--- a/javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/midp/authorization/PermissionGranterTests.java Thu Aug 05 16:07:57 2010 +0300
+++ b/javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/midp/authorization/PermissionGranterTests.java Mon Aug 23 14:24:31 2010 +0300
@@ -57,6 +57,7 @@
{
private static String TEST_DATA_DIR;
+ int assertTrace = 0;
static
{
@@ -78,6 +79,12 @@
}
}
+ private void assertWithTrace(boolean aCondition)
+ {
+ assertTrue("" + assertTrace, aCondition);
+ assertTrace++;
+ }
+
// general-purpose constants
private static final String MIDP_PROFILE_ATTRIBUTE_NAME = "MicroEdition-Profile";
private static final String MIDP3 = "MIDP-3.0";
@@ -218,6 +225,7 @@
IMPL_PERMISSION_MAPPING_TABLE = PermissionMappingTable.setMappingTable(TestPermissionMappingTable.getMappingTable());
SecurityPolicyModule.policiesDir = TEST_DATA_DIR;
SecurityPolicyModule.policiesFileNamePrefix = "test_";
+ String[] blanketPermissions = null;
// data structures used in tests
AuthenticationStorageData authData = null;
AuthenticationCredentials[] authCredentials = null;
@@ -225,12 +233,12 @@
MIDPPermission[] jadPermissions;
MIDPPermission[] jarPermissions;
MIDPPermission[] allPermissions;
- assertTrue(permissionGranter != null);
+ assertWithTrace(permissionGranter != null);
// test the null values
permissionGranter.removeSecurityData(session, appUID);
- permissionGranter.grantJarPermissions(null, null, null, (PermissionAttribute[])null);
+ permissionGranter.grantJarPermissions(null, null, (PermissionAttribute[])null, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(grantedPermissions == null);
+ assertWithTrace(grantedPermissions == null);
// populate the storage
storage.removeAuthenticationStorageData(appUID);
permissionGranter.removeSecurityData(session, appUID);
@@ -258,9 +266,10 @@
allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_DATAGRAM_PERMISSION + COMMA + " " + MIDP2_COMM_PERMISSION));
allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Manufacturer", new String[]
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Manufacturer", new String[]
{
INTERNAL_DATAGRAM_PERMISSION, INTERNAL_COMM_PERMISSION, INTERNAL_SOCKET_PERMISSION,INTERNAL_HTTP_PERMISSION,"javax.microedition.PropertyPermission","javax.microedition.midlet.AutoStartPermission"
}),
@@ -286,9 +295,10 @@
allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_DATAGRAM_PERMISSION + COMMA + " " + MIDP2_COMM_PERMISSION));
allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("IdentifiedThirdParty",
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("IdentifiedThirdParty",
new String[] {INTERNAL_DATAGRAM_PERMISSION, INTERNAL_COMM_PERMISSION, INTERNAL_SOCKET_PERMISSION,INTERNAL_HTTP_PERMISSION}),
getAssignedPermissions("IdentifiedThirdParty")));
// 1.2 One of the requested mandatory permission is not available in the domain -> fail
@@ -313,12 +323,13 @@
allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1", new Attribute("",MIDP3_DATAGRAM_PERMISSION));
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1", new Attribute("",MIDP3_RUNTIME_PERMISSION + " name"));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
- assertTrue(INVALID_PERMISSION_VALUE_MSG, false);
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(false);
}
catch (InvalidAttributeException e)
{
- assertTrue(INVALID_PERMISSION_VALUE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(),
+ assertWithTrace(
e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE
&& e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null))
&& e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED,
@@ -342,9 +353,10 @@
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1", new Attribute("",MIDP3_RUNTIME_PERMISSION + " name"));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getAssignedPermissions("IdentifiedThirdParty"), true));
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getAssignedPermissions("IdentifiedThirdParty"), true));
// 2. Legacy, signed : permissions NOT requested in JAD & permissions requested in JAR -> grant the requested permissions filled in with right
// targets/actions from the policy plus the assigned ones
storage.removeAuthenticationStorageData(appUID);
@@ -364,9 +376,10 @@
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2));
allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Operator", new String[]
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Operator", new String[]
{
INTERNAL_SOCKET_PERMISSION, INTERNAL_HTTP_PERMISSION,"javax.microedition.PropertyPermission","javax.microedition.midlet.AutoStartPermission"
}),
@@ -388,9 +401,10 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, getAssignedPermissions("IdentifiedThirdParty"), true));
+ assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, getAssignedPermissions("IdentifiedThirdParty"), true));
// same for a domain which has one assigned permissions -> only the assigned + default permissions are granted
storage.removeAuthenticationStorageData(appUID);
permissionGranter.removeSecurityData(session, appUID);
@@ -408,9 +422,10 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Operator", new String[] {"javax.microedition.PropertyPermission","javax.microedition.midlet.AutoStartPermission"}),
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Operator", new String[] {"javax.microedition.PropertyPermission","javax.microedition.midlet.AutoStartPermission"}),
getDefaultPermissions()));
