# @brief
#
-#
# Check minimum CMake version
-#
CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-#
# Project name
-#
PROJECT(dpl)
-#
-# Logs
-#
-
-
+# Options
OPTION(DPL_LOG "DPL logs status" OFF)
-
IF(DPL_LOG)
MESSAGE(STATUS "Logging enabled for DPL")
ADD_DEFINITIONS("-DDPL_LOGS_ENABLED")
ELSE(DPL_LOG)
MESSAGE(STATUS "Logging disabled for DPL")
ENDIF(DPL_LOG)
-ADD_DEFINITIONS("-DSEPARATED_SINGLETON_IMPLEMENTATION")
-# Gtk
-OPTION(DISABLE_GTK "Disable GTK stuff" ON)
+ADD_DEFINITIONS("-DSEPARATED_SINGLETON_IMPLEMENTATION")
+STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}")
+ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"")
-#
# Build type
-#
-
SET(CMAKE_BUILD_TYPE "Release")
-
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
SET(CMAKE_CXX_FLAGS "-O2 -g -fPIC -D_FORTIFY_SOURCE=0")
-#
# CMake settings
-#
MESSAGE(STATUS "========================================")
MESSAGE(STATUS "CMAKE_BINARY_DIR: " ${CMAKE_BINARY_DIR})
MESSAGE(STATUS "CMAKE_CURRENT_BINARY_DIR: " ${CMAKE_CURRENT_BINARY_DIR})
MESSAGE(STATUS "CMAKE_RANLIB: " ${CMAKE_RANLIB})
MESSAGE(STATUS "========================================")
-#
# Build 3rd party libraries first
-#
ADD_SUBDIRECTORY(3rdparty)
-#
# Compiler flags
-#
-
ADD_DEFINITIONS("-fvisibility=default") # mark all exported symbols as visible
# Warnings mode
SET(TARGET_DPL_POPUP "lib${PROJECT_NAME}-popup-efl")
SET(TARGET_WRT_DAO_RW_LIB "dpl-wrt-dao-rw")
SET(TARGET_WRT_DAO_RO_LIB "dpl-wrt-dao-ro")
+SET(TARGET_AUTO_SAVE_DAO_LIB "wrt-commons-auto-save-dao")
+SET(TARGET_AUTO_SAVE_DAO_RW_LIB "wrt-commons-auto-save-dao-rw")
+SET(TARGET_AUTO_SAVE_DAO_RO_LIB "wrt-commons-auto-save-dao-ro")
SET(TARGET_DPL_UTILS_EFL "lib${PROJECT_NAME}-utils-efl")
-SET(TARGET_ACE_DAO_RO_LIB "dpl-ace-dao-ro")
-SET(TARGET_ACE_DAO_RW_LIB "dpl-ace-dao-rw")
-SET(TARGET_ACE_LIB "dpl-ace")
-SET(TARGET_VCORE_LIB "dpl-vcore")
+
+macro(configure_and_install_pkg PKG_FILE)
+ CONFIGURE_FILE(${PKG_FILE}.in ${PKG_FILE} @ONLY)
+ INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/${PKG_FILE} DESTINATION lib/pkgconfig)
+endmacro(configure_and_install_pkg)
ADD_SUBDIRECTORY(modules)
ADD_SUBDIRECTORY(build)
-ADD_SUBDIRECTORY(tests)
ADD_SUBDIRECTORY(etc)
ADD_SUBDIRECTORY(rpc)
ADD_SUBDIRECTORY(test)
#ADD_SUBDIRECTORY(log)
-ADD_SUBDIRECTORY(vcore)
-ADD_SUBDIRECTORY(ace)
ADD_SUBDIRECTORY(widget_dao)
+ADD_SUBDIRECTORY(auto_save_dao)
ADD_SUBDIRECTORY(popup)
ADD_SUBDIRECTORY(utils)
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# @file CMakeLists.txt
-# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
-# @brief
-#
-
-CONFIGURE_FILE(dpl-ace-dao-ro.pc.in dpl-ace-dao-ro.pc @ONLY)
-CONFIGURE_FILE(dpl-ace-dao-rw.pc.in dpl-ace-dao-rw.pc @ONLY)
-CONFIGURE_FILE(dpl-ace.pc.in dpl-ace.pc @ONLY)
-INSTALL(FILES
- ${CMAKE_BINARY_DIR}/build/ace/dpl-ace-dao-ro.pc
- ${CMAKE_BINARY_DIR}/build/ace/dpl-ace-dao-rw.pc
- ${CMAKE_BINARY_DIR}/build/ace/dpl-ace.pc
- DESTINATION
- lib/pkgconfig
- )
-
+++ /dev/null
-prefix=/usr
-exec_prefix=${prefix}
-libdir=${prefix}/lib
-includedir=${prefix}/include/dpl-efl
-
-Name: dpl-ace-dao-ro
-Description: dpl-ace-dao-ro
-Version: @VERSION@
-Requires: dpl-efl openssl
-Libs: -ldpl-ace-dao-ro -L${libdir}
-Cflags: -I${includedir}
+++ /dev/null
-prefix=/usr
-exec_prefix=${prefix}
-libdir=${prefix}/lib
-includedir=${prefix}/include/dpl-elf
-
-Name: dpl-aco-dao-rw
-Description: dpl-ace-dao-rw
-Version: @VERSION@
-Requires: dpl-ace-dao-ro
-Libs: -ldpl-ace-dao-rw -L${libdir}
-Cflags: -I${includedir}
+++ /dev/null
-prefix=/usr
-exec_prefix=${prefix}
-libdir=${prefix}/lib
-includedir=${prefix}/include/dpl-efl
-
-Name: dpl-ace
-Description: dpl-ace
-Version: @VERSION@
-Requires: dpl-efl openssl
-Libs: -ldpl-ace -L${libdir}
-Cflags: -I${includedir}
# limitations under the License.
#
# @file CMakeLists.txt
-# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+# @author Jihoon Chung (jihoon.chung@samsung.com)
# @brief
#
-CONFIGURE_FILE(dpl-vcore.pc.in dpl-vcore.pc @ONLY)
-INSTALL(FILES ${CMAKE_BINARY_DIR}/build/vcore/dpl-vcore.pc DESTINATION lib/pkgconfig)
+configure_and_install_pkg(wrt-commons-auto-save-dao.pc)
+configure_and_install_pkg(wrt-commons-auto-save-dao-ro.pc)
+configure_and_install_pkg(wrt-commons-auto-save-dao-rw.pc)
--- /dev/null
+prefix=/usr
+exec_prefix=${prefix}
+
+libdir=${prefix}/lib
+includedir=${prefix}/include
+Name: wrt-commons-auto-save-dao-ro
+Description: wrt-commons-auto-save-dao-ro
+
+Version: @VERSION@
+Requires: dpl-efl wrt-commons-auto-save-dao libxml-2.0
+Libs: -lwrt-commons-auto-save-dao-ro -lwrt-commons-auto-save-dao -L${libdir}
+Cflags: -I${includedir}/dpl-efl
--- /dev/null
+prefix=/usr
+exec_prefix=${prefix}
+
+libdir=${prefix}/lib
+includedir=${prefix}/include
+Name: wrt-commons-auto-save-dao-rw
+Description: wrt-commons-auto-save-dao-rw
+
+Version: @VERSION@
+Requires: dpl-efl wrt-commons-auto-save-dao wrt-commons-auto-save-dao-ro libxml-2.0
+Libs: -lwrt-commons-auto-save-dao-rw -lwrt-commons-auto-save-dao-ro -lwrt-commons-auto-save-dao -L${libdir}
+Cflags: -I${includedir}/dpl-efl
--- /dev/null
+prefix=/usr
+exec_prefix=${prefix}
+
+libdir=${prefix}/lib
+includedir=${prefix}/include
+Name: wrt-commons-auto-save-dao
+Description: wrt-commons-auto-save-dao
+
+Version: @VERSION@
+Requires: dpl-efl libxml-2.0
+Libs: -lwrt-commons-auto-save-dao -L${libdir}
+Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_CORE_EFL_DETAIL_HEADERS}
DESTINATION include/dpl-efl/dpl/3rdparty/fastdelegate)
# Install pkgconfig script
-INSTALL(FILES dpl-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-efl.pc)
Name: dpl-efl
Description: DPL - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: ecore appcore-efl openssl dlog vconf
Libs: -L${libdir} -ldpl-efl
Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_DB_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_DB_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_DB_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_DB_HEADERS}
DESTINATION include/dpl-efl/dpl/db)
# Install pkgconfig script
-INSTALL(FILES dpl-db-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-db-efl.pc)
Name: dpl-db-efl
Description: DPL DB - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: dpl-efl sqlite3 db-util
Libs: -L${libdir} -ldpl-db-efl
Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_DBUS_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_DBUS_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_DBUS_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_DBUS_HEADERS}
DESTINATION include/dpl-efl/dpl/dbus)
# Install pkgconfig script
-INSTALL(FILES dpl-dbus-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-dbus-efl.pc)
Name: dpl-dbus-efl
Description: DPL DBus - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: dbus-1 dpl-efl dpl-event-efl
Libs: -L${libdir} -ldpl-dbus-efl
Cflags: -I${includedir}/dpl-efl
ecore
appcore-efl
vconf
- heynoti
REQUIRED
)
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_EVENT_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_EVENT_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_EVENT_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_EVENT_HEADERS}
DESTINATION include/dpl-efl/dpl/event)
# Install pkgconfig script
-INSTALL(FILES dpl-event-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-event-efl.pc)
Name: dpl-event-efl
Description: DPL Event - EFL based
-Version: 1.0.0
-Requires: dpl-efl ecore appcore-efl vconf heynoti
+Version: @VERSION@
+Requires: dpl-efl ecore appcore-efl vconf
Libs: -L${libdir} -ldpl-event-efl
Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_LOG_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_LOG_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_LOG_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
INSTALL(FILES ${DPL_LOG_HEADERS}
DESTINATION include/dpl-efl/dpl/log)
# Install pkgconfig script
-INSTALL(FILES dpl-log-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-log-efl.pc)
Name: dpl-log-efl
Description: DPL Log Engine - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: dpl-efl dlog
Libs: -L${libdir} -ldpl-log-efl
Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_POPUP} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_POPUP_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_POPUP}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_POPUP_HEADERS}
DESTINATION include/dpl-efl/dpl/popup)
# Install pkgconfig script
-INSTALL(FILES dpl-popup-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-popup-efl.pc)
Name: dpl-popup-efl
Description: DPL Popup functionality - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: dpl-efl
Libs: -L${libdir} -ldpl-popup-efl
Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_RPC_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_RPC_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_RPC_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_RPC_HEADERS}
DESTINATION include/dpl-efl/dpl/rpc)
# Install pkgconfig script
-INSTALL(FILES dpl-rpc-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-rpc-efl.pc)
Name: dpl-rpc-efl
Description: DPL RPC - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: dpl-efl dpl-event-efl dpl-socket-efl
Libs: -L${libdir} -ldpl-rpc-efl
Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_SOCKET_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_SOCKET_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_SOCKET_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_SOCKET_HEADERS}
DESTINATION include/dpl-efl/dpl/socket)
# Install pkgconfig script
-INSTALL(FILES dpl-socket-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-socket-efl.pc)
Name: dpl-socket-efl
Description: DPL Socket - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: dpl-efl dpl-event-efl
Libs: -L${libdir} -ldpl-socket-efl
Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_TEST_ENGINE_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_TEST_ENGINE_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_TEST_ENGINE_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_TEST_ENGINE_HEADERS}
DESTINATION include/dpl-efl/dpl/test)
# Install pkgconfig script
-INSTALL(FILES dpl-test-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-test-efl.pc)
Name: dpl-test-efl
Description: DPL Test Engine - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: dpl-efl
Libs: -L${libdir} -ldpl-test-efl
Cflags: -I${includedir}/dpl-efl
# Target library properties
SET_TARGET_PROPERTIES(${TARGET_DPL_UTILS_EFL} PROPERTIES
- SOVERSION ${VERSION}
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION}
CLEAN_DIRECT_OUTPUT 1
OUTPUT_NAME ${DPL_EFL_UTILS_LIBRARY})
# Install libraries
INSTALL(TARGETS ${TARGET_DPL_UTILS_EFL}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ DESTINATION lib)
# Install detail headers
INSTALL(FILES ${DPL_UTILS_HEADERS}
DESTINATION include/dpl-efl/dpl/localization)
# Install pkgconfig script
-INSTALL(FILES dpl-utils-efl.pc
- DESTINATION lib/pkgconfig)
+configure_and_install_pkg(dpl-utils-efl.pc)
Name: dpl-utils-efl
Description: DPL UTILS - EFL based
-Version: 1.0.0
+Version: @VERSION@
Requires: dpl-efl
Libs: -L${libdir} -ldpl-utils-efl
Cflags: -I${includedir}/dpl-efl
+++ /dev/null
-prefix=/usr
-exec_prefix=${prefix}
-libdir=${prefix}/lib
-includedir=${prefix}/include/dpl-efl/dpl/vcore
-
-Name: dpl-vcore
-Description: dpl-vcore
-Version: @VERSION@
-Requires: libxml-2.0 openssl libsoup-2.4
-Libs: -ldpl-vcore -L${libdir}
-Cflags: -I${includedir}
# @brief
#
-CONFIGURE_FILE(dpl-wrt-dao-ro.pc.in dpl-wrt-dao-ro.pc @ONLY)
-CONFIGURE_FILE(dpl-wrt-dao-rw.pc.in dpl-wrt-dao-rw.pc @ONLY)
-INSTALL(FILES
- ${CMAKE_BINARY_DIR}/build/widget_dao/dpl-wrt-dao-ro.pc
- ${CMAKE_BINARY_DIR}/build/widget_dao/dpl-wrt-dao-rw.pc
- DESTINATION
- lib/pkgconfig)
+configure_and_install_pkg(dpl-wrt-dao-ro.pc)
+configure_and_install_pkg(dpl-wrt-dao-rw.pc)
+wrt-commons (0.2.25-1) unstable; urgency=low
+
+ * Apply changed EFL APIs
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.25-1
+
+ -- Yunchan Cho <yunchan.cho@samsung.com> Wed, 14 Mar 2012 10:04:41 +0900
+
+wrt-commons (0.2.25) unstable; urgency=low
+
+ * Support OBS, SMACK
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.25
+
+ -- Yunchan Cho <yunchan.cho@samsung.com> Tue, 13 Mar 2012 19:51:25 +0900
+
+wrt-commons (0.2.24) unstable; urgency=low
+
+ * Clean-up heynoti depedency
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.24
+
+ -- Jihoon Chung <jihoon.chung@samsung.com> Tue, 06 Mar 2012 21:12:40 +0900
+
+wrt-commons (0.2.23) unstable; urgency=low
+
+ * Move certificates and finterprint settings from wrt-commons repository into wrt-security
+ * Add exception for "create directory"
+ * Clean-up unused event source
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.23
+
+ -- Jihoon Chung <jihoon.chung@samsung.com> Tue, 06 Mar 2012 20:29:32 +0900
+
+wrt-commons (0.2.22) unstable; urgency=low
+
+ * Modified libraries' names
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.22
+
+ -- Grzegorz Krawczyk <g.krawczyk@samsung.com> Tue, 28 Feb 2012 17:01:07 +0100
+
+wrt-commons (0.2.21) unstable; urgency=low
+
+ * Vcore and ACE removed
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.21
+
+ -- Grzegorz Krawczyk <g.krawczyk@samsung.com> Fri, 24 Feb 2012 16:51:27 +0100
+
+wrt-commons (0.2.20) unstable; urgency=low
+
+ * User Agent lists update
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.20
+
+ -- Hoseon LEE <hoseon46.lee@samsung.com> Fri, 24 Feb 2012 09:28:47 +0100
+
+wrt-commons (0.2.19) unstable; urgency=low
+
+ * WAC Compliance test WL-3240 fix.
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.19
+
+ -- Zbigniew Kostrzewa <z.kostrzewa@samsung.com> Wed, 22 Feb 2012 09:28:47 +0100
+
wrt-commons (0.2.18) unstable; urgency=low
- * Boilerplate update
+ * Fixed static dev cap setting.
- * Git : tizen2/pkgs/w/wrt-commons
+ * Git : slp/pkgs/w/wrt-commons
* Tag : wrt-commons_0.2.18
- -- Tae-Jeong Lee <taejeong.lee@samsung.com> Thu, 23 Feb 2012 16:12:49 +0900
+ -- Zbigniew Kostrzewa <z.kostrzewa@samsung.com> Wed, 22 Feb 2012 07:59:18 +0100
wrt-commons (0.2.17) unstable; urgency=low
- * debianize
-
- * Git : tizen2/pkgs/w/wrt-commons
+ * WAC policy test suite bugfix.
+
+ * Git : slp/pkgs/w/wrt-commons
* Tag : wrt-commons_0.2.17
-
- -- Yunchan Cho <yunchan.cho@samsung.com> Wed, 22 Feb 2012 16:57:31 +0900
+
+ -- Zbigniew Kostrzewa <z.kostrzewa@samsung.com> Mon, 20 Feb 2012 14:05:41 +0100
wrt-commons (0.2.16) unstable; urgency=low
- * Init changelog
+ * Localization API minor change
+ * test package reenabled
- * Git : tizen2/pkgs/w/wrt-commons
+ * Git : slp/pkgs/w/wrt-commons
* Tag : wrt-commons_0.2.16
-- Pawel Sikorski <p.sikorski@samsung.com> Mon, 13 Feb 2012 16:04:58 +0100
+
+wrt-commons (0.2.15) unstable; urgency=low
+
+ * Tapi dependency added
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.15
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 13 Feb 2012 12:53:12 +0100
+
+wrt-commons (0.2.14) unstable; urgency=low
+
+ * MEID check added
+ * Added safe singleton implementation, that prevents dubletons.
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.14
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 13 Feb 2012 12:29:16 +0100
+
+wrt-commons (0.2.13) unstable; urgency=low
+
+ * Removing SLP, Bada ... strings for Source Open
+ * Update User-agent
+ * Popup manage initialization flag fixed
+ * Add weather widget is installed by package name
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.13
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 13 Feb 2012 10:46:30 +0100
+
+wrt-commons (0.2.12) unstable; urgency=low
+
+ * disabling test package to be build
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.12
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Wed, 08 Feb 2012 17:45:57 +0100
+
+wrt-commons (0.2.11) unstable; urgency=low
+
+ * Ace and Vcore tests moved to wrt-commons
+ * "efl" suffic removed
+ * certificate names changes
+ * bugfix:
+ ** undetermined attributes
+ ** Attributes sorting algorithm
+ ** Vcore init
+ * New tests added (to OCSP)
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.11
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Wed, 08 Feb 2012 17:10:30 +0100
+
+wrt-commons (0.2.10) unstable; urgency=low
+
+ * Files access with FILE API bug fix
+ * Add global dao APIs for operation of white document list
+ * fixed WidgetDAO for ugid
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.10
+
+ -- Jihoon Chung <jihoon.chung@samsung.com> Thu, 02 Feb 2012 15:43:01 +0900
+
+wrt-commons (0.2.9) unstable; urgency=low
+
+ * Refactoring Phase2
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.9
+
+ -- Jihoon Chung <jihoon.chung@samsung.com> Tue, 31 Jan 2012 12:56:00 +0900
+
+wrt-commons (0.2.8) unstable; urgency=low
+
+ * documentation included to repository
+ * dbus fix (crash issue with bool type)
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.8
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Wed, 25 Jan 2012 14:47:21 +0100
+
+wrt-commons (0.2.7) unstable; urgency=low
+
+ * Debianize latest source
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.7
+
+ -- Yunchan Cho <yunchan.cho@samsung.com> Wed, 25 Jan 2012 10:30:05 +0900
+
+wrt-commons (0.2.6) unstable; urgency=low
+
+ * Wrt-commons split into several libraries
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.6
+
+ -- Grzegorz Krawczyk <g.krawczyk@samsung.com> Fri, 20 Jan 2012 16:20:27 +0100
+
+wrt-commons (0.2.5) unstable; urgency=low
+
+ * DBUS module moved from wrt
+ * Dir structure has been changed (modules extracted)
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.5
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 17 Jan 2012 18:20:27 +0100
+
+wrt-commons (0.2.4) unstable; urgency=low
+
+ * Webkit2(Refactoring) branch merged
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.4
+
+ -- Jihoon Chung <jihoon.chung@samsung.com> Mon, 16 Jan 2012 15:57:06 +0900
+
+wrt-commons (0.2.3) unstable; urgency=low
+
+ * Webkit2(Refactoring) branch merged
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.3
+
+ -- Jihoon Chung <jihoon.chung@samsung.com> Mon, 16 Jan 2012 15:30:07 +0900
+
+wrt-commons (0.2.2) unstable; urgency=low
+
+ * Master and Webkit2 branch merged (ORM change merged)
+ * Mechanisms moved from wrt: NestedLoop, ScopedGPointer
+
+ * Git : slp/pkgs/w/wrt-commons
+ * Tag : wrt-commons_0.2.2
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 12 Jan 2012 11:19:00 +0100
+
+wrt-commons (0.2.1) unstable; urgency=low
+
+ * ORM interface changed
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : wrt-commons_0.2.1
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 12 Dec 2011 11:33:07 +0100
+
+wrt-commons (0.2.0) unstable; urgency=low
+
+ * Debianize for changing package name (wrt-commons)
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : wrt-commons_0.2.0
+
+ -- Hoseon LEE <hoseon46.lee@samsung.com> Thu, 08 Dec 2011 10:51:40 +0900
+
+wrt-commons (0.1.65) unstable; urgency=low
+
+ * Debianize latest source
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.65
+
+ -- Hoseon LEE <hoseon46.lee@samsung.com> Wed, 07 Dec 2011 12:11:02 +0900
+
+wrt-commons (0.1.64) unstable; urgency=low
+
+ * Fixes, FakeRPC connection added
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.64
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 29 Nov 2011 12:20:39 +0100
+
+dpl (0.1.63) unstable; urgency=low
+
+ * ThreadDatabase Support moved to dpl
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.63
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 22 Nov 2011 16:48:43 +0100
+
+dpl (0.1.62) unstable; urgency=low
+
+ * ICDelegate, apply, caller functions extended
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.62
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 17 Nov 2011 17:19:13 +0100
+
+dpl (0.1.61) unstable; urgency=low
+
+ * Adding ORM, Apply, ICD mechanism to DPL
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.61
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Wed, 09 Nov 2011 13:33:16 +0100
+
+dpl (0.1.60) unstable; urgency=low
+
+ * debianization due to icu upversioning
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.60
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 25 Oct 2011 10:40:26 +0200
+
+dpl (0.1.59) unstable; urgency=low
+
+ * modification of build option to build only EFL DPL package
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.59
+
+ -- Yunchan Cho <yunchan.cho@samsung.com> Wed, 07 Sep 2011 13:42:54 +0900
+
+dpl (0.1.58) unstable; urgency=low
+
+ * Debianized for open source
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.58
+
+ -- Soyoung Kim <sy037.kim@samsung.com> Tue, 06 Sep 2011 13:52:05 +0900
+
+dpl (0.1.57) unstable; urgency=low
+
+ * Waitables reloaded after HandleWatcher is called
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.57
+
+ -- Zbigniew Kostrzewa <z.kostrzewa@samsung.com> Thu, 28 Jul 2011 11:35:42 +0200
+
+dpl (0.1.56) unstable; urgency=low
+
+ * add policyClass as template param, genericsocket fixed
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.56
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 27 Jun 2011 11:55:42 +0200
+
+dpl (0.1.55) unstable; urgency=low
+
+ * once, automatic listeners cleaning, property fix
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.55
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 14 Jun 2011 10:50:56 +0200
+
+dpl (0.1.54) unstable; urgency=low
+
+ * fix build dep
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.54
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 09 Jun 2011 14:12:31 +0200
+
+dpl (0.1.53) unstable; urgency=low
+
+ * scoped patterns extended, StringCompare with ICU
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.53
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 09 Jun 2011 12:50:44 +0200
+
+dpl (0.1.52) unstable; urgency=low
+
+ * scoped patterns extanded
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.52
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 06 Jun 2011 15:59:44 +0200
+
+dpl (0.1.51) unstable; urgency=low
+
+ * string errno, get/set virtual for property
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.51
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 06 Jun 2011 14:43:48 +0200
+
+dpl (0.1.50) unstable; urgency=low
+
+ * fix namespace, fix network change message publishing,
+ * size functionality added int TypeLists
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.50
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 19 May 2011 15:06:39 +0200
+
+dpl (0.1.49) unstable; urgency=low
+
+ * license cleanup, small bug fixes
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.49
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 12 May 2011 12:57:54 +0200
+
+dpl (0.1.48) unstable; urgency=low
+
+ * MessageQueue, static remove for semaphores
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.48
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Fri, 22 Apr 2011 11:32:15 +0200
+
+dpl (0.1.47) unstable; urgency=low
+
+ * model/property system, TLS fixed
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.47
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 14 Apr 2011 14:35:38 +0200
+
+dpl (0.1.46) unstable; urgency=low
+
+ * delegate mechanism, sql connection, test runner fix
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.46
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 31 Mar 2011 10:18:22 +0200
+
+dpl (0.1.45) unstable; urgency=low
+
+ * ThreadLocal variables, named semaphore, Waitable fix,
+ * symbols visibility fix
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.45
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 21 Mar 2011 16:57:31 +0100
+
+dpl (0.1.44) unstable; urgency=low
+
+ * Disable Werror flag, bb fixed
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.44
+
+ -- Koeun Choi <koeun.choi@samsung.com> Thu, 10 Mar 2011 21:06:51 +0900
+
+dpl (0.1.43) unstable; urgency=low
+
+ * ecore_main_loop_select_func_get return type changed
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.43
+
+ -- Koeun Choi <koeun.choi@samsung.com> Tue, 08 Mar 2011 11:05:54 +0900
+
+dpl (0.1.42) unstable; urgency=low
+
+ * MultiTask added. union_cast, lexical_cast
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.42
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Fri, 04 Mar 2011 14:05:23 +0100
+
+dpl (0.1.41) unstable; urgency=low
+
+ * klocwork fixes, release method added to scoped array
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.41
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 01 Mar 2011 09:38:53 +0100
+
+dpl (0.1.40) unstable; urgency=low
+
+ * Zip-input fixed.
