| /* |
| * Copyright (C) 2007 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package tests.security.permissions; |
| |
| import dalvik.annotation.TestTargets; |
| import dalvik.annotation.TestLevel; |
| import dalvik.annotation.TestTargetNew; |
| import dalvik.annotation.TestTargetClass; |
| |
| import junit.framework.TestCase; |
| |
| import java.security.Permission; |
| import java.security.Provider; |
| import java.security.Security; |
| import java.security.SecurityPermission; |
| import java.util.HashSet; |
| import java.util.Set; |
| /* |
| * This class tests the secrity permissions which are documented in |
| * http://java.sun.com/j2se/1.5.0/docs/guide/security/permissions.html#PermsAndMethods |
| * for class java.security.Security |
| */ |
| @TestTargetClass(java.security.Security.class) |
| public class JavaSecuritySecurityTest extends TestCase { |
| |
| SecurityManager old; |
| |
| @Override |
| protected void setUp() throws Exception { |
| old = System.getSecurityManager(); |
| super.setUp(); |
| } |
| |
| @Override |
| protected void tearDown() throws Exception { |
| System.setSecurityManager(old); |
| super.tearDown(); |
| } |
| |
| @TestTargetNew( |
| level = TestLevel.PARTIAL_COMPLETE, |
| notes = "Verifies that getProperty() calls checkPermission on security permissions.", |
| method = "getProperty", |
| args = {java.lang.String.class} |
| ) |
| public void test_getProperty() { |
| class TestSecurityManager extends SecurityManager { |
| boolean called = false; |
| String target = null; |
| void reset() { |
| called = false; |
| target = null; |
| } |
| |
| @Override |
| public void checkPermission(Permission permission) { |
| if (permission instanceof SecurityPermission) { |
| target = permission.getName(); |
| if (target.equals("getProperty.key")) { |
| called = true; |
| } |
| } |
| } |
| |
| } |
| TestSecurityManager s = new TestSecurityManager(); |
| System.setSecurityManager(s); |
| |
| s.reset(); |
| Security.getProperty("key"); |
| assertTrue("java.security.Security.getProperty() must call checkSecurityAccess on security manager", s.called); |
| assertEquals("Argument of checkSecurityAccess is not correct", "getProperty.key", s.target); |
| } |
| |
| @TestTargetNew( |
| level = TestLevel.PARTIAL_COMPLETE, |
| notes = "Verifies that setProperty() method calls checkSecurityAccess on security manager.", |
| method = "setProperty", |
| args = {java.lang.String.class, java.lang.String.class} |
| ) |
| public void test_setProperty() { |
| class TestSecurityManager extends SecurityManager { |
| boolean called = false; |
| String target = null; |
| void reset(){ |
| called = false; |
| target = null; |
| } |
| |
| @Override |
| public void checkPermission(Permission permission) { |
| if (permission instanceof SecurityPermission) { |
| target = permission.getName(); |
| if (target.equals("setProperty.key")) { |
| called = true; |
| } |
| } |
| } |
| } |
| TestSecurityManager s = new TestSecurityManager(); |
| System.setSecurityManager(s); |
| |
| s.reset(); |
| Security.setProperty("key", "value"); |
| assertTrue("java.security.Security.setProperty() must call checkSecurityAccess on security manager", s.called); |
| assertEquals("Argument of checkSecurityAccess is not correct", "setProperty.key", s.target); |
| } |
| |
| @TestTargets({ |
| @TestTargetNew( |
| level = TestLevel.PARTIAL_COMPLETE, |
| notes = "Verifies that addProvider(), insertProviderAt() and removeProvider() methods call checkSecurityAccess method on security manager.", |
| method = "addProvider", |
| args = {java.security.Provider.class} |
| ), |
| @TestTargetNew( |
| level = TestLevel.PARTIAL_COMPLETE, |
| notes = "Verifies that addProvider(), insertProviderAt() and removeProvider() methods call checkSecurityAccess method on security manager.", |
| method = "insertProviderAt", |
| args = {java.security.Provider.class, int.class} |
| ), |
| @TestTargetNew( |
| level = TestLevel.PARTIAL_COMPLETE, |
| notes = "Verifies that addProvider(), insertProviderAt() and removeProvider() methods call checkSecurityAccess method on security manager.", |
| method = "removeProvider", |
| args = {java.lang.String.class} |
| ) |
| }) |
| public void test_Provider() { |
| class TestSecurityManager extends SecurityManager { |
| boolean called = false; |
| Set<String> targets = new HashSet<String>(); |
| void reset(){ |
| called = false; |
| targets.clear(); |
| } |
| @Override |
| public void checkSecurityAccess(String target) { |
| called = true; |
| this.targets.add(target); |
| super.checkSecurityAccess(target); |
| } |
| |
| @Override |
| public void checkPermission(Permission permission) { |
| } |
| } |
| |
| class MyProvider extends Provider { |
| private static final long serialVersionUID = 1L; |
| MyProvider(){ |
| super("DummyProvider", 1.0, "Provider for test purposes only"); |
| } |
| } |
| |
| Provider p = new MyProvider(); |
| |
| TestSecurityManager s = new TestSecurityManager(); |
| System.setSecurityManager(s); |
| |
| s.reset(); |
| Security.addProvider(p); |
| assertTrue("java.security.Security.addProvider() must call checkSecurityAccess on security manager", s.called); |
| assertTrue("Argument of checkSecurityAccess is not correct", s.targets.contains("insertProvider.DummyProvider")); |
| |
| s.reset(); |
| Security.removeProvider(p.getName()); |
| assertTrue("java.security.Security.removeProvider() must call checkSecurityAccess on security manager", s.called); |
| assertTrue("Argument of checkSecurityAccess is not correct", s.targets.contains("removeProvider.DummyProvider")); |
| |
| s.reset(); |
| Security.insertProviderAt(p, 0); |
| assertTrue("java.security.Security.insertProviderAt() must call checkSecurityAccess on security manager", s.called); |
| assertTrue("Argument of checkSecurityAccess is not correct", s.targets.contains("insertProvider.DummyProvider")); |
| |
| Security.removeProvider(p.getName()); |
| } |
| } |