|
1 /* |
|
2 * Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 package com.nokia.mj.impl.security.midp.common; |
|
20 |
|
21 import com.nokia.mj.impl.installer.utils.InstallerMain; |
|
22 import com.nokia.mj.impl.security.midp.common.SecurityAttributes; |
|
23 import com.nokia.mj.impl.utils.exception.InvalidAttributeException; |
|
24 import com.nokia.mj.impl.utils.InstallerErrorMessage; |
|
25 import com.nokia.mj.impl.utils.InstallerDetailedErrorMessage; |
|
26 import com.nokia.mj.impl.utils.ErrorMessageBase; |
|
27 import com.nokia.mj.impl.utils.OtaStatusCode; |
|
28 import com.nokia.mj.impl.utils.Attribute; |
|
29 |
|
30 import java.util.Hashtable; |
|
31 |
|
32 import j2meunit.framework.Test; |
|
33 import j2meunit.framework.TestCase; |
|
34 import j2meunit.framework.TestMethod; |
|
35 import j2meunit.framework.TestSuite; |
|
36 |
|
37 /** |
|
38 * SecurityDescriptorAttributes unit tests. |
|
39 */ |
|
40 public class SecurityDescriptorAttributesTests extends TestCase implements InstallerMain |
|
41 { |
|
42 |
|
43 /** |
|
44 * Hashtable holding all the attributes. Tests populate this hashtable |
|
45 * prior to being executed |
|
46 */ |
|
47 protected Hashtable allAttributes; |
|
48 |
|
49 // constants for permissions |
|
50 protected static final String MIDP2_SOCKET_PERMISSION = "javax.microedition.io.Connector.socket"; |
|
51 protected static final String MIDP2_SERVER_SOCKET_PERMISSION = "javax.microedition.io.Connector.serversocket"; |
|
52 protected static final String MIDP2_HTTP_PERMISSION = "javax.microedition.io.Connector.http"; |
|
53 protected static final String MIDP2_HTTPS_PERMISSION = "javax.microedition.io.Connector.https"; |
|
54 protected static final String MIDP2_SSL_PERMISSION = "javax.microedition.io.Connector.ssl"; |
|
55 protected static final String MIDP2_DATAGRAM_PERMISSION = "javax.microedition.io.Connector.datagram"; |
|
56 protected static final String MIDP2_DATAGRAM_RECEIVER_PERMISSION = "javax.microedition.io.Connector.datagramreceiver"; |
|
57 protected static final String MIDP2_COMM_PERMISSION = "javax.microedition.io.Connector.comm"; |
|
58 protected static final String MIDP2_PUSH_REGISTRY_PERMISSION = "javax.microedition.io.PushRegistry"; |
|
59 |
|
60 private static final String INTERNAL_SOCKET_PERMISSION = "com.nokia.mj.impl.gcf.protocol.socket.SocketPermissionImpl"; |
|
61 private static final String INTERNAL_HTTP_PERMISSION = "com.nokia.mj.impl.gcf.protocol.http.HttpPermissionImpl"; |
|
62 private static final String INTERNAL_HTTPS_PERMISSION = "com.nokia.mj.impl.gcf.protocol.https.HttpsPermissionImpl"; |
|
63 private static final String INTERNAL_SSL_PERMISSION = "com.nokia.mj.impl.gcf.protocol.ssl.SSLPermissionImpl"; |
|
64 private static final String INTERNAL_DATAGRAM_PERMISSION = "com.nokia.mj.impl.gcf.protocol.datagram.DatagramPermissionImpl"; |
|
65 private static final String INTERNAL_COMM_PERMISSION = "com.nokia.mj.impl.gcf.protocol.comm.CommPermissionImpl"; |
|
66 private static final String INTERNAL_PUSH_REGISTRY_PERMISSION = "com.nokia.mj.impl.gcf.PushRegistryPermissionImpl"; |
|
67 |
|
68 /** |
|
69 * Hashtable containing the mapping between MIDP3 permissions and their |
|
70 * default targets |
|
71 */ |
|
72 private static Hashtable midp2PermissionTargets = new Hashtable(); |
|
73 static |
|
74 { |
|
75 midp2PermissionTargets = new Hashtable(); |
|
76 midp2PermissionTargets.put(INTERNAL_SOCKET_PERMISSION, "socket://*"); |
|
77 midp2PermissionTargets.put(INTERNAL_HTTP_PERMISSION, "http://*"); |
|
78 midp2PermissionTargets.put(INTERNAL_HTTPS_PERMISSION, "https://*"); |
|
79 midp2PermissionTargets.put(INTERNAL_SSL_PERMISSION, "ssl://*"); |
|
80 midp2PermissionTargets.put(INTERNAL_DATAGRAM_PERMISSION,"datagram://*"); |
|
81 midp2PermissionTargets.put(INTERNAL_COMM_PERMISSION, "comm://*"); |
|
82 midp2PermissionTargets.put(INTERNAL_PUSH_REGISTRY_PERMISSION, "*"); |
|
83 } |
|
84 |
|
85 // data being tested |
|
86 protected SecurityAttributes securityAttributes; |
|
87 private PermissionAttribute[] permissionAttributes; |
|
88 private AuthenticationAttribute[] authAttributes; |
|
89 |
|
90 // references to error messages |
|
91 protected InstallerErrorMessage errorMessage = new InstallerErrorMessage(); |
|
92 protected InstallerDetailedErrorMessage detailedErrorMessage = new InstallerDetailedErrorMessage(); |
|
93 |
|
94 // general-purpose constants |
|
95 protected static final String MIDP_PROFILE_ATTRIBUTE_NAME = "MicroEdition-Profile"; |
|
96 protected static final String MIDP3 = "MIDP-3.0"; |
|
97 protected static final String MIDP2 = "MIDP-2.0"; |
|
98 private static final String COMMA = ","; |
|
99 |
|
100 // constants for the error messages to be displayed in case of failures |
|
101 protected String LEGACY_NOT_ALLOWED_MSG = "Placing a MIDP3 attribute in a MIDP2 descriptor threw InvalidAttributeException with following status code and message: "; |
|
102 protected String MIDP3_ATTRIBUTE_NOT_ALLOWED_MSG = "Placing a MIDP3 attribute in a MIDP2 descriptor threw InvalidAttributeException with following status code and message: "; |
|
103 protected String MIDP2_SIGNATURE_NOT_ALLOWED_MSG = "Placing a MIDP3 signature in a MIDP3 descriptor threw InvalidAttributeException with following status code and message: "; |
|
104 protected String UNKNOWN_PERMISSION_MSG = "Placing an unknown permission into descriptor threw InvalidAttributeException with following status code and message: "; |
|
105 protected String EMPTY_CERTIFICATE_MSG = "Certificate with empty value threw InvalidAttributeException with following status code and message: "; |
|
106 protected String INVALID_CERTIFICATE_MSG = "Certificate with invalid value threw InvalidAttributeException with following status code and message: "; |
|
107 protected String CERTIFICATE_WITHOUT_SIGNATURE_MSG = "Certificate without corresponding signature threw InvalidAttributeException with following status code and message: "; |
|
108 protected String INVALID_CERTIFICATE_SIGNATURE_MSG = "Certificate with invalid signature threw InvalidAttributeException with following status code and message: "; |
|
109 protected String INVALID_PERMISSION_VALUE_MSG = "Placing a permission attribute with invalid value threw InvalidAttributeException with following status code and message: "; |
|
110 protected String MISSING_CERTIFICATE_ATTRIBUTE_MSG = "Missing certificate attribute threw InvalidAttributeException with following status code and message: "; |
|
111 |
|
112 // Begin j2meunit test framework setup |
|
113 public void installerMain(String[] args) |
|
114 { |
|
115 TestSuite suite = new TestSuite(this.getClass().getName()); |
|
116 |
|
117 suite.addTest(new SecurityDescriptorAttributesTests("testAuthenticationAttributes", new TestMethod() |
|
118 { |
|
119 public void run(TestCase tc) |
|
120 { |
|
121 ((SecurityDescriptorAttributesTests)tc).testAuthenticationAttributes(); |
|
122 } |
|
123 })); |
|