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.40
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 28 Feb 2011 10:42:44 +0100
+
+dpl (0.1.39-1) unstable; urgency=low
+
+ * redebianized
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.39-1
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Fri, 25 Feb 2011 09:33:12 +0100
+
+dpl (0.1.39) unstable; urgency=low
+
+ * Semaphore added, Mutex fixed, Zip enhanced
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.39
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 22 Feb 2011 09:54:11 +0100
+
+dpl (0.1.38) unstable; urgency=low
+
+ * GetCurrentTask, EventDispatcher fix, Append for DPL::String
+ * Zip file support
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.38
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 15 Feb 2011 17:52:24 +0100
+
+dpl (0.1.37-1) unstable; urgency=low
+
+ * redebianize
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.37-1
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Fri, 04 Feb 2011 11:11:13 +0100
+
+dpl (0.1.37) unstable; urgency=low
+
+ * EventSupport fixes.
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.37
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Thu, 03 Feb 2011 17:44:49 +0100
+
+dpl (0.1.36) unstable; urgency=low
+
+ * header fix.
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.36
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 01 Feb 2011 12:19:53 +0100
+
+dpl (0.1.35-1) unstable; urgency=low
+
+ * debianization fix.
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.35-1
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 01 Feb 2011 09:58:40 +0100
+
+dpl (0.1.35) unstable; urgency=low
+
+ * DPL::CharTraits fixed
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.35
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 01 Feb 2011 09:46:04 +0100
+
+dpl (0.1.34) unstable; urgency=low
+
+ * bundled value usage added.
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.34
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Fri, 28 Jan 2011 14:13:03 +0100
+
+dpl (0.1.33) unstable; urgency=low
+
+ * Synchronized events support.
+ * FOREACH macro.
+ * BinaryQueue reimplementation
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.33
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Fri, 21 Jan 2011 10:43:38 +0100
+
+dpl (0.1.32-3) unstable; urgency=low
+
+ * dpl path fix
+
+ * Git : 165.213.180.234:slp/pkgs/d/dpl
+ * Tag : dpl_0.1.32-3
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 11 Jan 2011 18:19:25 +0100
+
+dpl (0.1.32-2) unstable; urgency=low
+
+ * build break fixed
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.32-2
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 11 Jan 2011 17:29:55 +0100
+
+dpl (0.1.32-1) unstable; urgency=low
+
+ * redebianizing
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.32-1
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 11 Jan 2011 12:46:19 +0100
+
+dpl (0.1.32) unstable; urgency=low
+
+ * moving vconf header to dirty headers
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.32
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Mon, 10 Jan 2011 10:13:07 +0100
+
+dpl (0.1.31) unstable; urgency=low
+
+ * debianized - 0.1.31
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.31
+
+ -- Koeun Choi <koeun.choi@samsung.com> Wed, 08 Dec 2010 20:22:25 +0900
+
+dpl (0.1.30-2) unstable; urgency=low
+
+ * debianized - 0.1.30-2
+ * Ignored category for test runner
+ * TypeListGenerator to TypeListDecl
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.30-2
+
+ -- Koeun Choi <koeun.choi@samsung.com> Mon, 15 Nov 2010 16:00:52 +0900
+
+dpl (0.1.30) unstable; urgency=low
+
+ * Ignored category for test runner
+
+ -- Przemyslaw Dobrowolski <p.dobrowolsk@samsung.com> Fri, 12 Nov 2010 14:55:15 +0100
+
+dpl (0.1.29) unstable; urgency=low
+
+ * Renamed TypeListGenerator to TypeListDecl
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.29
+
+ -- Przemyslaw Dobrowolski <p.dobrowolsk@samsung.com> Fri, 12 Nov 2010 14:14:54 +0100
+
+dpl (0.1.28) unstable; urgency=low
+
+ * New controller mechanism
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.28
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Fri, 12 Nov 2010 12:22:01 +0100
+
+dpl (0.1.27) unstable; urgency=low
+
+ * Added threads' guarded singletons
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.27
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 09 Nov 2010 10:13:16 +0100
+
+dpl (0.1.26) unstable; urgency=low
+
+ * Bug fixes
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.26
+
+ -- Koeun Choi <koeun.choi@samsung.com> Mon, 08 Nov 2010 14:43:15 +0100
+
+ dpl (0.1.25-1) unstable; urgency=low
+
+ * Redebianized.
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.25-1
+
+ -- Koeun Choi <koeun.choi@samsung.com> Thu, 28 Oct 2010 12:12:45 +0900
+
+dpl (0.1.25) unstable; urgency=low
+
+ * Fixed exception handing while parsing RPC protocol
+ * commit : a19efed5a210fb1f8f91de18009b0d86e03326db
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.25
+
+ -- Koeun Choi <koeun.choi@samsung.com> Mon, 25 Oct 2010 15:21:48 +0900
+
+
+dpl (0.1.24) unstable; urgency=low
+
+ * Added 21 Controler support
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.24
+
+ -- Piotr Fatyga <p.fatyga@samsung.com> Wed, 20 Oct 2010 16:15:42 +0200
+
+dpl (0.1.23) unstable; urgency=low
+
+ * Reverted: main event dispatcher fix
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.23
+
+ -- Piotr Fatyga <p.fatyga@samsung.com> Wed, 13 Oct 2010 11:09:48 +0200
+
+dpl (0.1.22-1) unstable; urgency=low
+
+ * Main event dispatcher fix
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.22-1
+
+ -- Piotr Fatyga <p.fatyga@samsung.com> Fri, 08 Oct 2010 16:17:51 +0200
+
+dpl (0.1.22) unstable; urgency=low
+
+ * Main event dispatcher fix
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.22
+
+ -- Piotr Fatyga <p.fatyga@samsung.com> Fri, 08 Oct 2010 14:45:45 +0200
+
+dpl (0.1.21) unstable; urgency=low
+
+ * Fixed RPC bug which caused white screen
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.21
+
+ -- Piotr Fatyga <p.fatyga@samsung.com> Thu, 07 Oct 2010 12:17:18 +0200
+
+dpl (0.1.20-1) unstable; urgency=low
+
+ * Reupload to fix debianization error (again)
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.20-1
+
+ -- Piotr Fatyga <p.fatyga@samsung.com> Wed, 06 Oct 2010 15:07:32 +0200
+
+dpl (0.1.19) unstable; urgency=low
+
+ * Fixed bug in generic RPC protocol parser & package name is changed(svn is removed)
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.19
+
+ -- Koeun Choi <koeun.choi@samsung.com> Thu, 30 Sep 2010 19:17:20 +0900
+
+dpl (0.1.18) unstable; urgency=low
+
+ * support string conversion (i18n) and char traits
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.18
+
+ -- Ming Jin <ming79.jin@samsung.com> Fri, 17 Sep 2010 14:32:23 +0900
+
+dpl (0.1.17) unstable; urgency=low
+
+ * Upgrade to EFL1.0 alpha
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.17
+
+ -- Piotr Fatyga <p.fatyga@samsung.com> Fri, 10 Sep 2010 17:41:55 +0200
+
+dpl (0.1.16) unstable; urgency=low
+
+ * changed assert routine. Building changed to Release.
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.16
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Wed, 01 Sep 2010 11:39:41 +0200
+
+dpl (0.1.15) unstable; urgency=low
+
+ * Hibernation fixed
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.15
+
+ -- Koeun Choi <koeun.choi@samsung.com> Tue, 31 Aug 2010 19:00:52 +0200
+
+dpl (0.1.14) unstable; urgency=low
+
+ * Improvements in shared ptr, logging mechanism and unit testing
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.14
+
+ -- Pawel Sikorski <p.sikorski@samsung.com> Tue, 24 Aug 2010 09:59:48 +0200
+
+dpl (0.1.12) unstable; urgency=low
+
+ * Fixed problem with bool operator in smart pointers
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.12
+
+ -- Przemyslaw Dobrowolski <p.dobrowolsk@samsung.com> Wed, 18 Aug 2010 11:01:52 +0200
+
+dpl (0.1.11) unstable; urgency=low
+
+ * appcore updated
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.11
+
+ -- Koeun Choi <koeun.choi@samsung.com> Fri, 06 Aug 2010 10:28:44 +0900
+
+dpl (0.1.10) unstable; urgency=low
+
+ * Added support for handling late EFL events
+
+ * Git : 165.213.180.234:/git/slp/pkgs/dpl
+ * Tag : dpl_0.1.10
+
+ -- Koeun Choi <koeun.choi@samsung.com> Tue, 03 Aug 2010 19:34:53 +0900
+
+dpl (0.1.9) unstable; urgency=low
+
+ * Fixed bug in shared pointer copy operator
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.9
+
+ -- Andrew Lee <hyunchul2.lee@samsung.com> Mon, 12 Jul 2010 13:54:01 +0900
+
+dpl (0.1.8) unstable; urgency=low
+
+ * Fixed prevent defects
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.8
+
+ -- Andrew Lee <hyunchul2.lee@samsung.com> Tue, 22 Jun 2010 12:14:32 +0900
+
+dpl (0.1.7) unstable; urgency=low
+
+ * DLOG API change update
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.7
+
+ -- Ming Jin <ming79.jin@samsung.com> Wed, 16 Jun 2010 17:00:00 +0900
+
+dpl (0.1.6-1) unstable; urgency=low
+
+ * Strange tag verification error.
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.6-1
+
+ -- Andrew Lee <hyunchul2.lee@samsung.com> Fri, 11 Jun 2010 11:37:41 +0900
+
+dpl (0.1.6) unstable; urgency=low
+
+ * Repackaging due to efl update.
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.6
+
+ -- Andrew Lee <hyunchul2.lee@samsung.com> Fri, 11 Jun 2010 09:38:01 +0900
+
+dpl (0.1.5) unstable; urgency=low
+
+ * Changed usage of deprecated appfwk to appcore-efl
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.5
+
+ -- Andrew Lee <hyunchul2.lee@samsung.com> Tue, 08 Jun 2010 19:11:38 +0900
+
+dpl (0.1.4) unstable; urgency=low
+
+ * appfwk api removed
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.4
+
+ -- Andrew Lee <hyunchul2.lee@samsung.com> Fri, 04 Jun 2010 11:22:28 +0900
+
+dpl (0.1.3) unstable; urgency=low
+
+ * single instance locking mechanism supported
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.3
+
+ -- Koeun Choi <koeun.choi@samsung.com> Wed, 19 May 2010 20:19:00 +0900
+
+dpl (0.1.2) unstable; urgency=low
+
+ * HIBERNATION_LEAVE_BEFORE_WS added
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.2
+
+ -- Koeun Choi <koeun.choi@samsung.com> Tue, 18 May 2010 08:27:14 +0900
+
+dpl (0.1.1) unstable; urgency=low
+
+ * permission changed by new SLP security guideline
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.1
+
+ -- Koeun Choi <koeun.choi@samsung.com> Fri, 14 May 2010 14:07:16 +0900
+
+dpl (0.1.0) unstable; urgency=medium
+
+ * below details are written by Przemek. :)
+
+ * Added main window visibility optional flag to application class.
+
+ * Removed debug logs from application (switched to pedantic ones)
+ Fixed close sequence in RPC example
+
+ * Fixed critical leak in rpc connection related to acquisition of abstract waitable input/output.
+
+ * Added RPC Client/Server example
+
+ * Removed useParam from ConnectionEstablished event in RPC Server/Client
+ Added ConnectionID to ConnectionEstablishedEvent in RPC Server/Client
+ Added convience Open methods to (Tcp/Unix)SocketRPC(Server/Client)
+
+ * Removed purpose-specific static call code.
+
+ * Added implementation of GenericSocketRPCServer, TcpSocketRPCServer, UnixSocketRPCServer.
+
+ * Implementation in progress: Client/Server architecture for RPC - client and connection part.
+
+ * Temporary fix to build break caused by problems with in DLOG include files
+
+ * Fixed unregister global noti signal routine
+
+ * Added dedicated RPCFunction include file
+ All current RPC mechanisms marked as deprecated
+ Added RPC Client/Server/Connection stub files
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.1.0
+
+ -- Koeun Choi <koeun.choi@samsung.com> Fri, 07 May 2010 11:10:09 +0200
+
+dpl (0.0.9) unstable; urgency=low
+
+ * HibernationEnter and HibernationLeave system events added to EventDeliverySystem
+
+ * Added support for old style pedantic logs
+
+ * Added initial support (i386,gcc) for dynamically created static methods (static interception)
+
+ * Added protocol argument size checks in RPC
+
+ * Fixed non-reentrant version of serialized string parser in EventDeliverySystem
+
+ * Fixed multiple event handling routines to return all signaled handles list (starvation related fix)
+
+ * Workaround definition file added. Moved GLIB-loop-intergration workaround to workaround definition file.
+
+ * Fixed typo in exception messages
+
+ * Workaround for SLP select
+
+ * Added postinstallation scripts for EFL and GTL version of DPL
+
+ * Fixed bug related to improper reinitialization of socket descriptor after Close/Open sequence
+
+ * Added GenericSocketRPC
+ Added TcpSocketRPC
+ Implementation of UnixSocketRPC rebased to GenericSocketRPC
+ Fixed template-based problems with declaring nested generic exceptions
+
+ * Added support for old style plain logs (export DPL_USE_OLD_STYLE_LOGS=1)
+
+ * Fixed bug in WaitableInputOutputExecutionContextSupport related to continous event insisting
+ Fixed bug in WaitableHandle related to improper handling of Read/Write events
+ Added support for retrieving other errors in WatableHandle
+ Added runtime-check for invalid WaitableHandles
+
+ * Fixed DPL debug package name
+
+ * More DPL doxygen documentation added.
+
+ * Added more tests for BinaryQueue (21)
+ Added doxygen documentation for BinaryQueue
+
+ * BinaryQueue basic unit tests added (13)
+
+ * Added generic framework for unit-testing for DPL
+
+ * Added support for handling manipulations with waitable handle watcher/listeners lists during event handling
+ Added TcpSocket
+ Added tcpsock example
+ Added support for defining maximum number of bytes to read in AbstractInput
+ Added support for DNS resolve for tcp Address
+
+ * Added support for retrieving doubles from database in SqlConnection.
+ Added exceptions on retrieving column out of bounds.
+
+ * Added support for retrieveing last insert row ID in SqlConnnection (reported by b.grzelewski)
+
+ * Fixed bug in GenericRPC related to inproper interpretation of incoming data stream (reported by p.sikorski)
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.0.8
+
+
+ -- Koeun Choi <koeun.choi@samsung.com> Thu, 29 Apr 2010 17:41:02 +0200
+
+dpl (0.0.8) unstable; urgency=medium
+
+ * debianized : commit 210d5f7ecd396ff9aeeafcb0d34272a4c4e6c77d
+
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.0.8
+
+ -- Koeun Choi <koeun.choi@samsung.com> Fri, 23 Apr 2010 00:51:27 +0900
+
+dpl (0.0.7) unstable; urgency=low
+
+ * debianized
+ * Git : 165.213.180.234:/git/slp2.0/slp2.0-pkgs/dpl-0
+ * Tag : dpl_0.0.7
+
+
+ -- Koeun Choi <koeun.choi@samsung.com> Tue, 20 Apr 2010 14:16:18 +0900
+
+dpl (0.0.6) unstable; urgency=medium
+
+ * LogSystem switched to DLOG
+
+ * Initial support for Application in gtk version added
+
+ * Fixed link problems in example projects build scripts
+
+ * Added missing sender in events from GenericSocket
+
+ * Added missing dependencies to db-util in pkgconfig files
+
+ * Fixed memory leak in MainEventDispatcher for EFL, related to timed events (reported by valgrind)
+
+ * Fixed memory leak in Thread event list (reported by valgrind)
+
+ * Minimum version of libslp-setting-0 defined (reported by p.misiak)
+
+ * Fixed bug in UnixSocketRPC in scenario when cannot connect (reported by p.sikorski)
+
+ -- Koeun Choi <koeun.choi@samsung.com> Fri, 16 Apr 2010 11:08:46 +0200
+
+dpl (0.0.5) unstable; urgency=high
+
+ * Minimum required version od db-util changed to 0.1.0-23 due to link problems
+
+ -- Koeun Choi <koeun.choi@samsung.com> Thu, 15 Apr 2010 08:28:08 +0200
+
+dpl (0.0.4) unstable; urgency=medium
+
+ * SQLConnection: Added support for Lucene indexer
+
+ * Replaced deprecated API from vconf and util in EventDeliveryDetail for EFL
+
+ * Added doxygen configuration file
+ Added deprecated DPL declarator file
+ Added support for handling broken connections in GenericSocket and RPC
+
+ * DLOG: dlog_init/dlog_deinit is not needed and deprecated. Removed.
+
+ * Fixed bug related to multiple close/connect on socket (reported by p.sikorski)
+
+ * Reference manual stub added
+
+ * Added WaitableInputOutputExecutionContextSupport
+ Various bugfixes related to WaitableHandleSupport
+ Added RPC ClosedEvent support
+
+ -- Koeun Choi <koeun.choi@samsung.com> Wed, 14 Apr 2010 14:27:54 +0200
+
+dpl (0.0.3) unstable; urgency=low
+
+ * Experimental RPC over unix-sockets added.
+
+ * Fixed bug in Main. Various bugfixes in UnixSocket and GenericSocket. GenericRPC implementation in progress
+
+ * Removed NamedPipeRPCCall
+ Added UnixSocketRPC
+ Renaming RPCCall -> RPC
+
+ * GenericSocket implementation finished
+
+ * Generic socket implementation in progress.
+ Added DPL debug package
+
+ * Added Main
+
+ * Fixed DPL-GTK library dependency problem
+
+ * Added WaitableHandleWatchSupport
+
+ * Fixed BUG in EFL-MainEventDispatcher, regarding too late deinitialization
+
+ * Fixed bug in controller touch check assertions.
+ Generic socket implementation in progress.
+
+ * Added support for mode in waitable handle wait procedures.
+ Added support for multi-mode watchers in thread.
+ Added UnixSocket implementation.
+ Added GenericSocket implementation.
+ Added AbstractSocket.
+ Added Address concept.
+ Added example socket test program.
+
+ * Controller extended to handle maximum of 20 events
+
+ * Added WaitableHandle
+
+ * Added AbstractWaitableInput, AbstractWaitableOutput, AbstractWaitableInputOutput,
+ NamedBasePipe, NamedInputPipe, NamedOutputPipe, partial implementation of GenericRPCCall,
+ full implementation of NamedPipeRPCCall
+
+ * Added NamedPipe (blocking mode)
+
+ * Added AbstractInput, AbstractOutput, AbstractInputOutput, NamedPipe stub, GenericRPCCall stub
+
+ * Added RecursiveMutex.
+ Added support for waitable event watchers in Thread.
+
+ * Added BinaryQueue
+
+ * Debian/changelog updated
+
+ * Fixed build-depends
+
+ * Package build dependencies defined properly
+
+ -- Koeun Choi <koeun.choi@samsung.com> Thu, 08 Apr 2010 15:54:02 +0200
+
+dpl (0.0.2) unstable; urgency=low
+
+ * Toolchain upgrades and fixes
+
+ -- Koeun Choi <koeun.choi@samsung.com> Tue, 23 Mar 2010 11:40:32 +0100
+
+dpl (0.0.1) unstable; urgency=low
+
+ * Initial release
+
