/**
* Copyright (c) 2000-present Liferay, Inc. All rights reserved.
*
* This library is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 2.1 of the License, or (at your option)
* any later version.
*
* This library is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
* details.
*/
package com.liferay.portal.security.pacl.test;
import com.liferay.portal.kernel.util.PortalUtil;
import com.liferay.portal.test.rule.PACLTestRule;
import java.io.FileDescriptor;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.net.URL;
import java.net.URLClassLoader;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.DomainCombiner;
import java.security.Permissions;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.security.SecurityPermission;
import java.util.concurrent.Callable;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
/**
* @author Raymond Augé
*/
public class JavaSecurityTest {
@ClassRule
@Rule
public static final PACLTestRule paclTestRule = new PACLTestRule();
@Test
public void testAccessController1() throws Exception {
try {
Permissions permissions = new Permissions();
permissions.add(new AllPermission());
ProtectionDomain[] protectionDomains = new ProtectionDomain[] {
new ProtectionDomain(null, permissions)
};
AccessControlContext accessControlContext =
new AccessControlContext(protectionDomains);
AccessController.doPrivileged(
new PrivilegedAction<Void>() {
@Override
public Void run() {
new URLClassLoader(new URL[0]);
return null;
}
},
accessControlContext);
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testAccessController2() throws Exception {
try {
Permissions permissions = new Permissions();
permissions.add(new AllPermission());
ProtectionDomain[] protectionDomains = new ProtectionDomain[] {
new ProtectionDomain(null, permissions)
};
AccessControlContext accessControlContext =
new AccessControlContext(protectionDomains);
AccessController.doPrivileged(
new PrivilegedAction<Void>() {
@Override
public Void run() {
Permissions permissions = new Permissions();
permissions.add(new AllPermission());
ProtectionDomain[] protectionDomains =
new ProtectionDomain[] {
new ProtectionDomain(null, permissions)
};
AccessControlContext accessControlContext =
new AccessControlContext(protectionDomains);
AccessController.doPrivileged(
new PrivilegedAction<Void>() {
@Override
public Void run() {
new URLClassLoader(new URL[0]);
return null;
}
},
accessControlContext);
return null;
}
},
accessControlContext);
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testAccessController3() throws Exception {
try {
Permissions permissions = new Permissions();
permissions.add(new AllPermission());
ProtectionDomain[] protectionDomains = new ProtectionDomain[] {
new ProtectionDomain(null, permissions)
};
AccessControlContext accessControlContext =
new AccessControlContext(protectionDomains);
accessControlContext = new AccessControlContext(
accessControlContext,
new DomainCombiner() {
@Override
public ProtectionDomain[] combine(
ProtectionDomain[] currentDomains,
ProtectionDomain[] assignedDomains) {
return assignedDomains;
}
});
AccessController.doPrivileged(
new PrivilegedAction<Void>() {
@Override
public Void run() {
new URLClassLoader(new URL[0]);
return null;
}
},
accessControlContext);
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testCrypto1() throws Exception {
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(128);
SecretKey secretKey = keyGenerator.generateKey();
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
String text = "Hello World";
cipher.doFinal(text.getBytes());
}
@Test
public void testCrypto2() throws Exception {
Mac mac = Mac.getInstance("HmacMD5");
String key = "123456789";
SecretKeySpec secretKeySpec = new SecretKeySpec(
key.getBytes(), "HmacMD5");
mac.init(secretKeySpec);
String text = "Hello World";
mac.doFinal(text.getBytes());
}
@Test
public void testFileDescriptor1() throws Exception {
try {
new FileInputStream(FileDescriptor.in);
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testFileDescriptor2() throws Exception {
try {
new FileOutputStream(FileDescriptor.out);
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testLoadLibrary1() throws Exception {
try {
System.loadLibrary("test_a");
Assert.fail();
}
catch (UnsatisfiedLinkError usle) {
}
catch (SecurityException se) {
}
}
@Test
public void testLoadLibrary2() throws Exception {
try {
System.loadLibrary("test_b");
}
catch (UnsatisfiedLinkError usle) {
}
}
@Test
public void testPolicy1() throws Exception {
try {
Policy.getPolicy();
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testPolicy2() throws Exception {
try {
// Simulate the stack length required to set the policy without
// actually setting it (in case we fail)
Callable<Void> callable = new Callable<Void>() {
@Override
public Void call() throws Exception {
SecurityManager sm = System.getSecurityManager();
sm.checkPermission(new SecurityPermission("setPolicy"));
return null;
}
};
callable.call();
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testProtectionDomain1() throws Exception {
try {
PortalUtil.class.getProtectionDomain();
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testProtectionDomain2() throws Exception {
try {
Class<?> clazz = getClass();
clazz.getProtectionDomain();
Assert.fail();
}
catch (SecurityException se) {
}
}
@Test
public void testSecurityManager1() throws Exception {
try {
new SecurityManager();
Assert.fail();
}
catch (SecurityException se) {
}
}
}