124 suite.addTest(new SecurityDescriptorAttributesTests("testPermissionAttributes", new TestMethod() |
|
125 { |
|
126 public void run(TestCase tc) |
|
127 { |
|
128 ((SecurityDescriptorAttributesTests)tc).testPermissionAttributes(); |
|
129 } |
|
130 })); |
|
131 |
|
132 com.nokia.mj.impl.utils.OmjTestRunner.run(suite); |
|
133 } |
|
134 |
|
135 public SecurityDescriptorAttributesTests() |
|
136 { |
|
137 } |
|
138 |
|
139 public SecurityDescriptorAttributesTests(String aTestName, TestMethod aTestMethod) |
|
140 { |
|
141 super(aTestName, aTestMethod); |
|
142 } |
|
143 |
|
144 public void assertFalse(String aMsg, boolean aCondition) |
|
145 { |
|
146 assertTrue(aMsg, !aCondition); |
|
147 } |
|
148 |
|
149 // End j2meunit test framework setup |
|
150 |
|
151 protected void setUp() |
|
152 { |
|
153 allAttributes = new Hashtable(); |
|
154 securityAttributes = new SecurityAttributes(); |
|
155 } |
|
156 |
|
157 protected void tearDown() |
|
158 { |
|
159 } |
|
160 |
|
161 // tests for chain and signature attributes |
|
162 protected void testAuthenticationAttributes() |
|
163 { |
|
164 // no attributes |
|
165 allAttributes.clear(); |
|
166 authAttributes = securityAttributes.getAuthenticationAttributes(); |
|
167 assertTrue((authAttributes == null) || (authAttributes.length == 0)); |
|
168 // empty certificate attribute |
|
169 try |
|
170 { |
|
171 allAttributes.clear(); |
|
172 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("", "")); |
|
173 securityAttributes = new SecurityAttributes(); |
|
174 securityAttributes.addDescriptorAttributes(allAttributes); |
|
175 assertTrue(EMPTY_CERTIFICATE_MSG, false); |
|
176 } |
|
177 catch (InvalidAttributeException e) |
|
178 { |
|
179 assertTrue(EMPTY_CERTIFICATE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
180 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
181 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
182 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
183 new String[] {AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1"}))); |
|
184 } |
|
185 // invalid certificate attribute |
|
186 try |
|
187 { |
|
188 allAttributes.clear(); |
|
189 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","?%cert")); |
|
190 securityAttributes = new SecurityAttributes(); |
|
191 securityAttributes.addDescriptorAttributes(allAttributes); |
|
192 assertTrue(INVALID_CERTIFICATE_MSG, false); |
|
193 } |
|
194 catch (InvalidAttributeException e) |
|
195 { |
|
196 assertTrue(INVALID_CERTIFICATE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
197 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
198 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
199 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
200 new String[] {AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1"}))); |
|
201 } |
|
202 // missing signature attribute |
|
203 allAttributes.clear(); |
|
204 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert")); |
|
205 securityAttributes = new SecurityAttributes(); |
|
206 securityAttributes.addDescriptorAttributes(allAttributes); |
|
207 assertTrue(securityAttributes.getAuthenticationAttributes() == null); |
|
208 // missing certificate attribute |
|
209 try |
|
210 { |
|
211 allAttributes.clear(); |
|
212 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
213 securityAttributes = new SecurityAttributes(); |
|
214 securityAttributes.addDescriptorAttributes(allAttributes); |
|
215 assertTrue(MISSING_CERTIFICATE_ATTRIBUTE_MSG, false); |
|
216 } |
|
217 catch (InvalidAttributeException e) |
|
218 { |
|
219 assertTrue(MISSING_CERTIFICATE_ATTRIBUTE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
220 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
221 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
222 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_MISSING, |
|
223 new String[] {AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1"}))); |
|
224 } |
|
225 // invalid signature attribute value |
|
226 try |
|
227 { |
|
228 allAttributes.clear(); |
|
229 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert")); |
|
230 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","?signature")); |
|
231 securityAttributes = new SecurityAttributes(); |
|
232 securityAttributes.addDescriptorAttributes(allAttributes); |
|
233 assertTrue(INVALID_CERTIFICATE_SIGNATURE_MSG, false); |
|
234 } |
|
235 catch (InvalidAttributeException e) |
|
236 { |
|
237 assertTrue(INVALID_CERTIFICATE_SIGNATURE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
238 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
239 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
240 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
241 new String[] {AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME}))); |
|
242 } |
|
243 // invalid signature attribute |
|
244 try |
|
245 { |
|
246 allAttributes.clear(); |
|
247 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
248 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert")); |
|
249 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1", new Attribute("","?signature")); |
|
250 securityAttributes = new SecurityAttributes(); |
|
251 securityAttributes.addDescriptorAttributes(allAttributes); |
|
252 assertTrue(INVALID_CERTIFICATE_SIGNATURE_MSG, false); |
|
253 } |
|
254 catch (InvalidAttributeException e) |
|
255 { |
|
256 assertTrue(INVALID_CERTIFICATE_SIGNATURE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
257 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
258 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
259 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
260 new String[] {AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1"}))); |
|
261 } |
|
262 // missing signature |
|
263 try |
|
264 { |
|
265 allAttributes.clear(); |
|
266 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
267 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert")); |
|
268 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "2", new Attribute("","signature")); |
|
269 securityAttributes = new SecurityAttributes(); |
|
270 securityAttributes.addDescriptorAttributes(allAttributes); |
|
271 assertTrue(MISSING_CERTIFICATE_ATTRIBUTE_MSG, false); |
|
272 } |
|
273 catch (InvalidAttributeException e) |
|
274 { |
|
275 assertTrue(MISSING_CERTIFICATE_ATTRIBUTE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
276 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
277 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
278 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_MISSING, |
|
279 new String[] {AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-1"}))); |
|
280 } |
|
281 // MIDP3 signature attribute in a MIDP2 descriptor |
|
282 try |
|
283 { |
|
284 allAttributes.clear(); |
|
285 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert")); |
|
286 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1", new Attribute("","signature")); |
|
