|
1 /* |
|
2 * Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 package com.nokia.mj.impl.security.midp.common; |
|
20 |
|
21 import com.nokia.mj.impl.installer.utils.InstallerMain; |
|
22 import com.nokia.mj.impl.security.midp.authentication.AuthenticationModule; |
|
23 import com.nokia.mj.impl.security.midp.authorization.PermissionGranter; |
|
24 import com.nokia.mj.impl.utils.Uid; |
|
25 import com.nokia.mj.impl.storage.*; |
|
26 import com.nokia.mj.impl.security.midp.storage.SecurityStorage; |
|
27 import com.nokia.mj.impl.security.midp.authorization.PermissionResolver; |
|
28 import com.nokia.mj.impl.security.midp.common.PermissionAttribute; |
|
29 import com.nokia.mj.impl.security.midp.common.SecurityAttributes; |
|
30 import com.nokia.mj.impl.security.midp.common.PolicyBasedPermissionImpl; |
|
31 import com.nokia.mj.impl.utils.Attribute; |
|
32 import com.nokia.mj.impl.utils.exception.InvalidAttributeException; |
|
33 import com.nokia.mj.impl.utils.InstallerErrorMessage; |
|
34 import com.nokia.mj.impl.utils.InstallerDetailedErrorMessage; |
|
35 import com.nokia.mj.impl.utils.ErrorMessageBase; |
|
36 import com.nokia.mj.impl.utils.OtaStatusCode; |
|
37 import java.util.Vector; |
|
38 import java.util.Hashtable; |
|
39 |
|
40 import j2meunit.framework.Test; |
|
41 import j2meunit.framework.TestCase; |
|
42 import j2meunit.framework.TestMethod; |
|
43 import j2meunit.framework.TestSuite; |
|
44 |
|
45 /** |
|
46 * SecurityExtensions unit tests. |
|
47 */ |
|
48 public class SecurityExtensionsTests extends TestCase implements InstallerMain |
|
49 { |
|
50 private static String TEST_DATA_DIR; |
|
51 |
|
52 static |
|
53 { |
|
54 String platform = System.getProperty("os.name"); |
|
55 if (platform != null && platform.equalsIgnoreCase("linux")) |
|
56 { |
|
57 TEST_DATA_DIR = System.getProperty("JAVA_BIN_ROOT") + "/securitytestdata/"; |
|
58 } |
|
59 else |
|
60 { |
|
61 TEST_DATA_DIR = "C:\\java\\securitytestdata\\"; |
|
62 } |
|
63 } |
|
64 |
|
65 protected InstallerErrorMessage errorMessage = new InstallerErrorMessage(); |
|
66 protected InstallerDetailedErrorMessage detailedErrorMessage = new InstallerDetailedErrorMessage(); |
|
67 Hashtable allAttributes = new Hashtable(); |
|
68 AuthenticationModule authenticationModule; |
|
69 PermissionGranter permissionGranter; |
|
70 StorageSession session; |
|
71 SecurityStorage storage; |
|
72 Uid appUID; |
|
73 protected static final String MIDP_PROFILE_ATTRIBUTE_NAME = "MicroEdition-Profile"; |
|
74 protected static final String MIDP3 = "MIDP-3.0"; |
|
75 protected static final String MIDP2 = "MIDP-2.0"; |
|
76 |
|
77 // Begin j2meunit test framework setup |
|
78 public void installerMain(String[] args) |
|
79 { |
|
80 TestSuite suite = new TestSuite(this.getClass().getName()); |
|
81 |
|
82 suite.addTest(new SecurityExtensionsTests("test", new TestMethod() |
|
83 { |
|
84 public void run(TestCase tc) |
|
85 { |
|
86 ((SecurityExtensionsTests)tc).test(); |
|
87 } |
|
88 })); |
|
89 |
|
90 com.nokia.mj.impl.utils.OmjTestRunner.run(suite); |
|
91 } |
|
92 |
|
93 public SecurityExtensionsTests() |
|
94 { |
|
95 } |
|
96 |
|
97 public SecurityExtensionsTests(String aTestName, TestMethod aTestMethod) |
|
98 { |
|
99 super(aTestName, aTestMethod); |
|
100 } |
|
101 |
|
102 public void assertFalse(String aMsg, boolean aCondition) |
|
103 { |
|