+ -- Koeun Choi <koeun.choi@samsung.com> Tue, 23 Mar 2010 11:40:32 +0100
+
Maintainer: Lukasz Wrzosek<l.wrzosek@samsung.com>, Taejeong.lee <taejeong.lee@samsung.com>
Standards-Version: 3.7.2
Uploaders: Yunchan Cho <yunchan.cho@samsung.com>,Przemyslaw Dobrowolski <p.dobrowolsk@samsung.com>, Pawel Sikorski <p.sikorski@samsung.com>, Zbigniew Kostrzewa <z.kostrzewa@samsung.com>
-Build-Depends: debhelper (>= 5), libecore-dev, libslp-setting-dev (>=0.2.5-2), libheynoti-dev, libappcore-efl-dev, libssl-dev, libsqlite3-dev, dlog-dev (>= 0.2.14-0), libglib2.0-dev, libslp-db-util-dev (>= 0.1.0-23), zlib1g-dev, libpcre-dev, libicu-dev, libxmlsec1-dev, openssl, libxml2-dev, libsoup2.4-dev, libcert-svc-dev, libiri-dev, libidn11-dev, libslp-tapi-dev
+Build-Depends: debhelper (>= 5), libecore-dev, libslp-setting-dev (>=0.2.5-2), libappcore-efl-dev, libssl-dev, libsqlite3-dev, dlog-dev (>= 0.2.14-0), libglib2.0-dev, libslp-db-util-dev (>= 0.1.0-23), zlib1g-dev, libpcre-dev, libicu-dev, libxmlsec1-dev, openssl, libxml2-dev, libsoup2.4-dev, libcert-svc-dev, libiri-dev, libidn11-dev
# If you want to build version of gtk, comment out above one live and use the following one line
-#Build-Depends: debhelper (>= 5), libecore-dev, libslp-setting-dev (>=0.2.5-2), libheynoti-dev, libappcore-efl-dev, libssl-dev, libsqlite3-dev, dlog-dev (>= 0.2.14-0), libglib2.0-dev, libslp-db-util-dev (>= 0.1.0-23), libgtk2.0-dev, zlib1g-dev, libpcre-dev, libicu-dev
+#Build-Depends: debhelper (>= 5), libecore-dev, libslp-setting-dev (>=0.2.5-2), libappcore-efl-dev, libssl-dev, libsqlite3-dev, dlog-dev (>= 0.2.14-0), libglib2.0-dev, libslp-db-util-dev (>= 0.1.0-23), libgtk2.0-dev, zlib1g-dev, libpcre-dev, libicu-dev
Package: wrt-commons
Section: libs
Conflicts: dpl-efl-dev
Replaces: dpl-efl-dev
Architecture: any
-Depends: wrt-commons (= ${Source-Version}), libecore-dev, libslp-setting-dev (>=0.2.5-2), libheynoti-dev, libappcore-efl-dev, libssl-dev, libsqlite3-dev, dlog-dev (>= 0.2.14-0), libslp-db-util-dev (>= 0.1.0-23), zlib1g-dev, libpcre-dev
+Depends: wrt-commons (= ${Source-Version}), libecore-dev, libslp-setting-dev (>=0.2.5-2), libappcore-efl-dev, libssl-dev, libsqlite3-dev, dlog-dev (>= 0.2.14-0), libslp-db-util-dev (>= 0.1.0-23), zlib1g-dev, libpcre-dev, libxml2-dev
Description: Design patterns library - EFL based developer files
Design patterns library is a collection of useful C++ utilities
to easily develop window applications. The most important part of
#!/usr/bin/make -f
#export DH_VERBOSE=1
-PACKAGE_VERSION ?= $(shell sed -n "1 p" debian/changelog | sed 's/.*([0-9]*.\([0-9]*\).*).*/\1/')
-CFLAGS = -Wall -g
-LDFLAGS = -Wl,--as-needed -Wl,--hash-style=both
+PACKAGE_VERSION ?= $(shell dpkg-parsechangelog | sed -n 's/^Version: // p')
-ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
- CFLAGS += -O0
+ifneq (,$(findstring yes,$(DPL_LOGS)))
+DPL_LOGS_STATUS = "ON"
else
- CFLAGS += -O2
-endif
-
-ifneq (,$(findstring yes,$(DPL_LOG)))
- DPL_LOGS_STATUS = "ON"
-else
- DPL_LOGS_STATUS = "OFF"
+DPL_LOGS_STATUS = "OFF"
endif
BUILD_DIR = cmake-build
configure: configure-stamp
configure-stamp:
- dh_testdir
+ dh_testdir
rm -rf $(BUILD_DIR)
mkdir $(BUILD_DIR)
- ( cd $(BUILD_DIR); cmake .. -DCMAKE_INSTALL_PREFIX=/usr -DDPL_LOG=$(DPL_LOGS_STATUS) -DVERSION=${PACKAGE_VERSION}; )
+ ( cd $(BUILD_DIR); cmake .. \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DDPL_LOG=$(DPL_LOGS_STATUS) \
+ -DVERSION=${PACKAGE_VERSION};)
+
touch configure-stamp
build: build-stamp
/usr/bin/dpl-test*
/usr/bin/dpl-dbus-test-service
-/usr/etc/ace/policy*
-/usr/etc/ace/attr*
-/usr/etc/ace/general*
-/usr/etc/ace/undefined*
-/usr/etc/ace/CMTest/*
-/opt/apps/widget/tests/vcore_widget_uncompressed/*
-/opt/apps/widget/tests/vcore_keys/*
-/opt/apps/widget/tests/vcore_certs/*
/opt/apps/wrt/wrt-commons/tests/*
/usr/share/dbus-1/services/org.tizen.DBusTestService.service
/opt/apps/widget/tests/localization/*
usr/lib/*.so*
/usr/share/wrt-engine/*
-/usr/bin/wrt_reset_db.sh
-/usr/bin/wrt_create_clean_db.sh
-/usr/etc/ace/config*
-/usr/etc/ace/bondixml*
-/usr/etc/ace/demo.*
-/usr/etc/ace/WACPolicy.xml
-/usr/etc/ace/UnrestrictedPolicy.xml
-/opt/share/cert-svc/certs/code-signing/wac/*
+/usr/bin/wrt_commons_reset_db.sh
+/usr/bin/wrt_commons_create_clean_db.sh
if [ -z ${2} ]; then
echo "This is new install of wrt-commons"
- echo "Calling /usr/bin/wrt_reset_db.sh"
- /usr/bin/wrt_reset_db.sh
+ echo "Calling /usr/bin/wrt_commons_reset_db.sh"
+ /usr/bin/wrt_commons_reset_db.sh
else
# Find out old and new version of databases
WRT_OLD_DB_VERSION=`sqlite3 /opt/dbspace/.wrt.db ".tables" | grep "DB_VERSION_"`
WRT_NEW_DB_VERSION=`cat /usr/share/wrt-engine/wrt_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_`
- ACE_OLD_DB_VERSION=`sqlite3 /opt/dbspace/.ace.db ".tables" | grep "DB_VERSION_"`
- ACE_NEW_DB_VERSION=`cat /usr/share/wrt-engine/ace_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_`
- VCORE_OLD_DB_VERSION=`sqlite3 /opt/dbspace/.vcore.db ".tables" | grep "DB_VERSION_"`
- VCORE_NEW_DB_VERSION=`cat /usr/share/wrt-engine/vcore_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_`
+ AUTOSAVE_OLD_DB_VERSION=`sqlite3 /opt/dbspace/.wrt_autosave.db ".tables" | grep "DB_VERSION_"`
+ AUTOSAVE_NEW_DB_VERSION=`cat /usr/share/wrt-engine/wrt_autosave_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_`
echo "OLD wrt database version ${WRT_OLD_DB_VERSION}"
echo "NEW wrt database version ${WRT_NEW_DB_VERSION}"
- echo "OLD ace database version ${ACE_OLD_DB_VERSION}"
- echo "NEW ace database version ${ACE_NEW_DB_VERSION}"
- echo "OLD vcore database version ${VCORE_OLD_DB_VERSION}"
- echo "NEW vcore database version ${VCORE_NEW_DB_VERSION}"
+ echo "OLD wrt_autosave database version ${AUTOSAVE_OLD_DB_VERSION}"
+ echo "NEW wrt_autosave database version ${AUTOSAVE_NEW_DB_VERSION}"
-
- if [ ${WRT_OLD_DB_VERSION} -a ${WRT_NEW_DB_VERSION} -a ${ACE_OLD_DB_VERSION} -a ${ACE_NEW_DB_VERSION} -a ${VCORE_OLD_DB_VERSION} -a ${VCORE_NEW_DB_VERSION} ]
+ if [ ${WRT_OLD_DB_VERSION} -a ${WRT_NEW_DB_VERSION} -a ${AUTOSAVE_OLD_DB_VERSION} -a ${AUTOSAVE_NEW_DB_VERSION} ]
then
- if [ ${WRT_NEW_DB_VERSION} = ${WRT_OLD_DB_VERSION} -a ${ACE_NEW_DB_VERSION} = ${ACE_OLD_DB_VERSION} -a ${VCORE_OLD_DB_VERSION} = ${VCORE_NEW_DB_VERSION} ]
+ if [ ${WRT_NEW_DB_VERSION} = ${WRT_OLD_DB_VERSION} -a ${AUTOSAVE_NEW_DB_VERSION} = ${AUTOSAVE_OLD_DB_VERSION} ]
then
echo "Equal database detected so db installation ignored"
else
- echo "Calling /usr/bin/wrt_reset_db.sh"
- /usr/bin/wrt_reset_db.sh
+ echo "Calling /usr/bin/wrt_commons_reset_db.sh"
+ /usr/bin/wrt_commons_reset_db.sh
fi
else
- echo "Calling /usr/bin/wrt_reset_db.sh"
- /usr/bin/wrt_reset_db.sh
+ echo "Calling /usr/bin/wrt_commons_reset_db.sh"
+ /usr/bin/wrt_commons_reset_db.sh
fi
fi
mkdir -p /usr/etc/ace
mkdir -p /usr/apps/org.tizen.policy
-# 3. configurations
-chown root:root /usr/etc/ace/config.xml
-
# DBUS services fix
# WARNING: THIS IS TEMPORARY SOLUTION, AS THIS SHOULD NOT BE OUR
# RESPONSIBILITY!!! WE HAVE TO CONTACT TO DBUS MAINAINERS
SET(ETC_DIR ${PROJECT_SOURCE_DIR}/etc)
INSTALL(FILES
- ${ETC_DIR}/wrt_reset_db.sh
- ${ETC_DIR}/wrt_create_clean_db.sh
+ ${ETC_DIR}/wrt_commons_reset_db.sh
+ ${ETC_DIR}/wrt_commons_create_clean_db.sh
DESTINATION /usr/bin
)
-
-INSTALL(FILES
- ${ETC_DIR}/schema.xsd
- DESTINATION share/wrt-engine
- )
-
-INSTALL(FILES
- ${ETC_DIR}/fingerprint_list.xsd
- DESTINATION share/wrt-engine/
- )
-
-INSTALL(FILES
- ${ETC_DIR}/fingerprint_list.xml
- DESTINATION share/wrt-engine/
- )
-
-ADD_SUBDIRECTORY(certificates)
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# @file CMakeLists.txt
-# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
-# @author Yunchan Cho (yunchan.cho@samsung.com)
-# @version 1.0
-# @brief
-#
-
-SET(CERT_DIR ${PROJECT_SOURCE_DIR}/etc/certificates)
-
-INSTALL(FILES
- ${CERT_DIR}/wac.root.preproduction.pem
- ${CERT_DIR}/wac.root.production.pem
- ${CERT_DIR}/wac.publisherid.pem
- ${CERT_DIR}/tizen.root.preproduction.cert.pem
- DESTINATION /opt/share/cert-svc/certs/code-signing/wac/
- )
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- b3:cb:d1:5b:de:6e:66:95
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=KR, ST=Suwon, O=Samsung Electronics, OU=SLP, CN=SLP WebApp Temporary CA/emailAddress=yunchan.cho@samsung.com
- Validity
- Not Before: Dec 8 10:27:32 2011 GMT
- Not After : Nov 30 10:27:32 2021 GMT
- Subject: C=KR, ST=Suwon, O=Samsung Electronics, OU=SLP, CN=SLP WebApp Temporary CA/emailAddress=yunchan.cho@samsung.com
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- Public-Key: (1024 bit)
- Modulus:
- 00:cb:46:b8:94:81:b1:83:d7:29:05:2a:33:01:9e:
- 66:15:f8:be:bb:95:17:dd:7a:c4:c2:f5:d9:e4:aa:
- fd:c8:8d:a9:48:65:fc:3d:dc:47:d7:2a:2f:5e:c7:
- 1f:22:ed:e0:98:e6:43:6d:74:82:ca:7d:22:9c:60:
- 44:18:cd:ca:d6:6b:16:ca:ed:63:c9:7a:f1:00:df:
- e4:6b:33:47:2f:78:75:61:d7:c9:29:3e:a9:ee:76:
- dd:2e:fe:9d:e7:3c:0d:02:f4:e9:2d:46:74:49:52:
- ef:a0:d6:9d:4d:08:65:ea:6b:35:72:a5:08:d8:46:
- 46:03:99:7c:66:8c:60:c4:91
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 47:A8:8F:CD:1F:22:BA:69:85:13:55:21:2D:C2:19:2D:5F:FF:DC:03
- X509v3 Authority Key Identifier:
- keyid:47:A8:8F:CD:1F:22:BA:69:85:13:55:21:2D:C2:19:2D:5F:FF:DC:03
-
- X509v3 Basic Constraints:
- CA:TRUE
- Signature Algorithm: sha1WithRSAEncryption
- c2:c4:62:f2:ec:6f:2b:05:9c:09:cc:ae:e9:77:a9:1d:66:6b:
- 03:7b:01:3a:e6:29:bb:2a:b8:15:d8:a1:7d:9b:05:b4:8c:cb:
- ae:c7:eb:68:c0:e3:29:c7:e7:5a:ca:1a:0c:3a:ab:91:80:4f:
- 9b:36:d4:45:b4:7b:2c:ef:f3:fd:cb:84:84:85:42:3d:ec:18:
- 3f:5f:9e:b1:1f:8d:0a:57:89:51:e4:eb:7e:da:e9:79:82:61:
- 38:ad:ca:94:43:71:00:73:13:b9:e9:ef:bc:68:c5:ff:5e:0a:
- f6:b9:2a:3d:1d:21:77:22:d0:4e:e7:ad:da:31:0b:51:fa:44:
- cd:fa
------BEGIN CERTIFICATE-----
-MIIC9jCCAl+gAwIBAgIJALPL0VvebmaVMA0GCSqGSIb3DQEBBQUAMIGTMQswCQYD
-VQQGEwJLUjEOMAwGA1UECAwFU3V3b24xHDAaBgNVBAoME1NhbXN1bmcgRWxlY3Ry
-b25pY3MxDDAKBgNVBAsMA1NMUDEgMB4GA1UEAwwXU0xQIFdlYkFwcCBUZW1wb3Jh
-cnkgQ0ExJjAkBgkqhkiG9w0BCQEWF3l1bmNoYW4uY2hvQHNhbXN1bmcuY29tMB4X
-DTExMTIwODEwMjczMloXDTIxMTEzMDEwMjczMlowgZMxCzAJBgNVBAYTAktSMQ4w
-DAYDVQQIDAVTdXdvbjEcMBoGA1UECgwTU2Ftc3VuZyBFbGVjdHJvbmljczEMMAoG
-A1UECwwDU0xQMSAwHgYDVQQDDBdTTFAgV2ViQXBwIFRlbXBvcmFyeSBDQTEmMCQG
-CSqGSIb3DQEJARYXeXVuY2hhbi5jaG9Ac2Ftc3VuZy5jb20wgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAMtGuJSBsYPXKQUqMwGeZhX4vruVF916xML12eSq/ciN
-qUhl/D3cR9cqL17HHyLt4JjmQ210gsp9IpxgRBjNytZrFsrtY8l68QDf5GszRy94
-dWHXySk+qe523S7+nec8DQL06S1GdElS76DWnU0IZeprNXKlCNhGRgOZfGaMYMSR
-AgMBAAGjUDBOMB0GA1UdDgQWBBRHqI/NHyK6aYUTVSEtwhktX//cAzAfBgNVHSME
-GDAWgBRHqI/NHyK6aYUTVSEtwhktX//cAzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
-DQEBBQUAA4GBAMLEYvLsbysFnAnMrul3qR1mawN7ATrmKbsquBXYoX2bBbSMy67H
-62jA4ynH51rKGgw6q5GAT5s21EW0eyzv8/3LhISFQj3sGD9fnrEfjQpXiVHk637a
-6XmCYTitypRDcQBzE7np77xoxf9eCva5Kj0dIXci0E7nrdoxC1H6RM36
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIOZscBAQACO65mNg72468wDQYJKoZIhvcNAQEFBQAwgZQx
-CzAJBgNVBAYTAkRFMRwwGgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMTEwLwYD
-VQQLEyhQcmUtUHJvZHVjdGlvbiBUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBMTQw
-MgYDVQQDEytQcmUtUHJvZHVjdGlvbiBUQyBUcnVzdENlbnRlciBDbGFzcyAyIENB
-IElJMB4XDTA2MDYwODE0MTYwMVoXDTI1MTIzMTIyNTk1OVowgZQxCzAJBgNVBAYT
-AkRFMRwwGgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMTEwLwYDVQQLEyhQcmUt
-UHJvZHVjdGlvbiBUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBMTQwMgYDVQQDEytQ
-cmUtUHJvZHVjdGlvbiBUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBIElJMIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ewnr8E24AqXnf1Lu7w/g79Hht+W
-lvWQg7cPC7685oj0htT0SmDy94uQaC3qRzBJktLKCyuniABykhdTr04rGWgzqD8n
-EzcFCt5k0gF39l3ND/JL+S2YJK/f/xc884hjcLsHUU7cAd6mDlVkOszFK86DNbu0
-noz0y1y462RIOvPCjkYl/GJ5zL62bdDbgFqrWMPZ54JFG0Rj1v575ygfOd2LwOXe
-xjzqfYI4JOx9frKWakPTehW+0UY5UdF0cMvHuLJie9H0vOobR4vtkenbS283b6j7
-0WCoU/BeAr4qskvMs9WwkwDquO4XnzYQDsEVgjBu4H2W0ihNUYJbRo8wtQIDAQAB
-o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
-DTX6+fYyziPR1HZxViaGOj66QOYwDQYJKoZIhvcNAQEFBQADggEBALZ0pfjOfePn
-D/6QDCt+cjQ5+U4eKcOlJMXrpEAlnC6oAnN1hqbOQaj44aIAbNap36E/Hl9s0Uga
-c4nz73o5uPvdDmbWzNnMz6ey5NU0XXNzHxQWFdb0+Z7Cho5txoZjjynYXmyQc3RJ
-rrPI+6Uej6sEv15ZGirjABza6pNJ+2NLojLyUb+8et3OCLS+wJ4qrX/5uwgL50Lt
-0M2iPdZv+gjZwNmNWYIflYrSXa3ujclH+EAkkk/G1JxPzhVI3cII3y2DUZQAPCcX
-XQDXIX2zJo7bYaUYJhlEeiGX17cdXMXDT1tbXKKg2mRIga1K4lknn9U/vzkjMJXL
-GA38dUZRZ2Y=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIOMwoBAQAuBBKsIqIni7QwDQYJKoZIhvcNAQELBQAwYDEL
-MAkGA1UEBhMCR0IxJTAjBgNVBAoMHFdBQyBBcHBsaWNhdGlvbiBTZXJ2aWNlcyBM
-dGQxKjAoBgNVBAMMIVdBQyBBcHBsaWNhdGlvbiBTZXJ2aWNlcyBMdGQgVEVTVDAe
-Fw0xMTAzMDMxNTA3MTlaFw0zNjAzMDMxNTA3MTlaMGAxCzAJBgNVBAYTAkdCMSUw
-IwYDVQQKDBxXQUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkMSowKAYDVQQDDCFX
-QUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkIFRFU1QwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQC1PB3UrpAQgLSVqHRPhHqdDJsjKQe/CT9oS4lA+mI/
-vkhAvam/EvcNrNHcLVvSph+Mj0d2Y2J9wkcNW7fS3qZJXtpMNU36r7XdBk9kiYhc
-PwJbckCo9Pp8YFxkuR6xV6Cc4o54mO2mumxDQ1hbwCsc5CT7yQz0FVVhCE01X6JJ
-D61DvqmAzCUpehmEXthNV/s/o8fL+I2mD75p8vNDyIZHSJX59czO3PriT3tH2h+0
-tQx7NEWG70fQEU2CzcH9UngPYU7xXqNOhT9GmI/yL3HTeYGNH3i5VHrBjxeTF11t
-IWSUDWQX1W0Y7TbN06XcGcuqPgjZ9xMcV7S4OiCBJz5nAgMBAAGjQjBAMA8GA1Ud
-EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQp5dzy2tJEArpT
-qcQWNXG6J7y5WTANBgkqhkiG9w0BAQsFAAOCAQEAoXuyi8AjMx2yKVpss7xpVi5v
-aUjcHU3AlptjNCFrXI6Bw+KJGNo8ydYlEASRd5dL/pJ6/V+UuUt9EngjUSdYOZGB
-OgCeB2sJI8EZSay2LLhOCmkAxltC94Y/KRzkKqsYvNc6yvF85d+d4gbokf4APjmR
-1TSlZLZsVhwfR0k0mer2rHQGE5Ljezdk7ZGeEMLdn6WFScwjo980EI0OqEoJU3on
-+1TTBYudZ4o3qMgHiFwJafUJ6i3zuYbi9x86zMqeI4dJTbsTKLM0QV8vIdzI9fkV
-t1tO/uBBAsNFUv8PAYwP4AFyGvyJbR4uxwxuQZKrltgjSTkPGYR14JtrGk7Y9g==
------END CERTIFICATE-----
-
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDgTCCAmmgAwIBAgIPAKTxAAEALtiV8/+rhB6+MA0GCSqGSIb3DQEBCwUAMFsx
-CzAJBgNVBAYTAkdCMSUwIwYDVQQKDBxXQUMgQXBwbGljYXRpb24gU2VydmljZXMg
-THRkMSUwIwYDVQQDDBxXQUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkMB4XDTEx
-MDMxNDE0MDEwNFoXDTM2MDMxNDE0MDEwNFowWzELMAkGA1UEBhMCR0IxJTAjBgNV
-BAoMHFdBQyBBcHBsaWNhdGlvbiBTZXJ2aWNlcyBMdGQxJTAjBgNVBAMMHFdBQyBB
-cHBsaWNhdGlvbiBTZXJ2aWNlcyBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQDCf6RHUPVBUY4YXYMdrmt5yO95eRCOG6vJtI9w0UM2w/2fihD5SMYa
-3cCVam4j6F8FSspMIx+4CTCwdDSUixBGENwGEhD4qxqqV3KTObmxmYbELa97S1IP
-qwoFelzUX6e+qHmYHi+eu/hONeiZaPBLtUtCd6ppCd5ACrD/kf/Ug/tfUtngozjG
-sJ1UB10Ezi3fKs3OkkZMuecJvjWmDpRAyvIeeV8xfzeyn+DMpvhnI9RrSY0j4huE
-ud6Lzzg0jV8+m54v0j7hv9klyNcGiZ+bmHr0LIyAtT+uktcms/4p3V9j01SI9Tmw
-HcHKDXnM6kuThWpr6DR9KFSZ8zD2Nx5nAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB
-Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBT5bKdU2+CGE17R+o/rMCZHHMn+
-WzANBgkqhkiG9w0BAQsFAAOCAQEAXmO+J5suIGuzbfYBoTdr8gahFfWEbhm1y6mJ
-eZAc+Mf5L+In20p+Oj5uy6LsTmJsE9VE/+gi1eALKl9EhgYhET2ZlAzRFCN5dTWv
-NTAFxJfGMkn2U5iW+luJ+lejyYBqEEFRpzwhXZbVDZQLim4CU75H75KzFkUgTulG
-5M6U/Plt6S1rKgMkeYiR27W4C2NZMFXYqctt0m+eKEa3ueZE9pYUxqVcvQKSI017
-Nbc1kSkcuSKFV2Bk2T5dh5jQvywykdWLubAe6XiiC5CIT31kcSX6AlVhgNxWRRKP
-QFO7lWqxnQMR2Or38ve7oSg1oL5Sx80fcbp3ovaYSKt5jnVWfg==
------END CERTIFICATE-----
-
+++ /dev/null
-<CertificateSet>
- <CertificateDomain name="wacpublisher">
- <FingerprintSHA1>AF:90:29:D2:B2:E1:6F:D6:7E:7E:EC:8E:BE:74:FA:4C:00:9C:49:FE</FingerprintSHA1><!-- root.cert.pem w3c signature tests -->
- <FingerprintSHA1>A6:00:BC:53:AC:37:5B:6A:03:C3:7A:8A:E0:1B:87:8B:82:94:9B:C2</FingerprintSHA1><!-- wac.publisher.pem -->
- <FingerprintSHA1>C2:C4:B5:72:9A:CF:D9:72:C5:DE:C1:E1:30:FF:74:7F:7A:AF:27:12</FingerprintSHA1><!-- root_cacert.pem certificate for internal tests -->
- </CertificateDomain>
- <CertificateDomain name="wacroot">
- <FingerprintSHA1>AF:90:29:D2:B2:E1:6F:D6:7E:7E:EC:8E:BE:74:FA:4C:00:9C:49:FE</FingerprintSHA1><!-- root.cert.pem w3c signature tests -->
- <FingerprintSHA1>C2:C4:B5:72:9A:CF:D9:72:C5:DE:C1:E1:30:FF:74:7F:7A:AF:27:12</FingerprintSHA1><!-- root_cacert.pem certificate for internal tests -->
- <FingerprintSHA1>A0:59:D3:37:E8:C8:2E:7F:38:84:7D:21:A9:9E:19:A9:8E:EC:EB:E1</FingerprintSHA1><!-- wac.root.production.pem -->
- <FingerprintSHA1>8D:1F:CB:31:68:11:DA:22:59:26:58:13:6C:C6:72:C9:F0:DE:84:2A</FingerprintSHA1><!-- wac.root.preproduction.pem -->
- </CertificateDomain>
- <CertificateDomain name="developer">
- <FingerprintSHA1>4A:9D:7A:4B:3B:29:D4:69:0A:70:B3:80:EC:A9:44:6B:03:7C:9A:38</FingerprintSHA1><!-- operator.root.cert.pem internal tests-->
- </CertificateDomain>
- <CertificateDomain name="wacmember">
- </CertificateDomain>
- <CertificateDomain name="tizenmember">
- <FingerprintSHA1>AD:A1:44:89:6A:35:6D:17:01:E9:6F:46:C6:00:7B:78:BE:2E:D9:4E</FingerprintSHA1><!-- tizen.root.preproduction.cert.pem for internal test of SDK -->
- </CertificateDomain>
-</CertificateSet>
+++ /dev/null
-<?xml version="1.0" encoding="utf-8"?>
-<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
-
-<xs:element name="CertificateSet" type="CertificateSetType" />
-<xs:complexType name="CertificateSetType">
- <xs:sequence>
- <xs:element ref="CertificateDomain" minOccurs="0" maxOccurs="unbounded" />
- </xs:sequence>
-</xs:complexType>
-
-<xs:element name="CertificateDomain" type="CertificateDomainType" />
-<xs:complexType name="CertificateDomainType">
- <xs:sequence>
- <xs:element ref="FingerprintSHA1" minOccurs="0" maxOccurs="unbounded" />
- </xs:sequence>
- <xs:attribute name="name" type="xs:string" use="required" />
-</xs:complexType>
-
-<xs:element name="FingerprintSHA1" type="xs:string"/>
-
-</xs:schema>
+++ /dev/null
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE schema
- PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"
- [
- <!ATTLIST schema
- xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#">
- <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
- <!ENTITY % p ''>
- <!ENTITY % s ''>
- ]>
-
-<!-- Schema for XML Signatures
- http://www.w3.org/2000/09/xmldsig#
- $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
-
- Copyright 2001 The Internet Society and W3C (Massachusetts Institute
- of Technology, Institut National de Recherche en Informatique et en
- Automatique, Keio University). All Rights Reserved.
- http://www.w3.org/Consortium/Legal/
-
- This document is governed by the W3C Software License [1] as described
- in the FAQ [2].
