--- a/javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/midp/authentication/AuthenticationModuleTests.java Wed Aug 18 09:43:15 2010 +0300
+++ b/javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/midp/authentication/AuthenticationModuleTests.java Thu Sep 02 20:20:40 2010 +0300
@@ -179,7 +179,8 @@
authenticationModule.removeSecurityData(session, appUID);
try
{
- authenticationModule.authenticateJar(session, appUID,null,"somethingWhichDoesNotExist", false);
+ authenticationModule.authenticateJar(appUID,null,"somethingWhichDoesNotExist", false);
+ authenticationModule.addSecurityData(session, appUID, null);
assertTrue(false);
}
catch (InstallerSecurityException e)
@@ -193,13 +194,15 @@
authenticationModule.removeSecurityData(session, appUID);
// 3. unsigned, install from JAR
authenticationModule.removeSecurityData(session, appUID);
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
assertTrue(authenticationModule.getProtectionDomainCategory(session, appUID).equals(ApplicationInfo.UNIDENTIFIED_THIRD_PARTY_DOMAIN)
&& authenticationModule.getCertificatesDetails(session, appUID) == null);
authenticationModule.removeSecurityData(session, appUID);
- // 3.1. unsigned, install from JAR, no session provided to authenticateJar -> no authentication data stored to storage
+ // 3.1. unsigned, install from JAR, no session provided to addSecurityData -> no authentication data stored to storage
authenticationModule.removeSecurityData(session, appUID);
- authenticationModule.authenticateJar(null, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(null, appUID, null);
StorageEntry query = new StorageEntry();
query.addAttribute(new StorageAttribute(
StorageAttribute.ID,
@@ -231,13 +234,15 @@
credentials = authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
assertTrue(credentials != null && credentials.length == 1 && credentials[0].getProtectionDomainName().equals("UnidentifiedThirdParty")
&& authenticationModule.getCertificatesDetails(session, appUID) == null);
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
assertTrue(authenticationModule.getProtectionDomainCategory(session, appUID).equals(ApplicationInfo.UNIDENTIFIED_THIRD_PARTY_DOMAIN));
authenticationModule.removeSecurityData(session, appUID);
// 5. upgrade of authentication storage data
authenticationModule.removeSecurityData(session, appUID);
storage.writeAuthenticationStorageData(appUID, new AuthenticationStorageData("UnidentifiedThirdParty", ApplicationInfo.UNIDENTIFIED_THIRD_PARTY_DOMAIN, "jarHash", "rootHash", new Vector()));
- authenticationModule.authenticateJar(session, appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, appUID);
assertTrue(authenticationModule.getProtectionDomainCategory(session, appUID).equals(ApplicationInfo.UNIDENTIFIED_THIRD_PARTY_DOMAIN)
&& authenticationModule.getCertificatesDetails(session, appUID) == null);
authenticationModule.removeSecurityData(session, appUID);
@@ -272,7 +277,8 @@
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
details = (SigningCertificate[])authenticationModule.getCertificatesDetails(session, appUID);
- authenticationModule.authenticateJar(session, appUID, null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID, null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
// this empties the cache as well
authenticationModule.removeSecurityData(session, appUID);
@@ -359,7 +365,8 @@
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
try
{
- authenticationModule.authenticateJar(session, appUID, null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "modified_app.jar", false);
+ authenticationModule.authenticateJar(appUID, null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "modified_app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
assertTrue(INVALID_CERTIFICATE_SIGNATURE_MSG, false);
}
catch (InstallerSecurityException e)
@@ -552,7 +559,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.IDENTIFIED_THIRD_PARTY_DOMAIN));
// 17. Developer Certificates/Manufacturer - sign to operator party domain
@@ -566,7 +574,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.OPERATOR_DOMAIN));
// 18. Developer Certificates/Manufacturer - sign to manufacturer domain
@@ -580,7 +589,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.MANUFACTURER_DOMAIN));
// 19. Developer Certificates/Operator - sign to trusted third party domain
@@ -594,7 +604,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.IDENTIFIED_THIRD_PARTY_DOMAIN));
// 20. Developer Certificates/Operator - sign to operator party domain
@@ -608,7 +619,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.OPERATOR_DOMAIN));
// 21. Developer Certificates/Operator - sign to manufacturer domain -> still the operator domain is used
@@ -622,7 +634,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.OPERATOR_DOMAIN));
// 22. Developer Certificates/TrustedThirdParty - sign to manufacturer domain -> still the trusted third party domain is used
@@ -636,7 +649,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.IDENTIFIED_THIRD_PARTY_DOMAIN));
// 23. Developer Certificates/TrustedThirdParty - sign to operator domain -> still the trusted third party domain is used
@@ -650,7 +664,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.IDENTIFIED_THIRD_PARTY_DOMAIN));
// 24. Developer Certificates - no domain info -> fail
@@ -687,7 +702,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
domainCategory = authenticationModule.getProtectionDomainCategory(session, appUID);
assertTrue(domainCategory.equals(ApplicationInfo.IDENTIFIED_THIRD_PARTY_DOMAIN));
// 26. Developer Certificates - empty IMEI list -> failure
@@ -807,7 +823,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID, null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID, null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
SigningInfo info = authenticationModule.getSigningInfo("appName","appVersion","appVendor");
// app is unknown
assertTrue(info == null);
@@ -851,7 +868,8 @@
securityAttributes = new SecurityAttributes();
securityAttributes.addDescriptorAttributes(allAttributes);
authenticationModule.authenticateJad(appUID,null,securityAttributes.getAuthenticationAttributes());
- authenticationModule.authenticateJar(session, appUID, null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.authenticateJar(appUID, null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
info = authenticationModule.getSigningInfo("appName","appVersion","appVendor");
assertTrue(info.getProtectionDomain() != null
&& info.getProtectionDomain().getName() != null
@@ -958,7 +976,8 @@
authenticationModule.removeSecurityData(session, appUID);
try
{
- authenticationModule.authenticateJar(session, appUID, null, domain, TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar");
+ authenticationModule.authenticateJar(appUID, null, domain, TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "app.jar");
+ authenticationModule.addSecurityData(session, appUID, null);
assertTrue(!expectToFail);
}
catch (InstallerSecurityException e)
@@ -1200,7 +1219,8 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
securityAttributes.addManifestAttributes(allAttributes);
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
assertTrue(true);
// PreInstallation: ocsp disabled, warning undefined, silent mode
ocspSettings = new OcspSettings(OcspSettings.OCSP_MODE_DISABLED, OcspSettings.OCSP_WARNING_UNDEFINED, true, "0", "0");
@@ -1218,7 +1238,8 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
securityAttributes.addManifestAttributes(allAttributes);
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
assertTrue(true);
// PreInstallation: ocsp enabled, warning ignore, silent mode, ocsp url not set
ocspSettings = new OcspSettings(OcspSettings.OCSP_MODE_ENABLED, OcspSettings.OCSP_WARNING_IGNORE, true, "0", "0");
@@ -1236,7 +1257,8 @@
allAttributes.clear();
allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3));
securityAttributes.addManifestAttributes(allAttributes);
- authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false);
+ authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false);
+ authenticationModule.addSecurityData(session, appUID, null);
assertTrue(true);
}