104 assertTrue(aMsg, !aCondition); |
|
105 } |
|
106 |
|
107 // End j2meunit test framework setup |
|
108 |
|
109 protected void setUp() |
|
110 { |
|
111 authenticationModule = authenticationModule.getInstance(); |
|
112 permissionGranter = permissionGranter.getInstance(); |
|
113 session = StorageFactory.createSession(); |
|
114 session.open(); |
|
115 storage = new SecurityStorage(); |
|
116 appUID = Uid.createUid("myUID"); |
|
117 } |
|
118 |
|
119 protected void tearDown() |
|
120 { |
|
121 storage.removeAuthenticationStorageData(appUID); |
|
122 permissionGranter.removeSecurityData(session,appUID); |
|
123 PermissionResolver.testClearCache(); |
|
124 } |
|
125 |
|
126 protected void test() |
|
127 { |
|
128 SecurityAttributes securityAttributes; |
|
129 AuthenticationCredentials[] credentials; |
|
130 // package names |
|
131 assertTrue(find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext1.internal.", "com.nokia.ext2.internal."}) |
|
132 && !find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext1.public."}) |
|
133 && !find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext2.public."}) |
|
134 && find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext1.public.", "com.nokia.ext2.public."}) |
|
135 && !find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext1.internal."}) |
|
136 && !find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext2.internal."})); |
|
137 // mappings |
|
138 MIDPPermission perm = SecurityExtensionsReader.getExtPermission("com.nokia.ext1.public.Ext1Perm"); |
|
139 assertTrue(perm != null && perm.getName() != null && perm.getName().equals("com.nokia.ext1.internal.Ext1Perm") && perm.getTarget() != null && perm.getTarget().equals("*")&& perm.getActionList() == null); |
|
140 assertTrue(SecurityExtensionsReader.getExtPermission("com.nokia.mj.impl.gcf.protocol.socket.SocketPermissionImpl") == null); |
|
141 perm = SecurityExtensionsReader.getExtPermission("com.nokia.ext2.public.Ext2Perm"); |
|
142 assertTrue(perm != null && perm.getName() != null && perm.getName().equals("com.nokia.ext2.internal.Ext2Perm") && perm.getTarget() != null && perm.getTarget().equals("*")&& perm.getActionList() == null); |
|
143 // policies (unsigned suite, check that ext1 perms are granted and the base permissions were not altered) |
|
144 storage.removeAuthenticationStorageData(appUID); |
|
145 permissionGranter.removeSecurityData(session,appUID); |
|
146 PermissionResolver.testClearCache(); |
|
147 allAttributes.clear(); |
|
148 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
149 securityAttributes = new SecurityAttributes(); |
|
150 securityAttributes.addDescriptorAttributes(allAttributes); |
|
151 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
|
152 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
|
153 allAttributes.clear(); |
|
154 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
155 securityAttributes.addManifestAttributes(allAttributes); |
|
156 authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); |
|
157 permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); |
|
158 assertTrue(checkGrantedPermissions(storage.readGrantedPermissions(appUID), |
|
159 new PolicyBasedPermissionImpl[] |
|
160 { |
|
161 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target1", "ext1.action1", new UserSecuritySettingsImpl("Ext1", UserSecuritySettings.ONESHOT_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