-
- [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
- [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
--->
-
-
-<schema xmlns="http://www.w3.org/2001/XMLSchema"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
- targetNamespace="http://www.w3.org/2000/09/xmldsig#"
- version="0.1" elementFormDefault="qualified">
-
-<!-- Basic Types Defined for Signatures -->
-
-<simpleType name="CryptoBinary">
- <restriction base="base64Binary">
- </restriction>
-</simpleType>
-
-<!-- Start Signature -->
-
-<element name="Signature" type="ds:SignatureType"/>
-<complexType name="SignatureType">
- <sequence>
- <element ref="ds:SignedInfo"/>
- <element ref="ds:SignatureValue"/>
- <element ref="ds:KeyInfo" minOccurs="0"/>
- <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
- <element name="SignatureValue" type="ds:SignatureValueType"/>
- <complexType name="SignatureValueType">
- <simpleContent>
- <extension base="base64Binary">
- <attribute name="Id" type="ID" use="optional"/>
- </extension>
- </simpleContent>
- </complexType>
-
-<!-- Start SignedInfo -->
-
-<element name="SignedInfo" type="ds:SignedInfoType"/>
-<complexType name="SignedInfoType">
- <sequence>
- <element ref="ds:CanonicalizationMethod"/>
- <element ref="ds:SignatureMethod"/>
- <element ref="ds:Reference" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
- <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
- <complexType name="CanonicalizationMethodType" mixed="true">
- <sequence>
- <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
- <!-- (0,unbounded) elements from (1,1) namespace -->
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
-
- <element name="SignatureMethod" type="ds:SignatureMethodType"/>
- <complexType name="SignatureMethodType" mixed="true">
- <sequence>
- <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
- <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
- <!-- (0,unbounded) elements from (1,1) external namespace -->
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
-
-<!-- Start Reference -->
-
-<element name="Reference" type="ds:ReferenceType"/>
-<complexType name="ReferenceType">
- <sequence>
- <element ref="ds:Transforms" minOccurs="0"/>
- <element ref="ds:DigestMethod"/>
- <element ref="ds:DigestValue"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- <attribute name="URI" type="anyURI" use="optional"/>
- <attribute name="Type" type="anyURI" use="optional"/>
-</complexType>
-
- <element name="Transforms" type="ds:TransformsType"/>
- <complexType name="TransformsType">
- <sequence>
- <element ref="ds:Transform" maxOccurs="unbounded"/>
- </sequence>
- </complexType>
-
- <element name="Transform" type="ds:TransformType"/>
- <complexType name="TransformType" mixed="true">
- <choice minOccurs="0" maxOccurs="unbounded">
- <any namespace="##other" processContents="lax"/>
- <!-- (1,1) elements from (0,unbounded) namespaces -->
- <element name="XPath" type="string"/>
- </choice>
- <attribute name="Algorithm" type="anyURI" use="required"/>
- </complexType>
-
-<!-- End Reference -->
-
-<element name="DigestMethod" type="ds:DigestMethodType"/>
-<complexType name="DigestMethodType" mixed="true">
- <sequence>
- <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Algorithm" type="anyURI" use="required"/>
-</complexType>
-
-<element name="DigestValue" type="ds:DigestValueType"/>
-<simpleType name="DigestValueType">
- <restriction base="base64Binary"/>
-</simpleType>
-
-<!-- End SignedInfo -->
-
-<!-- Start KeyInfo -->
-
-<element name="KeyInfo" type="ds:KeyInfoType"/>
-<complexType name="KeyInfoType" mixed="true">
- <choice maxOccurs="unbounded">
- <element ref="ds:KeyName"/>
- <element ref="ds:KeyValue"/>
- <element ref="ds:RetrievalMethod"/>
- <element ref="ds:X509Data"/>
- <element ref="ds:PGPData"/>
- <element ref="ds:SPKIData"/>
- <element ref="ds:MgmtData"/>
- <any processContents="lax" namespace="##other"/>
- <!-- (1,1) elements from (0,unbounded) namespaces -->
- </choice>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
- <element name="KeyName" type="string"/>
- <element name="MgmtData" type="string"/>
-
- <element name="KeyValue" type="ds:KeyValueType"/>
- <complexType name="KeyValueType" mixed="true">
- <choice>
- <element ref="ds:DSAKeyValue"/>
- <element ref="ds:RSAKeyValue"/>
- <element ref="ds:ECKeyValue"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
-
-<!-- ECDSA KEY DEFINITIONS -->
-
- <element name="ECKeyValue" type="ds:ECKeyValueType"/>
- <complexType name="ECKeyValueType">
- <sequence>
- <choice>
- <element name="ECParameters" type="ds:ECParametersType"/>
- <element name="NamedCurve" type="ds:NamedCurveType"/>
- </choice>
- <element name="PublicKey" type="ds:ECPointType"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
-
- <complexType name="NamedCurveType">
- <attribute name="URI" type="anyURI" use="required"/>
- </complexType>
-
- <simpleType name="ECPointType">
- <restriction base="ds:CryptoBinary"/>
- </simpleType>
-
- <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
- <complexType name="RetrievalMethodType">
- <sequence>
- <element ref="ds:Transforms" minOccurs="0"/>
- </sequence>
- <attribute name="URI" type="anyURI"/>
- <attribute name="Type" type="anyURI" use="optional"/>
- </complexType>
-
- <complexType name="ECParametersType">
- <sequence>
- <element name="FieldID" type="ds:FieldIDType"/>
- <element name="Curve" type="ds:CurveType"/>
- <element name="Base" type="ds:ECPointType"/>
- <element name="Order" type="ds:CryptoBinary"/>
- <element name="CoFactor" type="integer" minOccurs="0"/>
- <element name="ValidationData" type="ds:ECValidationDataType" minOccurs="0"/>
- </sequence>
- </complexType>
-
- <complexType name="FieldIDType">
- <choice>
- <element ref="ds:Prime"/>
- <element ref="ds:TnB"/>
- <element ref="ds:PnB"/>
- <element ref="ds:GnB"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </complexType>
-
- <element name="Prime" type="ds:PrimeFieldParamsType"/>
- <complexType name="PrimeFieldParamsType">
- <sequence>
- <element name="P" type="ds:CryptoBinary"/>
- </sequence>
- </complexType>
-
- <element name="GnB" type="ds:CharTwoFieldParamsType"/>
- <complexType name="CharTwoFieldParamsType">
- <sequence>
- <element name="M" type="positiveInteger"/>
- </sequence>
- </complexType>
-
- <element name="TnB" type="ds:TnBFieldParamsType"/>
- <complexType name="TnBFieldParamsType">
- <complexContent>
- <extension base="ds:CharTwoFieldParamsType">
- <sequence>
- <element name="K" type="positiveInteger"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
-
- <element name="PnB" type="ds:PnBFieldParamsType"/>
- <complexType name="PnBFieldParamsType">
- <complexContent>
- <extension base="ds:CharTwoFieldParamsType">
- <sequence>
- <element name="K1" type="positiveInteger"/>
- <element name="K2" type="positiveInteger"/>
- <element name="K3" type="positiveInteger"/>
- </sequence>
- </extension>
- </complexContent>
- </complexType>
-
- <complexType name="CurveType">
- <sequence>
- <element name="A" type="ds:CryptoBinary"/>
- <element name="B" type="ds:CryptoBinary"/>
- </sequence>
- </complexType>
-
- <complexType name="ECValidationDataType">
- <sequence>
- <element name="seed" type="ds:CryptoBinary"/>
- </sequence>
- <attribute name="hashAlgorithm" type="anyURI" use="required"/>
- </complexType>
-
-
-<!-- Start X509Data -->
-
-<element name="X509Data" type="ds:X509DataType"/>
-<complexType name="X509DataType">
- <sequence maxOccurs="unbounded">
- <choice>
- <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
- <element name="X509SKI" type="base64Binary"/>
- <element name="X509SubjectName" type="string"/>
- <element name="X509Certificate" type="base64Binary"/>
- <element name="X509CRL" type="base64Binary"/>
- <any namespace="##other" processContents="lax"/>
- </choice>
- </sequence>
-</complexType>
-
-<complexType name="X509IssuerSerialType">
- <sequence>
- <element name="X509IssuerName" type="string"/>
- <element name="X509SerialNumber" type="integer"/>
- </sequence>
-</complexType>
-
-<!-- End X509Data -->
-
-<!-- Begin PGPData -->
-
-<element name="PGPData" type="ds:PGPDataType"/>
-<complexType name="PGPDataType">
- <choice>
- <sequence>
- <element name="PGPKeyID" type="base64Binary"/>
- <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
- <any namespace="##other" processContents="lax" minOccurs="0"
- maxOccurs="unbounded"/>
- </sequence>
- <sequence>
- <element name="PGPKeyPacket" type="base64Binary"/>
- <any namespace="##other" processContents="lax" minOccurs="0"
- maxOccurs="unbounded"/>
- </sequence>
- </choice>
-</complexType>
-
-<!-- End PGPData -->
-
-<!-- Begin SPKIData -->
-
-<element name="SPKIData" type="ds:SPKIDataType"/>
-<complexType name="SPKIDataType">
- <sequence maxOccurs="unbounded">
- <element name="SPKISexp" type="base64Binary"/>
- <any namespace="##other" processContents="lax" minOccurs="0"/>
- </sequence>
-</complexType>
-
-<!-- End SPKIData -->
-
-<!-- End KeyInfo -->
-
-<!-- Start Object (Manifest, SignatureProperty) -->
-
-<element name="Object" type="ds:ObjectType"/>
-<complexType name="ObjectType" mixed="true">
- <sequence minOccurs="0" maxOccurs="unbounded">
- <any namespace="##any" processContents="lax"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
- <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
- <attribute name="Encoding" type="anyURI" use="optional"/>
-</complexType>
-
-<element name="Manifest" type="ds:ManifestType"/>
-<complexType name="ManifestType">
- <sequence>
- <element ref="ds:Reference" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
-<element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
-<complexType name="SignaturePropertiesType">
- <sequence>
- <element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
- </sequence>
- <attribute name="Id" type="ID" use="optional"/>
-</complexType>
-
- <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
- <complexType name="SignaturePropertyType" mixed="true">
- <choice maxOccurs="unbounded">
- <any namespace="##other" processContents="lax"/>
- <!-- (1,1) elements from (1,unbounded) namespaces -->
- </choice>
- <attribute name="Target" type="anyURI" use="required"/>
- <attribute name="Id" type="ID" use="optional"/>
- </complexType>
-
-<!-- End Object (Manifest, SignatureProperty) -->
-
-<!-- Start Algorithm Parameters -->
-
-<simpleType name="HMACOutputLengthType">
- <restriction base="integer"/>
-</simpleType>
-
-<!-- Start KeyValue Element-types -->
-
-<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
-<complexType name="DSAKeyValueType">
- <sequence>
- <sequence minOccurs="0">
- <element name="P" type="ds:CryptoBinary"/>
- <element name="Q" type="ds:CryptoBinary"/>
- </sequence>
- <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
- <element name="Y" type="ds:CryptoBinary"/>
- <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
- <sequence minOccurs="0">
- <element name="Seed" type="ds:CryptoBinary"/>
- <element name="PgenCounter" type="ds:CryptoBinary"/>
- </sequence>
- </sequence>
-</complexType>
-
-<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
-<complexType name="RSAKeyValueType">
- <sequence>
- <element name="Modulus" type="ds:CryptoBinary"/>
- <element name="Exponent" type="ds:CryptoBinary"/>
- </sequence>
-</complexType>
-
-<!-- End KeyValue Element-types -->
-
-<!-- End Signature -->
-
-</schema>
# See the License for the specific language governing permissions and
# limitations under the License.
#
-for name in wrt ace vcore
+
+for name in wrt wrt_autosave
do
rm -f /opt/dbspace/.$name.db
rm -f /opt/dbspace/.$name.db-journal
SQL=".read /usr/share/wrt-engine/"$name"_db.sql"
sqlite3 /opt/dbspace/.$name.db "$SQL"
touch /opt/dbspace/.$name.db-journal
- chown root:6026 /opt/dbspace/.$name.db
- chown root:6026 /opt/dbspace/.$name.db-journal
+ chown 0:6026 /opt/dbspace/.$name.db
+ chown 0:6026 /opt/dbspace/.$name.db-journal
chmod 660 /opt/dbspace/.$name.db
chmod 660 /opt/dbspace/.$name.db-journal
done
# limitations under the License.
#
-wrt_create_clean_db.sh
+wrt_commons_create_clean_db.sh
rm -rf /opt/apps/widget/system/*
ADD_SUBDIRECTORY(timed_event)
ADD_SUBDIRECTORY(single_instance)
ADD_SUBDIRECTORY(crypto_hash)
-ADD_SUBDIRECTORY(event_delivery_test)
ADD_SUBDIRECTORY(metronome)
ADD_SUBDIRECTORY(copy)
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# @file CMakeLists.txt
-# @author Jaroslaw Osmanski j.osmanski@samsung.com
-# @version 1.0
-# @brief
-#
-INCLUDE(FindPkgConfig)
-PKG_CHECK_MODULES(DPL_GTK "dpl-gtk" "gthread-2.0" REQUIRED)
-
-SET(EVENT_DELIVERY_SOURCES
- event_delivery_test.cpp)
-
-ADD_DEFINITIONS("-D_DEBUG -g")
-
-INCLUDE_DIRECTORIES(${DPL_GTK_INCLUDE_DIRS})
-LINK_DIRECTORIES(${DPL_GTK_LIBRARY_DIRS})
-
-ADD_EXECUTABLE(event_delivery_test ${EVENT_DELIVERY_SOURCES})
-TARGET_LINK_LIBRARIES(event_delivery_test ${DPL_GTK_LIBRARIES})
-
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file event_delivery_server.h
- * @author Jaroslaw Osmanski j.osmanski@samsung.com
- * @version 1.0
- * @brief This file is the implementation file of simple event delivery test
- */
-#include <dpl/application.h>
-#include <dpl/controller.h>
-#include <dpl/event_delivery.h>
-#include <dpl/event_delivery_injector.h>
-#include <dpl/generic_event.h>
-#include <dpl/type_list.h>
-#include <iostream>
-
-namespace TestEvents
-{
-EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_0(EmptyMessage)
-EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_2(HelloWorldMessage, std::string, std::string)
-EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_2(NumberMessage, int, float)
-EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_4(TestMessage, int, int, int, int)
-
-EVENT_DELIVERY_IMPLEMENT_EVENT_MESSAGE(EmptyMessage)
-EVENT_DELIVERY_IMPLEMENT_EVENT_MESSAGE(HelloWorldMessage)
-EVENT_DELIVERY_IMPLEMENT_EVENT_MESSAGE(NumberMessage)
-EVENT_DELIVERY_IMPLEMENT_EVENT_MESSAGE(TestMessage)
-} // namespace TestEvents
-
-DECLARE_GENERIC_EVENT_0(StartEvent)
-DECLARE_GENERIC_EVENT_0(CloseEvent)
-DECLARE_GENERIC_EVENT_0(DeleteEvent)
-
-class MyListener :
- public DPL::Application,
- private DPL::Controller<DPL::TypeListDecl<DeleteEvent, CloseEvent>::Type>,
- public DPL::EventListener<TestEvents::HelloWorldMessage>,
- public DPL::EventListener<TestEvents::NumberMessage>
-{
-private:
- class OneTimeListener :
- public DPL::EventListener<TestEvents::EmptyMessage>
- {
- public:
- OneTimeListener()
- {
- DPL::EventDeliverySystem::AddListener<TestEvents::EmptyMessage > (this);
- }
-
- ~OneTimeListener()
- {
- LogError("Deleting OneTimeListener");
- DPL::EventDeliverySystem::RemoveListener<TestEvents::EmptyMessage > (this);
- }
-
- private:
- void OnEventReceived(const TestEvents::EmptyMessage &message)
- {
- (void) message;
- std::cout << "OneTimeListener empty message";
-
- }
- };
-
- OneTimeListener * oneTimeListener;
-
- virtual void OnEventReceived(const CloseEvent &event)
- {
- (void) event;
- Quit();
- }
-
- virtual void OnEventReceived(const DeleteEvent &event)
- {
- (void) event;
- delete oneTimeListener;
- oneTimeListener = NULL;
- }
-
-protected:
-
- void OnEventReceived(const TestEvents::HelloWorldMessage &message)
- {
- std::cout << "Got HelloWorldMessage: " << message.GetArg0() << " : " << message.GetArg1() << std::endl;
-
- if (oneTimeListener != NULL)
- {
- DPL::ControllerEventHandler<DeleteEvent>::PostTimedEvent(DeleteEvent(), 1);
- }
- }
-
- void OnEventReceived(const TestEvents::NumberMessage &message)
- {
- std::cout << "Got NumberMessage: " << message.GetArg0() << ", " << message.GetArg1() << std::endl;
- }
-
-public:
-
- MyListener(int argc, char **argv)
- : Application(argc, argv, "Listener")
- {
- Touch();
-
- DPL::EventDeliverySystem::AddListener<TestEvents::HelloWorldMessage>(this);
- DPL::EventDeliverySystem::AddListener<TestEvents::NumberMessage>(this);
-
- DPL::ControllerEventHandler<CloseEvent>::PostTimedEvent(CloseEvent(), 8);
- oneTimeListener = new OneTimeListener();
- }
-
- virtual ~MyListener()
- {
- DPL::EventDeliverySystem::RemoveListener<TestEvents::HelloWorldMessage > (this);
- DPL::EventDeliverySystem::RemoveListener<TestEvents::NumberMessage > (this);
- delete oneTimeListener;
- }
-};
-
-class MyPusher :
- public DPL::Application,
- private DPL::Controller<DPL::TypeListDecl<StartEvent, CloseEvent>::Type>
-{
-private:
- virtual void OnEventReceived(const CloseEvent &event)
- {
- (void) event;
- Quit();
- }
-
- virtual void OnEventReceived(const StartEvent &event)
- {
- (void) event;
- std::cout << "Publishing HelloWorldMessage..." << std::endl;
- TestEvents::HelloWorldMessage hello("Hello cruel world !", "AAA BBB CCC");
- DPL::EventDeliverySystem::Publish(hello);
- std::cout << "HelloWorldMessage published." << std::endl;
-
- std::cout << "Publishing NumberMessage message..." << std::endl;
- TestEvents::NumberMessage number(13, 3.14f);
- DPL::EventDeliverySystem::Publish(number);
- std::cout << "NumberMessage published." << std::endl;
-
- std::cout << "Publishing EmptyMessage..." << std::endl;
- TestEvents::EmptyMessage empty;
- DPL::EventDeliverySystem::Publish(empty);
- std::cout << "EmptyMessage published." << std::endl;
-
- }
-public:
- MyPusher(int argc, char **argv)
- : Application(argc, argv, "Pusher")
- {
- Touch();
-
- DPL::ControllerEventHandler<StartEvent>::PostTimedEvent(StartEvent(), 2);
- DPL::ControllerEventHandler<StartEvent>::PostTimedEvent(StartEvent(), 6);
- DPL::ControllerEventHandler<CloseEvent>::PostTimedEvent(CloseEvent(), 8);
- }
-
- virtual ~MyPusher()
- {
- }
-};
-
-int main(int argc, char* argv[])
-{
- switch (fork())
- {
- case 0:
- {
- MyPusher myPusher(argc, argv);
- myPusher.Exec();
- }
- break;
-
- case -1:
- printf("fork() failed!");
- break;
-
- default:
- {
- MyListener myListener(argc, argv);
- myListener.Exec();
- }
- break;
- }
-
- return 0;
-}
include(rpc/config.cmake)
include(test/config.cmake)
include(log/config.cmake)
-ADD_SUBDIRECTORY(vcore)
-ADD_SUBDIRECTORY(ace)
ADD_SUBDIRECTORY(widget_dao)
+ADD_SUBDIRECTORY(auto_save_dao)
include(popup/config.cmake)
include(utils/config.cmake)
include(localization/config.cmake)
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Path for all tests binary files
-
-######################################################################
-#DB ace
-ADD_CUSTOM_COMMAND(
- OUTPUT ${CMAKE_BINARY_DIR}/modules/ace/database_checksum_ace.h
- COMMAND ${CMAKE_SOURCE_DIR}/modules/ace/orm/gen_db_md5.sh
- ARGS ${CMAKE_BINARY_DIR}/modules/ace/database_checksum_ace.h
- ${CMAKE_SOURCE_DIR}/modules/ace/orm/ace_db
- DEPENDS ${CMAKE_SOURCE_DIR}/modules/ace/orm/ace_db
- ${CMAKE_SOURCE_DIR}/modules/ace/orm/gen_db_md5.sh
- COMMENT "Generating ACE database checksum"
- )
-ADD_CUSTOM_COMMAND( OUTPUT .ace.db
- COMMAND rm -f ${CMAKE_CURRENT_BINARY_DIR}/.ace.db
- COMMAND gcc -Wall -include ${CMAKE_BINARY_DIR}/modules/ace/database_checksum_ace.h -I${PROJECT_SOURCE_DIR}/modules/db/include -I${PROJECT_SOURCE_DIR}/modules/ace/orm -E ${PROJECT_SOURCE_DIR}/modules/ace/orm/ace_db_sql_generator.h | grep --invert-match "^#" > ${CMAKE_CURRENT_BINARY_DIR}/ace_db.sql
- COMMAND sqlite3 ${CMAKE_CURRENT_BINARY_DIR}/.ace.db ".read ${CMAKE_CURRENT_BINARY_DIR}/ace_db.sql" || rm -f ${CMAKE_CURRENT_BINARY_DIR}/.ace.db
- DEPENDS ${CMAKE_BINARY_DIR}/modules/ace/database_checksum_ace.h ${PROJECT_SOURCE_DIR}/modules/ace/orm/ace_db_sql_generator.h ${PROJECT_SOURCE_DIR}/modules/ace/orm/ace_db
- )
-
-ADD_CUSTOM_COMMAND( OUTPUT .ace.db-journal
- COMMAND touch
- ARGS ${CMAKE_CURRENT_BINARY_DIR}/.ace.db-journal
- )
-
-ADD_CUSTOM_TARGET(Sqlite3DbACE ALL DEPENDS .ace.db .ace.db-journal)
-
-INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/ace_db.sql
- DESTINATION share/wrt-engine/
- )
-
-###########################################################
-
-INCLUDE(FindPkgConfig)
-
-SET(ACE_TEST_PATH "/usr/apps/org.tizen.policy")
-
-INSTALL(FILES
- ${CMAKE_CURRENT_SOURCE_DIR}/configuration/config.xml
- ${CMAKE_CURRENT_SOURCE_DIR}/configuration/config.dtd
- ${CMAKE_CURRENT_SOURCE_DIR}/configuration/bondixml.xsd
- ${CMAKE_CURRENT_SOURCE_DIR}/configuration/demo.xml
- ${CMAKE_CURRENT_SOURCE_DIR}/configuration/WACPolicy.xml
- ${CMAKE_CURRENT_SOURCE_DIR}/configuration/UnrestrictedPolicy.xml
- DESTINATION /usr/etc/ace
- PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ GROUP_WRITE)
-
-add_subdirectory(dao)
-
-SET(ACE_LIB_DEPS_BASIC
- ecore
- appcore-efl
- openssl
- sqlite3
- heynoti
- dlog
- vconf
- db-util
- libpcrecpp
- icu-uc
- libxml-2.0
- )
-
-IF(SMACK_ENABLED)
- LIST(APPEND ACE_LIB_DEPS_BASIC libprivilege-control)
-ENDIF(SMACK_ENABLED)
-
-PKG_CHECK_MODULES(ACE_LIB_DEPS ${ACE_LIB_DEPS_BASIC} REQUIRED)
-
-SET(WRT_ACE_DIR ${PROJECT_SOURCE_DIR}/modules/ace)
-
-SET(ACE_SOURCES
- ${WRT_ACE_DIR}/engine/PolicyEvaluator.cpp
- ${WRT_ACE_DIR}/engine/PolicyInformationPoint.cpp
- ${WRT_ACE_DIR}/engine/CombinerImpl.cpp
- ${WRT_ACE_DIR}/engine/parser.cpp
- ${WRT_ACE_DIR}/engine/PolicyEnforcementPoint.cpp
- ${WRT_ACE_DIR}/engine/SettingsLogic.cpp
- ${WRT_ACE_DIR}/engine/Attribute.cpp
- ${WRT_ACE_DIR}/engine/Condition.cpp
- ${WRT_ACE_DIR}/engine/NodeFactory.cpp
- ${WRT_ACE_DIR}/engine/Policy.cpp
- ${WRT_ACE_DIR}/engine/Rule.cpp
- ${WRT_ACE_DIR}/engine/Serializer.cpp
- ${WRT_ACE_DIR}/engine/Subject.cpp
- ${WRT_ACE_DIR}/engine/TreeNode.cpp
- ${WRT_ACE_DIR}/engine/ConfigurationManager.cpp
-)
-
-INCLUDE_DIRECTORIES(${ACE_LIB_DEPS_INCLUDE_DIRS})
-INCLUDE_DIRECTORIES(${WRT_ACE_DIR}/include)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/core/include)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/db/include)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/log/include)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/event/include)
-
-SET(WITH_ACE_SETTINGS_SERVER_SOURCES
- ${WITH_ACE_SETTINGS_SERVER_NONE_SOURCES}
- )
-
-ADD_LIBRARY(${TARGET_ACE_LIB} SHARED
- ${ACE_SOURCES}
- ${WITH_ACE_SETTINGS_SERVER_SOURCES}
-)
-
-SET_TARGET_PROPERTIES(${TARGET_ACE_LIB} PROPERTIES
- SOVERSION ${VERSION})
-
-SET_TARGET_PROPERTIES(${TARGET_ACE_LIB} PROPERTIES
- COMPILE_FLAGS -fPIC)
-
-TARGET_LINK_LIBRARIES(${TARGET_ACE_LIB}
-# ${TARGET_WRT_DAO_RW_LIB} #For now WRT has to be RW - Global dao write is needed
- ${TARGET_ACE_DAO_RW_LIB}
- ${ACE_LIB_DEPS_LIBRARIES}
- ${DPL_EFL_LIBRARY}
-)
-
-INSTALL(TARGETS ${TARGET_ACE_LIB}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE
- GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
-)
-
-INSTALL(FILES
- include/dpl/ace/AbstractPolicyEnforcementPoint.h
- include/dpl/ace/AbstractTreeElement.h
- include/dpl/ace/Attribute.h
- include/dpl/ace/AsyncVerdictResultListener.h
- include/dpl/ace/Combiner.h
- include/dpl/ace/CombinerImpl.h
- include/dpl/ace/ConfigurationManager.h
- include/dpl/ace/Constants.h
- include/dpl/ace/Effect.h
- include/dpl/ace/PermissionTriple.h
- include/dpl/ace/Policy.h
- include/dpl/ace/PolicyEffect.h
- include/dpl/ace/PolicyEnforcementPoint.h
- include/dpl/ace/PolicyEvaluator.h
- include/dpl/ace/PolicyEvaluatorFactory.h
- include/dpl/ace/PolicyInformationPoint.h
- include/dpl/ace/PolicyResult.h
- include/dpl/ace/Preference.h
- include/dpl/ace/PromptDecision.h
- include/dpl/ace/Request.h
- include/dpl/ace/SettingsLogic.h
- include/dpl/ace/Subject.h
- include/dpl/ace/TreeNode.h
- include/dpl/ace/UserDecision.h
- include/dpl/ace/WRT_INTERFACE.h
- include/dpl/ace/Verdict.h
- DESTINATION
- include/dpl-efl/dpl/ace
- )
-
+++ /dev/null
-!!!options!!! stop
-ACE - Access Control Engine - security module for Device APIs
+++ /dev/null
-<policy-set id="Policy-1" combine="first-matching-target">
- <policy>
- <rule effect="permit" />
- </policy>
-</policy-set>
+++ /dev/null
-<!DOCTYPE signed-policy SYSTEM "bondixml.dtd">
-
-<signed-policy>
-
- <Signature Id="SignatureExample" xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w2.org/2006/12/xml-c14n11"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <Reference URI="Policy-1">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>asdfkjlhxvczxnbcvnjahfjhsdfklahfdas</SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P> PValue </P><Q> QValue </Q><G> Gvalue </G><Y> laj?</Y>
- </DSAKeyValue>
- <RSAKeyValue>
- <Modulus>
- modulus
- </Modulus>
- <Exponent>
- exponent
- </Exponent>
- </RSAKeyValue>
- </KeyValue>
- <X509Data>
- <X509SubjectName> Subject name </X509SubjectName>
- <X509SKI> SKI </X509SKI>
- </X509Data>
- </KeyInfo>
- </Signature>
-
- <policy-set id="Policy-1" combine="first-matching-target">
-
-<!--
- <policy-set combine="deny-overrides" >
- <target>
- <subject>
- <subject-match attr="JilSecurityDomain">
- Unidentified
- </subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="prompt-oneshot">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.update
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.captureImage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.launchApplication
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo.DeviceStateInfo.requestPositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.sendMessage
- </resource-match>
- </condition>
- </rule>
- <rule effect="prompt-session">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.findAddressBookItems
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItemsCount
- </resource-match>
- </condition>
- </rule>
- <rule effect="prompt-blanket">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.getAvailableApplications
- </resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.PositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.DeviceStateInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAvailableAttributes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.setAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.open
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.play
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.pause
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.resume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.stop
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.onStateChange
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.onCameraCaptured
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.setWindow
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo.DeviceStateInfo.onPositionRetrieved
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.createMessage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.onMessageSendingFailure
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.getVolume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.stopAll
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.isAudioPlaying
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.createAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.onAddressBookItemFound
- </resource-match>
-
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/accelerometerinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/applicationtypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.2/camera
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exception
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exceptiontypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/message
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messagetypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/positioninfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/widget
- </resource-match>
- </condition>
- </rule>
- <rule effect="permit" />
- </policy>
- </policy-set>
--->
- <policy-set combine="deny-overrides" >
- <target>
- <subject>
- <subject-match attr="JilSecurityDomain">
- Identified
- </subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="prompt-session">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo.DeviceStateInfo.requestPositionInfo
- </resource-match>
- </condition>
- </rule>
- <rule effect="prompt-blanket">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/widget.Widget.openURL
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.update
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.launchApplication
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.captureImage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.sendMessage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.findAddressBookItems
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItemsCount
- </resource-match>
- </condition>
- </rule>
- <!-- If the resource was not specified above then the access is unrestricted -->
