	int i=0;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1014	int size = allCredentials.size();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1015	while (i<size)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1016	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1017	Credentials current = (Credentials)allCredentials.elementAt(i);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1018	if (current.getProtectionDomainName() == null
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1019	\|\| current.getProtectionDomainCategory() == null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1020	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1021	// swap the current element with the last one
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1022	Object last = allCredentials.lastElement();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1023	allCredentials.setElementAt(last,i);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1024	allCredentials.setElementAt(current,(size-1));
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1025	size--;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1026	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1027	else
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1028	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1029	i++;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1030	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1031	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1032	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1033	return allCredentials;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1034	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1035
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1036	private boolean isLegacySuite(Uid msUID)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1037	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1038	if (msUID == null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1039	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1040	return true;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1041	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1042	Boolean tmp = (Boolean)iLegacySuiteFlags.remove(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1043	if (tmp != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1044	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1045	return tmp.booleanValue();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1046	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1047	else
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1048	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1049	SecurityStorage storage = new SecurityStorage();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1050	String suiteVersion = storage.readSuiteVersion(msUID);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1051	storage.close();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1052	if (suiteVersion != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1053	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1054	boolean legacySuite = !suiteVersion.equalsIgnoreCase(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1055	SecurityAttributes.MIDP3_VERSION_ATTRIBUTE_VALUE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1056	iLegacySuiteFlags.put(msUID, new Boolean(legacySuite));
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1057	return legacySuite;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1058	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1059	return true;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1060	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1061	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1062
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1063	private String getRoot(String rootHash)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1064	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1065	CommsEndpoint comms = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1066	try
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1067	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1068	comms = new CommsEndpoint();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1069	comms.connect(CommsEndpoint.JAVA_CAPTAIN);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1070	CommsMessage sMessage = new CommsMessage();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1071	sMessage.setMessageId(SecurityCommsMessages.JAVA_CERT_STORE_MSG_ID_REQUEST);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1072	sMessage.setModuleId(SecurityCommsMessages.PLUGIN_ID_JAVA_CERT_STORE_EXTENSION);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1073	sMessage.write(SecurityCommsMessages.JAVA_CERT_STORE_OPERATION_QUERY_CERTS);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1074	// add filter
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1075	sMessage.write(SecurityCommsMessages.JAVA_CERT_STORE_FILTER_ID_STATE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1076	sMessage.write(SecurityCommsMessages.JAVA_CERT_STORE_STATE_ENABLED);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1077	sMessage.write(SecurityCommsMessages.JAVA_CERT_STORE_FILTER_ID_HASH);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1078	sMessage.write(rootHash);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1079	// add the query ID
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1080	sMessage.write(SecurityCommsMessages.JAVA_CERT_STORE_QUERY_ID_CERT_CONTENT_PEM);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1081	CommsMessage rMessage = comms.sendReceive(sMessage, 10);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1082	// read the reply
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1083	String tmp = rMessage.readString();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1084	if (tmp != null && tmp.length() > 0)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1085	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1086	return rMessage.readString();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1087	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1088	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1089	catch (CommsException e)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1090	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1091	// fall through
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1092	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1093	finally
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1094	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1095	if (comms != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1096	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1097	comms.destroy();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1098	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1099	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1100	return null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1101	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1102
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1103	private int retrieveRootState(String rootHash)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1104	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1105
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1106	CommsEndpoint comms = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1107	try
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1108	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1109	comms = new CommsEndpoint();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1110	comms.connect(CommsEndpoint.JAVA_CAPTAIN);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1111	CommsMessage sMessage = new CommsMessage();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1112	sMessage.setMessageId(SecurityCommsMessages.JAVA_CERT_STORE_MSG_ID_REQUEST);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1113	sMessage.setModuleId(SecurityCommsMessages.PLUGIN_ID_JAVA_CERT_STORE_EXTENSION);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1114	sMessage.write(SecurityCommsMessages.JAVA_CERT_STORE_OPERATION_QUERY_CERTS);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1115	// add filter
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1116	sMessage.write(SecurityCommsMessages.JAVA_CERT_STORE_FILTER_ID_HASH);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1117	sMessage.write(rootHash);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1118	// add the query ID
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1119	sMessage.write(SecurityCommsMessages.JAVA_CERT_STORE_QUERY_ID_STATE);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1120	CommsMessage rMessage = comms.sendReceive(sMessage, 10);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1121	// read the reply