|
162 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target2", "ext1.action2", new UserSecuritySettingsImpl("Net Access", UserSecuritySettings.SESSION_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
|
163 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target3", "ext1.action3", null), |
|
164 new PolicyBasedPermissionImpl("com.nokia.mj.impl.gcf.protocol.http.HttpPermissionImpl", "http://*", null, new UserSecuritySettingsImpl("Net Access", UserSecuritySettings.SESSION_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
|
165 new PolicyBasedPermissionImpl("com.nokia.mj.impl.file.FileInternalPermission", "*", "read", new UserSecuritySettingsImpl("Read User Data Access", UserSecuritySettings.ONESHOT_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
|
166 new PolicyBasedPermissionImpl("com.nokia.mj.impl.mms.MMSPermissionImpl", "mms://*", "send", new UserSecuritySettingsImpl("Messaging", UserSecuritySettings.ONESHOT_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})) |
|
167 })); |
|
168 // policies (trusted third party suite which requests ext1 public perms fails |
|
169 try |
|
170 { |
|
171 storage.removeAuthenticationStorageData(appUID); |
|
172 permissionGranter.removeSecurityData(session,appUID); |
|
173 PermissionResolver.testClearCache(); |
|
174 allAttributes.clear(); |
|
175 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
176 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("", "MIICWDCCAcECBEhQwA0wDQYJKoZIhvcNAQEEBQAwczELMAkGA1UEBhMCZmkxEjAQBgNVBAgTCVBpcmthbm1hYTEQMA4GA1UEBxMHVGFtcGVyZTEOMAwGA1UEChMFTm9raWExDTALBgNVBAsTBEphdmExHzAdBgNVBAMMFkpQX0RldmljZV9NYW51ZmFjdHVyZXIwHhcNMDgwNjEyMDYxOTU3WhcNMTgwNjEwMDYxOTU3WjBzMQswCQYDVQQGEwJmaTESMBAGA1UECBMJUGlya2FubWFhMRAwDgYDVQQHEwdUYW1wZXJlMQ4wDAYDVQQKEwVOb2tpYTENMAsGA1UECxMESmF2YTEfMB0GA1UEAwwWSlBfRGV2aWNlX01hbnVmYWN0dXJlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApi3ipIPj8O33/rZre1euh7Itd9d6ZVf2mvQ/tLpHEsFJe5XLOsVViMvFskhhKUzmDsRbP4J03L6827/vEDIi/1i8kJGLaoFqJYaLGFWI2Zmxlj6aJV8cfZyOjmQPWJn1IDEe1ZAWbvMSp8xibWRsCLNEGKIkxQvAr/QDK/6iS+kCAwEAATANBgkqhkiG9w0BAQQFAAOBgQCDXt6klAs6yKvdTab3D2wkdoi3Lu4YFsMgLexJOu5HhAUJ/9VYO+Q2+mjd95MRsTa5rWQ2Jjvhn57Z3z/KBOwfHbymmNtMk6Gl14H0vQRoHa31jh3mTuAy5KotDVthaDp30aOizk473NU68wY1WdP4gFk5ZhrpNea9q3st13BxIQ==")); |
|
177 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME ,new Attribute("", "IcANmLKiOJQF8ABCNDj1PNNH/O8v9jfCVuiGBVm8enXDkM/gLwPjrC65sDKpOCHPqssUlHzjmVN5b9g8aRs4jxUOXNt2b732J7NSIPh97vw/WrP/KHdiooi/1KFUyklMyokK9ZrIv+GW1ttLCfKbuFupT9zmPAmWJQpnuD7J6sE=")); |
|
178 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext1.public.Ext1Perm")); |
|
179 securityAttributes = new SecurityAttributes(); |
|
180 securityAttributes.addDescriptorAttributes(allAttributes); |
|
181 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
|
182 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
|
183 assertTrue(false); |
|
184 } |
|
185 catch (InvalidAttributeException e) |
|
186 { |
|
187 assertTrue( |
|
188 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
|
189 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
190 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
|
191 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
|
192 } |
|
193 // policies (trusted third party suite which requests ext1 internal perms fails |