287 securityAttributes = new SecurityAttributes(); |
|
288 securityAttributes.addDescriptorAttributes(allAttributes); |
|
289 assertTrue(MIDP3_ATTRIBUTE_NOT_ALLOWED_MSG, false); |
|
290 } |
|
291 catch (InvalidAttributeException e) |
|
292 { |
|
293 assertTrue(MIDP3_ATTRIBUTE_NOT_ALLOWED_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
294 e.getOtaStatusCode() == OtaStatusCode.INVALID_DESCRIPTOR |
|
295 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
296 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
297 new String[] {AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1"}))); |
|
298 } |
|
299 // MIDP2 signature in MIDP3 descriptor is illegal |
|
300 try |
|
301 { |
|
302 allAttributes.clear(); |
|
303 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
304 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert")); |
|
305 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
306 securityAttributes = new SecurityAttributes(); |
|
307 securityAttributes.addDescriptorAttributes(allAttributes); |
|
308 assertTrue(MIDP2_SIGNATURE_NOT_ALLOWED_MSG, false); |
|
309 } |
|
310 catch (InvalidAttributeException e) |
|
311 { |
|
312 assertTrue(MIDP2_SIGNATURE_NOT_ALLOWED_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
313 e.getOtaStatusCode() == OtaStatusCode.INVALID_DESCRIPTOR |
|
314 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
315 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
316 new String[] {AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME}))); |
|
317 } |
|
318 // MIDP2 signature in MIDP3 descriptor is illegal, even though there are sufficient MIDP3 signatures |
|
319 try |
|
320 { |
|
321 // MIDP2 signature is ignored, but this case succeeds since the MIDP3 signature is present |
|
322 allAttributes.clear(); |
|
323 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
324 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert")); |
|
325 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1", new Attribute("","signature")); |
|
326 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
327 securityAttributes = new SecurityAttributes(); |
|
328 securityAttributes.addDescriptorAttributes(allAttributes); |
|
329 assertTrue(MIDP2_SIGNATURE_NOT_ALLOWED_MSG, false); |
|
330 } |
|
331 catch (InvalidAttributeException e) |
|
332 { |
|
333 assertTrue(MIDP2_SIGNATURE_NOT_ALLOWED_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
334 e.getOtaStatusCode() == OtaStatusCode.INVALID_DESCRIPTOR |
|
335 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
336 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
337 new String[] {AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME}))); |
|
338 } |
|
339 // one certificate chain with 2 certificates and signature |
|
340 allAttributes.clear(); |
|
341 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
342 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
343 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
344 securityAttributes = new SecurityAttributes(); |
|
345 securityAttributes.addDescriptorAttributes(allAttributes); |
|
346 authAttributes = securityAttributes.getAuthenticationAttributes(); |
|
347 assertTrue(authAttributes != null |
|
348 && authAttributes.length == 1 |
|
349 && checkChainsAndSignatures(authAttributes, |
|
350 new String[] {"cert1", "cert2"}, |
|
351 new String[] {"signature"})); |
|
352 // 2 identical certificate chains and 1 signature -> only one chain and signature returned (duplicates ignored) |
|
353 allAttributes.clear(); |
|
354 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
355 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
356 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
357 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-1", new Attribute("","cert1")); |
|
358 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-2", new Attribute("","cert2")); |
|
359 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
360 securityAttributes = new SecurityAttributes(); |
|
361 securityAttributes.addDescriptorAttributes(allAttributes); |
|
362 authAttributes = securityAttributes.getAuthenticationAttributes(); |
|
363 assertTrue(authAttributes != null |
|
364 && authAttributes.length == 1 |
|
365 && checkChainsAndSignatures(authAttributes, |
|
366 new String[] {"cert1", "cert2"}, |
|
367 new String[] {"signature"})); |
|
368 // 2 identical certificate chains and 2 signatures -> only one chain and signature returned (duplicates ignored) |
|
369 allAttributes.clear(); |
|
370 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
371 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
372 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
373 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1", new Attribute("","signature")); |
|
374 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-1", new Attribute("","cert1")); |
|
375 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-2", new Attribute("","cert2")); |
|
376 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "2", new Attribute("","signature")); |
|
377 securityAttributes = new SecurityAttributes(); |
|
378 securityAttributes.addDescriptorAttributes(allAttributes); |
|
379 authAttributes = securityAttributes.getAuthenticationAttributes(); |
|
380 assertTrue(authAttributes != null |
|
381 && authAttributes.length == 1 |
|
382 && checkChainsAndSignatures(authAttributes, |
|
383 new String[] {"cert1", "cert2"}, |
|
384 new String[] {"signature"})); |
|
385 // one certificate chain with 2 certificates and signature |
|
386 allAttributes.clear(); |
|
387 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
388 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
389 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-4", new Attribute("","cert4")); |
|
390 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
391 securityAttributes = new SecurityAttributes(); |
|
392 securityAttributes.addDescriptorAttributes(allAttributes); |
|
393 authAttributes = securityAttributes.getAuthenticationAttributes(); |
|
394 assertTrue(authAttributes != null |
|
395 && authAttributes.length == 1 |
|
396 && checkChainsAndSignatures(authAttributes, |
|
397 new String[] {"cert1", "cert2"}, |
|
398 new String[] {"signature"})); |
|
399 // two certificate chains with missing one signature -> pick up the valid certificate and ignore the invalid one |
|
400 allAttributes.clear(); |
|
401 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
402 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-1", new Attribute("","cert21")); |
|
403 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-2", new Attribute("","cert22")); |
|
404 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert11")); |
|
405 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert12")); |
|
406 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-4", new Attribute("","cert14")); |
|
407 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "4-1", new Attribute("","cert41")); |