// 4. Legacy, unsigned : permissions requested in JAD & permissions requested in JAR -> ignore requested permissions and
// grant all the permissions available in the policy for untrusted MIDlets
@@ -433,9 +448,10 @@
allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("","MyOwnOptionalPermission"));
allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","MyOwnMandatoryPermission"));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty")));
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty")));
// 5. Legacy, unsigned : permissions requested in JAD & permissions NOT requested in JAR -> ignore requested permissions and,
// grant all the permissions available in the policy for untrusted MIDlets
storage.removeAuthenticationStorageData(appUID);
@@ -454,9 +470,10 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty")));
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty")));
// 6. Legacy, unsigned : permissions NOT requested in JAD & permissions requested in JAR -> ignore requested permissions and
// grant all the permissions available in the policy for untrusted MIDlets
storage.removeAuthenticationStorageData(appUID);
@@ -475,9 +492,10 @@
allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("","MyOwnOptionalPermission"));
allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","MyOwnMandatoryPermission"));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty")));
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty")));
// 7. Legacy, unsigned : permissions NOT requested in JAD & permissions NOT requested in JAR -> grant all the permissions available in the policy for untrusted MIDlets
storage.removeAuthenticationStorageData(appUID);
permissionGranter.removeSecurityData(session, appUID);
@@ -493,9 +511,10 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty")));
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty")));
// 8. MIDP3 unsigned, unknown mandatory permission in JAD file -> failure
permissionGranter.removeSecurityData(session, appUID);
try
@@ -508,11 +527,11 @@
authCredentials = new AuthenticationCredentials[1];
authCredentials[0] = new AuthenticationCredentials("UnidentifiedThirdParty", "UIDP");
permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
- assertTrue(UNKNOWN_PERMISSION_MSG, false);
+ assertWithTrace(false);
}
catch (InvalidAttributeException e)
{
- assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(),
+ assertWithTrace(
e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE
&& e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null))
&& e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED,
@@ -527,12 +546,13 @@
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3"));
securityAttributes = new SecurityAttributes();
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
- assertTrue(UNKNOWN_PERMISSION_MSG, false);
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(false);
}
catch (InvalidAttributeException e)
{
- assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(),
+ assertWithTrace(
e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE
&& e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null))
&& e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED,
@@ -554,9 +574,10 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, getAssignedPermissions("UnidentifiedThirdParty"), true));
+ assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, getAssignedPermissions("UnidentifiedThirdParty"), true));
// 9.1. MIDP3 unsigned, P1, unknown optional P2 requested in JAD -> unknown permission is ignored, grant only P1 plus the assigned permissions
storage.removeAuthenticationStorageData(appUID);
permissionGranter.removeSecurityData(session, appUID);
@@ -574,9 +595,10 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions,
+ assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions,
new MIDPPermission[] {new MIDPPermission(INTERNAL_SOCKET_PERMISSION,"socket://")},getAssignedPermissions("UnidentifiedThirdParty")));
// 10. MIDP3 unsigned MIDlet, unknown mandatory permission in JAR file -> failure
permissionGranter.removeSecurityData(session, appUID);
@@ -587,12 +609,13 @@
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3"));
securityAttributes = new SecurityAttributes();
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
- assertTrue(UNKNOWN_PERMISSION_MSG, false);
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(false);
}
catch (InvalidAttributeException e)
{
- assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(),
+ assertWithTrace(
e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE
&& e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null))
&& e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED,
@@ -610,12 +633,13 @@
allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1", new Attribute("","signature"));
securityAttributes = new SecurityAttributes();
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
- assertTrue(UNKNOWN_PERMISSION_MSG, false);
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(false);
}
catch (InvalidAttributeException e)
{
- assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(),
+ assertWithTrace(
e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE
&& e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null))
&& e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED,
@@ -634,12 +658,13 @@
securityAttributes.addDescriptorAttributes(allAttributes);
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3"));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