|
194 try |
|
195 { |
|
196 storage.removeAuthenticationStorageData(appUID); |
|
197 permissionGranter.removeSecurityData(session,appUID); |
|
198 PermissionResolver.testClearCache(); |
|
199 allAttributes.clear(); |
|
200 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
201 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("", "MIICWDCCAcECBEhQwA0wDQYJKoZIhvcNAQEEBQAwczELMAkGA1UEBhMCZmkxEjAQBgNVBAgTCVBpcmthbm1hYTEQMA4GA1UEBxMHVGFtcGVyZTEOMAwGA1UEChMFTm9raWExDTALBgNVBAsTBEphdmExHzAdBgNVBAMMFkpQX0RldmljZV9NYW51ZmFjdHVyZXIwHhcNMDgwNjEyMDYxOTU3WhcNMTgwNjEwMDYxOTU3WjBzMQswCQYDVQQGEwJmaTESMBAGA1UECBMJUGlya2FubWFhMRAwDgYDVQQHEwdUYW1wZXJlMQ4wDAYDVQQKEwVOb2tpYTENMAsGA1UECxMESmF2YTEfMB0GA1UEAwwWSlBfRGV2aWNlX01hbnVmYWN0dXJlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApi3ipIPj8O33/rZre1euh7Itd9d6ZVf2mvQ/tLpHEsFJe5XLOsVViMvFskhhKUzmDsRbP4J03L6827/vEDIi/1i8kJGLaoFqJYaLGFWI2Zmxlj6aJV8cfZyOjmQPWJn1IDEe1ZAWbvMSp8xibWRsCLNEGKIkxQvAr/QDK/6iS+kCAwEAATANBgkqhkiG9w0BAQQFAAOBgQCDXt6klAs6yKvdTab3D2wkdoi3Lu4YFsMgLexJOu5HhAUJ/9VYO+Q2+mjd95MRsTa5rWQ2Jjvhn57Z3z/KBOwfHbymmNtMk6Gl14H0vQRoHa31jh3mTuAy5KotDVthaDp30aOizk473NU68wY1WdP4gFk5ZhrpNea9q3st13BxIQ==")); |
|
202 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME ,new Attribute("", "IcANmLKiOJQF8ABCNDj1PNNH/O8v9jfCVuiGBVm8enXDkM/gLwPjrC65sDKpOCHPqssUlHzjmVN5b9g8aRs4jxUOXNt2b732J7NSIPh97vw/WrP/KHdiooi/1KFUyklMyokK9ZrIv+GW1ttLCfKbuFupT9zmPAmWJQpnuD7J6sE=")); |
|
203 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext1.internal.Ext1Perm")); |
|
204 securityAttributes = new SecurityAttributes(); |
|
205 securityAttributes.addDescriptorAttributes(allAttributes); |
|
206 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
|
207 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
|
208 assertTrue(false); |
|
209 } |
|
210 catch (InvalidAttributeException e) |
|
211 { |
|
212 assertTrue( |
|
213 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
|
214 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
215 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
|
216 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
|
217 } |
|
218 // policies (trusted third party suite which requests ext2 internal perms |
|
219 try |
|
220 { |
|
221 storage.removeAuthenticationStorageData(appUID); |
|
222 permissionGranter.removeSecurityData(session,appUID); |
|
223 PermissionResolver.testClearCache(); |
|
224 allAttributes.clear(); |
|
225 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
226 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("", "MIICyjCCAjOgAwIBAgIJANglmaqnbnYRMA0GCSqGSIb3DQEBBQUAMHMxCzAJBgNVBAYTAmZpMRIwEAYDVQQIEwlQaXJrYW5tYWExEDAOBgNVBAcTB1RhbXBlcmUxDjAMBgNVBAoTBU5va2lhMQ0wCwYDVQQLEwRKYXZhMR8wHQYDVQQDDBZKUF9UaGlyZF9QYXJ0eV9UcnVzdGVkMB4XDTEwMDIwNTEzMTMzN1oXDTE1MDIwNDEzMTMzN1owVzELMAkGA1UEBhMCRkkxEDAOBgNVBAcTB1RhbXBlcmUxFzAVBgNVBAMTDk15IENvbW1vbiBOYW1lMR0wGwYDVQQKExRNeSBPcmdhbml6YXRpb24gTmFtZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMkJNh9P28KvJCgoJ3rwlpl0mVSpEVrl9UikxvBCqccQCJNuvcVKy8N06l8CGvwNVDhFb3eLyg5aUA8BsdcsTNfCxkItrbdyj7rNvvrPRztt42gFY1ZBSJKzkAMzXe1+d8SsjzwUxwA0xqhmA8PGVEhCruLtgAL3OPy3Y382SGmaQgiSBlYl/lkS8o8w6yNHXUUs/NC+1fQ7FRpb9VBueDT4neOhZopNZH+9VFH1vGT4oZPIn+fJY+Ue69WwDXXnHSNrrr5pDx+H882Fh7Z1Lswq3FVPzQCN69QqUpzGwaGF4NaMGywJYHnD6t3DHtGZwHnVZoCJx/L/P58JOWmNqz0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQBgbsN4vL4Vh/NVmAACVqcIKrbYp6SiRA72a9P4cusyShq+ogkTweas9DMyX/DkEtbnjSEkRPnvcKydsux7fARBg+fzk/AJ6Q8vH9RMSxwbwygoqieHID68ahGnx0/E1KUuw78Og2zQScvoE7xn9jCiWoTzA5qfOKZJ445wonS0dw==")); |