|
408 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "4-2", new Attribute("","cert42")); |
|
409 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1" , new Attribute("","signature1")); |
|
410 securityAttributes = new SecurityAttributes(); |
|
411 securityAttributes.addDescriptorAttributes(allAttributes); |
|
412 authAttributes = securityAttributes.getAuthenticationAttributes(); |
|
413 assertTrue(authAttributes != null |
|
414 && authAttributes.length == 1 |
|
415 && checkChainsAndSignatures(authAttributes, |
|
416 new String[] {"cert11", "cert12"}, |
|
417 new String[] {"signature1"})); |
|
418 // two invalid certificate chains: first one with missing signature, the second one invalid certificate -> signal the invalid certificate |
|
419 try |
|
420 { |
|
421 allAttributes.clear(); |
|
422 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
423 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-1", new Attribute("","cert21")); |
|
424 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-2", new Attribute("","*cert22")); |
|
425 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert11")); |
|
426 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert12")); |
|
427 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-4", new Attribute("","cert14")); |
|
428 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "4-1", new Attribute("","cert41")); |
|
429 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "4-2", new Attribute("","cert42")); |
|
430 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "2" , new Attribute("","signature2")); |
|
431 securityAttributes = new SecurityAttributes(); |
|
432 securityAttributes.addDescriptorAttributes(allAttributes); |
|
433 assertTrue(CERTIFICATE_WITHOUT_SIGNATURE_MSG, false); |
|
434 } |
|
435 catch (InvalidAttributeException e) |
|
436 { |
|
437 assertTrue(INVALID_CERTIFICATE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
438 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
439 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
440 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
441 new String[] {AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-2"}))); |
|
442 } |
|
443 // two invalid certificate chains: first one with invalid certificate, the second one with missing signature -> signal the invalid certificate |
|
444 try |
|
445 { |
|
446 allAttributes.clear(); |
|
447 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
448 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-1", new Attribute("","cert21")); |
|
449 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-2", new Attribute("","cert22")); |
|
450 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert11")); |
|
451 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","*cert12")); |
|
452 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1" , new Attribute("","signature1")); |
|
453 securityAttributes = new SecurityAttributes(); |
|
454 securityAttributes.addDescriptorAttributes(allAttributes); |
|
455 assertTrue(INVALID_CERTIFICATE_MSG, false); |
|
456 } |
|
457 catch (InvalidAttributeException e) |
|
458 { |
|
459 assertTrue(INVALID_CERTIFICATE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
460 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
461 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
462 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
463 new String[] {AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2"}))); |
|
464 } |
|
465 // two certificate chains with two signatures |
|
466 allAttributes.clear(); |
|
467 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
468 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-1", new Attribute("","cert21")); |
|
469 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-2", new Attribute("","cert22")); |
|
470 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "2-3", new Attribute("","cert23")); |
|
471 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert11")); |
|
472 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert12")); |
|
473 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-4", new Attribute("","cert14")); |
|
474 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "4-1", new Attribute("","cert41")); |
|
475 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "4-2", new Attribute("","cert42")); |
|
476 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1" , new Attribute("","signature1")); |
|
477 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "2" , new Attribute("","signature2")); |
|
478 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "5" , new Attribute("","signature5")); |
|
479 securityAttributes = new SecurityAttributes(); |
|
480 securityAttributes.addDescriptorAttributes(allAttributes); |
|
481 authAttributes = securityAttributes.getAuthenticationAttributes(); |
|
482 assertTrue(authAttributes != null |
|
483 && authAttributes.length == 2 |
|
484 && checkChainsAndSignatures(authAttributes, |
|
485 new String[] {"cert11", "cert12", "cert21", "cert22", "cert23"}, |
|
486 new String[] {"signature1", "signature2"})); |
|
487 // 100 certificate chains (10 certificates each) with 100 signatures |
|
488 allAttributes.clear(); |
|
489 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
490 for (int i=1; i<=100; i++) |
|
491 { |
|
492 for (int j=1; j<=10; j++) |
|
493 { |
|
494 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + i + "-" + j, new Attribute("","cert"+ i + "" + j)); |
|
495 } |
|
496 allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + i , new Attribute("","signature" + i)); |
|
497 } |
|
498 securityAttributes = new SecurityAttributes(); |
|
499 securityAttributes.addDescriptorAttributes(allAttributes); |
|
500 authAttributes = securityAttributes.getAuthenticationAttributes(); |
|
501 assertTrue(authAttributes != null && authAttributes.length == 100); |
|
502 for (int i=0; i<100; i++) |
|
503 { |
|
504 // make sure we have 10 certs in each chain and a corresponding signature |
|
505 assertTrue(authAttributes[i].getCertChain() != null |
|
506 && authAttributes[i].getSignature() != null |
|
507 && authAttributes[i].getCertChain().length == 10 |
|
508 && authAttributes[i].getSignature().equals("signature" + (i+1))); |
|
509 // check each chain |
|
510 for (int j=0; j<10; j++) |
|
511 { |
|
512 assertTrue((authAttributes[i].getCertChain())[j] |
|
513 .equals("cert" + (i+1) + "" + (j+1))); |
|
514 } |
|
515 } |
|
516 } |
|
517 |
|
518 // tests for permission attributes |
|
519 protected void testPermissionAttributes() |
|
520 { |
|
521 // MIDP2 mandatory permissions attribute in a MIDP3 descriptor not allowed |
|
522 try |
|
523 { |
|
524 allAttributes.clear(); |
|
525 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
526 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","Perm1, Perm2")); |
|
527 securityAttributes = new SecurityAttributes(); |
|