- <rule effect="permit">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.getAvailableApplications
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAvailableAttributes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.setAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.open
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.play
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.pause
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.resume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.stop
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.onStateChange
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.onCameraCaptured
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.setWindow
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.PositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.DeviceStateInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo.DeviceStateInfo.onPositionRetrieved
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.createMessage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.onMessageSendingFailure
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.getVolume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.stopAll
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.isAudioPlaying
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.createAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.onAddressBookItemFound
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/accelerometerinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/applicationtypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.2/camera
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exception
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exceptiontypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/message
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messagetypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/positioninfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/widget
- </resource-match>
- </condition>
- </rule>
- <rule effect="permit" />
- </policy>
- </policy-set>
-
- <policy-set combine="deny-overrides" >
- <target>
- <subject>
- <subject-match attr="JilSecurityDomain">
- Operator
- </subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
-<!-- <rule effect="permit">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.launchApplication
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo.DeviceStateInfo.requestPositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.update
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.getAvailableApplications
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAvailableAttributes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.setAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.open
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.play
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.pause
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.resume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.stop
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.onStateChange
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.onCameraCaptured
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.setWindow
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.captureImage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.DeviceStateInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.PositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo.DeviceStateInfo.onPositionRetrieved
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.createMessage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.sendMessage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.onMessageSendingFailure
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.getVolume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.stopAll
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Multimedia.isAudioPlaying
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.createAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.onAddressBookItemsFound
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.findAddressBookItems
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItemsCount
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/accelerometerinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/applicationtypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.2/camera
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exception
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exceptiontypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/message
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messagetypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/positioninfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/widget
- </resource-match>
- </condition>
- </rule> -->
- <rule effect="permit" />
- </policy>
- </policy-set>
-</policy-set>
-</signed-policy>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified">
- <xs:element name="policy-set">
- <xs:complexType>
- <xs:sequence>
- <xs:element minOccurs="0" ref="target"/>
- <xs:choice minOccurs="0" maxOccurs="unbounded">
- <xs:element ref="policy-set"/>
- <xs:element ref="policy"/>
- </xs:choice>
- </xs:sequence>
- <xs:attributeGroup ref="policy-set.attlist"/>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="policy-set.attlist">
- <xs:attribute name="combine" default="deny-overrides">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="deny-overrides"/>
- <xs:enumeration value="permit-overrides"/>
- <xs:enumeration value="first-matching-target"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- <xs:attribute name="id"/>
- </xs:attributeGroup>
- <xs:element name="policy">
- <xs:complexType>
- <xs:sequence>
- <xs:element minOccurs="0" ref="target"/>
- <xs:element minOccurs="0" maxOccurs="unbounded" ref="rule"/>
- </xs:sequence>
- <xs:attributeGroup ref="policy.attlist"/>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="policy.attlist">
- <xs:attribute name="combine" default="deny-overrides">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="deny-overrides"/>
- <xs:enumeration value="permit-overrides"/>
- <xs:enumeration value="first-applicable"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- <xs:attribute name="description"/>
- <xs:attribute name="id"/>
- </xs:attributeGroup>
- <xs:element name="rule">
- <xs:complexType>
- <xs:sequence>
- <xs:element minOccurs="0" ref="condition"/>
- </xs:sequence>
- <xs:attributeGroup ref="rule.attlist"/>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="rule.attlist">
- <xs:attribute name="effect" default="permit">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="permit"/>
- <xs:enumeration value="prompt-blanket"/>
- <xs:enumeration value="prompt-session"/>
- <xs:enumeration value="prompt-oneshot"/>
- <xs:enumeration value="deny"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:attributeGroup>
- <xs:element name="target">
- <xs:complexType>
- <xs:sequence>
- <xs:element maxOccurs="unbounded" ref="subject"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="subject">
- <xs:complexType>
- <xs:sequence>
- <xs:element maxOccurs="unbounded" ref="subject-match"/>
- </xs:sequence>
- </xs:complexType>
- </xs:element>
- <xs:element name="condition">
- <xs:complexType>
- <xs:choice maxOccurs="unbounded">
- <xs:element ref="condition"/>
- <xs:element ref="subject-match"/>
- <xs:element ref="resource-match"/>
- <xs:element ref="environment-match"/>
- </xs:choice>
- <xs:attributeGroup ref="condition.attlist"/>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="condition.attlist">
- <xs:attribute name="combine" default="and">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="and"/>
- <xs:enumeration value="or"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:attributeGroup>
- <xs:attributeGroup name="match-attrs">
- <xs:attribute name="attr" use="required"/>
- <xs:attribute name="match"/>
- <xs:attribute name="func" default="glob">
- <xs:simpleType>
- <xs:restriction base="xs:token">
- <xs:enumeration value="equal"/>
- <xs:enumeration value="glob"/>
- <xs:enumeration value="regexp"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:attribute>
- </xs:attributeGroup>
- <xs:element name="subject-match">
- <xs:complexType mixed="true">
- <xs:attributeGroup ref="subject-match.attlist"/>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="subject-match.attlist">
- <xs:attributeGroup ref="match-attrs"/>
- </xs:attributeGroup>
- <xs:complexType name="match-model" mixed="true">
- <xs:choice minOccurs="0" maxOccurs="unbounded">
- <xs:element ref="subject-attr"/>
- <xs:element ref="resource-attr"/>
- <xs:element ref="environment-attr"/>
- </xs:choice>
- </xs:complexType>
- <xs:element name="resource-match">
- <xs:complexType>
- <xs:complexContent>
- <xs:extension base="match-model">
- <xs:attributeGroup ref="resource-match.attlist"/>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="resource-match.attlist">
- <xs:attributeGroup ref="match-attrs"/>
- </xs:attributeGroup>
- <xs:element name="environment-match">
- <xs:complexType>
- <xs:complexContent>
- <xs:extension base="match-model">
- <xs:attributeGroup ref="environment-match.attlist"/>
- </xs:extension>
- </xs:complexContent>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="environment-match.attlist">
- <xs:attributeGroup ref="match-attrs"/>
- </xs:attributeGroup>
- <xs:attributeGroup name="attr-attrs">
- <xs:attribute name="attr" use="required"/>
- </xs:attributeGroup>
- <xs:element name="subject-attr">
- <xs:complexType>
- <xs:attributeGroup ref="subject-attr.attlist"/>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="subject-attr.attlist">
- <xs:attributeGroup ref="attr-attrs"/>
- </xs:attributeGroup>
- <xs:element name="resource-attr">
- <xs:complexType>
- <xs:attributeGroup ref="resource-attr.attlist"/>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="resource-attr.attlist">
- <xs:attributeGroup ref="attr-attrs"/>
- </xs:attributeGroup>
- <xs:element name="environment-attr">
- <xs:complexType>
- <xs:attributeGroup ref="environment-attr.attlist"/>
- </xs:complexType>
- </xs:element>
- <xs:attributeGroup name="environment-attr.attlist">
- <xs:attributeGroup ref="attr-attrs"/>
- </xs:attributeGroup>
-</xs:schema>
+++ /dev/null
-<!ELEMENT manager-settings ( storage-path, policy-files ) >
-
-<!ELEMENT storage-path (#PCDATA)>
-
-<!ELEMENT policy-files (file*)>
-
-<!ELEMENT file (#PCDATA)>
-<!ATTLIST file
- active (true|false) "false"
->
+++ /dev/null
-<?xml version="1.0" ?>
-<!DOCTYPE manager-settings SYSTEM "config.dtd">
-<manager-settings>
- <storage-path>/usr/etc/ace/</storage-path>
- <policy-files>
- <file active="true">demo.xml</file>
- </policy-files>
-</manager-settings>
-
-
+++ /dev/null
-<policy-set id="Policy-1" combine="first-matching-target">
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="demoMSG" />
- </subject>
- </target>
- <rule effect="deny" />
- </policy>
-
- <policy>
- <rule effect="permit" />
- </policy>
-</policy-set>
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file AceDAO.cpp
- * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#include <dpl/ace-dao-rw/AceDAO.h>
-
-#include <openssl/md5.h>
-#include <dpl/foreach.h>
-#include <dpl/string.h>
-#include <dpl/log/log.h>
-#include <dpl/db/orm.h>
-#include <dpl/ace-dao-ro/AceDAOUtilities.h>
-#include <dpl/ace-dao-ro/AceDAOConversions.h>
-#include <dpl/ace-dao-ro/AceDatabase.h>
-
-using namespace DPL::DB::ORM;
-using namespace DPL::DB::ORM::ace;
-using namespace AceDB::AceDaoUtilities;
-using namespace AceDB::AceDaoConversions;
-
-namespace {
-char const * const EMPTY_SESSION = "";
-} // namespace
-
-namespace AceDB{
-
-void AceDAO::setPromptDecision(
- const DPL::String &hash,
- const DPL::String &userParam,
- const DPL::OptionalString &session,
- PromptDecision decision)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- ACE_DB_DELETE(del, AcePromptDecision, &AceDaoUtilities::m_databaseInterface);
- del->Where(
- And(
- Equals<AcePromptDecision::user_param>(userParam),
- Equals<AcePromptDecision::hash>(hash)));
- del->Execute();
-
- AcePromptDecision::Row row;
- row.Set_hash(hash);
- row.Set_decision(promptDecisionToInt(decision));
- row.Set_user_param(userParam);
- row.Set_session(session);
- ACE_DB_INSERT(insert, AcePromptDecision, &AceDaoUtilities::m_databaseInterface);
- insert->Values(row);
- insert->Execute();
-
- transaction.Commit();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to setUserSetting");
- }
-}
-
-void AceDAO::setPromptDecision(
- const BaseAttributeSet &attributes,
- const DPL::String &userParam,
- const DPL::OptionalString &session,
- PromptDecision decision)
-{
- DPL::String DPLHash = convertToHash(attributes);
-
- setPromptDecision(
- DPLHash,
- userParam,
- session,
- decision);
-}
-
-void AceDAO::removePolicyResult(
- const BaseAttributeSet &attributes)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- auto attrHash = convertToHash(attributes);
-
- ACE_DB_DELETE(del,
- AcePolicyResult,
- &AceDaoUtilities::m_databaseInterface);
- del->Where(Equals<AcePolicyResult::hash>(attrHash));
- del->Execute();
- transaction.Commit();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to removeVerdict");
- }
-}
-
-void AceDAO::clearAllSettings(void)
-{
- clearWidgetDevCapSettings();
- clearDevCapSettings();
-}
-
-void AceDAO::setDevCapSetting(const std::string &resource,
- PreferenceTypes preference)
-{
- Try {
- ACE_DB_UPDATE(update, AceDevCap, &AceDaoUtilities::m_databaseInterface);
- AceDevCap::Row row;
- row.Set_general_setting(preferenceToInt(preference));
- update->Values(row);
- update->Where(
- Equals<AceDevCap::id_uri>(DPL::FromUTF8String(resource)));
- update->Execute();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to SetResourceSetting");
- }
-}
-
-void AceDAO::removeDevCapSetting(const std::string &resource)
-{
- Try {
- ACE_DB_UPDATE(update, AceDevCap, &AceDaoUtilities::m_databaseInterface);
- AceDevCap::Row row;
- row.Set_general_setting(preferenceToInt(PreferenceTypes::PREFERENCE_DEFAULT));
- update->Values(row);
- update->Where(
- Equals<AceDevCap::id_uri>(DPL::FromUTF8String(resource)));
- update->Execute();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to removeResourceSetting");
- }
-}
-
-
-void AceDAO::setWidgetDevCapSetting(const std::string &resource,
- WidgetHandle handler,
- PreferenceTypes preference)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
- // TODO JOIN
- AceDevCap::Row rrow;
- if (!getResourceByUri(resource, rrow)) {
- ThrowMsg(Exception::DatabaseError, "Resource not found");
- }
-
- ACE_DB_INSERT(insert,
- AceWidgetDevCapSetting,
- &AceDaoUtilities::m_databaseInterface);
-
- AceWidgetDevCapSetting::Row row;
- row.Set_app_id(handler);
- int rid = rrow.Get_resource_id();
- row.Set_resource_id(rid);
- row.Set_access_value(preferenceToInt(preference));
- insert->Values(row);
- insert->Execute();
-
- transaction.Commit();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to setUserSetting");
- }
-}
-
-void AceDAO::removeWidgetDevCapSetting(const std::string &resource,
- WidgetHandle handler)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
- AceDevCap::Row rrow;
- if (!getResourceByUri(resource, rrow)) {
- ThrowMsg(Exception::DatabaseError, "resource not found");
- }
-
- ACE_DB_DELETE(del,
- AceWidgetDevCapSetting,
- &AceDaoUtilities::m_databaseInterface);
-
- Equals<AceWidgetDevCapSetting::app_id> e1(handler);
- Equals<AceWidgetDevCapSetting::resource_id> e2(rrow.Get_resource_id());
- del->Where(And(e1, e2));
- del->Execute();
- transaction.Commit();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to clearUserSettings");
- }
-}
-
-
-void AceDAO::setPolicyResult(const BaseAttributeSet &attributes,
- const PolicyResult &policyResult)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- // TODO: this call is connected with logic.
- // It should be moved to PolicyEvaluator
- addAttributes(attributes);
-
- auto attrHash = convertToHash(attributes);
-
- ACE_DB_DELETE(del, AcePolicyResult, &AceDaoUtilities::m_databaseInterface)
- del->Where(Equals<AcePolicyResult::hash>(attrHash));
- del->Execute();
-
- ACE_DB_INSERT(insert, AcePolicyResult, &AceDaoUtilities::m_databaseInterface);
- AcePolicyResult::Row row;
- row.Set_decision(PolicyResult::serialize(policyResult));
- row.Set_hash(attrHash);
- insert->Values(row);
- insert->Execute();
-
- transaction.Commit();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to addVerdict");
- }
-}
-
-void AceDAO::resetDatabase(void)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
- ACE_DB_DELETE(del1, AcePolicyResult, &AceDaoUtilities::m_databaseInterface);
- del1->Execute();
- ACE_DB_DELETE(del2, AceWidgetDevCapSetting, &AceDaoUtilities::m_databaseInterface);
- del2->Execute();
- ACE_DB_DELETE(del3, AceDevCap, &AceDaoUtilities::m_databaseInterface);
- del3->Execute();
- ACE_DB_DELETE(del4, AceSubject, &AceDaoUtilities::m_databaseInterface);
- del4->Execute();
- ACE_DB_DELETE(del5, AceAttribute, &AceDaoUtilities::m_databaseInterface);
- del5->Execute();
- ACE_DB_DELETE(del6, AcePromptDecision, &AceDaoUtilities::m_databaseInterface);
- del6->Execute();
-
- transaction.Commit();
-
- // TODO there is no such query yet in ORM.
- // GlobalConnection::DataCommandAutoPtr command =
- // GlobalConnectionSingleton::Instance().PrepareDataCommand(
- // "VACUUM");
- // command->Step();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to resetDatabase");
- }
-}
-
-void AceDAO::clearDevCapSettings()
-{
- Try {
- ACE_DB_UPDATE(update, AceDevCap, &AceDaoUtilities::m_databaseInterface);
- AceDevCap::Row row;
- row.Set_general_setting(-1);
- update->Values(row);
- update->Execute();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to clearResourceSettings");
- }
-}
-
-void AceDAO::clearWidgetDevCapSettings()
-{
- Try {
- ACE_DB_DELETE(del, AceWidgetDevCapSetting, &AceDaoUtilities::m_databaseInterface);
- del->Execute();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to clearUserSettings");
- }
-}
-
-int AceDAO::addResource(const std::string &request)
-{
- LogDebug("addResource: " << request);
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
- AceDevCap::Row rrow;
- if (getResourceByUri(request, rrow)) {
- transaction.Commit();
- return rrow.Get_resource_id();
- }
-
- ACE_DB_INSERT(insert, AceDevCap, &AceDaoUtilities::m_databaseInterface);
- AceDevCap::Row row;
- row.Set_id_uri(DPL::FromUTF8String(request));
- row.Set_general_setting(-1);
- insert->Values(row);
- int id = insert->Execute();
- transaction.Commit();
- return id;
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed in addResource");
- }
-}
-
-void AceDAO::addAttributes(const BaseAttributeSet &attributes)
-{
- Try {
- BaseAttributeSet::const_iterator iter;
-
- for (iter = attributes.begin(); iter != attributes.end(); ++iter) {
- ACE_DB_SELECT(select, AceAttribute, &AceDaoUtilities::m_databaseInterface);
- select->Where(Equals<AceAttribute::name>(DPL::FromUTF8String(
- *(*iter)->getName())));
- std::list<AceAttribute::Row> rows = select->GetRowList();
- if (!rows.empty()) {
- continue;
- }
-
- ACE_DB_INSERT(insert, AceAttribute, &AceDaoUtilities::m_databaseInterface);
- AceAttribute::Row row;
- row.Set_name(DPL::FromUTF8String(*(*iter)->getName()));
- row.Set_type(attributeTypeToInt((*iter)->getType()));
- insert->Values(row);
- insert->Execute();
- }
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed in addAttributes");
- }
-}
-
-void AceDAO::setStaticDevCapPermissions(
- int widgetHandle,
- const std::set<DPL::String> &permissions)
-{
- Try {
- FOREACH(it, permissions) {
- ACE_DB_INSERT(insert, AceStaticDevCapPermission,
- &AceDaoUtilities::m_databaseInterface);
- AceStaticDevCapPermission::Row row;
- row.Set_app_id(widgetHandle);
- row.Set_dev_cap(*it);
- insert->Values(row);
- insert->Execute();
- }
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed in setStaticDevCapPermissions");
- }
-}
-
-
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file AceDaoConversions.h
- * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#include <openssl/md5.h>
-#include <dpl/foreach.h>
-
-#include <dpl/ace-dao-ro/AceDAOConversions.h>
-
-namespace AceDB {
-
-DPL::String AceDaoConversions::convertToHash(const BaseAttributeSet &attributes)
-{
- unsigned char attrHash[MD5_DIGEST_LENGTH];
- std::string attrString;
- FOREACH(it, attributes) {
- // [CR] implementation of it->toString() is not secure, 24.03.2010
- attrString.append((*it)->toString());
- }
-
- MD5((unsigned char *) attrString.c_str(), attrString.length(), attrHash);
-
- char attrHashCoded[MD5_DIGEST_LENGTH*2 + 1];
- for (int i = 0; i < MD5_DIGEST_LENGTH; ++i) {
- sprintf(&attrHashCoded[i << 1],
- "%02X",
- static_cast<int>(attrHash[i]));
- }
- return DPL::FromASCIIString(attrHashCoded);
-}
-
-
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file AceDAOReadOnlyReadOnly.cpp
- * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#include <dpl/ace-dao-ro/AceDAOReadOnly.h>
-#include <dpl/ace-dao-ro/AceDAOUtilities.h>
-#include <dpl/ace-dao-ro/AceDAOConversions.h>
-#include <dpl/ace-dao-ro/AceDatabase.h>
-
-#include <dpl/foreach.h>
-
-using namespace DPL::DB::ORM;
-using namespace DPL::DB::ORM::ace;
-using namespace AceDB::AceDaoUtilities;
-using namespace AceDB::AceDaoConversions;
-
-namespace AceDB {
-
-static const int DB_ALLOW_ALWAYS = 0;
-static const int DB_ALLOW_FOR_SESSION = 1;
-static const int DB_ALLOW_THIS_TIME = 2;
-static const int DB_DENY_ALWAYS = 3;
-static const int DB_DENY_FOR_SESSION = 4;
-static const int DB_DENY_THIS_TIME = 5;
-
-int AceDAOReadOnly::promptDecisionToInt(PromptDecision decision)
-{
- if (PromptDecision::ALLOW_ALWAYS == decision) {
- return DB_ALLOW_ALWAYS;
- } else if (PromptDecision::DENY_ALWAYS == decision) {
- return DB_DENY_ALWAYS;
- } else if (PromptDecision::ALLOW_THIS_TIME == decision) {
- return DB_ALLOW_THIS_TIME;
- } else if (PromptDecision::DENY_THIS_TIME == decision) {
- return DB_DENY_THIS_TIME;
- } else if (PromptDecision::ALLOW_FOR_SESSION == decision) {
- return DB_ALLOW_FOR_SESSION;
- }
- // DENY_FOR_SESSION
- return DB_DENY_FOR_SESSION;
-}
-
-PromptDecision AceDAOReadOnly::intToPromptDecision(int dec) {
- if (dec == DB_ALLOW_ALWAYS) {
- return PromptDecision::ALLOW_ALWAYS;
- } else if (dec == DB_DENY_ALWAYS) {
- return PromptDecision::DENY_ALWAYS;
- } else if (dec == DB_ALLOW_THIS_TIME) {
- return PromptDecision::ALLOW_THIS_TIME;
- } else if (dec == DB_DENY_THIS_TIME) {
- return PromptDecision::DENY_THIS_TIME;
- } else if (dec == DB_ALLOW_FOR_SESSION) {
- return PromptDecision::ALLOW_FOR_SESSION;
- }
- // DB_DENY_FOR_SESSION
- return PromptDecision::DENY_FOR_SESSION;
-}
-
-void AceDAOReadOnly::attachToThread()
-{
- AceDaoUtilities::m_databaseInterface.AttachToThread();
-}
-
-void AceDAOReadOnly::detachFromThread()
-{
- AceDaoUtilities::m_databaseInterface.DetachFromThread();
-}
-
-OptionalCachedPromptDecision AceDAOReadOnly::getPromptDecision(
- const DPL::String &hash,
- const std::string &userParam)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- // get matching subject verdict
- ACE_DB_SELECT(select, AcePromptDecision, &AceDaoUtilities::m_databaseInterface);
- DPL::String DPLParam = DPL::FromUTF8String(userParam);
-
- select->Where(
- And(
- Equals<AcePromptDecision::hash>(hash),
- Equals<AcePromptDecision::user_param>(DPLParam)));
-
- std::list<AcePromptDecision::Row> rows = select->GetRowList();
- if (rows.empty()) {
- transaction.Commit();
- return OptionalCachedPromptDecision();
- }
-
- AcePromptDecision::Row row = rows.front();
- CachedPromptDecision decision;
- decision.decision = intToPromptDecision(row.Get_decision());
- decision.session = row.Get_session();
-
- return OptionalCachedPromptDecision(decision);
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getPromptDecision");
- }
-}
-
-OptionalCachedPromptDecision AceDAOReadOnly::getPromptDecision(
- const BaseAttributeSet &attributes,
- const std::string &userParam)
-{
- return getPromptDecision(convertToHash(attributes), userParam);
-}
-
-void AceDAOReadOnly::getAttributes(BaseAttributeSet *attributes)
-{
- if (NULL == attributes) {
- LogError("NULL pointer");
- return;
- }
- attributes->clear();
- std::string aname;
- int type;
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- ACE_DB_SELECT(select, AceAttribute, &AceDaoUtilities::m_databaseInterface);
- typedef std::list<AceAttribute::Row> RowList;
- RowList list = select->GetRowList();
-
- FOREACH(i, list) {
- BaseAttributePtr attribute(new BaseAttribute());
- DPL::String name = i->Get_name();
- aname = DPL::ToUTF8String(name);
- type = i->Get_type();
-
- attribute->setName(&aname);
- attribute->setType(intToAttributeType(type));
- attributes->insert(attribute);
- }
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getAttributes");
- }
-}
-
-OptionalPolicyResult AceDAOReadOnly::getPolicyResult(
- const BaseAttributeSet &attributes)
-{
-
- auto attrHash = convertToHash(attributes);
- return getPolicyResult(attrHash);
-}
-
-OptionalPolicyResult AceDAOReadOnly::getPolicyResult(
- const DPL::String &attrHash)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- // get matching subject verdict
- ACE_DB_SELECT(select, AcePolicyResult, &AceDaoUtilities::m_databaseInterface);
- Equals<AcePolicyResult::hash> e1(attrHash);
- select->Where(e1);
-
- std::list<AcePolicyResult::Row> rows = select->GetRowList();
- if (rows.empty()) {
- transaction.Commit();
- return OptionalPolicyResult();
- }
-
- AcePolicyResult::Row row = rows.front();
- int decision = row.Get_decision();
- PolicyResult res = PolicyResult::deserialize(decision);
- transaction.Commit();
- return OptionalPolicyResult(res);
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getVerdict");
- }
-}
-
-PreferenceTypes AceDAOReadOnly::getDevCapSetting(const std::string &resource)
-{
- Try {
- AceDevCap::Row row;
- if (!getResourceByUri(resource, row)) {
- return PreferenceTypes::PREFERENCE_DEFAULT;
- }
- return intToPreference(row.Get_general_setting());
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getResourceSetting");
- }
-}
-
-void AceDAOReadOnly::getDevCapSettings(PreferenceTypesMap *globalSettingsMap)
-{
- if (NULL == globalSettingsMap) {
- LogError("Null pointer");
- return;
- }
- globalSettingsMap->clear();
- Try {
- ACE_DB_SELECT(select, AceDevCap, &AceDaoUtilities::m_databaseInterface);
- typedef std::list<AceDevCap::Row> RowList;
- RowList list = select->GetRowList();
-
- FOREACH(i, list) {
- PreferenceTypes p = intToPreference(i->Get_general_setting());
- globalSettingsMap->insert(make_pair(DPL::ToUTF8String(
- i->Get_id_uri()), p));
- }
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getResourceSettings");
- }
-}
-
-
-
-void AceDAOReadOnly::getWidgetDevCapSettings(BasePermissionList *outputList)
-{
- if (NULL == outputList) {
- LogError("NULL pointer");
- return;
- }
- outputList->clear();
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- std::string resourceName;
- PreferenceTypes allowAccess;
-
- ACE_DB_SELECT(select,
- AceWidgetDevCapSetting,
- &AceDaoUtilities::m_databaseInterface);
-
- typedef std::list<AceWidgetDevCapSetting::Row> RowList;
- RowList list = select->GetRowList();
-
- // TODO JOIN
- FOREACH(i, list) {
- int app_id = i->Get_app_id();
- int res_id = i->Get_resource_id();
-
- ACE_DB_SELECT(resourceSelect, AceDevCap, &AceDaoUtilities::m_databaseInterface);
- resourceSelect->Where(Equals<AceDevCap::resource_id>(res_id));
- AceDevCap::Row rrow = resourceSelect->GetSingleRow();
-
- resourceName = DPL::ToUTF8String(rrow.Get_id_uri());
-
- if (!resourceName.empty()) {
- allowAccess = intToPreference(i->Get_access_value());
- outputList->push_back(
- BasePermission(app_id,
- resourceName,
- allowAccess));
- }
- }
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to findUserSettings");
- }
-}
-
-PreferenceTypes AceDAOReadOnly::getWidgetDevCapSetting(
- const std::string &resource,
- WidgetHandle handler)
-{
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- AceDevCap::Row rrow;
- if (!getResourceByUri(resource, rrow)) {
- return PreferenceTypes::PREFERENCE_DEFAULT;
- }
- int resourceId = rrow.Get_resource_id();
-
- // get matching user setting
- ACE_DB_SELECT(select, AceWidgetDevCapSetting, &AceDaoUtilities::m_databaseInterface);
-