|
227 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME ,new Attribute("", "dfDsGKZLIj8Bx96d9C1OsHyCGiupL0+sXxElCb2clanbgipDTOEGFlyo2uY1YjmVsZ0HC0Hms1ZJIGaf9WHMeuesMUncSqJyN0Euj/k7I8eBD8kHhoR0qqBDRzqLZhPelqqcsWCGyS0whZiBreOujiKoKAPMVbFYQugZ+JiSS7qJ++rs7HmLd6/OQkH+XIoQO7ffcBLKTIG2ezGGtQgELkDZIs7lHOiH6NraqxQ2EHz8dgdOyVtfW7aHOVlq0yZLN8Gai8w5JXV7O/FSvkLxV+i40jPs/SPVTc1dZm4UWms/gBCCH1bIZfEdq9lQFdVLeEmlYluCW8QCfhZ7dGSQow==")); |
|
228 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext2.internal.Ext2Perm")); |
|
229 securityAttributes = new SecurityAttributes(); |
|
230 securityAttributes.addDescriptorAttributes(allAttributes); |
|
231 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
|
232 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
|
233 assertTrue(false); |
|
234 } |
|
235 catch (InvalidAttributeException e) |
|
236 { |
|
237 assertTrue( |
|
238 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
|
239 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
240 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
|
241 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
|
242 } |
|
243 // policies (trusted third party suite which requests ext2 public perms |
|
244 storage.removeAuthenticationStorageData(appUID); |
|
245 permissionGranter.removeSecurityData(session,appUID); |
|
246 PermissionResolver.testClearCache(); |
|
247 allAttributes.clear(); |
|
248 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
249 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("", "MIICyjCCAjOgAwIBAgIJANglmaqnbnYRMA0GCSqGSIb3DQEBBQUAMHMxCzAJBgNVBAYTAmZpMRIwEAYDVQQIEwlQaXJrYW5tYWExEDAOBgNVBAcTB1RhbXBlcmUxDjAMBgNVBAoTBU5va2lhMQ0wCwYDVQQLEwRKYXZhMR8wHQYDVQQDDBZKUF9UaGlyZF9QYXJ0eV9UcnVzdGVkMB4XDTEwMDIwNTEzMTMzN1oXDTE1MDIwNDEzMTMzN1owVzELMAkGA1UEBhMCRkkxEDAOBgNVBAcTB1RhbXBlcmUxFzAVBgNVBAMTDk15IENvbW1vbiBOYW1lMR0wGwYDVQQKExRNeSBPcmdhbml6YXRpb24gTmFtZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMkJNh9P28KvJCgoJ3rwlpl0mVSpEVrl9UikxvBCqccQCJNuvcVKy8N06l8CGvwNVDhFb3eLyg5aUA8BsdcsTNfCxkItrbdyj7rNvvrPRztt42gFY1ZBSJKzkAMzXe1+d8SsjzwUxwA0xqhmA8PGVEhCruLtgAL3OPy3Y382SGmaQgiSBlYl/lkS8o8w6yNHXUUs/NC+1fQ7FRpb9VBueDT4neOhZopNZH+9VFH1vGT4oZPIn+fJY+Ue69WwDXXnHSNrrr5pDx+H882Fh7Z1Lswq3FVPzQCN69QqUpzGwaGF4NaMGywJYHnD6t3DHtGZwHnVZoCJx/L/P58JOWmNqz0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQBgbsN4vL4Vh/NVmAACVqcIKrbYp6SiRA72a9P4cusyShq+ogkTweas9DMyX/DkEtbnjSEkRPnvcKydsux7fARBg+fzk/AJ6Q8vH9RMSxwbwygoqieHID68ahGnx0/E1KUuw78Og2zQScvoE7xn9jCiWoTzA5qfOKZJ445wonS0dw==")); |
|
250 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME ,new Attribute("", "dfDsGKZLIj8Bx96d9C1OsHyCGiupL0+sXxElCb2clanbgipDTOEGFlyo2uY1YjmVsZ0HC0Hms1ZJIGaf9WHMeuesMUncSqJyN0Euj/k7I8eBD8kHhoR0qqBDRzqLZhPelqqcsWCGyS0whZiBreOujiKoKAPMVbFYQugZ+JiSS7qJ++rs7HmLd6/OQkH+XIoQO7ffcBLKTIG2ezGGtQgELkDZIs7lHOiH6NraqxQ2EHz8dgdOyVtfW7aHOVlq0yZLN8Gai8w5JXV7O/FSvkLxV+i40jPs/SPVTc1dZm4UWms/gBCCH1bIZfEdq9lQFdVLeEmlYluCW8QCfhZ7dGSQow==")); |
|
251 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext2.public.Ext2Perm")); |
|
252 securityAttributes = new SecurityAttributes(); |
|
253 securityAttributes.addDescriptorAttributes(allAttributes); |
|