- assertTrue(UNKNOWN_PERMISSION_MSG, false);
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(false);
}
catch (InvalidAttributeException e)
{
- assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(),
+ assertWithTrace(
e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE
&& e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null))
&& e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED,
@@ -658,12 +683,13 @@
securityAttributes.addDescriptorAttributes(allAttributes);
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3"));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
- assertTrue(UNKNOWN_PERMISSION_MSG, false);
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(false);
}
catch (InvalidAttributeException e)
{
- assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(),
+ assertWithTrace(
e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE
&& e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null))
&& e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED,
@@ -690,9 +716,10 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions,
+ assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions,
new MIDPPermission[]
{
new MIDPPermission(INTERNAL_SOCKET_PERMISSION,"socket://50"),
@@ -724,11 +751,11 @@
authCredentials = new AuthenticationCredentials[1];
authCredentials[0] = new AuthenticationCredentials("UnidentifiedThirdParty", "UIDP");
permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
- assertTrue(INVALID_PERMISSION_VALUE_MSG, false);
+ assertWithTrace(false);
}
catch (InvalidAttributeException e)
{
- assertTrue(INVALID_PERMISSION_VALUE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(),
+ assertWithTrace(
e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE
&& e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null))
&& e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED,
@@ -764,9 +791,10 @@
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "5",new Attribute("",MIDP3_DATAGRAM_PERMISSION + " datagram://12345"));
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "6",new Attribute("",MIDP3_COMM_PERMISSION + " comm:123"));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions,
+ assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions,
new MIDPPermission[]
{
new MIDPPermission(INTERNAL_SOCKET_PERMISSION,"socket://50"),
@@ -809,9 +837,10 @@
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "5",new Attribute("",MIDP3_DATAGRAM_PERMISSION + " datagram://12345"));
allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "6",new Attribute("",MIDP3_COMM_PERMISSION + " comm:123"));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
- assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions,
+ assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions,
new MIDPPermission[]
{
new MIDPPermission(INTERNAL_SOCKET_PERMISSION,"socket://50"),
@@ -823,16 +852,15 @@
},
getAssignedPermissions("IdentifiedThirdParty")));
// 19. getBlanketPermissions - null appUID
- String[] blanketPermissions = null;
storage.removeAuthenticationStorageData(appUID);
permissionGranter.removeSecurityData(session, appUID);
blanketPermissions = permissionGranter.getBlanketPermissions(null);
- assertTrue(blanketPermissions == null);
+ assertWithTrace(blanketPermissions == null);
// 20. getBlanketPermissions - unknown appUID
storage.removeAuthenticationStorageData(appUID);
permissionGranter.removeSecurityData(session, appUID);
blanketPermissions = permissionGranter.getBlanketPermissions(appUID);
- assertTrue(blanketPermissions == null);
+ assertWithTrace(blanketPermissions == null);
// 21. getBlanketPermissions - unsigned suite
storage.removeAuthenticationStorageData(appUID);
permissionGranter.removeSecurityData(session, appUID);
@@ -848,9 +876,10 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
blanketPermissions = permissionGranter.getBlanketPermissions(appUID);
- assertTrue(blanketPermissions == null);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(blanketPermissions == null);
// 22. getBlanketPermissions - one of the requested permissions does not allow Blanket
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
@@ -872,9 +901,10 @@
allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_DATAGRAM_PERMISSION + COMMA + " " + MIDP2_SMS_SEND_PERMISSION));
allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
blanketPermissions = permissionGranter.getBlanketPermissions(appUID);
- assertTrue(blanketPermissions == null);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(blanketPermissions == null);
// 23. getBlanketPermissions - request one permissions which is already in Blanket
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
@@ -895,9 +925,10 @@
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2));
allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_HTTP_PERMISSION));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
blanketPermissions = permissionGranter.getBlanketPermissions(appUID);
- assertTrue(blanketPermissions == null);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(blanketPermissions == null);
// 24. getBlanketPermissions - request Auto Invocation and Net Access -> mutually exclusive permissions
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
@@ -918,9 +949,10 @@
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2));
allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_PUSH_REGISTRY_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
blanketPermissions = permissionGranter.getBlanketPermissions(appUID);