- select->Where(And(Equals<AceWidgetDevCapSetting::resource_id>(resourceId),
- Equals<AceWidgetDevCapSetting::app_id>(handler)));
-
- std::list<int> values =
- select->GetValueList<AceWidgetDevCapSetting::access_value>();
- if (values.empty()) {
- return PreferenceTypes::PREFERENCE_DEFAULT;
- }
- return intToPreference(values.front());
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed in getUserSetting");
- }
-}
-
-void AceDAOReadOnly::getStaticDevCapPermissions(
- int widgetHandle,
- std::set<DPL::String> *permissions)
-{
- if (NULL == permissions) {
- LogError("NULL pointer");
- return;
- }
- permissions->clear();
- Try {
- ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface);
-
- ACE_DB_SELECT(select, AceStaticDevCapPermission,
- &AceDaoUtilities::m_databaseInterface);
- select->Where(
- Equals<AceStaticDevCapPermission::app_id>(widgetHandle));
- std::list<DPL::String> devCapNames =
- select->GetValueList<AceStaticDevCapPermission::dev_cap>();
- permissions->insert(devCapNames.begin(), devCapNames.end());
- transaction.Commit();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getStaticDevCapPermissions");
- }
-}
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file AceDaoReadOnly.h
- * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#include <openssl/md5.h>
-#include <dpl/assert.h>
-#include <dpl/foreach.h>
-
-#include <dpl/ace-dao-ro/AceDatabase.h>
-#include <dpl/ace-dao-ro/AceDAOUtilities.h>
-#include <dpl/ace-dao-ro/AceDAOReadOnly.h>
-
-namespace AceDB {
-
-namespace {
-const char* ACE_DB_DATABASE = "/opt/dbspace/.ace.db";
-DPL::DB::SqlConnection::Flag::Type ACE_DB_FLAGS =
- DPL::DB::SqlConnection::Flag::UseLucene;
-}
-
-DPL::DB::ThreadDatabaseSupport AceDaoUtilities::m_databaseInterface(
- ACE_DB_DATABASE, ACE_DB_FLAGS);
-
-BaseAttribute::Type AceDaoUtilities::intToAttributeType(int val)
-{
- switch (val) {
- case 0:
- return BaseAttribute::Type::Subject;
- case 1:
- return BaseAttribute::Type::Environment;
- case 2:
- return BaseAttribute::Type::Resource;
- case 3:
- return BaseAttribute::Type::FunctionParam;
-
- default:
- Assert(0 && "Unknown Attribute type value");
- return BaseAttribute::Type::Subject; //remove compilation warrning
- }
-}
-
-int AceDaoUtilities::attributeTypeToInt(BaseAttribute::Type type)
-{
- // we cannot cast enum -> int because this cast will be removed from next c++ standard
- switch (type) {
- case BaseAttribute::Type::Subject:
- return 0;
- case BaseAttribute::Type::Environment:
- return 1;
- case BaseAttribute::Type::Resource:
- return 2;
- case BaseAttribute::Type::FunctionParam:
- return 3;
-
- default:
- Assert(0 && "Unknown Attribute type!");
- return 0; //remove compilation warrning
- }
-}
-
-int AceDaoUtilities::preferenceToInt(PreferenceTypes p)
-{
- switch (p) {
- case PreferenceTypes::PREFERENCE_PERMIT:
- return 1;
- case PreferenceTypes::PREFERENCE_DENY:
- return 0;
- case PreferenceTypes::PREFERENCE_BLANKET_PROMPT:
- return 2;
- case PreferenceTypes::PREFERENCE_SESSION_PROMPT:
- return 3;
- case PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT:
- return 4;
-
- default:
- return -1;
- }
-}
-
-PreferenceTypes AceDaoUtilities::intToPreference(int p)
-{
- switch (p) {
- case 1:
- return PreferenceTypes::PREFERENCE_PERMIT;
- case 0:
- return PreferenceTypes::PREFERENCE_DENY;
- case 2:
- return PreferenceTypes::PREFERENCE_BLANKET_PROMPT;
- case 3:
- return PreferenceTypes::PREFERENCE_SESSION_PROMPT;
- case 4:
- return PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT;
-
- default:
- return PreferenceTypes::PREFERENCE_DEFAULT;
- }
-}
-
-VerdictTypes AceDaoUtilities::intToVerdict(int v)
-{
- switch (v) {
- case -1:
- return VerdictTypes::VERDICT_UNKNOWN;
- case 0:
- return VerdictTypes::VERDICT_DENY;
- case 1:
- return VerdictTypes::VERDICT_PERMIT;
- case 2:
- return VerdictTypes::VERDICT_INAPPLICABLE;
-
- default:
- Assert(0 && "Cannot convert int to verdict");
- return VerdictTypes::VERDICT_UNKNOWN; // remove compile warrning
- }
-}
-
-int AceDaoUtilities::verdictToInt(VerdictTypes v)
-{
- switch (v) {
- case VerdictTypes::VERDICT_UNKNOWN:
- return -1;
- case VerdictTypes::VERDICT_DENY:
- return 0;
- case VerdictTypes::VERDICT_PERMIT:
- return 1;
- case VerdictTypes::VERDICT_INAPPLICABLE:
- return 2;
-
- default:
- Assert(0 && "Unknown Verdict value");
- return -1; // remove compile warrning
- }
-}
-
-bool AceDaoUtilities::getSubjectByUri(const std::string &uri,
- DPL::DB::ORM::ace::AceSubject::Row &row)
-{
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::ace;
- ACE_DB_SELECT(select, AceSubject, &m_databaseInterface);
- select->Where(Equals<AceSubject::id_uri>(DPL::FromUTF8String(uri)));
- std::list<AceSubject::Row> rows = select->GetRowList();
- if (rows.empty()) {
- return false;
- }
-
- row = rows.front();
- return true;
-}
-
-bool AceDaoUtilities::getResourceByUri(const std::string &uri,
- DPL::DB::ORM::ace::AceDevCap::Row &row)
-{
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::ace;
- ACE_DB_SELECT(select, AceDevCap, &m_databaseInterface);
- select->Where(Equals<AceDevCap::id_uri>(DPL::FromUTF8String(uri)));
- std::list<AceDevCap::Row> rows = select->GetRowList();
- if (rows.empty()) {
- return false;
- }
-
- row = rows.front();
- return true;
-}
-
-
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file BaseAttribute.cpp
- * @author Lukasz Marek (l.marek@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#include <sstream>
-#include <string>
-
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-
-namespace AceDB {
-
-const char* BaseAttribute::typeToString(Type type)
-{
- const char * ret = NULL;
- switch (type) {
- case Type::Resource:
- ret = "resource";
- break;
- case Type::Subject:
- ret = "subject";
- break;
- case Type::Environment:
- ret = "environment";
- break;
- default:
- ret = "unknown type";
- break;
- }
-
- return ret;
-}
-
-std::string BaseAttribute::toString() const
-{
- std::string ret;
- const char * SEPARATOR = ";";
-
- ret.append(m_name);
- ret.append(SEPARATOR);
- ret.append(typeToString(m_typeId));
- ret.append(SEPARATOR);
- if (m_undetermindState) {
- ret.append("true");
- } else {
- ret.append("false");
- }
- ret.append(SEPARATOR);
- for (std::list<std::string>::const_iterator it = value.begin();
- it != value.end();
- ++it) {
- std::stringstream num;
- num << it->size();
- ret.append(num.str());
- ret.append(SEPARATOR);
- ret.append(*it);
- ret.append(SEPARATOR);
- }
-
- return ret;
-}
-
-}
+++ /dev/null
-
-SET(ACE_DAO_DEPS_LIST
- ecore
- appcore-efl
- openssl
- vconf
- db-util
- libpcrecpp
- icu-uc
- libxml-2.0
- )
-
-PKG_CHECK_MODULES(ACE_DAO_DEPS ${ACE_DAO_DEPS_LIST} REQUIRED)
-
-set(ACE_SRC_DIR ${PROJECT_SOURCE_DIR}/modules/ace/dao)
-
-set(ACE_DAO_RO_SOURCES
- ${ACE_SRC_DIR}/AceDAOReadOnly.cpp
- ${ACE_SRC_DIR}/AceDAOUtilities.cpp
- ${ACE_SRC_DIR}/AceDAOConversions.cpp
- ${ACE_SRC_DIR}/BaseAttribute.cpp
- ${ACE_SRC_DIR}/AceDatabase.cpp
- ${ACE_SRC_DIR}/PromptModel.cpp
-)
-
-set(ACE_DAO_RW_SOURCES
- ${ACE_SRC_DIR}/AceDAO.cpp
-)
-
-INCLUDE_DIRECTORIES(${ACE_SRC_DIR})
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/log/include)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/db/include)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/core/include)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/ace/include)
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/ace/orm)
-INCLUDE_DIRECTORIES(${ACE_DAO_DEPS_INCLUDE_DIRS})
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/modules/ace/orm)
-
-ADD_LIBRARY(${TARGET_ACE_DAO_RO_LIB} SHARED
- ${ACE_DAO_RO_SOURCES}
-)
-
-SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RO_LIB} PROPERTIES
- SOVERSION ${VERSION})
-
-SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RO_LIB} PROPERTIES
- COMPILE_FLAGS -fPIC)
-
-SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RO_LIB} PROPERTIES
- COMPILE_FLAGS "-include ${CMAKE_BINARY_DIR}/modules/ace/database_checksum_ace.h")
-
-target_link_libraries(${TARGET_ACE_DAO_RO_LIB}
- ${TARGET_DPL_EFL}
- ${TARGET_DPL_DB_EFL}
- ${ACE_DAO_DEPS_LIBRARY}
- ${ACE_DAO_DEPS_LDFLAGS}
-)
-
-ADD_LIBRARY(${TARGET_ACE_DAO_RW_LIB} SHARED
- ${ACE_DAO_RW_SOURCES}
-)
-
-SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RW_LIB} PROPERTIES
- SOVERSION ${VERSION})
-
-SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RW_LIB} PROPERTIES
- COMPILE_FLAGS -fPIC)
-
-SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RW_LIB} PROPERTIES
- COMPILE_FLAGS "-include ${CMAKE_BINARY_DIR}/modules/ace/database_checksum_ace.h")
-
-target_link_libraries(${TARGET_ACE_DAO_RW_LIB}
- ${TARGET_DPL_EFL}
- ${TARGET_DPL_DB_EFL}
- ${TARGET_ACE_DAO_RO_LIB}
-)
-
-INSTALL(TARGETS ${TARGET_ACE_DAO_RO_LIB}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE
- GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
-)
-
-INSTALL(TARGETS ${TARGET_ACE_DAO_RW_LIB}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE
- GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
-)
-
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/PromptModel.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/PreferenceTypes.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/BaseAttribute.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/BasePermission.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/VerdictTypes.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/TimedVerdict.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/IRequest.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/ValidityTypes.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/AceDAOReadOnly.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/AceDatabase.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/wrt_db_types.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/common_dao_types.h
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-ro/AceDAOConversions.h
- DESTINATION include/dpl-efl/dpl/ace-dao-ro
-)
-
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/modules/ace/include/dpl/ace-dao-rw/AceDAO.h
- DESTINATION include/dpl-efl/dpl/ace-dao-rw
-)
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/* @file PromptModel.cpp
- * @author Justyna Mejzner (j.kwiatkowsk@samsung.com)
- * @author Jaroslaw Osmanski (j.osmanski@samsung.com)
- * @version 1.0
- *
- */
-
-#include <dpl/ace-dao-ro/PromptModel.h>
-
-#include <algorithm>
-#include <dpl/log/log.h>
-#include <dpl/assert.h>
-
-namespace {
-
-const char INFO[] = "Widget requires access to:";
-const char DENY[] = "Deny";
-const char ALLOW[] = "Permit";
-
-const char BLANKET_CHECKBOX_LABEL[] = "Keep setting as permanent";
-const char SESSION_CHECKBOX_LABEL[] = "Remember for one run";
-
-Prompt::ButtonLabels aceQuestionLabel = {DENY, ALLOW};
-
-static Prompt::PromptLabels* getModel(
- Prompt::PromptModel::PromptType promptType,
- const std::string& resourceId)
-{
- std::string strLabel;
- strLabel = INFO;
- strLabel += "<br>";
- strLabel += resourceId;
-
- return new Prompt::PromptLabels(promptType, aceQuestionLabel, strLabel);
-}
-
-Prompt::Validity fromPromptTypeToValidity(int aPromptType, bool checkClicked)
-{
- using namespace Prompt;
- PromptModel::PromptType promptTypeEnum =
- static_cast<PromptModel::PromptType>(aPromptType);
- switch (promptTypeEnum) {
- case PromptModel::PROMPT_ONESHOT:
- return Validity::ONCE;
- case PromptModel::PROMPT_SESSION:
- if (checkClicked)
- {
- return Validity::SESSION;
- }
- else
- {
- return Validity::ONCE;
- }
- case PromptModel::PROMPT_BLANKET:
- if (checkClicked)
- {
- return Validity::ALWAYS;
- }
- else
- {
- return Validity::ONCE;
- }
- default:
- Assert(0);
- return Validity::ONCE;
- }
-}
-} // namespace anonymous
-
-namespace Prompt {
-
-
-PromptLabels::PromptLabels(int promptType,
- const Prompt::ButtonLabels& questionLabel,
- const std::string& mainLabel) :
- m_promptType(promptType),
- m_buttonLabels(questionLabel),
- m_mainLabel(mainLabel)
-{
-
-}
-
-int PromptLabels::getPromptType() const
-{
- return m_promptType;
-}
-const ButtonLabels& PromptLabels::getButtonLabels() const
-{
- return m_buttonLabels;
-}
-const std::string& PromptLabels::getMainLabel() const
-{
- return m_mainLabel;
-}
-
-DPL::OptionalString PromptLabels::getCheckLabel() const
-{
- if (PromptModel::PROMPT_BLANKET == m_promptType)
- {
- return DPL::OptionalString(
- DPL::FromUTF8String(BLANKET_CHECKBOX_LABEL));
- }
- else if (PromptModel::PROMPT_SESSION == m_promptType)
- {
- return DPL::OptionalString(
- DPL::FromUTF8String(SESSION_CHECKBOX_LABEL));
- }
-
- return DPL::OptionalString::Null;
-}
-
-bool PromptLabels::isAllowed(const size_t buttonClicked) const
-{
- Assert(buttonClicked < aceQuestionLabel.size() &&
- "Button Clicked number is not in range of questionLabel");
-
- return aceQuestionLabel[buttonClicked] == ALLOW;
-}
-
-PromptAnswer::PromptAnswer(bool isAccessAllowed, Validity validity) :
- m_isAccessAllowed(isAccessAllowed),
- m_validity(validity)
-{
-
-}
-
-PromptAnswer::PromptAnswer(
- int aPromptType, unsigned int buttonAns, bool checkAns)
-{
- Assert(buttonAns < aceQuestionLabel.size() &&
- "Button Clicked number is not in range of questionLabel");
-
- m_isAccessAllowed = aceQuestionLabel[buttonAns] == ALLOW;
- m_validity = fromPromptTypeToValidity(aPromptType, checkAns);
-}
-
-bool PromptAnswer::isAccessAllowed() const
-{
- return m_isAccessAllowed;
-}
-
-Validity PromptAnswer::getValidity() const
-{
- return m_validity;
-}
-
-PromptLabels* PromptModel::getOneShotModel(const std::string& resourceId)
-{
- return getModel(PROMPT_ONESHOT, resourceId);
-}
-
-PromptLabels* PromptModel::getSessionModel(const std::string& resourceId)
-{
- return getModel(PROMPT_SESSION, resourceId);
-}
-
-PromptLabels* PromptModel::getBlanketModel(const std::string& resourceId)
-{
- return getModel(PROMPT_BLANKET, resourceId);
-}
-
-
-} // Prompt
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- * @file common_dao_types.h
- * @author Michal Ciepielski (m.ciepielski@samsung.com)
- * @version 1.0
- * @brief This file contains the implementation of common data types for wrtdb
- */
-
-#include <dpl/wrt-dao-ro/common_dao_types.h>
-
-#include <dpl/log/log.h>
-
-namespace WrtDB {
-namespace Powder {
-
-Description::LevelEntry::LevelEntry(LevelEnum level) :
- level(level)
-{
-}
-
-bool Description::LevelEntry::isContextValid(LevelEnum level,
- const DPL::OptionalString& aContext) const
-{
- if (!aContext) {
- return level < level;
- } else {
- Context::const_iterator iter = context.find(*aContext);
- if (iter != context.end()) {
- return level < level;
- } else {
- return true;
- }
- }
-}
-
-bool Description::CategoryEntry::isCategoryValid(LevelEntry& aReason,
- LevelEnum aLevel,
- const DPL::OptionalString& aContext) const
-{
- for (LevelsContainer::const_iterator iter = levels.begin();
- iter != levels.end(); ++iter) {
- if (!iter->isContextValid(aLevel, aContext)) {
- aReason = *iter;
- return false;
- }
- }
- return true;
-}
-}
-
-namespace ChildProtection
-{
-
-PowderRules::CategoryRule::CategoryRule(const DPL::String& aCategory,
- Powder::Description::LevelEnum aLevel,
- const DPL::OptionalString& aContext) :
- category(aCategory),
- level(aLevel),
- context(aContext)
-{
-}
-
-PowderRules::PowderResult::PowderResult(InvalidReason aReason,
- const Powder::Description::LevelEntry& anInvalidDescription,
- const CategoryRule& anInvalidRule) :
- invalidDescription(anInvalidDescription),
- invalidRule(anInvalidRule),
- reason(aReason)
-{
-}
-
-//! Function checks if rule is fulfilled by description
-//! \param[in] rule checked rule
-//! \param[in] description
-//! \retval true rule is valid
-//! \retval false rule is invalid
-PowderRules::ResultPair PowderRules::isRuleValidForDescription(
- const CategoryRule& aRule,
- const Powder::Description& aDescription) const
-{
- Powder::Description::CategoryEntries::const_iterator
- iter = aDescription.categories.find(aRule.category);
- if (iter != aDescription.categories.end()) {
- Powder::Description::LevelEntry invalidDescription;
- if (!iter->second.isCategoryValid(invalidDescription, aRule.level,
- aRule.context)) {
- LogWarning("Widget forbidden for children detected");
- return std::make_pair(false,
- PowderResult(PowderResult::InvalidRule,
- invalidDescription,
- aRule));
- } else {
- return std::make_pair(true, PowderResult());
- }
- } else {
- return std::make_pair(true, PowderResult());
- }
-}
-
-//! Function checks if age limit is fulfilled by description
-//! \param[in] description
-//! \retval true age is valid
-//! \retval false age is invalid
-PowderRules::ResultPair PowderRules::isAgeValidForDescription(
- const Powder::Description& aDescription) const
-{
- if (!ageLimit) {
- return std::make_pair(true, PowderResult());
- } else {
- if (!!aDescription.ageRating) {
- if (*aDescription.ageRating <= *ageLimit) {
- return std::make_pair(true, PowderResult());
- } else {
- return std::make_pair(false,
- PowderResult(PowderResult::InvalidAge));
- }
- } else {
- if (!isAgeRatingRequired) {
- return std::make_pair(true, PowderResult());
- } else {
- return std::make_pair(
- false,
- PowderResult(PowderResult::AgeRatingNotSet));
- }
- }
- }
-}
-
-//! Function check if Widget description is valid for ChildProtection
-//! configuration
-//! \param description widget description
-//! \retval true widget is valid
-//! \retval false widget is invalid
-PowderRules::ResultPair PowderRules::isDescriptionValid(
- const Powder::Description& aDescription) const
-{
- ResultPair powderResult;
- for (RulesContainer::const_iterator iter = rules.begin();
- iter != rules.end(); ++iter) {
- powderResult = isRuleValidForDescription(*iter, aDescription);
- if (!powderResult.first) {
- return powderResult;
- }
- }
- return isAgeValidForDescription(aDescription);
-}
-
-}
-} // namespace WrtDB
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <fnmatch.h>
-#include <pcrecpp.h>
-#include <sstream>
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace/Serializer.h>
-
-const bool Attribute::alpha[256] = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
- 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0
-};
-const bool Attribute::digit[256] = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0
-};
-
-const bool Attribute::mark[256] = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0
-};
-
-bool Attribute::searchAndCut(const char *str)
-{
- //TODO
- size_t pos = m_name.rfind(str);
- if (pos == std::string::npos) {
- return false;
- }
- if ((strlen(str) + pos) == m_name.size()) {
- m_name.erase(pos, std::string::npos);
- return true;
- }
- return false;
-}
-
-Attribute::Attribute(const std::string *name,
- const Match matchFunc,
- const Type type_) :
- matchFunction(matchFunc)
-{
- m_name = *name;
- m_typeId = type_;
- m_undetermindState = false;
- if (matchFunction != Match::Equal
- && matchFunction != Match::Glob
- && matchFunction != Match::Regexp)
- {
- //LogDebug("MID: " << matchFunction);
- Assert(0 && "Match function problem");
- }
-
- if (searchAndCut(".scheme")) {
- modifierFunction = Modifier::Scheme;
- } else if (searchAndCut(".authority")) {
- modifierFunction = Modifier::Authority;
- } else if (searchAndCut(".scheme-authority")) {
- modifierFunction = Modifier::SchemeAuthority;
- } else if (searchAndCut(".host")) {
- modifierFunction = Modifier::Host;
- } else if (searchAndCut(".path")) {
- modifierFunction = Modifier::Path;
- } else {
- modifierFunction = Modifier::Non;
- }
-}
-
-static Attribute::MatchResult equal_comparator(const std::string *first,
- const std::string *second)
-{
- if((*first) == (*second)) {
- return Attribute::MatchResult::MRTrue;
- }
- return Attribute::MatchResult::MRFalse;
-}
-
-static Attribute::MatchResult glob_comparator(const std::string *first,
- const std::string *second)
-{
- // order is important
- if (!fnmatch(first->c_str(), second->c_str(), 0)) {
- return Attribute::MatchResult::MRTrue;
- }
- return Attribute::MatchResult::MRFalse;
-}
-
-static Attribute::MatchResult regexp_comparator(const std::string *first,
- const std::string *second)
-{
- // order is important
- pcrecpp::RE re(first->c_str());
- if (re.FullMatch(second->c_str())) {
- return Attribute::MatchResult::MRTrue;
- }
- return Attribute::MatchResult::MRFalse;
-}
-
-Attribute::MatchResult Attribute::lists_comparator(
- const std::list<std::string> *first,
- const std::list<std::string> *second,
- Attribute::MatchResult (*comparator)(const std::string *,
- const std::string *)) const
-{
- //NOTE: BONDI defines all availabe matching function as: if some string from first input bag
- //matches some input string from second input bag, so it's required to find only one matching string
- MatchResult result = MatchResult::MRFalse;
-
- for (std::list<std::string>::const_iterator second_iter = second->begin();
- (second_iter != second->end()) && (result != MatchResult::MRTrue);
- ++second_iter)
- {
- std::string *modified_value = applyModifierFunction(&(*second_iter));
- //Value was not an URI, it will be removed from the string bag (ignored)
- if (modified_value == NULL) {
- continue;
- }
-
- for (std::list<std::string>::const_iterator first_iter = first->begin();
- first_iter != first->end();
- ++first_iter) {
- //Compare attributes
- if ((*comparator)(&(*first_iter), modified_value) == MatchResult::MRTrue) {
- result = MatchResult::MRTrue;
- break; //Only one match is enough
- }
- }
- if (modified_value) {
- delete modified_value;
- modified_value = NULL;
- }
- }
-
- if (result == MatchResult::MRTrue) {
- LogDebug("Returning TRUE");
- } else if (result == MatchResult::MRFalse) {
- LogDebug("Returning FALSE");
- } else if (result == MatchResult::MRUndetermined) {
- LogDebug("Returning UNDETERMINED");
- }
- return result;
-}
-
-std::string * Attribute::applyModifierFunction(const std::string * val) const
-{
- std::string * result = NULL;
- switch (modifierFunction) {
- case Modifier::Scheme:
- result = uriScheme(val);
- break;
- case Modifier::Authority:
- result = uriAuthority(val);
- break;
- case Modifier::SchemeAuthority:
- result = uriSchemeAuthority(val);
- break;
- case Modifier::Host:
- result = uriHost(val);
- break;
- case Modifier::Path:
- result = uriPath(val);
- break;
- default:
- result = new std::string(*val);
- }
-
- return result;
-}
-
-/**
- * this - attribute obtained from xmlPolicy tree
- * attribute - attribute obtained from PIP
- */
-Attribute::MatchResult Attribute::matchAttributes(
- const BaseAttribute *attribute) const
-{
- std::string tempNam = *(attribute->getName());
- std::string tempVal;
- std::string myVal;
-
- if (!(attribute->getValue()->empty())) {
- tempVal = attribute->getValue()->front();
- }
-
- if (!(this->value.empty())) {
- myVal = this->value.front();
- }
-
- LogDebug("Comparing attribute: " << this->m_name << "(" <<
- myVal << ") with: " << tempNam <<
- "(" << tempVal << ")");
-
- Assert(
- (this->m_name == *(attribute->getName())) &&
- "Two completely different attributes are being compared!");
- Assert(
- (this->m_typeId == attribute->getType()) &&
- "Two completely different attributes are being compared!");
-
- if (attribute->isUndetermind()) {
- LogDebug("Attribute match undetermined");
- return MatchResult::MRUndetermined;
- }
-
- //Regardles the algorithm used, if we have empty
- //bag the result is always false
- if (this->isValueEmpty() || attribute->isValueEmpty()) {
- if (this->isValueEmpty()) {
- LogDebug("empty bag in condition comparing");
- }
- if (attribute->isValueEmpty()) {
- LogDebug("empty bag in attribute comparing");
- }
- return MatchResult::MRFalse;
- }
-
- if (this->matchFunction == Match::Equal) {
- return lists_comparator(&(this->value),
- attribute->getValue(),
- equal_comparator);
- } else if (this->matchFunction == Match::Glob) {
- return lists_comparator(&(this->value),
- attribute->getValue(),
- glob_comparator);
- } else if (this->matchFunction == Match::Regexp) {
- return lists_comparator(&(this->value),
- attribute->getValue(),
- regexp_comparator);
- } //[CR] Change to Assert
- Assert(false && " ** Critical :: no match function selected!");
- return MatchResult::MRFalse; // to remove compilator warning
-}
-
-void Attribute::addValue(const std::string *val)
-{
- this->getValue()->push_back(*val);
-}
-
-std::ostream & operator<<(std::ostream & out,
- const Attribute & attr)
-{
- out << "attr: m_name: " << *(attr.getName())
- << " type: " << Attribute::typeToString(attr.getType())
- << " value: ";
- if (attr.m_undetermindState) {
- out << "Undetermined";
- } else if (attr.getValue()->empty()) {
- out << "Empty string bag";
- } else {
- FOREACH (it, *attr.getValue()) {
- out << *it;
- }
- }
- return out;
-}
-
-bool
-Attribute::parse(const std::string *input,
- std::string *val) const
-{
- static const char *pattern =
- "^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?";
- pcrecpp::RE re(pattern);
- re.FullMatch(input->c_str(), &val[0], &val[1],
- &val[2], &val[3], &val[4],
- &val[5], &val[6], &val[7], &val[8]);
-
-#ifdef ALL_LOGS
- for (int i = 0; i < 9; i++) {
- LogDebug("val " << i << " :" << val[i]);
- }
-#endif
-
- if (find_error(val)) {
- LogDebug("Input is not an URI " << *input);
- for (int i = 0; i < 9; ++i) {
- val[i].clear();
- }
- return false;
- }
-
- return true;
-}
-
-Attribute::Attribute(std::istream& is)
-{
- Serializer* serializer = Serializer::getInstance();
-
- m_name = serializer->deserializeString(is);
- m_typeId = serializer->deserializeType(is);
-
- setValue(serializer->deserializeListStrings(is));
-
- matchFunction = serializer->deserializeMatch(is);
- modifierFunction = serializer->deserializeModifier(is);
-}
-
-Attribute::~Attribute()
-{
-}
-
-bool Attribute::serialize(std::ostream& os) const
-{
- Serializer* serializer = Serializer::getInstance();
-
- serializer->serializeString(os, m_name);
- serializer->serializeType(os, m_typeId);
- serializer->serializeListStrings(os, value);
-
- serializer->serializeMatch(os, matchFunction);
- serializer->serializeModifier(os, modifierFunction);
- return 0;
-}
-
-std::string * Attribute::uriScheme(const std::string *input) const
-{
- std::string part[9];
- if (!parse(input, part)) {
- return NULL;
- }
- return new string(part[1]);
-}
-
-std::string *
-Attribute::uriAuthority(const std::string *input) const
-{
- std::string part[9];
- if (!parse(input, part)) {
- return NULL;
- }
- return new string(part[3]);
-}
-
-std::string *
-Attribute::uriSchemeAuthority(const std::string *input) const
-{
- std::string part[9];
- if (!parse(input, part)) {
- return NULL;
- }
-
- if (part[0].size() == 0 || part[2].size() == 0) {
- return new std::string();
- }
- return new string(part[0] + part[2]);
-}
-
-std::string *
-Attribute::uriHost(const std::string *input) const
-{
- std::string part[9];
- if (!parse(input, part)) {
- return NULL;
- }
- return getHost(&(part[3]));
-}
-
-std::string *
-Attribute::uriPath(const std::string *input) const
-{
- //TODO right now uriPath leaves leading '/' in uri, this slash is removed from the string
- //it's not clear if leading '/' is a part of path component or only the separator
- std::string part[9];
- if (!parse(input, part)) {
- return NULL;
- }
-
- std::string * temp = NULL;
-
- if (part[4].at(0) == '/') {
- temp = new string(part[4].substr(1, part[4].length() - 1));
- } else {
- temp = new string(part[4]);
- }
-
- return temp;
-}
-
-bool Attribute::find_error(const std::string *tab) const
-{
- //We are checking tab[1] which contains scheme without ':' at the end
- if (!checkScheme(&(tab[1]))) {
- LogDebug("Check scheme failed, URI is invalid");
- return true; //error found
- }
- if (!checkAuthority(&(tab[3]))) {
- LogDebug("Check authority failed, URI is invalid");
- return true; //error found
- }
-
- if (!checkPath(&(tab[4]))) {
- LogDebug("Check path failed, URI is invalid");
- return true; //error found
- }
-
- return false;
-}
-
-bool Attribute::checkScheme(const std::string *part) const
-{
- Assert(part != NULL && "Checking NULLable string. This should never happen");
-
- bool result = true;
-
- //TODO change part->at to data=part->c_str()
- //TODO can scheme be empty? In absolute URI no, in relative URI yes
- if (part->empty()) {
- //Empty string is a correct schema
- result = true;
- } else if (alpha[(int) (part->at(0))] == 0) {
- result = false; // First scheme character must be alpha
- } else {
- // rest must be alpha or digit or '+' or '-' or '.'
