diff -r bf7ee68962da -r 773449708c84 javacommons/security/javasrc/com/nokia/mj/impl/security/midp/authentication/AuthenticationModule.java --- a/javacommons/security/javasrc/com/nokia/mj/impl/security/midp/authentication/AuthenticationModule.java Wed Aug 18 09:43:15 2010 +0300 +++ b/javacommons/security/javasrc/com/nokia/mj/impl/security/midp/authentication/AuthenticationModule.java Thu Sep 02 20:20:40 2010 +0300 @@ -266,14 +266,14 @@ * (if applicable) * @param appJARPath the path to the JAR being authenticated */ - public void authenticateJar( - StorageSession storageSession, + public AuthenticationCredentials[] authenticateJar( Uid msUID, Uid oldMSUID, String appJARPath, boolean drmContent) { AuthenticationStorageData data = null; + Credentials selectedCredentials = null; try { Vector allAuthCredentials = (Vector)iAuthCredentials.get(msUID); @@ -307,15 +307,15 @@ null /*validatedChainIndexes*/, null /* jarPath*/, iSecurityWarningsMode); + selectedCredentials = new Credentials( + data.getProtectionDomain(), + data.getProtectionDomainCategory(), + jarHash, + null /* root hash */, + -1 /* validated chain index*/, + null /* signing cert */); verifyUpdate( - new Credentials[] {new Credentials( - data.getProtectionDomain(), - data.getProtectionDomainCategory(), - jarHash, - null /* root hash */, - -1 /* validated chain index*/, - null /* signing cert */) - }, + new Credentials[] {selectedCredentials}, oldMSUID); } else @@ -328,7 +328,7 @@ String jarHashValue = null; String rootHashValue = null; Vector validatedChainIndexes = new Vector(); - Credentials selectedCredentials = selectCredentials(jarHash, allAuthCredentials, validatedChainIndexes); + selectedCredentials = selectCredentials(jarHash, allAuthCredentials, validatedChainIndexes); if (selectedCredentials == null || selectedCredentials.getProtectionDomainName() == null) { @@ -378,8 +378,6 @@ validatedChainIndexes, iSecurityWarningsMode); } - - writeAuthenticationStorageData(storageSession, msUID, data, (oldMSUID != null && oldMSUID.equals(msUID))); } finally { @@ -389,17 +387,18 @@ iSelectedAuthCredentials.put(msUID, data); } } + return new AuthenticationCredentials[] {selectedCredentials}; } /** */ - public void authenticateJar( - StorageSession storageSession, + public AuthenticationCredentials[] authenticateJar( Uid uid, Uid oldUid, ProtectionDomain protectionDomain, String appJARPath) { + Credentials selectedCredentials = null; if (protectionDomain == null || (!protectionDomain.equals(ProtectionDomain.getManufacturerDomain()) && !protectionDomain.equals(ProtectionDomain.getOperatorDomain()) @@ -438,18 +437,20 @@ null /*validatedChainIndexes*/, null /* jarPath*/, iSecurityWarningsMode); + selectedCredentials = new Credentials( + data.getProtectionDomain(), + data.getProtectionDomainCategory(), + jarHash, + null /* root hash */, + -1 /* validated chain index*/, + null /* signing cert */); verifyUpdate( - new Credentials[] {new Credentials( - data.getProtectionDomain(), - data.getProtectionDomainCategory(), - jarHash, - null /* root hash */, - -1 /* validated chain index*/, - null /* signing cert */) - }, + new Credentials[] {selectedCredentials}, oldUid); - writeAuthenticationStorageData(storageSession, uid, data, (oldUid != null && oldUid.equals(uid))); + iSelectedAuthCredentials.put(uid, data); + + return new AuthenticationCredentials[] {selectedCredentials}; } /** @@ -581,6 +582,24 @@ } /** + * Writes to storage all the security data related to a certain MIDlet suite + * + * @param sessionID the JavaStorage session to be used when + * writing the security data into storage + * @param msUID the UID if the MIDlet suite whose security data is + * being written + */ + public void addSecurityData(StorageSession storageSession, Uid msUID, Uid oldMsUID) + { + Logger.log("Write authentication data to storage"); + AuthenticationStorageData authStorageData = + (AuthenticationStorageData)iSelectedAuthCredentials.remove( + msUID); + writeAuthenticationStorageData(storageSession, msUID, authStorageData, + (oldMsUID != null && oldMsUID.equals(msUID))); + } + + /** * Returns the details of the certificates used for authenticating a * MIDlet suite. This method is used at installation time. * @@ -661,31 +680,20 @@ * @param aMediaId the identifier of the media where the MIDlet * suite is installed */ - public void setMediaId(StorageSession aStorageSession, Uid aMsUid, int aMediaId) + public void setMediaId(Uid aMsUid, int aMediaId) { // store the jar hash only if the suite was installed on a non-protected media if (isDriveProtected(aMediaId)) { - SecurityStorage storage = new SecurityStorage(aStorageSession); - try + AuthenticationStorageData authStorageData = + (AuthenticationStorageData)iSelectedAuthCredentials.get( + aMsUid); + if (authStorageData != null) { - AuthenticationStorageData authStorageData = - (AuthenticationStorageData)iSelectedAuthCredentials.get( - aMsUid); - if (authStorageData != null) - { - Logger.log("Suite installed on protected media -> the runtime tamper detection is disabled"); - authStorageData.setJarHashValue(null); - storage.writeAuthenticationStorageData(aMsUid, - authStorageData, - true /* this is an update */); - } + Logger.log("Suite installed on protected media -> the runtime tamper detection is disabled"); + authStorageData.setJarHashValue(null); + iSelectedAuthCredentials.put(aMsUid, authStorageData); } - finally - { - iSelectedAuthCredentials.remove(aMsUid); - } - } } @@ -833,13 +841,13 @@ && authStorageData.getJarHashValue().length() > 0) { Logger.log(" Doing tamper detection"); - String computedJarHash = null; + String computedJarHash = null; try { computedJarHash = _computeHash(authStorageData.getJarPath()); - }catch(AuthenticationException e) + }catch(AuthenticationException e) { - if (e.getErrorCode() + if (e.getErrorCode() == AuthenticationException.JAR_NOT_FOUND) { Logger.logWarning(" Jar not found while trying to compute hash");