1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *     http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package tests.security.permissions;
18
19import dalvik.annotation.TestTargets;
20import dalvik.annotation.TestLevel;
21import dalvik.annotation.TestTargetNew;
22import dalvik.annotation.TestTargetClass;
23
24import junit.framework.TestCase;
25
26import java.security.Permission;
27import java.security.Provider;
28import java.security.Security;
29import java.security.SecurityPermission;
30import java.util.HashSet;
31import java.util.Set;
32/*
33 * This class tests the secrity permissions which are documented in
34 * http://java.sun.com/j2se/1.5.0/docs/guide/security/permissions.html#PermsAndMethods
35 * for class java.security.Security
36 */
37@TestTargetClass(java.security.Security.class)
38public class JavaSecuritySecurityTest extends TestCase {
39
40    SecurityManager old;
41
42    @Override
43    protected void setUp() throws Exception {
44        old = System.getSecurityManager();
45        super.setUp();
46    }
47
48    @Override
49    protected void tearDown() throws Exception {
50        System.setSecurityManager(old);
51        super.tearDown();
52    }
53
54    @TestTargetNew(
55        level = TestLevel.PARTIAL_COMPLETE,
56        notes = "Verifies that getProperty() calls checkPermission on security permissions.",
57        method = "getProperty",
58        args = {java.lang.String.class}
59    )
60    public void test_getProperty() {
61        class TestSecurityManager extends SecurityManager {
62            boolean called = false;
63            String target = null;
64            void reset() {
65                called = false;
66                target = null;
67            }
68
69            @Override
70            public void checkPermission(Permission permission) {
71                if (permission instanceof SecurityPermission) {
72                  target = permission.getName();
73                    if (target.equals("getProperty.key")) {
74                        called = true;
75                    }
76                }
77            }
78
79        }
80        TestSecurityManager s = new TestSecurityManager();
81        System.setSecurityManager(s);
82
83        s.reset();
84        Security.getProperty("key");
85        assertTrue("java.security.Security.getProperty() must call checkSecurityAccess on security manager", s.called);
86        assertEquals("Argument of checkSecurityAccess is not correct", "getProperty.key", s.target);
87    }
88
89    @TestTargetNew(
90        level = TestLevel.PARTIAL_COMPLETE,
91        notes = "Verifies that setProperty() method calls checkSecurityAccess on security manager.",
92        method = "setProperty",
93        args = {java.lang.String.class, java.lang.String.class}
94    )
95    public void test_setProperty() {
96        class TestSecurityManager extends SecurityManager {
97            boolean called = false;
98            String target = null;
99            void reset(){
100                called = false;
101                target = null;
102            }
103
104            @Override
105            public void checkPermission(Permission permission) {
106                if (permission instanceof SecurityPermission) {
107                  target = permission.getName();
108                    if (target.equals("setProperty.key")) {
109                        called = true;
110                    }
111                }
112            }
113        }
114        TestSecurityManager s = new TestSecurityManager();
115        System.setSecurityManager(s);
116
117        s.reset();
118        Security.setProperty("key", "value");
119        assertTrue("java.security.Security.setProperty() must call checkSecurityAccess on security manager", s.called);
120        assertEquals("Argument of checkSecurityAccess is not correct", "setProperty.key", s.target);
121    }
122
123    @TestTargets({
124        @TestTargetNew(
125            level = TestLevel.PARTIAL_COMPLETE,
126            notes = "Verifies that addProvider(), insertProviderAt() and removeProvider() methods call checkSecurityAccess method on security manager.",
127            method = "addProvider",
128            args = {java.security.Provider.class}
129        ),
130        @TestTargetNew(
131            level = TestLevel.PARTIAL_COMPLETE,
132            notes = "Verifies that addProvider(), insertProviderAt() and removeProvider() methods call checkSecurityAccess method on security manager.",
133            method = "insertProviderAt",
134            args = {java.security.Provider.class, int.class}
135        ),
136        @TestTargetNew(
137            level = TestLevel.PARTIAL_COMPLETE,
138            notes = "Verifies that addProvider(), insertProviderAt() and removeProvider() methods call checkSecurityAccess method on security manager.",
139            method = "removeProvider",
140            args = {java.lang.String.class}
141        )
142    })
143    public void test_Provider() {
144        class TestSecurityManager extends SecurityManager {
145            boolean called = false;
146            Set<String> targets = new HashSet<String>();
147            void reset(){
148                called = false;
149                targets.clear();
150            }
151            @Override
152            public void checkSecurityAccess(String target) {
153                called = true;
154                this.targets.add(target);
155                super.checkSecurityAccess(target);
156            }
157
158            @Override
159            public void checkPermission(Permission permission) {
160            }
161        }
162
163        class MyProvider extends Provider {
164            private static final long serialVersionUID = 1L;
165            MyProvider(){
166                super("DummyProvider", 1.0, "Provider for test purposes only");
167            }
168        }
169
170        Provider p = new MyProvider();
171
172        TestSecurityManager s = new TestSecurityManager();
173        System.setSecurityManager(s);
174
175        s.reset();
176        Security.addProvider(p);
177        assertTrue("java.security.Security.addProvider() must call checkSecurityAccess on security manager", s.called);
178        assertTrue("Argument of checkSecurityAccess is not correct", s.targets.contains("insertProvider.DummyProvider"));
179
180        s.reset();
181        Security.removeProvider(p.getName());
182        assertTrue("java.security.Security.removeProvider() must call checkSecurityAccess on security manager", s.called);
183        assertTrue("Argument of checkSecurityAccess is not correct", s.targets.contains("removeProvider.DummyProvider"));
184
185        s.reset();
186        Security.insertProviderAt(p, 0);
187        assertTrue("java.security.Security.insertProviderAt() must call checkSecurityAccess on security manager", s.called);
188        assertTrue("Argument of checkSecurityAccess is not correct", s.targets.contains("insertProvider.DummyProvider"));
189
190        Security.removeProvider(p.getName());
191    }
192}
193