528 securityAttributes.addDescriptorAttributes(allAttributes); |
|
529 assertTrue(LEGACY_NOT_ALLOWED_MSG, false); |
|
530 } |
|
531 catch (InvalidAttributeException e) |
|
532 { |
|
533 assertTrue(LEGACY_NOT_ALLOWED_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
534 e.getOtaStatusCode() == OtaStatusCode.INVALID_DESCRIPTOR |
|
535 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
536 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
537 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
|
538 } |
|
539 // MIDP2 optional permissions attribute in a MIDP3 descriptor not allowed |
|
540 try |
|
541 { |
|
542 allAttributes.clear(); |
|
543 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
544 allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("","Perm1, Perm2")); |
|
545 securityAttributes = new SecurityAttributes(); |
|
546 securityAttributes.addDescriptorAttributes(allAttributes); |
|
547 assertTrue(LEGACY_NOT_ALLOWED_MSG, false); |
|
548 } |
|
549 catch (InvalidAttributeException e) |
|
550 { |
|
551 assertTrue(LEGACY_NOT_ALLOWED_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
552 e.getOtaStatusCode() == OtaStatusCode.INVALID_DESCRIPTOR |
|
553 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
554 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
555 new String[] {PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME}))); |
|
556 } |
|
557 // MIDP3 mandatory permissions attribute in a MIDP2 descriptor not allowed |
|
558 try |
|
559 { |
|
560 allAttributes.clear(); |
|
561 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
562 allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1", |
|
563 new Attribute("","PermissionClassName TargetName ActionList")); |
|
564 securityAttributes = new SecurityAttributes(); |
|
565 securityAttributes.addDescriptorAttributes(allAttributes); |
|
566 assertTrue(MIDP3_ATTRIBUTE_NOT_ALLOWED_MSG, false); |
|
567 } |
|
568 catch (InvalidAttributeException e) |
|
569 { |
|
570 assertTrue(MIDP3_ATTRIBUTE_NOT_ALLOWED_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
571 e.getOtaStatusCode() == OtaStatusCode.INVALID_DESCRIPTOR |
|
572 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
573 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
574 new String[] {PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1"}))); |
|
575 } |
|
576 // MIDP3 optional permissions attribute in a MIDP2 descriptor not allowed |
|
577 try |
|
578 { |
|
579 allAttributes.clear(); |
|
580 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
581 allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1", |
|
582 new Attribute("","PermissionClassName TargetName ActionList")); |
|
583 securityAttributes = new SecurityAttributes(); |
|
584 securityAttributes.addDescriptorAttributes(allAttributes); |
|
585 assertTrue(MIDP3_ATTRIBUTE_NOT_ALLOWED_MSG, false); |
|
586 } |
|
587 catch (InvalidAttributeException e) |
|
588 { |
|
589 assertTrue(MIDP3_ATTRIBUTE_NOT_ALLOWED_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
590 e.getOtaStatusCode() == OtaStatusCode.INVALID_DESCRIPTOR |
|
591 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
592 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
593 new String[] {PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1"}))); |
|
594 } |
|
595 // MIDP2 mandatory permissions handling - invalid permission value, but because the auth info is not present |
|
596 // (MIDlet suite unsigned) the permission attributes are ignored, instead one PermissionAttribute is returned |
|
597 allAttributes.clear(); |
|
598 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
599 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, |
|
600 new Attribute("","PermissionClassName TargetName ActionList")); |
|
601 securityAttributes = new SecurityAttributes(); |
|
602 securityAttributes.addDescriptorAttributes(allAttributes); |
|
603 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
604 assertTrue(permissionAttributes != null |
|
605 && permissionAttributes.length == 1 |
|
606 && permissionAttributes[0].isLegacyAttribute()); |
|
607 // MIDP2 mandatory permissions handling - invalid permission value |
|
608 try |
|
609 { |
|
610 allAttributes.clear(); |
|
611 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
612 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, |
|
613 new Attribute("","PermissionClassName TargetName ActionList")); |
|
614 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
615 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
616 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
617 securityAttributes = new SecurityAttributes(); |
|
618 securityAttributes.addDescriptorAttributes(allAttributes); |
|
619 assertTrue(UNKNOWN_PERMISSION_MSG, false); |
|
620 } |
|
621 catch (InvalidAttributeException e) |
|
622 { |
|
623 assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
624 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
|
625 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
626 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
|
627 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
|
628 } |
|
629 // MIDP2 mandatory permissions handling - unknown permission value |
|
630 try |
|
631 { |
|
632 allAttributes.clear(); |
|
633 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
634 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, |
|
635 new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA |
|
636 + MIDP2_SERVER_SOCKET_PERMISSION + COMMA |
|
637 + "MyPermission")); |
|
638 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
639 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
640 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
641 securityAttributes = new SecurityAttributes(); |
|
642 securityAttributes.addDescriptorAttributes(allAttributes); |
|
643 assertTrue(UNKNOWN_PERMISSION_MSG, false); |
|
644 } |
|
645 catch (InvalidAttributeException e) |
|
646 { |
|
647 assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
648 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE |
|
649 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
650 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, |
|
651 new String[] {PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME}))); |
|
652 } |
|
653 // MIDP2 mandatory permissions handling - known permission value |
|
654 allAttributes.clear(); |
|
655 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
656 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, |
|
657 new Attribute("",MIDP2_SOCKET_PERMISSION |
|
658 + COMMA + " " |
|
659 + MIDP2_HTTP_PERMISSION)); |
|
660 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
661 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
662 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
663 securityAttributes = new SecurityAttributes(); |
|
664 securityAttributes.addDescriptorAttributes(allAttributes); |
|
665 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
