127 protected void test() |
126 protected void test() |
128 { |
127 { |
129 SecurityAttributes securityAttributes; |
128 SecurityAttributes securityAttributes; |
130 AuthenticationCredentials[] credentials; |
129 AuthenticationCredentials[] credentials; |
131 // package names |
130 // package names |
132 assertWithTrace(find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext1.internal.", "com.nokia.ext2.internal."}) |
131 assertTrue(find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext1.internal.", "com.nokia.ext2.internal."}) |
133 && !find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext1.public."}) |
132 && !find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext1.public."}) |
134 && !find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext2.public."}) |
133 && !find(SecurityExtensionsReader.getExtProtectedPackages(), new String[] {"com.nokia.ext2.public."}) |
135 && find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext1.public.", "com.nokia.ext2.public."}) |
134 && find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext1.public.", "com.nokia.ext2.public."}) |
136 && !find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext1.internal."}) |
135 && !find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext1.internal."}) |
137 && !find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext2.internal."})); |
136 && !find(SecurityExtensionsReader.getExtRestrictedPackages(), new String[] {"com.nokia.ext2.internal."})); |
138 // mappings |
137 // mappings |
139 MIDPPermission perm = SecurityExtensionsReader.getExtPermission("com.nokia.ext1.public.Ext1Perm"); |
138 MIDPPermission perm = SecurityExtensionsReader.getExtPermission("com.nokia.ext1.public.Ext1Perm"); |
140 assertWithTrace(perm != null && perm.getName() != null && perm.getName().equals("com.nokia.ext1.internal.Ext1Perm") && perm.getTarget() == null && perm.getActionList() == null); |
139 assertTrue(perm != null && perm.getName() != null && perm.getName().equals("com.nokia.ext1.internal.Ext1Perm") && perm.getTarget() != null && perm.getTarget().equals("*")&& perm.getActionList() == null); |
141 assertWithTrace(SecurityExtensionsReader.getExtPermission("com.nokia.mj.impl.gcf.protocol.socket.SocketPermissionImpl") == null); |
140 assertTrue(SecurityExtensionsReader.getExtPermission("com.nokia.mj.impl.gcf.protocol.socket.SocketPermissionImpl") == null); |
142 perm = SecurityExtensionsReader.getExtPermission("com.nokia.ext2.public.Ext2Perm"); |
141 perm = SecurityExtensionsReader.getExtPermission("com.nokia.ext2.public.Ext2Perm"); |
143 assertWithTrace(perm != null && perm.getName() != null && perm.getName().equals("com.nokia.ext2.internal.Ext2Perm") && perm.getTarget() == null && perm.getActionList() == null); |
142 assertTrue(perm != null && perm.getName() != null && perm.getName().equals("com.nokia.ext2.internal.Ext2Perm") && perm.getTarget() != null && perm.getTarget().equals("*")&& perm.getActionList() == null); |
144 // policies (unsigned suite, check that ext1 perms are granted and the base permissions were not altered) |
143 // policies (unsigned suite, check that ext1 perms are granted and the base permissions were not altered) |
145 storage.removeAuthenticationStorageData(appUID); |
144 storage.removeAuthenticationStorageData(appUID); |
146 permissionGranter.removeSecurityData(session,appUID); |
145 permissionGranter.removeSecurityData(session,appUID); |
147 PermissionResolver.testClearCache(); |
146 PermissionResolver.testClearCache(); |
148 allAttributes.clear(); |
147 allAttributes.clear(); |
152 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
151 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
153 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
152 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
154 allAttributes.clear(); |
153 allAttributes.clear(); |
155 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
154 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
156 securityAttributes.addManifestAttributes(allAttributes); |
155 securityAttributes.addManifestAttributes(allAttributes); |
157 credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); |
156 authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); |
158 authenticationModule.addSecurityData(session, appUID, null); |
157 permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); |
159 permissionGranter.grantJarPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
158 assertTrue(checkGrantedPermissions(storage.readGrantedPermissions(appUID), |
160 permissionGranter.addSecurityData(session, appUID, null); |
|
161 assertWithTrace(checkGrantedPermissions(storage.readGrantedPermissions(appUID), |
|
162 new PolicyBasedPermissionImpl[] |
159 new PolicyBasedPermissionImpl[] |
163 { |
160 { |
164 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target1", "ext1.action1", new UserSecuritySettingsImpl("Ext1", UserSecuritySettings.ONESHOT_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
161 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target1", "ext1.action1", new UserSecuritySettingsImpl("Ext1", UserSecuritySettings.ONESHOT_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
165 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target2", "ext1.action2", new UserSecuritySettingsImpl("Net Access", UserSecuritySettings.SESSION_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
162 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target2", "ext1.action2", new UserSecuritySettingsImpl("Net Access", UserSecuritySettings.SESSION_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
166 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target3", "ext1.action3", null), |
163 new PolicyBasedPermissionImpl("com.nokia.ext1.internal.Ext1Perm", "ext1.target3", "ext1.action3", null), |
181 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext1.public.Ext1Perm")); |
178 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext1.public.Ext1Perm")); |
182 securityAttributes = new SecurityAttributes(); |
179 securityAttributes = new SecurityAttributes(); |
183 securityAttributes.addDescriptorAttributes(allAttributes); |
180 securityAttributes.addDescriptorAttributes(allAttributes); |
184 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
181 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
185 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
182 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
186 assertWithTrace(false); |
183 assertTrue(false); |
187 } |
184 } |
188 catch (InvalidAttributeException e) |
185 catch (InvalidAttributeException e) |
189 { |
186 { |
190 assertWithTrace( |
187 assertTrue( |
191 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
188 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