254 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
|
255 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
|
256 allAttributes.clear(); |
|
257 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
258 securityAttributes.addManifestAttributes(allAttributes); |
|
259 authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); |
|
260 permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); |
|
261 assertTrue(checkGrantedPermissions(storage.readGrantedPermissions(appUID), |
|
262 new PolicyBasedPermissionImpl[] |
|
263 { |
|
264 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target1", "ext2.action1", new UserSecuritySettingsImpl("Ext1", UserSecuritySettings.BLANKET_INTERACTION_MODE, new int[] {UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
|
265 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target2", "ext2.action2", new UserSecuritySettingsImpl("Ext2", UserSecuritySettings.ONESHOT_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
|
266 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target3", "ext2.action3", null), |
|
267 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target4", "ext2.action4", null), |
|
268 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target5", "ext2.action5", new UserSecuritySettingsImpl("Messaging", UserSecuritySettings.SESSION_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE, UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE})) |
|
269 })); |
|
270 } |
|
271 |
|
272 private static boolean checkGrantedPermissions(Vector grantedPermissions, PolicyBasedPermissionImpl[] expectedPerms) |
|
273 { |
|
274 if (grantedPermissions == null) |
|
275 { |
|
276 return false; |
|
277 } |
|
278 boolean[] grantedPermissionsChecked = |
|
279 new boolean[expectedPerms.length]; |
|
280 com.nokia.mj.impl.security.midp.authorization.PermissionGranterTests.initBoolArray(grantedPermissionsChecked); |
|
281 for (int i=0; i<grantedPermissions.size(); i++) |
|
282 { |
|
283 int index = -1; |
|
284 PolicyBasedPermissionImpl grantedPermission = (PolicyBasedPermissionImpl)grantedPermissions.elementAt(i); |
|
285 for (int j=0; j<expectedPerms.length; j++) |
|
286 { |
|
287 if (expectedPerms[j].equals(grantedPermission)) |
|
288 { |
|
289 index = j; |
|
290 break; |
|
291 } |
|
292 } |
|
293 if (index >= 0) |
|
294 { |
|
295 grantedPermissionsChecked[index] = true; |
|
296 } |
|
297 } |
|
298 return com.nokia.mj.impl.security.midp.authorization.PermissionGranterTests.checkBoolArray(grantedPermissionsChecked); |
|
299 } |
|
300 |
|
301 private static boolean find(Vector vStr, String[] expectedStrs) |
|
302 { |
|
303 if (vStr == null) |
|
304 { |
|
305 return false; |
|
306 } |
|
307 boolean[] strsChecked = |
|
308 new boolean[expectedStrs.length]; |
|
309 com.nokia.mj.impl.security.midp.authorization.PermissionGranterTests.initBoolArray(strsChecked); |
|
310 for (int i=0; i<vStr.size(); i++) |
|
311 { |
|
312 int index = -1; |
|
313 String str = (String)vStr.elementAt(i); |
|
314 for (int j=0; j<expectedStrs.length; j++) |
|
315 { |
|
316 if (expectedStrs[j].equals(str)) |
|
317 { |
|
318 index = j; |
|
319 break; |
|
320 } |
|
321 } |
|
322 if (index >= 0) |
|
323 { |
|
324 strsChecked[index] = true; |
|
325 } |
|
326 } |
|
327 return com.nokia.mj.impl.security.midp.authorization.PermissionGranterTests.checkBoolArray(strsChecked); |
|
328 } |
|
329 |
|
330 } |