diff -r 7cee158cb8cd -r 26b2b12093af javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/OMJSecurityTests.java --- a/javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/OMJSecurityTests.java Wed Sep 15 12:05:25 2010 +0300 +++ b/javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/OMJSecurityTests.java Wed Oct 13 14:23:59 2010 +0300 @@ -196,11 +196,9 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); signingCerts = authenticationModule.getCertificatesDetails(session, appUID); assertWithTrace(signingCerts != null && signingCerts.length == 1 @@ -243,11 +241,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); signingCerts = authenticationModule.getCertificatesDetails(session, appUID); assertWithTrace(signingCerts != null && signingCerts.length == 1 @@ -289,11 +285,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(AuthenticationAttribute.MAIN_ATTRIBUTE_PREFIX + "1-1", new Attribute("", "MIICWDCCAcECBEhQwA0wDQYJKoZIhvcNAQEEBQAwczELMAkGA1UEBhMCZmkxEjAQBgNVBAgTCVBpcmthbm1hYTEQMA4GA1UEBxMHVGFtcGVyZTEOMAwGA1UEChMFTm9raWExDTALBgNVBAsTBEphdmExHzAdBgNVBAMMFkpQX0RldmljZV9NYW51ZmFjdHVyZXIwHhcNMDgwNjEyMDYxOTU3WhcNMTgwNjEwMDYxOTU3WjBzMQswCQYDVQQGEwJmaTESMBAGA1UECBMJUGlya2FubWFhMRAwDgYDVQQHEwdUYW1wZXJlMQ4wDAYDVQQKEwVOb2tpYTENMAsGA1UECxMESmF2YTEfMB0GA1UEAwwWSlBfRGV2aWNlX01hbnVmYWN0dXJlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApi3ipIPj8O33/rZre1euh7Itd9d6ZVf2mvQ/tLpHEsFJe5XLOsVViMvFskhhKUzmDsRbP4J03L6827/vEDIi/1i8kJGLaoFqJYaLGFWI2Zmxlj6aJV8cfZyOjmQPWJn1IDEe1ZAWbvMSp8xibWRsCLNEGKIkxQvAr/QDK/6iS+kCAwEAATANBgkqhkiG9w0BAQQFAAOBgQCDXt6klAs6yKvdTab3D2wkdoi3Lu4YFsMgLexJOu5HhAUJ/9VYO+Q2+mjd95MRsTa5rWQ2Jjvhn57Z3z/KBOwfHbymmNtMk6Gl14H0vQRoHa31jh3mTuAy5KotDVthaDp30aOizk473NU68wY1WdP4gFk5ZhrpNea9q3st13BxIQ==")); @@ -307,11 +301,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID2,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID2, null); - permissionGranter.grantJarPermissions( appUID2, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID2,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID2, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID2, null); // 2 legacy unsigned MIDlets, install from JAD -> checkPermission succeeds storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session,appUID); @@ -325,11 +317,9 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); signingCerts = authenticationModule.getCertificatesDetails(session, appUID); assertWithTrace(signingCerts == null); ac.checkPermission(new java.util.PropertyPermission("microedition.version", "read")); @@ -341,11 +331,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes = new SecurityAttributes(); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); signingCerts = authenticationModule.getCertificatesDetails(session, appUID); assertWithTrace(signingCerts == null); ac.checkPermission(new java.util.PropertyPermission("microedition.version", "read")); @@ -368,8 +356,7 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); storage.removeAuthenticationStorageData(appUID2); permissionGranter.removeSecurityData(session,appUID2); PermissionResolver.testClearCache(); @@ -401,11 +388,9 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); storage.removeAuthenticationStorageData(appUID2); permissionGranter.removeSecurityData(session,appUID2); PermissionResolver.testClearCache(); @@ -441,11 +426,9 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); storage.removeAuthenticationStorageData(appUID2); permissionGranter.removeSecurityData(session,appUID2); PermissionResolver.testClearCache(); @@ -471,11 +454,9 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); storage.removeAuthenticationStorageData(appUID2); permissionGranter.removeSecurityData(session,appUID2); PermissionResolver.testClearCache(); @@ -494,11 +475,9 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID2,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID2, appUID); - permissionGranter.grantJarPermissions( appUID2, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID2,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID2, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID2, null); // update from manufacturer to operator succeeds for legacy suites storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session,appUID); @@ -516,8 +495,7 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); storage.removeAuthenticationStorageData(appUID2); permissionGranter.removeSecurityData(session,appUID2); PermissionResolver.testClearCache(); @@ -547,11 +525,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); appPackageEntry = new StorageEntry(); appPackageEntry.addAttribute(new StorageAttribute( StorageAttribute.ID, @@ -580,11 +556,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID2,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID2, appUID); - permissionGranter.grantJarPermissions( appUID2, appUID, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID2,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID2, appUID, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID2, appUID); // update from identified third party to identified third party but with different organization for signing certificate fails for MIDP3 MIDlets storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session,appUID); @@ -599,8 +573,7 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); appPackageEntry = new StorageEntry(); appPackageEntry.addAttribute(new StorageAttribute( StorageAttribute.ID, @@ -650,11 +623,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); appPackageEntry = new StorageEntry(); appPackageEntry.addAttribute(new StorageAttribute( StorageAttribute.ID, @@ -683,11 +654,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID2,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID2, appUID); - permissionGranter.grantJarPermissions( appUID2, appUID, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID2,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID2, appUID, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID2, appUID); // update from identified third party to identified third party succeeds (V1 requests P1 (Net), P2 (Messaging), P3 (Messaging), V2 requests P2 (Messaging), P4 (UserData), P5 (Net)) -> check that P1 is removed, P2 is retained (with old settings), P3 is removed, P4 and P5 are added with brand new settings storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session,appUID); @@ -705,11 +674,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.wireless.messaging.sms.send,javax.wireless.messaging.mms.send")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); + permissionGranter.getBlanketPermissions(appUID); appPackageEntry = new StorageEntry(); appPackageEntry.addAttribute(new StorageAttribute( StorageAttribute.ID, @@ -738,11 +706,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.wireless.messaging.sms.send,javax.microedition.io.Connector.file.read,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, appUID); - permissionGranter.grantJarPermissions( appUID, appUID, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, appUID, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, appUID); grantedPermissions = storage.readGrantedPermissions(appUID); MIDPPermission p1 = PermissionMappingTable.get("javax.wireless.messaging.sms.send"); MIDPPermission p2 = PermissionMappingTable.get("javax.microedition.io.Connector.file.read"); @@ -758,7 +724,7 @@ UserSecuritySettings.NO_INTERACTION_MODE, UserSecuritySettings.ONESHOT_INTERACTION_MODE, UserSecuritySettings.SESSION_INTERACTION_MODE})), - new PolicyBasedPermissionImpl(p2.getName(), p2.getTarget(), p2.getActionList(), + new PolicyBasedPermissionImpl(p2.getName(), "*", p2.getActionList(), new UserSecuritySettingsImpl("Read User Data Access", UserSecuritySettings.SESSION_INTERACTION_MODE, new int[]{UserSecuritySettings.BLANKET_INTERACTION_MODE, @@ -814,11 +780,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.wireless.messaging.sms.send,javax.wireless.messaging.mms.send")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); assertWithTrace(checkStringArrays(blanketPermissions, new String[] {UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.NET_ACCESS_SETTINGS), UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.MESSAGING_SETTINGS) @@ -850,11 +814,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.wireless.messaging.sms.send,javax.microedition.io.Connector.file.read,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, appUID); - permissionGranter.grantJarPermissions( appUID, appUID, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, appUID, securityAttributes.getPermissionAttributes()); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, appUID); assertWithTrace(checkStringArrays(blanketPermissions, new String[] {UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.NET_ACCESS_SETTINGS), UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.MESSAGING_SETTINGS), @@ -877,11 +839,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.socket,javax.wireless.messaging.sms.send,javax.wireless.messaging.mms.send")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,null,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); assertWithTrace(checkStringArrays(blanketPermissions, new String[] {UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.NET_ACCESS_SETTINGS), UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.MESSAGING_SETTINGS) @@ -912,11 +872,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.wireless.messaging.sms.send,javax.microedition.io.Connector.file.read,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, appUID); - permissionGranter.grantJarPermissions( appUID, appUID, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, appUID, securityAttributes.getPermissionAttributes()); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, appUID); assertWithTrace(checkStringArrays(blanketPermissions, new String[] {UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.NET_ACCESS_SETTINGS), UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.READ_USER_DATA_ACCESS_SETTINGS) @@ -936,11 +894,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.wireless.messaging.sms.send,javax.microedition.io.Connector.file.read,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, appUID); - permissionGranter.grantJarPermissions( appUID, appUID, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, appUID, securityAttributes.getPermissionAttributes()); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, appUID); assertWithTrace(blanketPermissions == null); // change some settings to e.g. Session and reinstall the same suite with same permissions -> check that only the settings which are not Blanket (due to being changed) are returned storage.writeUserSecuritySettings(appUID, "Messaging", UserSecuritySettings.SESSION_INTERACTION_MODE); @@ -957,11 +913,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(com.nokia.mj.impl.security.midp.common.PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.wireless.messaging.sms.send,javax.microedition.io.Connector.file.read,javax.microedition.io.Connector.http")); securityAttributes.addManifestAttributes(allAttributes); - credentials = authenticationModule.authenticateJar(appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); - authenticationModule.addSecurityData(session, appUID, appUID); - permissionGranter.grantJarPermissions( appUID, appUID, securityAttributes.getPermissionAttributes(), credentials); + authenticationModule.authenticateJar(session, appUID,appUID,TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar", false); + permissionGranter.grantJarPermissions(session, appUID, appUID, securityAttributes.getPermissionAttributes()); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, appUID); assertWithTrace(checkStringArrays(blanketPermissions, new String[] {UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.MESSAGING_SETTINGS)})); // upgrade tests for legacy suites @@ -994,10 +948,9 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.io.Connector.http,javax.wireless.messaging.sms.send")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); assertTrue(permissionGranter.getBlanketPermissionsDetails(appUID) == null); - permissionGranter.addSecurityData(session, appUID, null); // getBlanketPermissionsDetails for Multimedia Read User Data -> no details permissionGranter.removeSecurityData(session, appUID); storage.removeAuthenticationStorageData(appUID); @@ -1018,9 +971,8 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.media.control.RecordControl,javax.microedition.io.Connector.file.read")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); assertTrue(permissionGranter.getBlanketPermissionsDetails(appUID) == null); // getBlanketPermissionsDetails for Multimedia, Local Connectivity -> privacy details permissionGranter.removeSecurityData(session, appUID); @@ -1042,11 +994,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.media.control.RecordControl,javax.microedition.io.Connector.bluetooth.client")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); String blanketDetails = permissionGranter.getBlanketPermissionsDetails(appUID); - assertTrue("qtn_java_settings_inst_query_perm_sec".equals(blanketDetails) + assertTrue("qtn_java_settings_inst_query_perm_sec".equals(blanketDetails) || "Allowing these permissions may result in compromised privacy".equals( blanketDetails)); // getBlanketPermissionsDetails for Messaging, Multimedia -> net details @@ -1069,11 +1020,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","javax.microedition.media.control.RecordControl,javax.wireless.messaging.sms.send")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); blanketDetails = permissionGranter.getBlanketPermissionsDetails(appUID); - assertTrue("qtn_java_settings_inst_query_perm_net".equals(blanketDetails) + assertTrue("qtn_java_settings_inst_query_perm_net".equals(blanketDetails) || "Allowing these permissions may result in compromised privacy or increased network usage costs".equals( blanketDetails)); } @@ -1108,7 +1058,6 @@ private void upgradeDomain(ProtectionDomain domain1, ProtectionDomain domain2, boolean expectToFail, boolean legacySuite) { - AuthenticationCredentials[] credentials; boolean success1 = false; boolean success2 = false; storage.removeAuthenticationStorageData(appUID); @@ -1132,11 +1081,9 @@ StorageNames.VALUE, (legacySuite ? "MIDP-2.0" : "MIDP-3.0"))); session.write(StorageNames.APPLICATION_PACKAGE_ATTRIBUTES_TABLE, appPackageEntry); - credentials = authenticationModule.authenticateJar(appUID, null, domain1, TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar"); - authenticationModule.addSecurityData(session, appUID, null); - permissionGranter.grantJarPermissions(appUID, null, domain1); + authenticationModule.authenticateJar(session, appUID, null, domain1, TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar"); + permissionGranter.grantJarPermissions(session, appUID, null, domain1); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, null); signingCerts = authenticationModule.getCertificatesDetails(session, appUID); success1 = (blanketPermissions == null && signingCerts == null); ac.checkPermission(new java.util.PropertyPermission("microedition.version", "read")); @@ -1146,8 +1093,7 @@ assertWithTrace(domainCategory.equals(domain1.getCategory())); try { - credentials = authenticationModule.authenticateJar(appUID, appUID, domain2, TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar"); - authenticationModule.addSecurityData(session, appUID, appUID); + authenticationModule.authenticateJar(session, appUID, appUID, domain2, TEST_DATA_DIR + "security_tmp" + System.getProperty("file.separator") + "HelloWorld.jar"); assertWithTrace(!expectToFail); } catch (InstallerSecurityException e) @@ -1158,9 +1104,8 @@ && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.DIFFERENT_SIGNERS, null))); return; } - permissionGranter.grantJarPermissions(appUID,appUID, domain2); + permissionGranter.grantJarPermissions(session, appUID,appUID, domain2); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - permissionGranter.addSecurityData(session, appUID, appUID); signingCerts = authenticationModule.getCertificatesDetails(session, appUID); success2 = (blanketPermissions == null && signingCerts == null); assertWithTrace(success1 == true && success2 == true);