diff -r 2455ef1f5bbc -r d5e927d5853b javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/midp/authorization/PermissionGranterTests.java --- a/javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/midp/authorization/PermissionGranterTests.java Wed Sep 01 12:33:18 2010 +0100 +++ b/javacommons/security/tsrc/javasrc/com/nokia/mj/impl/security/midp/authorization/PermissionGranterTests.java Tue Sep 14 21:06:50 2010 +0300 @@ -57,6 +57,7 @@ { private static String TEST_DATA_DIR; + int assertTrace = 0; static { @@ -78,6 +79,12 @@ } } + private void assertWithTrace(boolean aCondition) + { + assertTrue("" + assertTrace, aCondition); + assertTrace++; + } + // general-purpose constants private static final String MIDP_PROFILE_ATTRIBUTE_NAME = "MicroEdition-Profile"; private static final String MIDP3 = "MIDP-3.0"; @@ -226,12 +233,12 @@ MIDPPermission[] jadPermissions; MIDPPermission[] jarPermissions; MIDPPermission[] allPermissions; - assertTrue(permissionGranter != null); + assertWithTrace(permissionGranter != null); // test the null values permissionGranter.removeSecurityData(session, appUID); - permissionGranter.grantJarPermissions(null, null, null, (PermissionAttribute[])null); + permissionGranter.grantJarPermissions(null, null, (PermissionAttribute[])null, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(grantedPermissions == null); + assertWithTrace(grantedPermissions == null); // populate the storage storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session, appUID); @@ -259,9 +266,10 @@ allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_DATAGRAM_PERMISSION + COMMA + " " + MIDP2_COMM_PERMISSION)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Manufacturer", new String[] + assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Manufacturer", new String[] { INTERNAL_DATAGRAM_PERMISSION, INTERNAL_COMM_PERMISSION, INTERNAL_SOCKET_PERMISSION,INTERNAL_HTTP_PERMISSION,"javax.microedition.PropertyPermission","javax.microedition.midlet.AutoStartPermission" }), @@ -287,9 +295,10 @@ allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_DATAGRAM_PERMISSION + COMMA + " " + MIDP2_COMM_PERMISSION)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("IdentifiedThirdParty", + assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("IdentifiedThirdParty", new String[] {INTERNAL_DATAGRAM_PERMISSION, INTERNAL_COMM_PERMISSION, INTERNAL_SOCKET_PERMISSION,INTERNAL_HTTP_PERMISSION}), getAssignedPermissions("IdentifiedThirdParty"))); // 1.2 One of the requested mandatory permission is not available in the domain -> fail @@ -314,12 +323,13 @@ allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1", new Attribute("",MIDP3_DATAGRAM_PERMISSION)); allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1", new Attribute("",MIDP3_RUNTIME_PERMISSION + " name")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); - assertTrue(INVALID_PERMISSION_VALUE_MSG, false); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(false); } catch (InvalidAttributeException e) { - assertTrue(INVALID_PERMISSION_VALUE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), + assertWithTrace( e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, @@ -343,9 +353,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); allAttributes.put(PermissionAttribute.OPTIONAL_ATTRIBUTE_PREFIX + "1", new Attribute("",MIDP3_RUNTIME_PERMISSION + " name")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getAssignedPermissions("IdentifiedThirdParty"), true)); + assertWithTrace(checkGrantedPermissions(grantedPermissions, getAssignedPermissions("IdentifiedThirdParty"), true)); // 2. Legacy, signed : permissions NOT requested in JAD & permissions requested in JAR -> grant the requested permissions filled in with right // targets/actions from the policy plus the assigned ones storage.removeAuthenticationStorageData(appUID); @@ -365,9 +376,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Operator", new String[] + assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Operator", new String[] { INTERNAL_SOCKET_PERMISSION, INTERNAL_HTTP_PERMISSION,"javax.microedition.PropertyPermission","javax.microedition.midlet.AutoStartPermission" }), @@ -389,9 +401,10 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, getAssignedPermissions("IdentifiedThirdParty"), true)); + assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, getAssignedPermissions("IdentifiedThirdParty"), true)); // same for a domain which has one assigned permissions -> only the assigned + default permissions are granted storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session, appUID); @@ -409,9 +422,10 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Operator", new String[] {"javax.microedition.PropertyPermission","javax.microedition.midlet.AutoStartPermission"}), + assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("Operator", new String[] {"javax.microedition.PropertyPermission","javax.microedition.midlet.AutoStartPermission"}), getDefaultPermissions())); // 4. Legacy, unsigned : permissions requested in JAD & permissions requested in JAR -> ignore requested permissions and // grant all the permissions available in the policy for untrusted MIDlets @@ -434,9 +448,10 @@ allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("","MyOwnOptionalPermission")); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","MyOwnMandatoryPermission")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty"))); + assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty"))); // 5. Legacy, unsigned : permissions requested in JAD & permissions NOT requested in JAR -> ignore requested permissions and, // grant all the permissions available in the policy for untrusted MIDlets storage.removeAuthenticationStorageData(appUID); @@ -455,9 +470,10 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty"))); + assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty"))); // 