192 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
189 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
193 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
190 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
194 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
191 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
195 } |
192 } |
206 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext1.internal.Ext1Perm")); |
203 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext1.internal.Ext1Perm")); |
207 securityAttributes = new SecurityAttributes(); |
204 securityAttributes = new SecurityAttributes(); |
208 securityAttributes.addDescriptorAttributes(allAttributes); |
205 securityAttributes.addDescriptorAttributes(allAttributes); |
209 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
206 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
210 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
207 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
211 assertWithTrace(false); |
208 assertTrue(false); |
212 } |
209 } |
213 catch (InvalidAttributeException e) |
210 catch (InvalidAttributeException e) |
214 { |
211 { |
215 assertWithTrace( |
212 assertTrue( |
216 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
213 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
217 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
214 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
218 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
215 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
219 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
216 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
220 } |
217 } |
231 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext2.internal.Ext2Perm")); |
228 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","com.nokia.ext2.internal.Ext2Perm")); |
232 securityAttributes = new SecurityAttributes(); |
229 securityAttributes = new SecurityAttributes(); |
233 securityAttributes.addDescriptorAttributes(allAttributes); |
230 securityAttributes.addDescriptorAttributes(allAttributes); |
234 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
231 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
235 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
232 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
236 assertWithTrace(false); |
233 assertTrue(false); |
237 } |
234 } |
238 catch (InvalidAttributeException e) |
235 catch (InvalidAttributeException e) |
239 { |
236 { |
240 assertWithTrace( |
237 assertTrue( |
241 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
238 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
242 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
239 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
243 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
240 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
244 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
241 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
245 } |
242 } |
257 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
254 credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes()); |
258 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
255 permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
259 allAttributes.clear(); |
256 allAttributes.clear(); |
260 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
257 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
261 securityAttributes.addManifestAttributes(allAttributes); |
258 securityAttributes.addManifestAttributes(allAttributes); |
262 credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); |
259 authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); |
263 authenticationModule.addSecurityData(session, appUID, null); |
260 permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); |
264 permissionGranter.grantJarPermissions(appUID, null, securityAttributes.getPermissionAttributes(), credentials); |
261 assertTrue(checkGrantedPermissions(storage.readGrantedPermissions(appUID), |
265 permissionGranter.addSecurityData(session, appUID, null); |
|
266 assertWithTrace(checkGrantedPermissions(storage.readGrantedPermissions(appUID), |
|
267 new PolicyBasedPermissionImpl[] |
262 new PolicyBasedPermissionImpl[] |
268 { |
263 { |
269 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target1", "ext2.action1", new UserSecuritySettingsImpl("Ext1", UserSecuritySettings.BLANKET_INTERACTION_MODE, new int[] {UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
264 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target1", "ext2.action1", new UserSecuritySettingsImpl("Ext1", UserSecuritySettings.BLANKET_INTERACTION_MODE, new int[] {UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
270 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target2", "ext2.action2", new UserSecuritySettingsImpl("Ext2", UserSecuritySettings.ONESHOT_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
265 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target2", "ext2.action2", new UserSecuritySettingsImpl("Ext2", UserSecuritySettings.ONESHOT_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE})), |
271 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target3", "ext2.action3", null), |
266 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target3", "ext2.action3", null), |
272 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target4", "ext2.action4", null), |
267 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target4", "ext2.action4", null), |
273 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target5", "ext2.action5", new UserSecuritySettingsImpl("Messaging", UserSecuritySettings.SESSION_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE, UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE})) |
268 new PolicyBasedPermissionImpl("com.nokia.ext2.internal.Ext2Perm", "ext2.target5", "ext2.action5", new UserSecuritySettingsImpl("Messaging", UserSecuritySettings.SESSION_INTERACTION_MODE, new int[] {UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.NO_INTERACTION_MODE, UserSecuritySettings.BLANKET_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE})) |
274 })); |
269 })); |
275 } |
270 } |
276 |
271 |
277 private void assertWithTrace(boolean aCondition) |
|
278 { |
|
279 assertTrue("" + assertTrace, aCondition); |
|
280 assertTrace++; |
|
281 } |
|
282 |
|
283 private static boolean checkGrantedPermissions(Vector grantedPermissions, PolicyBasedPermissionImpl[] expectedPerms) |
272 private static boolean checkGrantedPermissions(Vector grantedPermissions, PolicyBasedPermissionImpl[] expectedPerms) |
284 { |
273 { |
285 if (grantedPermissions == null) |
274 if (grantedPermissions == null) |
286 { |
275 { |
287 return false; |
276 return false; |