- for (unsigned int i = 1; i < part->size(); ++i) {
- int c = static_cast<int>(part->at(i));
- if (!isSchemeAllowedCharacter(c)) {
- result = false;
- break;
- }
- }
- }
- return result;
-}
-
-bool Attribute::checkAuthority(const std::string *part) const
-{
- Assert(part != NULL && "Checking NULLable string. This should never happen");
-
- //Server is a subset of reg_m_names so here we only check if authority matches reg_m_name
- //Additional check if authority is a valid 'server' component is done in getHost
- if (part->empty()) {
- return true; //empty authority is valid uri
- }
- bool result = true;
-
- const char * data = part->c_str();
- for (size_t i = 0; i < part->length(); ++i) {
- int c = (int) data[i];
- if (isUnreserved(c)) {
- continue;
- }
- if (c == '$') {
- continue;
- }
- if (c == ',') {
- continue;
- }
- if (c == ';') {
- continue;
- }
- if (c == ':') {
- continue;
- }
- if (c == '@') {
- continue;
- }
- if (c == '&') {
- continue;
- }
- if (c == '=') {
- continue;
- }
- if (c == '+') {
- continue;
- }
- if (c == '%') {
- if (isEscaped(data + i)) {
- i += 2; //rewind the two escaped characters
- continue;
- }
- }
- result = false;
- break;
- }
-
- return result;
-}
-
-std::string * Attribute::getHost(const std::string *part) const
-{
- if (part->empty()) {
- return new std::string("");
- }
-
- //Check userinfo
- size_t userInfoPos = part->find("@");
- if (userInfoPos != std::string::npos) {
- std::string data = part->substr(0, userInfoPos);
- if (!isUserInfoAllowedString(&data)) {
- return new string(""); //the authority is not composed of 'server' part
- }
- }
-
- std::string host;
- //If we use host modifier then authority is composed of 'server' part so
- //the port must contain only digits
- size_t portPos = part->find(":");
- if (portPos != std::string::npos) {
- for (unsigned int i = portPos + 1; i < part->size(); ++i) {
- if (!digit[(int) part->at(i)]) {
- return new string(""); //the authority is not composed of 'server' part
- }
- }
- host = part->substr(userInfoPos + 1, portPos - (userInfoPos + 1));
- } else {
- host = part->substr(userInfoPos + 1, part->length() - (userInfoPos + 1));
- }
-
- if (!isHostAllowedString(&host)) {
- //Even if the string is not allowed for host this can still be a valid uri
- return new string("");
- }
-
- return new std::string(host);
-}
-
-bool Attribute::checkPath(const std::string *part) const
-{
- bool result = true;
-
- const char * data = part->c_str();
-
- for (unsigned int i = 0; i < part->size(); ++i) {
- int c = data[i];
- if (c == '/') {
- //If we found slash then the next character must be a part of segment
- //It cannot be '/' so we have to check it immediately
- i++;
- c = data[i];
- if (!isSegmentAllowedCharacter(c)) {
- result = false;
- break;
- }
- } else if (c == ';') {
- //Start param part of segment
- i++; //Param can be empty so we don't have to check what's right after semicolon
- continue;
- } else if (c == '%') {
- //We have to handle escaped characters differently than other segment allowed characters
- //because we need an array
- if (isEscaped(data + i)) {
- i += 2;
- } else {
- result = false;
- break;
- }
- } else {
- if (!isSegmentAllowedCharacter(c)) {
- result = false;
- break;
- }
- }
- }
-
- return result;
-}
-
-bool Attribute::isSchemeAllowedCharacter(int c) const
-{
- bool result = false;
- if (isAlphanum(c)) {
- result = true;
- } else if (c == '+') {
- result = true;
- } else if (c == '-') {
- result = true;
- } else if (c == '.') {
- result = true;
- }
-
- return result;
-}
-
-bool Attribute::isSegmentAllowedCharacter(int c) const
-{
- bool result = true;
-
- // LogDebug("Checking is segment allowed for char "<<(char)c);
-
- if (isUnreserved(c)) { //do nothing, result = true
- } else if (c == ':') { //do nothing, result = true
- } else if (c == '@') { //do nothing, result = true
- } else if (c == '&') { //do nothing, result = true
- } else if (c == '=') { //do nothing, result = true
- } else if (c == '+') { //do nothing, result = true
- } else if (c == '$') { //do nothing, result = true
- } else if (c == ',') { //do nothing, result = true
- } else {
- result = false;
- }
-
- return result;
-}
-
-bool Attribute::isUserInfoAllowedString(const std::string * str) const
-{
- bool result = false;
-
- const char * data = str->c_str();
-
- for (unsigned int i = 0; i < str->length(); ++i) {
- int c = data[i];
- if (isUnreserved(c)) {
- result = true;
- } else if (c == '%') {
- //isEsacped method checks if we don't cross array bounds, so we can
- //safely give data[i] here
- result = isEscaped((data + i));
- if (result == false) {
- break;
- }
- i += 2; //rewind the next two characters sEsacped method checks if we don't cross array bounds, so we can safely rewind
- } else if (c == ',') {
- result = true;
- } else if (c == '$') {
- result = true;
- } else if (c == '+') {
- result = true;
- } else if (c == '=') {
- result = true;
- } else if (c == '&') {
- result = true;
- } else if (c == '@') {
- result = true;
- } else if (c == ':') {
- result = true;
- }
- }
- return result;
-}
-
-bool Attribute::isUnreserved(int c) const
-{
- return isAlphanum(c) || mark[c];
-}
-
-bool Attribute::isAlphanum(int c) const
-{
- return alpha[c] || digit[c];
-}
-
-bool Attribute::isHex(int c) const
-{
- bool result = false;
-
- if (digit[c]) {
- result = true;
- } else if (c == 'A') {
- result = true;
- } else if (c == 'B') {
- result = true;
- } else if (c == 'C') {
- result = true;
- } else if (c == 'D') {
- result = true;
- } else if (c == 'E') {
- result = true;
- } else if (c == 'F') {
- result = true;
- } else if (c == 'a') {
- result = true;
- } else if (c == 'b') {
- result = true;
- } else if (c == 'c') {
- result = true;
- } else if (c == 'd') {
- result = true;
- } else if (c == 'e') {
- result = true;
- } else if (c == 'f') {
- result = true;
- }
-
- return result;
-}
-
-bool Attribute::isEscaped(const char esc[3]) const
-{
- if (esc == NULL) {
- return false;
- }
-
- if ((esc[0] == 0) || (esc[1] == 0) || (esc[2] == 0)) {
- //We get an array that seems to be out of bounds.
- //To be on the safe side return here
- LogDebug("HEX NULLS");
- return false;
- }
-
- if (esc[0] != '%') {
- LogDebug(
- "Error: first character of escaped value must be a precent but is "
- <<
- esc[0]);
- return false;
- }
-
-#ifdef ALL_LOGS
- for (int i = 0; i < 3; i++) {
- LogDebug("HEX " << esc[i]);
- }
-#endif
- return isHex((int) esc[1]) && isHex((int) esc[2]);
-}
-
-bool Attribute::isHostAllowedString(const std::string * str) const
-{
- bool result = true;
-
- if (digit[(int) str->at(0)]) {
- //IPv4 address
- result = isIPv4AllowedString(str);
- } else {
- //Hostname
- result = isHostNameAllowedString(str);
- }
-
- return result;
-}
-
-bool Attribute::isIPv4AllowedString(const std::string * str) const
-{
- LogDebug("Is hostIPv4 allowed String for " << *str);
-
- const char * data = str->c_str();
- bool result = true;
- int digitCounter = 0;
- int dotCounter = 0;
-
- for (unsigned int i = 0; i < str->length(); ++i) {
- if (data[i] == '.') {
- dotCounter++;
- digitCounter = 0;
- } else if (digit[(int) data[i]]) {
- digitCounter++;
- if ((digitCounter > 3) || !digitCounter) {
- result = false;
- break;
- }
- } else {
- result = false;
- break;
- }
- }
- if (dotCounter != 3) {
- result = false;
- }
- return result;
-}
-
-bool Attribute::isHostNameAllowedString(const std::string * str) const
-{
- LogDebug("Is hostname allowed String for " << *str);
-
- int lastPosition = 0; //the position of last dot + 1
- const char * data = str->c_str();
- bool finalDot = false;
- size_t end = str->length();
- bool result = false;
-
- for (size_t i = 0; i < end; ++i) {
- if (data[i] == '.') {
- if (i == str->length() - 1) { //ending dot
- //There can be a leading '.' int the hostm_name
- finalDot = true;
- break;
- } else {
- //we found domain label
- if (!isDomainLabelAllowedString(data + lastPosition, i -
- lastPosition)) {
- result = false;
- goto end;
- }
- lastPosition = i + 1; //Set position to position of last dot + 1
- }
- }
- }
-
- if (finalDot) {
- //we have to rewind one position to check the rightmost string
- //but only in case we find final dot
- end--;
- }
- //Compare only the rightmost string aaa.bbbb.rightmostString.
- result = isTopLabelAllowedString(data + lastPosition, end - lastPosition);
-
-end:
-
- if (result) {
- LogInfo("Hostname is allowed");
- } else {
- LogInfo("Hostname is NOT allowed");
- }
-
- return result;
-}
-
-bool Attribute::isDomainLabelAllowedString(const char * data,
- int length) const
-{
- LogDebug(
- "Is domain allowed String for " << data << " taking first " <<
- length <<
- " chars");
-
- if (!isAlphanum((int) data[0]) || !isAlphanum((int) data[length - 1])) {
- return false;
- }
-
- for (int i = 0; i < length; i++) {
- if ((!isAlphanum(data[i])) && !(data[i] == '-')) {
- return false;
- }
- }
- return true;
-}
-
-bool Attribute::isTopLabelAllowedString(const char * data,
- int length) const
-{
- if ((!alpha[(int) data[0]]) || (!isAlphanum((int) data[length - 1]))) {
- return false;
- }
-
- for (int i = 1; i < length - 1; i++) {
- if ((!isAlphanum(data[i])) && !(data[i] == '-')) {
- return false;
- }
- }
- return true;
-}
-
-void printAttributes(const AttributeSet& attrs)
-{
- if (attrs.empty()) {
- LogWarning("Empty attribute set");
- } else {
- LogDebug("PRINT ATTRIBUTES:");
- for (AttributeSet::const_iterator it = attrs.begin();
- it != attrs.end();
- ++it)
- {
- LogDebug("name: " << *(*it)->getName());
- }
- }
-}
-
-void printAttributes(const std::list<Attribute> & attrs)
-{
- if (attrs.empty()) {
- LogWarning("Empty attribute set");
- } else {
- LogDebug("PRINT ATTRIBUTES:");
- for (std::list<Attribute>::const_iterator it = attrs.begin();
- it != attrs.end();
- ++it
- ) {
- LogDebug(*it);
- }
- }
-}
-
-//KW const char * matchResultToString(Attribute::MatchResult result){
-//KW
-//KW const char * ret = NULL;
-//KW
-//KW switch(result){
-//KW
-//KW case Attribute::MRTrue:
-//KW ret = "true";
-//KW break;
-//KW case Attribute::MRFalse:
-//KW ret = "false";
-//KW break;
-//KW case Attribute::MRUndetermined:
-//KW ret = "undetermined";
-//KW break;
-//KW default:
-//KW ret = "Wrong match result";
-//KW }
-//KW
-//KW return ret;
-//KW
-//KW }
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : CombinerImpl.cpp
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#include <dpl/log/log.h>
-#include <dpl/assert.h>
-
-#include <dpl/ace/CombinerImpl.h>
-#include <dpl/ace/Rule.h>
-#include <dpl/ace/Policy.h>
-
-const int CombinerImpl::DenyInt = 0, //mb jk changed the numbers !!!!!!!!!!!!!!!!!
-CombinerImpl::UndeterminedInt = 1, //this one is added
-CombinerImpl::PromptOneShotInt = 2,
-CombinerImpl::PromptSessionInt = 3,
-CombinerImpl::PromptBlanketInt = 4,
-CombinerImpl::PermitInt = 5,
-CombinerImpl::InapplicableInt = 6,
-CombinerImpl::NotMatchingTargetInt = 7,
-CombinerImpl::ErrorInt = 8;
-
-std::list<int> * CombinerImpl::convertEffectsToInts(
- const std::list<Effect> * effects)
-{
- std::list<int> * intList = new std::list<int>();
- for (
- std::list<Effect>::const_iterator it = effects->begin();
- it != effects->end();
- ++it
- ) {
- switch (*it) {
- case Deny:
- intList->push_back(CombinerImpl::DenyInt);
- break;
- case Undetermined: //jk mb added
- intList->push_back(CombinerImpl::UndeterminedInt);
- break;
- case Permit:
- intList->push_back(CombinerImpl::PermitInt);
- break;
- case PromptBlanket:
- intList->push_back(CombinerImpl::PromptBlanketInt);
- break;
- case PromptOneShot:
- intList->push_back(CombinerImpl::PromptOneShotInt);
- break;
- case PromptSession:
- intList->push_back(CombinerImpl::PromptSessionInt);
- break;
- case Inapplicable:
- intList->push_back(CombinerImpl::InapplicableInt);
- break;
- case NotMatchingTarget:
- intList->push_back(CombinerImpl::NotMatchingTargetInt);
- break;
- case Error:
- intList->push_back(CombinerImpl::ErrorInt);
- break;
- default:
- Assert(false && "Wrong effect");
- }
- }
- return intList;
-}
-
-Effect CombinerImpl::convertIntToEffect(int intEffect)
-{
- switch (intEffect) {
- case DenyInt:
- return Deny;
-
- case UndeterminedInt: //jk mb added
- return Undetermined;
-
- case PermitInt:
- return Permit;
-
- case PromptBlanketInt:
- return PromptBlanket;
-
- case PromptOneShotInt:
- return PromptOneShot;
-
- case PromptSessionInt:
- return PromptSession;
-
- case InapplicableInt:
- return Inapplicable;
-
- case NotMatchingTargetInt:
- return NotMatchingTarget;
-
- case ErrorInt:
- return Error;
-
- default:
- Assert(false && "Wrong integer in int to Effect conversion");
- return Error;
- }
-}
-
-Effect CombinerImpl::denyOverrides(const std::list<Effect> & effects)
-{
- if (isError(effects)) {
- return Error;
- }
-
- std::list<int> * intList = convertEffectsToInts(&effects);
-
- int result = InapplicableInt; //Deny has value 0, Undetermined value 1, Inapplicable value 6
-
- std::list<int>::const_iterator it = intList->begin();
-
- while (it != intList->end()) {
- int effect = *it;
- //Use most restrictive policy always
- result = effect < result ? effect : result;
- ++it;
- }
- delete intList;
- return convertIntToEffect(result);
-}
-
-Effect CombinerImpl::permitOverrides(const std::list<Effect> & effects) //mb jk modified
-{ if (isError(effects)) {
- return Error;
- }
-
- int result = DenyInt; //Deny has value 0, Inapplicable value 5
- std::list<int> * intList = convertEffectsToInts(&effects);
- std::list<int>::const_iterator it = intList->begin();
-
- //Flag used to indicate that any of Deny,prompt-*,permit options appear
- //Consequently if flag is true then result should be return, otherwise inapplicable should be returned
- bool flag = false;
- bool flagUndetermined = false;
-
- while (it != intList->end()) {
- int effect = *it;
-
- if (effect == PermitInt) {
- result = effect;
- delete intList;
- return convertIntToEffect(result);
- } // no need for further check if "permit" found
- if (effect == UndeterminedInt) { flagUndetermined = true; } //check for undetermined
-
- //Set the flag and the result even if effect is equal to result
- //It is done to mark if any "Deny" effect occured
- if (effect >= result && effect != InapplicableInt && effect !=
- UndeterminedInt) { //check for other results
- result = effect;
- flag = true;
- }
-
- ++it;
- }
- delete intList;
-
- if (flagUndetermined) {
- return Undetermined;
- }
-
- if (!flag) {
- return Inapplicable;
- }
- return convertIntToEffect(result);
-}
-
-Effect CombinerImpl::firstApplicable(const std::list<Effect> & effects) //jk mb modified to comply with BONDI 1.0 ("undetermined" handling)
-{ std::list<Effect>::const_iterator it = effects.begin();
-
- if (isError(effects)) {
- return Error;
- }
-
- for (; it != effects.end(); ++it) {
- if (*it != InapplicableInt) {
- return *it;
- }
- }
- return Inapplicable;
-}
-
-Effect CombinerImpl::firstMatchingTarget(const std::list<Effect> & effects)
-{
- if (isError(effects)) {
- return Error;
- }
- // effect list constains result of policies which target has been matched.
- //
- // If target does not match policy result is NotMatchingTarget
- // NotMatchingTarget values are not stored on the effects list
- // (you can check it in combinePolicies function).
- //
- // So we are intrested in first value on the list.
- return effects.empty() ? Inapplicable : effects.front();
-}
-
-bool CombinerImpl::isError(const std::list<Effect> & effects)
-{
- FOREACH(it, effects)
- {
- if (Error == *it) {
- return true;
- }
- }
- return false;
-}
-
-Effect CombinerImpl::combineRules(const TreeNode * policy)
-{
- const Policy * policyObj = dynamic_cast<const Policy *>(policy->getElement());
- if (!policyObj) {
- LogError("dynamic_cast failed. PolicyObj is null.");
- return Error;
- }
-
- Policy::CombineAlgorithm algorithm = policyObj->getCombineAlgorithm();
-
- Assert(
- algorithm != Policy::FirstTargetMatching &&
- "Policy cannot have algorithm first target matching");
-
- bool isUndetermined = false;
-
- if (!checkIfTargetMatches(policyObj->getSubjects(), isUndetermined)) {
- if (isUndetermined) {
- //TODO Target is undetermined what should we do now ??
- //Right now simply return NotMatchingTarget
- }
- //Target doesn't match
- return NotMatchingTarget;
- }
- //Get all rules
- const ChildrenSet & children = policy->getChildrenSet();
- ChildrenConstIterator it = children.begin();
- std::list<Effect> effects;
-
- while (it != children.end()) {
- const Rule * rule = dynamic_cast<const Rule *>((*it)->getElement());
-
- if (!rule) {
- LogError("Error in dynamic_cast. rule is null");
- return Error;
- }
-
- Effect effect = rule->evaluateRule(this->getAttributeSet());
- effects.push_back(effect);
- if (algorithm == Policy::FirstApplicable && effect != Inapplicable) {
- //For first applicable algorithm we may stop after evaluating first policy
- //which has effect other than inapplicable
- break;
- }
- ++it;
- } //end policy children iteration
-
- //Use combining algorithm
- Effect ef = combine(policyObj->getCombineAlgorithm(), effects);
- return ef;
-}
-
-//WARNING this method makes an assumption that Policy target is a policy child
-Effect CombinerImpl::combinePolicies(const TreeNode * policy)
-{
- const Policy * policySet = dynamic_cast<const Policy *>(policy->getElement());
-
- if (!policySet) {
- LogError("dynamic_cast failed. Policy set is null.");
- return Error;
- }
-
- bool isUndetermined = false;
- Policy::CombineAlgorithm algorithm = policySet->getCombineAlgorithm();
-
- if (!checkIfTargetMatches(policySet->getSubjects(), isUndetermined)) {
- /* I can't explain this...
- if (isUndetermined) {
- if (algorithm == Policy::FirstTargetMatching) {
- return Undetermined;
- }
- }
- */
- //Target doesn't match
- return NotMatchingTarget;
- }
-
- const ChildrenSet & children = policy->getChildrenSet();
-
- ChildrenConstIterator it = children.begin();
-
- std::list<Effect> effects;
-
- while (it != children.end()) {
- Effect effect;
-
- if ((*it)->getTypeID() == TreeNode::PolicySet) {
- effect = combinePolicies(*it);
- if (effect != NotMatchingTarget) {
- effects.push_back(effect);
- }
- } else if ((*it)->getTypeID() == TreeNode::Policy) {
- effect = combineRules(*it);
- if (effect != NotMatchingTarget) {
- effects.push_back(effect);
- }
- } else {
- // [CR] fix it
- LogError("effect value is not initialized!");
- return Error;
- }
-
- if (algorithm == Policy::FirstTargetMatching && effect !=
- NotMatchingTarget) {
- //In First matching target algorithm we may return when first result is found
- break;
- }
- ++it;
- }
-
- //Use combining algorithm
- Effect ef = combine(policySet->getCombineAlgorithm(), effects);
- return ef;
-}
-
-Effect CombinerImpl::combine(Policy::CombineAlgorithm algorithm,
- std::list<Effect> & effects)
-{
- LogDebug("Effects to be combined with algorithm: " << toString(algorithm));
- showEffectList(effects);
-
- switch (algorithm) {
- case Policy::DenyOverride:
- return denyOverrides(effects);
- break;
- case Policy::PermitOverride:
- return permitOverrides(effects);
- break;
- case Policy::FirstApplicable:
- return firstApplicable(effects);
- break;
- case Policy::FirstTargetMatching:
- return firstMatchingTarget(effects);
- break;
- default:
- Assert(false && "Wrong combining algorithm used");
- return Error;
- }
-}
-
-/**
- *
- * @param attrSet set of Subject attributes in policy that identifies target
- * @return true if target is determined and matches, false and isUndertmined is set to true if the target is undetermined
- * false and isUndetermined set to false if target is determined but doesn't match
- */
-bool CombinerImpl::checkIfTargetMatches(
- const std::list<const Subject *> * subjectsList,
- bool &isUndetermined)
-{
- if (subjectsList->empty()) {
- return true;
- }
-
- std::list<const Subject *>::const_iterator it = subjectsList->begin();
- bool match = false;
- //According to BONDI 1.0 at least one target must match
- while (it != subjectsList->end()) {
- match = (*it)->matchSubject(this->getAttributeSet(), isUndetermined);
- if (match) { //at least one match
- break;
- }
- ++it;
- }
-
- #ifdef _DEBUG
- if (match == Attribute::MRTrue) {
- LogDebug("Target matches ");
- } else if (match == Attribute::MRUndetermined) {
- LogDebug("Target match undetermined ");
- } else {
- LogDebug("Target doesn't match");
- }
- #endif
- return match;
-}
-
-const char * toString(Effect effect)
-{
- const char * temp = "";
-
- switch (effect) {
- case Deny:
- temp = "Deny";
- break;
- case Undetermined:
- temp = "Undetermined";
- break;
- case PromptOneShot:
- temp = "PromptOneShot";
- break;
- case PromptSession:
- temp = "PromptSession";
- break;
- case PromptBlanket:
- temp = "PromptBlanket";
- break;
- case Permit:
- temp = "Permit";
- break;
- case Inapplicable:
- temp = "Inapplicable";
- break;
- case NotMatchingTarget:
- temp = "NotMatchingTarget";
- break;
- case Error:
- temp = "Error";
- break;
- default:
- Assert(false && "Wrong effect");
- }
- return temp;
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-// File: Condition.cpp
-// Author: notroot
-//
-// Created on June 3, 2009, 9:00 AM
-//
-
-#include <iostream>
-#include <dpl/log/log.h>
-#include <dpl/foreach.h>
-#include <dpl/ace/Serializer.h>
-#include <dpl/ace/Condition.h>
-
-/**
- * Check if attribute in condition matches the values obtained from PIP
- * attrSet - attributes from PIP
- */
-
-Attribute::MatchResult Condition::evaluateCondition(
- const AttributeSet * attrSet) const
-{
- //Condition may include either matches of attributes or other conditions
- //in this method all attributes are matched at first and if possible the
- //condition is evaluated. If evaluation is not possible based solely on
- //attributes then we start recursion into child conditions.