- assertTrue(blanketPermissions == null);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(blanketPermissions == null);
// 25. getBlanketPermissions - manufacturer signed MIDlet
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
@@ -941,9 +973,10 @@
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2));
allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_HTTP_PERMISSION + COMMA + MIDP2_SMS_SEND_PERMISSION + COMMA + MIDP2_MMS_OPEN_PERMISSION + COMMA + MIDP2_COMM_PERMISSION));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
blanketPermissions = permissionGranter.getBlanketPermissions(appUID);
- assertTrue(blanketPermissions == null);
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(blanketPermissions == null);
// 26. getBlanketPermissions - request Messaging, Net Access and Local connectivity. Since Messaging and Net Access have the current interaction mode set to Blanket, only Local connectivity is returned
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
@@ -964,9 +997,10 @@
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2));
allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_HTTP_PERMISSION + COMMA + MIDP2_SMS_SEND_PERMISSION + COMMA + MIDP2_MMS_OPEN_PERMISSION + COMMA + MIDP2_COMM_PERMISSION));
securityAttributes.addManifestAttributes(allAttributes);
- permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes());
+ permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials);
blanketPermissions = permissionGranter.getBlanketPermissions(appUID);
- assertTrue(blanketPermissions != null && blanketPermissions.length == 1 && blanketPermissions[0].equals(UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.LOCAL_CONNECTIVITY_SETTINGS)));
+ permissionGranter.addSecurityData(session, appUID, null);
+ assertWithTrace(blanketPermissions != null && blanketPermissions.length == 1 && blanketPermissions[0].equals(UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.LOCAL_CONNECTIVITY_SETTINGS)));
permissionGranter.setPermissionsToBlanket(session, appUID);
grantedPermissions = storage.readGrantedPermissions(appUID);
for (int i=0; i<grantedPermissions.size(); i++)
@@ -975,22 +1009,24 @@
((PolicyBasedPermission)grantedPermissions.elementAt(i));
UserSecuritySettings settings =
permission.getUserSecuritySettings();
- if (settings != null)
+ if (settings != null && settings.getName() == UserSecuritySettings.LOCAL_CONNECTIVITY_SETTINGS)
{
- assertTrue(settings.getCurrentInteractionMode() == UserSecuritySettings.BLANKET_INTERACTION_MODE);
+ assertWithTrace(settings.getCurrentInteractionMode() == UserSecuritySettings.BLANKET_INTERACTION_MODE);
}
}
// grantAllPermissions - null values
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
- permissionGranter.grantJarPermissions(session, null, null, (ProtectionDomain)null);
+ permissionGranter.grantJarPermissions(null, null, (ProtectionDomain)null);
+ permissionGranter.addSecurityData(session, null, null);
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
- permissionGranter.grantJarPermissions(session, appUID, null, (ProtectionDomain)null);
+ permissionGranter.grantJarPermissions(appUID, null, (ProtectionDomain)null);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
- assertTrue(grantedPermissions == null);
+ assertWithTrace(grantedPermissions == null);
// grantAllPermissions - operator domain
grantAllPermissions(ProtectionDomain.getOperatorDomain());
// grantAllPermissions - manufacturer domain
@@ -1008,11 +1044,12 @@
{
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
- permissionGranter.grantJarPermissions(session, appUID, null, domain);
+ permissionGranter.grantJarPermissions(appUID, null, domain);
+ permissionGranter.addSecurityData(session, appUID, null);
grantedPermissions = storage.readGrantedPermissions(appUID);
permissionGranter.removeSecurityData(session, appUID);
storage.removeAuthenticationStorageData(appUID);
- assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions(domain.getName())));
+ assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions(domain.getName())));
}
private static MIDPPermission[] getPolicyPermissions(String policyName, String[] permissionNameFilter, String permissionTypeFilter)
@@ -1041,7 +1078,8 @@
&& findString(policyPerms[i].getName(), permissionNameFilter) != -1)
|| permissionNameFilter == null) && (permissionTypeFilter == null
|| (permissionTypeFilter.equals("assigned")
- && policyPerms[i].getUserSecuritySettings() == null)))
+ && (policyPerms[i].getType() == PolicyBasedPermission.ASSIGNED_TYPE
+ || policyPerms[i].getType() == PolicyBasedPermission.USER_ASSIGNED_TYPE))))
{
vPermissions.addElement(new MIDPPermission(policyPerms[i].getName(), policyPerms[i].getTarget(), policyPerms[i].getActionList()));
}
@@ -1087,10 +1125,12 @@
private static MIDPPermission[] getDefaultPermissions()
{
- MIDPPermission[] defaultPerms = new MIDPPermission[3];
+ MIDPPermission[] defaultPerms = new MIDPPermission[5];
defaultPerms[0] = new MIDPPermission("java.util.PropertyPermission", "microedition.*", "read");
defaultPerms[1] = new MIDPPermission("javax.microedition.PropertyPermission", "mobinfo.publicinfo", "read");
defaultPerms[2] = new MIDPPermission("javax.microedition.PropertyPermission", "mobinfo.cellid", "read");
+ defaultPerms[3] = new MIDPPermission("javax.microedition.PropertyPermission", "mobinfo.countrycode", "read");
+ defaultPerms[4] = new MIDPPermission("javax.microedition.PropertyPermission", "mobinfo.networkid", "read");
return defaultPerms;
}