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1122	return rMessage.readInt();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1123	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1124	catch (CommsException e)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1125	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1126	// fall through
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1127	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1128	finally
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1129	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1130	if (comms != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1131	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1132	comms.destroy();
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1133	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1134	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1135	return SecurityCommsMessages.JAVA_CERT_STORE_STATE_UNKNOWN;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1136	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1137
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1138	private boolean performOcsp()
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1139	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1140	if (iOcspSettings.ocspMode
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1141	!= OcspSettings.OCSP_MODE_UNDEFINED)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1142	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1143	return (iOcspSettings.ocspMode == OcspSettings.OCSP_MODE_ENABLED);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1144	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1145	// check the user preferences
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1146	return (iOcspUserPreferences.getOcspMode()
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1147	== OcspUserPreferences.OCSP_MODE_ON
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1148	\|\| iOcspUserPreferences.getOcspMode()
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1149	== OcspUserPreferences.OCSP_MODE_MUST);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1150	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1151
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1152	private boolean isDriveProtected(int aMediaId)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1153	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1154	DriveInfo[] allDrives = DriveUtilities.getAllDrives();
48 e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	1155	boolean driveFound = false;
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1156	if (allDrives != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1157	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1158	for (int i=0; i<allDrives.length; i++)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1159	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1160	if (aMediaId == allDrives[i].iId)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1161	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1162	if (allDrives[i].iIsRemovable)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1163	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1164	return false;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1165	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1166	if (allDrives[i].iIsExternallyMountable)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1167	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1168	return false;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1169	}
48 e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	1170	driveFound = true;
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1171	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1172	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1173	}
48 e0d6e9bd3ca7 Revision: v2.2.3 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: 21 diff changeset	1174	return driveFound;
21 2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1175	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1176
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1177	private Credentials selectCredentials(String selectedJarHash, Vector allAuthCredentials, Vector validatedChainIndexes)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1178	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1179	Credentials selectedCredentials = null;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1180	if (selectedJarHash != null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1181	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1182	for (int i=0; i<allAuthCredentials.size(); i++)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1183	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1184	Credentials authCredentials =
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1185	(Credentials)allAuthCredentials.elementAt(i);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1186	if (selectedJarHash.equalsIgnoreCase(authCredentials.jarHashValue))
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1187	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1188	// the first one wins
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1189	if (selectedCredentials == null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1190	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1191	selectedCredentials = new Credentials(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1192	authCredentials.getProtectionDomainName(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1193	authCredentials.getProtectionDomainCategory(),
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1194	authCredentials.jarHashValue,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1195	authCredentials.rootHashValue,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1196	-1,
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1197	null);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1198	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1199	// collect the validated chain indexes
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1200	validatedChainIndexes.addElement(
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1201	new Integer(authCredentials.validatedChainIndex));
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1202	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1203	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1204	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1205	return selectedCredentials;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1206	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1207
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1208	private void writeAuthenticationStorageData(StorageSession storageSession, Uid uid, AuthenticationStorageData data, boolean isUpdate)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1209	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1210	if (storageSession == null)
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1211	{
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1212	return;
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1213	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1214	SecurityStorage storage = new SecurityStorage(storageSession);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1215	storage.writeAuthenticationStorageData(uid, data, isUpdate);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1216	Logger.logAuthenticationData(data);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1217	}
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1218
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1219	private native Credentials[] _validateChainsAndSignatures(AuthenticationInfo[] authInfo);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1220	private native String _computeHash(String appJARPath);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1221	private native String _drmDecryptAndComputeHash(String appJARPath);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1222	private native Certificate _parseCertificate(String rawCert);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1223	private native Certificate _getRootCertificate(String certHash);
2a9601315dfc Revision: v2.1.22 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1224	}

author	Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
	Thu, 02 Sep 2010 20:20:40 +0300
changeset 69	773449708c84
parent 48	e0d6e9bd3ca7
child 66	2455ef1f5bbc
permissions	-rw-r--r--