666 assertTrue(permissionAttributes != null |
|
667 && permissionAttributes.length == 2 |
|
668 && checkImportance(permissionAttributes, 0, 2) |
|
669 && checkNamesAndTargets(permissionAttributes, |
|
670 new String[] {INTERNAL_SOCKET_PERMISSION, INTERNAL_HTTP_PERMISSION}) |
|
671 && checkActionLists(permissionAttributes)); |
|
672 // MIDP2 mandatory permissions handling - two permissions with same name -> one permission only (discard duplicates) |
|
673 allAttributes.clear(); |
|
674 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
675 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, |
|
676 new Attribute("",MIDP2_SSL_PERMISSION + COMMA |
|
677 + MIDP2_SSL_PERMISSION)); |
|
678 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
679 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
680 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
681 securityAttributes = new SecurityAttributes(); |
|
682 securityAttributes.addDescriptorAttributes(allAttributes); |
|
683 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
684 assertTrue(permissionAttributes != null |
|
685 && permissionAttributes.length == 1 |
|
686 && checkImportance(permissionAttributes, 0, 1) |
|
687 && checkNamesAndTargets(permissionAttributes, |
|
688 new String[] {INTERNAL_SSL_PERMISSION}) |
|
689 && checkActionLists(permissionAttributes)); |
|
690 // MIDP2 optional permissions handling - invalid permission value |
|
691 try |
|
692 { |
|
693 allAttributes.clear(); |
|
694 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
695 allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("","*?")); |
|
696 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
697 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
698 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
699 securityAttributes = new SecurityAttributes(); |
|
700 securityAttributes.addDescriptorAttributes(allAttributes); |
|
701 assertTrue(UNKNOWN_PERMISSION_MSG, true); |
|
702 } |
|
703 catch (InvalidAttributeException e) |
|
704 { |
|
705 assertTrue(UNKNOWN_PERMISSION_MSG, false); |
|
706 } |
|
707 // MIDP2 optional permissions handling - unknown permission value |
|
708 try |
|
709 { |
|
710 allAttributes.clear(); |
|
711 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
712 allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, |
|
713 new Attribute("","MyPermission," + MIDP2_SOCKET_PERMISSION)); |
|
714 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
715 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
716 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
717 securityAttributes = new SecurityAttributes(); |
|
718 securityAttributes.addDescriptorAttributes(allAttributes); |
|
719 assertTrue(UNKNOWN_PERMISSION_MSG, true); |
|
720 } |
|
721 catch (InvalidAttributeException e) |
|
722 { |
|
723 assertTrue(UNKNOWN_PERMISSION_MSG, false); |
|
724 } |
|
725 // MIDP2 optional permissions handling - known permission value |
|
726 allAttributes.clear(); |
|
727 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
728 allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, |
|
729 new Attribute("",MIDP2_DATAGRAM_PERMISSION + COMMA |
|
730 + MIDP2_COMM_PERMISSION)); |
|
731 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
732 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
733 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
734 securityAttributes = new SecurityAttributes(); |
|
735 securityAttributes.addDescriptorAttributes(allAttributes); |
|
736 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
737 assertTrue(permissionAttributes != null |
|
738 && permissionAttributes.length == 2 |
|
739 && checkImportance(permissionAttributes, 2, 0) |
|
740 && checkNamesAndTargets(permissionAttributes, |
|
741 new String[] |
|
742 { |
|
743 INTERNAL_DATAGRAM_PERMISSION, |
|
744 INTERNAL_COMM_PERMISSION |
|
745 }) |
|
746 && checkActionLists(permissionAttributes)); |
|
747 // MIDP2 optional permissions handling - two permissions with same name -> one permission only (discard duplicates) |
|
748 allAttributes.clear(); |
|
749 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
750 allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, |
|
751 new Attribute("",MIDP2_PUSH_REGISTRY_PERMISSION + COMMA |
|
752 + MIDP2_PUSH_REGISTRY_PERMISSION)); |
|
753 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
754 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
755 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
756 securityAttributes = new SecurityAttributes(); |
|
757 securityAttributes.addDescriptorAttributes(allAttributes); |
|
758 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
759 assertTrue(permissionAttributes != null |
|
760 && permissionAttributes.length == 1 |
|
761 && checkImportance(permissionAttributes, 1, 0) |
|
762 && checkNamesAndTargets(permissionAttributes, |
|
763 new String[] {INTERNAL_PUSH_REGISTRY_PERMISSION}) |
|
764 && checkActionLists(permissionAttributes)); |
|
765 // both optional and mandatory present and ok |
|
766 allAttributes.clear(); |
|
767 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); |
|
768 allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, |
|
769 new Attribute("",MIDP2_DATAGRAM_PERMISSION + COMMA |
|
770 + " " |
|
771 + MIDP2_COMM_PERMISSION)); |
|
772 allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, |
|
773 new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION)); |
|
774 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("","cert1")); |
|
775 allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-2", new Attribute("","cert2")); |
|
776 allAttributes.put(AuthenticationAttribute.SECOND_LEGACY_ATTRIBUTE_NAME, new Attribute("","signature")); |
|
777 securityAttributes = new SecurityAttributes(); |
|
778 securityAttributes.addDescriptorAttributes(allAttributes); |
|
779 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
780 assertTrue(permissionAttributes != null |
|
781 && permissionAttributes.length == 4 |
|
782 && checkImportance(permissionAttributes, 2, 2) |
|
783 && checkNamesAndTargets(permissionAttributes, |
|
784 new String[] |
|
785 { |
|
786 INTERNAL_DATAGRAM_PERMISSION, |
|
787 INTERNAL_COMM_PERMISSION, |
|
788 INTERNAL_SOCKET_PERMISSION, |
|
789 INTERNAL_HTTP_PERMISSION |
|
790 }) |
|
791 && checkActionLists(permissionAttributes)); |
|
792 // MIDP3 permissions without name and without target |
|
793 allAttributes.clear(); |
|
794 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
795 allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass")); |
|
796 allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1",new Attribute("","MyOptionalClass")); |
|
797 securityAttributes = new SecurityAttributes(); |
|
798 securityAttributes.addDescriptorAttributes(allAttributes); |
|
799 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
800 assertTrue(permissionAttributes != null |
|
801 && permissionAttributes.length == 2 |
|