6. Legacy, unsigned : permissions NOT requested in JAD & permissions requested in JAR -> ignore requested permissions and // grant all the permissions available in the policy for untrusted MIDlets storage.removeAuthenticationStorageData(appUID); @@ -476,9 +492,10 @@ allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("","MyOwnOptionalPermission")); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("","MyOwnMandatoryPermission")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty"))); + assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty"))); // 7. Legacy, unsigned : permissions NOT requested in JAD & permissions NOT requested in JAR -> grant all the permissions available in the policy for untrusted MIDlets storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session, appUID); @@ -494,9 +511,10 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty"))); + assertWithTrace(checkGrantedPermissions(grantedPermissions, getPolicyPermissions("UnidentifiedThirdParty"))); // 8. MIDP3 unsigned, unknown mandatory permission in JAD file -> failure permissionGranter.removeSecurityData(session, appUID); try @@ -509,11 +527,11 @@ authCredentials = new AuthenticationCredentials[1]; authCredentials[0] = new AuthenticationCredentials("UnidentifiedThirdParty", "UIDP"); permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); - assertTrue(UNKNOWN_PERMISSION_MSG, false); + assertWithTrace(false); } catch (InvalidAttributeException e) { - assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), + assertWithTrace( e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, @@ -528,12 +546,13 @@ allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3")); securityAttributes = new SecurityAttributes(); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); - assertTrue(UNKNOWN_PERMISSION_MSG, false); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(false); } catch (InvalidAttributeException e) { - assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), + assertWithTrace( e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, @@ -555,9 +574,10 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, getAssignedPermissions("UnidentifiedThirdParty"), true)); + assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, getAssignedPermissions("UnidentifiedThirdParty"), true)); // 9.1. MIDP3 unsigned, P1, unknown optional P2 requested in JAD -> unknown permission is ignored, grant only P1 plus the assigned permissions storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session, appUID); @@ -575,9 +595,10 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, + assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, new MIDPPermission[] {new MIDPPermission(INTERNAL_SOCKET_PERMISSION,"socket://")},getAssignedPermissions("UnidentifiedThirdParty"))); // 10. MIDP3 unsigned MIDlet, unknown mandatory permission in JAR file -> failure permissionGranter.removeSecurityData(session, appUID); @@ -588,12 +609,13 @@ allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3")); securityAttributes = new SecurityAttributes(); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); - assertTrue(UNKNOWN_PERMISSION_MSG, false); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(false); } catch (InvalidAttributeException e) { - assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), + assertWithTrace( e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, @@ -611,12 +633,13 @@ allAttributes.put(AuthenticationAttribute.SECOND_ATTRIBUTE_PREFIX + "1", new Attribute("","signature")); securityAttributes = new SecurityAttributes(); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); - assertTrue(UNKNOWN_PERMISSION_MSG, false); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(false); } catch (InvalidAttributeException e) { - assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), + assertWithTrace( e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, @@ -635,12 +658,13 @@ securityAttributes.addDescriptorAttributes(allAttributes); allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); - assertTrue(UNKNOWN_PERMISSION_MSG, false); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(false); } catch (InvalidAttributeException e) { - assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), + assertWithTrace( e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, @@ -659,12 +683,13 @@ securityAttributes.addDescriptorAttributes(allAttributes); allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "1",new Attribute("","MyMandatoryClass MyMandatoryTarget MyMandatoryAction1,MyMandatoryAction2,MyMandatoryAction3")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); - assertTrue(UNKNOWN_PERMISSION_MSG, false); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(false); } catch (InvalidAttributeException e) { - assertTrue(UNKNOWN_PERMISSION_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), + assertWithTrace( e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, @@ -691,9 +716,10 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP3)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, + assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, new MIDPPermission[] { new MIDPPermission(INTERNAL_SOCKET_PERMISSION,"socket://50"), @@ -725,11 +751,11 @@ authCredentials = new AuthenticationCredentials[1]; authCredentials[0] = new AuthenticationCredentials("UnidentifiedThirdParty", "UIDP"); permissionGranter.grantJadPermissions(appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); - assertTrue(INVALID_PERMISSION_VALUE_MSG, false); + assertWithTrace(false); } catch (InvalidAttributeException e) { - assertTrue(INVALID_PERMISSION_VALUE_MSG + e.getOtaStatusCode() + " " + e.getShortMessage() + "," + e.getDetailedMessage(), + assertWithTrace( e.getOtaStatusCode() == OtaStatusCode.APPLICATION_AUTHORIZATION_FAILURE && e.getShortMessage().equals(errorMessage.get(InstallerErrorMessage.INST_CORRUPT_PKG, null)) && e.getDetailedMessage().equals(detailedErrorMessage.get(InstallerDetailedErrorMessage.ATTR_UNSUPPORTED, @@ -765,9 +791,10 @@ allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "5",new Attribute("",MIDP3_DATAGRAM_PERMISSION + " datagram://12345")); allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "6",new Attribute("",MIDP3_COMM_PERMISSION + " comm:123")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, + assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, new MIDPPermission[] { new MIDPPermission(INTERNAL_SOCKET_PERMISSION,"socket://50"), @@ -810,9 +837,10 @@ allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "5",new Attribute("",MIDP3_DATAGRAM_PERMISSION + " datagram://12345")); allAttributes.put(PermissionAttribute.MANDATORY_ATTRIBUTE_PREFIX + "6",new Attribute("",MIDP3_COMM_PERMISSION + " comm:123")); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); + permissionGranter.addSecurityData(session, appUID, null); grantedPermissions = storage.readGrantedPermissions(appUID); - assertTrue(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, + assertWithTrace(grantedPermissions != null && checkGrantedPermissions(grantedPermissions, new MIDPPermission[] { new MIDPPermission(INTERNAL_SOCKET_PERMISSION,"socket://50"), @@ -827,12 +855,12 @@ storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session, appUID); blanketPermissions = permissionGranter.getBlanketPermissions(null); - assertTrue(blanketPermissions == null); + assertWithTrace(blanketPermissions == null); // 20. getBlanketPermissions - unknown appUID storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session, appUID); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - assertTrue(blanketPermissions == null); + assertWithTrace(blanketPermissions == null); // 21. getBlanketPermissions - unsigned suite storage.removeAuthenticationStorageData(appUID); permissionGranter.removeSecurityData(session, appUID); @@ -848,9 +876,10 @@ allAttributes.clear(); allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - assertTrue(blanketPermissions == null); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(blanketPermissions == null); // 22. getBlanketPermissions - one of the requested permissions does not allow Blanket permissionGranter.removeSecurityData(session, appUID); storage.removeAuthenticationStorageData(appUID); @@ -872,9 +901,10 @@ allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_DATAGRAM_PERMISSION + COMMA + " " + MIDP2_SMS_SEND_PERMISSION)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_SOCKET_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - assertTrue(blanketPermissions == null); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(blanketPermissions == null); // 23. getBlanketPermissions - request one permissions which is already in Blanket permissionGranter.removeSecurityData(session, appUID); storage.removeAuthenticationStorageData(appUID); @@ -895,9 +925,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_HTTP_PERMISSION)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - assertTrue(blanketPermissions == null); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(blanketPermissions == null); // 24. getBlanketPermissions - request Auto Invocation and Net Access -> mutually exclusive permissions permissionGranter.removeSecurityData(session, appUID); storage.removeAuthenticationStorageData(appUID); @@ -918,9 +949,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.OPTIONAL_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_PUSH_REGISTRY_PERMISSION + COMMA + MIDP2_HTTP_PERMISSION)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - assertTrue(blanketPermissions == null); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(blanketPermissions == null); // 25. getBlanketPermissions - manufacturer signed MIDlet permissionGranter.removeSecurityData(session, appUID); storage.removeAuthenticationStorageData(appUID); @@ -941,9 +973,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_HTTP_PERMISSION + COMMA + MIDP2_SMS_SEND_PERMISSION + COMMA + MIDP2_MMS_OPEN_PERMISSION + COMMA + MIDP2_COMM_PERMISSION)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - assertTrue(blanketPermissions == null); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(blanketPermissions == null); // 26. getBlanketPermissions - request Messaging, Net Access and Local connectivity. Since Messaging and Net Access have the current interaction mode set to Blanket, only Local connectivity is returned permissionGranter.removeSecurityData(session, appUID); storage.removeAuthenticationStorageData(appUID); @@ -964,9 +997,10 @@ allAttributes.put(MIDP_PROFILE_ATTRIBUTE_NAME,new Attribute("",MIDP2)); allAttributes.put(PermissionAttribute.MANDATORY_LEGACY_ATTRIBUTE_NAME, new Attribute("",MIDP2_HTTP_PERMISSION + COMMA + MIDP2_SMS_SEND_PERMISSION + COMMA + MIDP2_MMS_OPEN_PERMISSION + COMMA + MIDP2_COMM_PERMISSION)); securityAttributes.addManifestAttributes(allAttributes); - permissionGranter.grantJarPermissions(session, appUID, null, securityAttributes.getPermissionAttributes()); + permissionGranter.grantJarPermissions( appUID, null, securityAttributes.getPermissionAttributes(), authCredentials); blanketPermissions = permissionGranter.getBlanketPermissions(appUID); - assertTrue(blanketPermissions != null && blanketPermissions.length == 1 && blanketPermissions[0].equals(UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.LOCAL_CONNECTIVITY_SETTINGS))); + permissionGranter.addSecurityData(session, appUID, null); + assertWithTrace(blanketPermissions != null && blanketPermissions.length == 1 && blanketPermissions[0].equals(UserSecuritySettingsImpl.getLocalizedName(UserSecuritySettings.LOCAL_CONNECTIVITY_SETTINGS))); permissionGranter.setPermissionsToBlanket(session, appUID); grantedPermissions = storage.readGrantedPermissions(appUID); for (int i=0; i