802 && checkImportance(permissionAttributes, 1, 1) |
|
803 && checkNamesAndTargets(permissionAttributes, |
|
804 new String[] {"MyMandatoryClass", "MyOptionalClass"}, new String[] {null, null}) |
|
805 && checkActionLists(permissionAttributes)); |
|
806 // MIDP3 permissions without target |
|
807 allAttributes.clear(); |
|
808 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
809 allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget")); |
|
810 allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1",new Attribute("","MyOptionalClass MyOptionalTarget")); |
|
811 securityAttributes = new SecurityAttributes(); |
|
812 securityAttributes.addDescriptorAttributes(allAttributes); |
|
813 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
814 assertTrue(permissionAttributes != null |
|
815 && permissionAttributes.length == 2 |
|
816 && checkImportance(permissionAttributes, 1, 1) |
|
817 && checkNamesAndTargets(permissionAttributes, |
|
818 new String[] {"MyMandatoryClass", "MyOptionalClass"}, new String[] {"MyMandatoryTarget","MyOptionalTarget"}) |
|
819 && checkActionLists(permissionAttributes)); |
|
820 // MIDP3 valid permissions |
|
821 allAttributes.clear(); |
|
822 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
823 allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3")); |
|
824 allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1",new Attribute("","MyOptionalClass MyOptionalTarget MyOptionalAction")); |
|
825 securityAttributes = new SecurityAttributes(); |
|
826 securityAttributes.addDescriptorAttributes(allAttributes); |
|
827 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
828 assertTrue(permissionAttributes != null |
|
829 && permissionAttributes.length == 2 |
|
830 && checkImportance(permissionAttributes, 1, 1) |
|
831 && checkNamesAndTargets(permissionAttributes, |
|
832 new String[] {"MyMandatoryClass", "MyOptionalClass"}, new String[] {"MyMandatoryTarget","MyOptionalTarget"}) |
|
833 && checkActionLists(permissionAttributes, new String[] {"MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3", "MyOptionalAction"})); |
|
834 // MIDP3 valid permissions - 2 identical permissions -> only one permission returned (duplicates ignored) |
|
835 allAttributes.clear(); |
|
836 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
837 allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3")); |
|
838 allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "2",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3 ")); |
|
839 allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1",new Attribute("","MyOptionalClass MyOptionalTarget MyOptionalAction")); |
|
840 allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "2",new Attribute("","MyOptionalClass MyOptionalTarget MyOptionalAction")); |
|
841 securityAttributes = new SecurityAttributes(); |
|
842 securityAttributes.addDescriptorAttributes(allAttributes); |
|
843 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
844 assertTrue(permissionAttributes != null |
|
845 && permissionAttributes.length == 2 |
|
846 && checkImportance(permissionAttributes, 1, 1) |
|
847 && checkNamesAndTargets(permissionAttributes, |
|
848 new String[] {"MyMandatoryClass", "MyOptionalClass"}, new String[] {"MyMandatoryTarget","MyOptionalTarget"}) |
|
849 && checkActionLists(permissionAttributes, new String[] {"MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3", "MyOptionalAction"})); |
|
850 // invalid mandatory permission |
|
851 try |
|
852 { |
|
853 allAttributes.clear(); |
|
854 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
855 allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1 MyMandatoryAction2")); |
|
856 securityAttributes = new SecurityAttributes(); |
|
857 securityAttributes.addDescriptorAttributes(allAttributes); |
|
858 assertTrue(INVALID_PERMISSION_VALUE_MSG, false); |
|
859 } |
|
860 catch (InvalidAttributeException e) |
|
861 { |
|
862 assertTrue(INVALID_PERMISSION_VALUE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
863 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
864 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
865 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
866 new String[] {PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1"}))); |
|
867 } |
|
868 // invalid mandatory permission |
|
869 try |
|
870 { |
|
871 allAttributes.clear(); |
|
872 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
873 allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1 MyMandatoryAction2")); |
|
874 securityAttributes = new SecurityAttributes(); |
|
875 securityAttributes.addDescriptorAttributes(allAttributes); |
|
876 assertTrue(INVALID_PERMISSION_VALUE_MSG, false); |
|
877 } |
|
878 catch (InvalidAttributeException e) |
|
879 { |
|
880 assertTrue(INVALID_PERMISSION_VALUE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), |
|
881 e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHENTICATION_FAILURE |
|
882 && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) |
|
883 && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_HANDLING_FAILED, |
|
884 new String[] {PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1"}))); |
|
885 } |
|
886 // skip trailing and leading spaces for the permission triplet |
|
887 allAttributes.clear(); |
|
888 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
889 allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1",new Attribute(""," MyMandatoryClass MyMandatoryTarget MyMandatoryAction ")); |
|
890 securityAttributes = new SecurityAttributes(); |
|
891 securityAttributes.addDescriptorAttributes(allAttributes); |
|
892 permissionAttributes = securityAttributes.getPermissionAttributes(); |
|
893 assertTrue(permissionAttributes != null |
|
894 && permissionAttributes.length == 1 |
|
895 && checkImportance(permissionAttributes, 1, 0) |
|
896 && checkNamesAndTargets(permissionAttributes, |
|
897 new String[] {"MyMandatoryClass"}, new String[] {"MyMandatoryTarget"}) |
|
898 && checkActionLists(permissionAttributes, new String[] {"MyMandatoryAction"})); |
|
899 // invalid classnames |
|
900 String[] JAVA_KEYWORDS = |
|
901 { |
|
902 "abstract","continue","for","new","switch", |
|
903 "assert","default","if","package","synchronized", |
|
904 "boolean","do","goto","private","this","break", |
|
905 "double","implements","protected","throw","byte", |
|
906 "else","import","public","throws","case","enum", |
|
907 "instanceof","return","transient","catch","extends", |
|
908 "int","short","try","char","final","interface","static", |
|
909 "void","class","finally","long","strictfp","volatile", |
|
910 "const","float","native","super","while", |
|
911 "true", "false", "null" |
|
912 }; |
|
913 allAttributes.clear(); |
|
914 allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); |
|
915 String className = null; |
|
916 for (int i=0; i<JAVA_KEYWORDS.length; i++) |
|
917 { |
|
918 switch (i%3) |
|
919 { |
|
920 case 2: |
|
921 className = JAVA_KEYWORDS[i] + ".mypackage.myclassame"; |
|
922 break; |
|
923 case 0: |
|
924 className = "mypackage." + JAVA_KEYWORDS[i] + ".myclassame"; |
|
925 break; |
|
926 case 1: |
|
927 className = "mypackage.myclassame." + JAVA_KEYWORDS[i]; |
|
928 break; |
|
929 } |
|
930 try |
|
931 { |
|
932 allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1",new Attribute("",className + " MyMandatoryTarget MyMandatoryAction ")); |
|
933 securityAttributes = new SecurityAttributes(); |
|
934 securityAttributes.addDescriptorAttributes(allAttributes); |
|
935 assertTrue(INVALID_PERMISSION_VALUE_MSG, false); |
|
936 } |
|
937 catch (InvalidAttributeException e) |
|
938 { |
|
939 } |
|
940 } |
|
941 } |
|
942 |
|
943 private boolean checkImportance(PermissionAttribute[] permissionAttributes, int optionalPerms, int mandatoryPerms) |
|
944 { |
|
945 int oPerms = 0; |
|
946 int mPerms = 0; |
|
947 for (int i=0; i<permissionAttributes.length; i++) |
|
948 { |
|
949 switch (permissionAttributes[i].getImportance()) |
|
950 { |
|
951 case PermissionAttribute.OPTIONAL_PERMISSION: |
|
952 oPerms++; |
|
953 break; |
|
954 case PermissionAttribute.MANDATORY_PERMISSION: |
|
955 mPerms++; |
|
956 break; |
|
957 } |
|
958 } |
|
959 return (oPerms == optionalPerms && mPerms == mandatoryPerms); |
|
960 } |
|
961 |
|
962 private boolean checkNamesAndTargets(PermissionAttribute[] permissionAttributes, String[] permissionNames) |
|
963 { |
|
964 return checkNamesAndTargets(permissionAttributes, permissionNames, midp2PermissionTargets, true); |
|
965 } |
|
966 |
|
967 private boolean checkNamesAndTargets(PermissionAttribute[] permissionAttributes, String[] permissionNames, String[] permissionTargets) |
|
968 { |
|
969 Hashtable permissionTargetsMapping = new Hashtable(); |
|
970 for (int i=0; i < permissionNames.length; i++) |
|
971 { |
|
972 if (permissionTargets[i] == null) |
|
973 { |
|
974 permissionTargetsMapping.put(permissionNames[i], ""); |
|
975 } |
|
976 else |
|
977 { |
|
978 permissionTargetsMapping.put(permissionNames[i], permissionTargets[i]); |
|
979 } |
|
980 } |
|
981 return checkNamesAndTargets(permissionAttributes, permissionNames, permissionTargetsMapping, false); |
|
982 } |
|
983 |
|
984 |
|
985 private boolean checkNamesAndTargets(PermissionAttribute[] permissionAttributes, String[] permissionNames, Hashtable permissionTargets, boolean legacyAttributes) |
|
986 { |
|
987 boolean[] namesAndTargetsChecked = |
|
988 new boolean[permissionAttributes.length]; |
|
989 initBoolArray(namesAndTargetsChecked); |
|
990 // traverse the permissions and check their names and targets |
|
991 for (int i=0; i<permissionAttributes.length; i++) |
|
992 { |
|
993 if (legacyAttributes && !permissionAttributes[i].isLegacyAttribute()) |
|
994 { |
|
995 return false; |
|
996 } |
|
997 int index = findString(permissionAttributes[i].getName(), |
|
998 permissionNames); |
|
999 if (index == -1) |
|
1000 { |
|
1001 return false; |
|
1002 } |
|
1003 String target = (String)permissionTargets.get(permissionAttributes[i].getName()); |
|
1004 if ((target.length() == 0 && permissionAttributes[i].getTarget() != null) |
|
1005 || (target.length() != 0 && !permissionAttributes[i].getTarget().equals((String)target))) |
|
1006 { |
|
1007 return false; |
|
1008 } |
|
1009 if (!namesAndTargetsChecked[i]) |
|
1010 { |
|
1011 namesAndTargetsChecked[i] = true; |
|
1012 } |
|
1013 else |
|
1014 { |
|
1015 return false; |
|
1016 } |
|
1017 } |
|
1018 return checkBoolArray(namesAndTargetsChecked); |
|
1019 } |
|
1020 |
|
1021 private boolean checkActionLists(PermissionAttribute[] permissionAttributes) |
|
1022 { |
|
1023 return checkActionLists(permissionAttributes, null); |
|
1024 } |
|
1025 |
|
1026 private boolean checkActionLists(PermissionAttribute[] permissionAttributes, String[] actionLists) |
|
1027 { |
|
1028 boolean[] actionListsChecked = |
|
1029 new boolean[permissionAttributes.length]; |
|
1030 if (actionLists != null) |
|
1031 { |
|
1032 initBoolArray(actionListsChecked); |
|
1033 } |
|
1034 for (int i=0; i<permissionAttributes.length; i++) |
|
1035 { |
|
1036 if (actionLists == null && permissionAttributes[i].getActionList() != null) |
|
1037 { |
|
1038 return false; |
|
1039 } |
|
1040 if (actionLists != null) |
|
1041 { |
|
1042 int actionListIndex = findString(permissionAttributes[i].getActionList(), actionLists); |
|
1043 if (actionListIndex == -1) |
|
1044 { |
|
1045 return false; |
|
1046 } |
|
1047 if (!actionListsChecked[i]) |
|
1048 { |
|
1049 actionListsChecked[i] = true; |
|
1050 } |
|
1051 else |
|
1052 { |
|
1053 return false; |
|
1054 } |
|
1055 } |
|
1056 } |
|
1057 if (actionLists != null) |
|
1058 { |
|
1059 return checkBoolArray(actionListsChecked); |
|
1060 } |
|
1061 return true; |
|
1062 } |
|
1063 |
|
1064 private boolean checkChainsAndSignatures(AuthenticationAttribute[] authAttributes, String[] certs, String[] signatures) |
|
1065 { |
|
1066 boolean[] certsChecked = new boolean[certs.length]; |
|
1067 initBoolArray(certsChecked); |
|
1068 boolean[] signaturesChecked = new boolean[signatures.length]; |
|
1069 initBoolArray(signaturesChecked); |
|
1070 // traverse the permissions and check their names and targets |
|
1071 for (int i=0; i<authAttributes.length; i++) |
|
1072 { |
|
1073 // check chain |
|
1074 String[] chain = authAttributes[i].getCertChain(); |
|
1075 if (chain != null) |
|
1076 { |
|
1077 for (int j=0; j<chain.length; j++) |
|
1078 { |
|
1079 int certIndex = findString(chain[j],certs); |
|
1080 if (certIndex == -1) |
|
1081 { |
|
1082 return false; |
|
1083 } |
|
1084 if (!certsChecked[certIndex]) |
|
1085 { |
|
1086 certsChecked[certIndex] = true; |
|
1087 } |
|
1088 else |
|
1089 { |
|
1090 return false; |
|
1091 } |
|
1092 } |
|
1093 } |
|
1094 // check signature |
|
1095 int sigIndex = findString(authAttributes[i].getSignature(), |
|
1096 signatures); |
|
1097 if (sigIndex == -1) |
|
1098 { |
|
1099 return false; |
|
1100 } |
|
1101 if (!signaturesChecked[sigIndex]) |
|
1102 { |
|
1103 signaturesChecked[sigIndex] = true; |
|
1104 } |
|
1105 else |
|
1106 { |
|
1107 return false; |
|
1108 } |
|
1109 } |
|
1110 return (checkBoolArray(certsChecked) && checkBoolArray(signaturesChecked)); |
|
1111 } |
|
1112 |
|
1113 private int findString(String str, String[] strings) |
|
1114 { |
|
1115 for (int i=0; i<strings.length; i++) |
|
1116 { |
|
1117 if (str.equals(strings[i])) |
|
1118 { |
|
1119 return i; |
|
1120 } |
|
1121 } |
|
1122 return -1; |
|
1123 } |
|
1124 |
|
1125 private void initBoolArray(boolean[] boolArray) |
|
1126 { |
|
1127 for (int i=0; i<boolArray.length; i++) |
|
1128 { |
|
1129 boolArray[i] = false; |
|
1130 } |
|
1131 } |
|
1132 |
|
1133 private boolean checkBoolArray(boolean[] boolArray) |
|
1134 { |
|
1135 for (int i=0; i<boolArray.length; i++) |
|
1136 { |
|
1137 if (boolArray[i] == false) |
|
1138 { |
|
1139 return false; |
|
1140 } |
|
1141 } |
|
1142 return true; |
|
1143 } |
|
1144 } |