-
- Attribute::MatchResult match;
- bool undeterminedMatchFound = false;
- bool isFinalMatch = false;
-
- LogDebug("Attributes to be matched");
- printAttributes(*attrSet);
- LogDebug("Condition attributes values");
- printAttributes(attributes);
-
- if (this->isEmpty()) {
- LogDebug("Condition is empty, returning true");
- //Condition is empty, it means it evaluates to TRUE
- return Attribute::MatchResult::MRTrue;
- }
-
- match = evaluateAttributes(attrSet, isFinalMatch, undeterminedMatchFound);
- if (isFinalMatch) {
- LogDebug("Evaluate attributes returning verdict" ) ; //<< match);
- return match;
- }
-
- match = evaluateChildConditions(attrSet,
- isFinalMatch,
- undeterminedMatchFound);
- if (isFinalMatch) {
- LogDebug("Evaluate child conditions returning verdict" ); // << match);
- return match;
- }
-
- if (undeterminedMatchFound) {
- //If any child condition/attribute-match was undetermined and
- //so far we couldn't make a decision then we must return undetermined
- LogDebug("Evaluate condition returning MRUndetermined");
- return Attribute::MatchResult::MRUndetermined;
- }
-
- if (this->isAndCondition()) {
- match = Attribute::MatchResult::MRTrue;
- } else if (this->isOrCondition()) {
- match = Attribute::MatchResult::MRFalse;
- } else {
- Assert(false && "Condition has to be either AND or OR");
- }
- return match;
-}
-
-// KW Attribute::MatchResult Condition::performORalgorithm(const std::set<Attribute>* attrSet) const{
-// KW
-// KW Attribute::MatchResult match;
-// KW bool undeterminedMatchFound = false;
-// KW bool isFinalMatch = false;
-// KW
-// KW LogDebug("Performing OR algorithm");
-// KW
-// KW match = evaluateAttributes(attrSet, isFinalMatch, undeterminedMatchFound);
-// KW if(isFinalMatch){
-// KW LogDebug("OR algorithm evaluate attributes returning verdict" << match);
-// KW return match;
-// KW }
-// KW
-// KW match = evaluateChildConditions(attrSet, isFinalMatch, undeterminedMatchFound);
-// KW if(isFinalMatch){
-// KW return match;
-// KW }
-// KW
-// KW if(undeterminedMatchFound){
-// KW //If any child condition/attribute-match was undetermined and
-// KW //so far we couldn't make a decision then we must return undetermined
-// KW LogDebug("OR algorithm returning MRUndetermined");
-// KW return Attribute::MRUndetermined;
-// KW }
-// KW
-// KW LogDebug("OR algorithm returning MRFalse");
-// KW return Attribute::MRFalse;
-// KW }
-
-// KW Attribute::MatchResult Condition::performANDalgorithm(const std::set<Attribute>* attrSet) const{
-// KW
-// KW
-// KW Attribute::MatchResult match;
-// KW bool undeterminedMatchFound = false;
-// KW bool isFinalMatch = false;
-// KW
-// KW LogDebug("Performing AND algorithm");
-// KW match = evaluateAttributes(attrSet, isFinalMatch, undeterminedMatchFound);
-// KW if(isFinalMatch){
-// KW LogDebug("AND algorithm evaluate attributes returning verdict" << match);
-// KW return match;
-// KW }
-// KW match = evaluateChildConditions(attrSet, isFinalMatch, undeterminedMatchFound);
-// KW if(isFinalMatch){
-// KW LogDebug("AND algorithm evaluate child returning verdict " << match);
-// KW return match;
-// KW }
-// KW if(undeterminedMatchFound){
-// KW //If any child condition/attribute-match was undetermined and
-// KW //so far we couldn't make a decision then we must return undetermined
-// KW LogDebug("AND algorithm returning Undetermined");
-// KW return Attribute::MRUndetermined;
-// KW }
-// KW
-// KW LogDebug("AND algorithm returning MRTrue");
-// KW return Attribute::MRTrue;
-// KW
-// KW }
-
-Attribute::MatchResult Condition::evaluateAttributes(
- const AttributeSet * attrSet,
- bool& isFinalMatch,
- bool & undeterminedMatchFound) const
-{
- Attribute::MatchResult match = Attribute::MatchResult::MRUndetermined;
-
- std::list<Attribute>::const_iterator condIt = this->attributes.begin();
- while (condIt != this->attributes.end()) {
- //Find the value of needed attribute, based on attribute name
- AttributeSet::const_iterator attr =
- std::find_if(attrSet->begin(),
- attrSet->end(),
- AceDB::BaseAttribute::UnaryPredicate(&(*condIt)));
- if (attr == attrSet->end()) {
- LogError("Couldn't find required attribute. This should not happen");
- Assert(
- false &&
- "Couldn't find attribute required in condition. This should not happen"
- "This means that some attributes has not been obtained from PIP");
- //Return undetermined here because it seems one of the attributes is unknown/undetermined
- isFinalMatch = true;
- match = Attribute::MatchResult::MRUndetermined;
- break;
- }
-
- match = condIt->matchAttributes(&(*(*attr)));
- if ((match == Attribute::MatchResult::MRFalse) && isAndCondition()) {
- //FALSE match found in AND condition
- isFinalMatch = true;
- break;
- } else if ((match == Attribute::MatchResult::MRTrue) && isOrCondition()) {
- //TRUE match found in OR condition
- isFinalMatch = true;
- break;
- } else if (match == Attribute::MatchResult::MRUndetermined) {
- //Just mark that there was undetermined value found
- undeterminedMatchFound = true;
- }
- ++condIt;
- }
-
- return match;
-}
-
-Attribute::MatchResult Condition::evaluateChildConditions(
- const AttributeSet * attrSet,
- bool& isFinalMatch,
- bool & undefinedMatchFound) const
-{
- Attribute::MatchResult match = Attribute::MatchResult::MRUndetermined;
-
- std::list<Condition>::const_iterator it = conditions.begin();
- while (it != conditions.end()) {
- match = it->evaluateCondition(attrSet);
-
- if ((match == Attribute::MatchResult::MRFalse) && isAndCondition()) {
- //FALSE match found in AND condition
- LogDebug("Child conditions results MRFalse)");
- isFinalMatch = true;
- break;
- } else if ((match == Attribute::MatchResult::MRTrue) && isOrCondition()) {
- //TRUE match found in OR condition
- LogDebug("Child conditions result MRTrue");
- isFinalMatch = true;
- break;
- } else if (match == Attribute::MatchResult::MRUndetermined) {
- undefinedMatchFound = true;
- }
- ++it;
- }
-
- return match;
-}
-
-void Condition::getAttributes(AttributeSet * attrSet)
-{
- //Get attributes from current condition
- FOREACH (it, attributes)
- {
- AceDB::BaseAttributePtr attr(new Attribute(it->getName(), it->getMatchFunction(), it->getType()));
- attrSet->insert(attr);
- }
- //Get attributes from any child conditions
- FOREACH (it, conditions)
- {
- it->getAttributes(attrSet);
- }
-}
-
-Condition::Condition(std::istream& is,
- Condition* parent)
-{
- Serializer* serializer = Serializer::getInstance();
-
- //Condition is a object in class
- if (parent != NULL) {
- this->parent = parent;
- } else {
- this->parent = NULL;
- }
-
- conditions = serializer->deserializeListConditions(is, this);
- combineType = serializer->deserializeCombineType(is);
- attributes = serializer->deserializeListAttributes(is);
-}
-
-bool Condition::serialize(std::ostream& os)
-{
- Serializer* serializer = Serializer::getInstance();
-
- serializer->serializeListConditions(os, conditions);
- serializer->serializeCombineType(os, combineType);
- serializer->serializeListAttributes(os, attributes);
-
- return 0;
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <dpl/assert.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <error.h>
-#include <malloc.h>
-#include <sys/stat.h>
-#include <dpl/ace/ConfigurationManager.h>
-
-using namespace std;
-
-namespace {
-const string currentXMLSchema("bondixml.xsd");
-}
-
-ConfigurationManager * ConfigurationManager::instance = NULL;
-
-string ConfigurationManager::getCurrentPolicyFile(void) const
-{
- return currentPolicyFile;
-}
-
-string ConfigurationManager::getFullPathToCurrentPolicyFile(void) const
-{
- if (*(storagePath.rbegin()) == '/') {
- return storagePath + currentPolicyFile;
- }
- return storagePath + "/" + currentPolicyFile;
-}
-
-string ConfigurationManager::getStoragePath(void) const
-{
- return storagePath;
-}
-
-string ConfigurationManager::getFullPathToCurrentPolicyXMLSchema() const
-{
- if (*(storagePath.rbegin()) == '/')
- {
- return storagePath + currentXMLSchema;
- }
- return storagePath + "/" + currentXMLSchema;
-}
-
-int ConfigurationManager::parse(const string &configFileName)
-{
- configFile = configFileName;
- int error = PARSER_SUCCESS;
- policyFiles.clear();
-
- reader = xmlNewTextReaderFilename(configFile.c_str());
-
- if (reader == NULL) {
- LogError("Parser does not exist");
- error = PARSER_ERROR;
- goto cleanUp;
- }
-
- if (xmlTextReaderSetParserProp(reader, XML_PARSER_VALIDATE, 1)) {
- LogError("Error while setting parser validating.");
- error = PARSER_ERROR;
- Assert(false && "Cannot make XML parser validating");
- goto cleanUp;
- }
-
- if (xmlTextReaderSetParserProp(reader, XML_PARSER_DEFAULTATTRS, 1)) {
- LogError("Error while attribute defaulting.");
- error = PARSER_ERROR;
- Assert(false && "XML Parser cannot default xml attributes");
- goto cleanUp;
- }
-
- int ret;
- while (1 == (ret = xmlTextReaderRead(reader))) {
- processNode();
- if (xmlTextReaderIsValid(reader) == 0) {
- LogError(
- "Parser error while reading file " << configFile <<
- ". File is not valid.");
- error = PARSER_ERROR;
- Assert(false && "Configuration Manager error");
- goto cleanUp;
- }
- }
- if (ret != 0) {
- LogError("There were some errors while parsing XML file.");
- }
-
-cleanUp:
- if (reader != NULL) {
- xmlFreeTextReader(reader);
- }
- return error;
-}
-
-void ConfigurationManager::extractFileAttributes()
-{
- xmlChar *active = xmlTextReaderGetAttribute(reader, ATTR_ACTIVE_POLICY);
- xmlActive = false;
-
- if (active && active[0] == 't') {
- xmlActive = true;
- }
-
- xmlFree(active);
-}
-
-void ConfigurationManager::startNodeHandler(void)
-{
- xmlChar *name = xmlTextReaderName(reader);
- switch (*name) {
- case 'f': // file
- extractFileAttributes();
- break;
- default:
- break;
- }
- xmlFree(name);
-}
-
-void ConfigurationManager::endNodeHandler(void)
-{
- xmlChar *name = xmlTextReaderName(reader);
- switch (*name) {
- case 'f':
- policyFiles.push_back(currentText);
- if (xmlActive) {
- currentPolicyFile = currentText;
- xmlActive = false;
- }
- currentText.clear();
- break;
- case 's':
- storagePath = currentText;
- currentText.clear();
- break;
- default:
- break;
- }
- xmlFree(name);
-}
-
-void ConfigurationManager::textNodeHandler(void)
-{
- xmlChar *text = xmlTextReaderValue(reader);
- currentText = reinterpret_cast<const char*>(text);
- xmlFree(text);
-}
-
-void ConfigurationManager::processNode(void)
-{
- xmlReaderTypes type =
- static_cast<xmlReaderTypes>(xmlTextReaderNodeType(reader));
- switch (type) {
- case XML_READER_TYPE_ELEMENT: startNodeHandler();
- break;
- case XML_READER_TYPE_END_ELEMENT: endNodeHandler();
- break;
- case XML_READER_TYPE_TEXT: textNodeHandler();
- break;
- default:
- break;
- }
-}
-
-int ConfigurationManager::addPolicyFile(const string & sourcePath)
-{
- FILE * sourceFd = NULL, *destFd = NULL;
- int flag = CM_OPERATION_SUCCESS;
- int sourceLength;
- string fileName;
-
- string newFilePath(getStoragePath());
- newFilePath.append("/");
-
- if (sourcePath.empty()) {
- LogError("Filename empty");
- flag = CM_GENERAL_ERROR;
- goto cleanup;
- }
-
- fileName = extractFilename(sourcePath);
- newFilePath.append(fileName);
-
- LogDebug("Adding new file " << newFilePath);
- if (checkIfFileExistst(newFilePath)) {
- LogError("Destination file already exists");
- flag = CM_FILE_EXISTS;
- goto cleanup;
- }
-
- sourceFd = fopen(sourcePath.c_str(), "r");
- if (sourceFd == NULL) {
- LogError("Source file opening failed");
- flag = CM_GENERAL_ERROR;
- goto cleanup;
- }
-
- destFd = fopen(newFilePath.c_str(), "w");
- if (destFd == NULL) {
- LogError("Destination file creation failed");
- flag = CM_GENERAL_ERROR;
- goto cleanup;
- }
-
- if (0 > (sourceLength = getFileSize(sourcePath))) {
- LogError("getFileSize error");
- flag = CM_GENERAL_ERROR;
- goto cleanup;
- }
-
- if (!copyFile(sourceFd, destFd, sourceLength)) {
- //Copying failed, we have to remove corrupted file
- flag = CM_GENERAL_ERROR;
- if (removePolicyFile(newFilePath) != CM_OPERATION_SUCCESS) {
- flag = CM_REMOVE_ERROR;
- }
- goto cleanup;
- }
- policyFiles.push_back(fileName);
-
- if (saveConfig() != CM_OPERATION_SUCCESS) {
- LogError("Error while saving policy file");
- //TODO HOW TO ROLLBACK save config?
- }
-
-cleanup:
-
- if (sourceFd) {
- fclose(sourceFd);
- }
- if (destFd) {
- fclose(destFd);
- }
-
- return flag;
-}
-
-int ConfigurationManager::removePolicyFile(const string& file)
-{
- LogDebug("Trying to remove policy " << file);
- int errorFlag = CM_OPERATION_SUCCESS;
- string fileName = extractFilename(file);
- string filePath(CONFIGURATION_MGR_TEST_POLICY_STORAGE);
-
- if (fileName == currentPolicyFile) {
- errorFlag = CM_REMOVE_CURRENT;
- LogError("Cannot remove current policy");
- goto end;
- }
-
- filePath.append("/").append(fileName);
-
- if (remove(filePath.c_str()) != 0) {
- if (checkIfFileExistst(filePath)) {
- errorFlag = CM_REMOVE_ERROR;
- LogError("Cannot delete file" << filePath);
- goto end;
- }
- LogError("Cannot delete file" << filePath << " the file doesn't exist");
- errorFlag = CM_REMOVE_NOT_EXISTING;
- } else {
- errorFlag = CM_OPERATION_SUCCESS;
- }
- //If remove was successful or unsuccessful but file doesn't exists then it
- //should be removed from the list of available policies
- policyFiles.remove(fileName);
-
-end:
- return errorFlag;
-}
-
-string ConfigurationManager::extractFilename(const string & sourcePath) const
-{
- //begining of filename without path
- size_t filenamePos = sourcePath.rfind('/');
-
- string tmp;
- if (filenamePos == string::npos) {
- tmp = sourcePath;
- } else {
- tmp = sourcePath.substr(filenamePos + 1);
- }
- LogDebug("Extracted filename " << tmp);
- return tmp;
-}
-
-int ConfigurationManager::getFileSize(const string & path) const
-{
- //get source file size
- struct stat sourceStat;
- int sourceLength;
- if (stat(path.c_str(), &sourceStat) == -1) {
- LogError("Reading file properties failed");
- sourceLength = -1;
- } else {
- sourceLength = sourceStat.st_size;
- }
- return sourceLength;
-}
-
-bool ConfigurationManager::copyFile(FILE * sourceDesc,
- FILE * destinationDesc,
- int lenght) const
-{
- int rv;
- char *buffer = static_cast<char *>(malloc(lenght));
- bool result = true;
-
- if (!buffer) {
- return false;
- }
-
- while ((rv = fread(buffer, sizeof (char), lenght, sourceDesc)) > 0) {
- if (rv != lenght) {
- if (!feof(sourceDesc)) {
- LogError("Error while reading file ");
- result = false;
- break;
- }
- }
-
- rv = fwrite(buffer, sizeof (char), lenght, destinationDesc);
- if (rv != lenght) {
- LogError("Write file failed ");
- result = false;
- break;
- }
- }
- free(buffer);
- return result;
-}
-
-bool ConfigurationManager::checkIfFileExistst(const string & newFilePath) const
-{
- bool exists = false;
- struct stat stats;
- if (stat(newFilePath.c_str(), &stats) == 0) {
- exists = true;
- }
- return exists;
-}
-
-int ConfigurationManager::changeCurrentPolicyFile(const std::string & fileName)
-{
- int result = CM_OPERATION_SUCCESS;
- string oldPolicyFile = currentPolicyFile;
-
- string filePath(getStoragePath() + "/");
- filePath += fileName;
-
- if (!checkIfFileExistst(filePath)) {
- //Policy file doesn't exist
- result = CM_GENERAL_ERROR;
- LogError("Error: policy file " << filePath << " doesn't exist");
- goto end;
- }
- if (result == CM_OPERATION_SUCCESS) {
- //Adding file to storage succeeded
- currentPolicyFile = extractFilename(filePath);
- //Try to save the configuration file
- result = saveConfig();
- }
- if (result != CM_OPERATION_SUCCESS) {
- //rollback changes
- currentPolicyFile = oldPolicyFile;
- LogError("Error while saving policy file");
- //TODO HOW TO ROLLBACK save config?
- }
-
-end:
- return result;
-}
-
-int ConfigurationManager::saveConfig()
-{
- std::ofstream output(configFile.c_str());
- int errorFlag = CM_OPERATION_SUCCESS;
-
- output << "<?xml version=\"1.0\" ?>" << std::endl;
- output <<
- "<!DOCTYPE manager-settings SYSTEM \"" ACE_CONFIGURATION_DTD "\">" <<
- std::endl;
- output << "<manager-settings>" << std::endl;
- output << " <storage-path>" << storagePath << "</storage-path>" <<
- std::endl;
- output << " <policy-files>" << std::endl;
- for (list<string>::const_iterator it = policyFiles.begin();
- it != policyFiles.end();
- ++it) {
- output << "\t<file ";
- if (*it == currentPolicyFile) {
- output << "active=\"true\"";
- }
- output << ">" << *it << "</file>" << std::endl;
- }
- output << " </policy-files>\n";
- output << " </manager-settings>";
- output.close();
-
- //TODO should we add 'eof' here?
- if (output.bad() || output.fail()) {
- //There were some errors while writing to file
- errorFlag = CM_GENERAL_ERROR;
- }
-
- return errorFlag;
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <dpl/ace/NodeFactory.h>
-
-NodeFactory* NodeFactory::pInstance = NULL;
-
-AbstractTreeElement* NodeFactory::create(std::istream& is,
- TreeNode::TypeID id)
-{
- AbstractTreeElement* node;
-
- switch (id) {
- case TreeNode::Policy:
- node = new Policy(is);
- break;
- case TreeNode::PolicySet:
- node = new PolicySet(is);
- break;
- case TreeNode::Rule:
- node = new Rule(is);
- break;
- default:
- node = NULL;
- break;
- }
-
- return node;
-}
-
-NodeFactory* NodeFactory::getInstance()
-{
- if (pInstance == NULL) {
- pInstance = new NodeFactory;
- }
- return pInstance;
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Policy.cpp
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#include <dpl/ace/Policy.h>
-#include <dpl/ace/Serializer.h>
-
-Policy::Policy(std::istream& is)
-{
- Serializer* serializer = Serializer::getInstance();
-
- std::list<const Subject*>* pList;
- pList = serializer->deserializeListSubjects(is);
- subjects = pList;
-
- combineAlgorithm = serializer->deserializeCombineAlgorithm(is);
-}
-
-void Policy::serialize(std::ostream& os)
-{
- Serializer* serializer = Serializer::getInstance();
-
- serializer->serializeListSubjects(os, *subjects);
- serializer->serializeCombineAlgorithm(os, combineAlgorithm);
-}
-
-Policy::~Policy()
-{
- for (std::list<const Subject *>::iterator it = subjects->begin();
- it != subjects->end();
- ++it) {
- delete *it;
- }
- delete subjects;
-}
-
-void Policy::printData()
-{
- std::string subject;
- if (subjects != NULL && subjects->size()) {
- subject = (subjects->front())->getSubjectId();
- }
- std::string algorithm = printCombineAlgorithm(this->combineAlgorithm);
-
- std::cout << "subject: " << subject << " algorithm: " << algorithm <<
- std::endl;
-}
-
-std::string Policy::printCombineAlgorithm(CombineAlgorithm algorithm)
-{
- switch (algorithm) {
- case DenyOverride:
- return "DenyOverride";
- case PermitOverride:
- return "PermitOverride";
- case FirstApplicable:
- return "FirstApplicable";
- case FirstTargetMatching:
- return "FirstTargetMatching";
- default:
- return "ERROR: Wrong Algorithm";
- }
-}
-
-const char * toString(Policy::CombineAlgorithm algorithm)
-{
- switch (algorithm) {
- case Policy::DenyOverride:
- return "DenyOverride";
- case Policy::PermitOverride:
- return "PermitOverride";
- case Policy::FirstApplicable:
- return "FirstApplicable";
- case Policy::FirstTargetMatching:
- return "FirstTargetMatching";
- default:
- return "ERROR: Wrong Algorithm";
- }
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file security_logic.cpp
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @author Ming Jin(ming79.jin@samsung.com)
- * @version 1.0
- * @brief Implementation file for security logic
- */
-#include <dpl/ace/PolicyEnforcementPoint.h>
-
-#include <sstream>
-#include <algorithm>
-#include <list>
-#include <string>
-#include <sstream>
-#include <stdexcept>
-#include <cstdlib>
-#include <map>
-
-#include <dpl/assert.h>
-#include <dpl/exception.h>
-#include <dpl/log/log.h>
-
-#include <dpl/ace/PolicyEvaluatorFactory.h>
-#include <dpl/ace/PolicyResult.h>
-#include <dpl/ace/Request.h>
-
-using namespace WrtDB;
-
-PolicyEnforcementPoint::PolicyEnforcementPoint() :
- m_wrt(0),
- m_res(0),
- m_sys(0),
- m_pdp(0),
- m_pip(0)
-{}
-
-void PolicyEnforcementPoint::terminate()
-{
- LogInfo("PolicyEnforcementPoint is being deinitialized.");
-
- delete m_sys;
- delete m_res;
- delete m_wrt;
- delete m_pdp;
- delete m_pip;
- m_sys = 0;
- m_res = 0;
- m_wrt = 0;
- m_pdp = 0;
- m_pip = 0;
-}
-
-PolicyEnforcementPoint::~PolicyEnforcementPoint()
-{
- Assert((m_sys == 0) && "You must run "
- "PolicyEnforcementPoint::Deinitialize before exit program!");
-}
-
-void PolicyEnforcementPoint::initialize(
- IWebRuntime *wrt,
- IResourceInformation *resource,
- IOperationSystem *operation)
-{
- if (m_wrt) {
- ThrowMsg(PEPException::AlreadyInitialized,
- "Policy Enforcement Point is already initialzed");
- }
-
- m_wrt = wrt;
- m_res = resource;
- m_sys = operation;
-
- if (this->m_pip != NULL) {
- this->m_pip->update(m_wrt, m_res, m_sys);
- return;
- }
-
- this->m_pip = new PolicyInformationPoint(wrt, m_res, m_sys);
- this->m_pdp = new PolicyEvaluator(m_pip);
-
- if (!this->m_pdp->initPDP()) {
- Assert(0);
- }
-}
-
-PolicyResult PolicyEnforcementPoint::check(Request &request)
-{
- return m_pdp->getPolicyForRequest(request);
-}
-
-void PolicyEnforcementPoint::updatePolicy(const std::string &policy)
-{
- LogDebug("ACE updatePolicy: " << policy);
- int errorCode = 0;
-
- if (m_pdp == NULL) {
- LogError("Evaluator not set. Ignoring message.");
- Assert(false && "UpdateClient error on receiving event");
- } else {
- LogDebug("Emitting update signal.");
- errorCode = m_pdp->updatePolicy(policy.c_str());
- }
-
- LogDebug("Sending reponse: " << errorCode);
-}
-
-OptionalPolicyResult PolicyEnforcementPoint::checkFromCache(Request &request)
-{
- return m_pdp->getPolicyForRequestFromCache(request);
- // return OptionalPolicyResult();
-}
-
-OptionalPolicyResult PolicyEnforcementPoint::check(Request &request,
- bool fromCacheOnly)
-{
- return m_pdp->getPolicyForRequest(request, fromCacheOnly);
- // return OptionalPolicyResult();
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : PolicyEvaluator.cpp
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#include <dpl/assert.h>
-#include <dpl/foreach.h>
-
-#include <dpl/ace/PolicyEvaluator.h>
-#include <dpl/ace/TreeNode.h>
-#include <dpl/ace/Policy.h>
-#include <dpl/ace/Rule.h>
-#include <dpl/ace/Attribute.h>
-//#include <dpl/ace/"UserDecisionTestStub.h>
-#include <dpl/ace/SettingsLogic.h>
-#include <dpl/ace-dao-rw/AceDAO.h>
-#include <dpl/ace-dao-ro/PreferenceTypes.h>
-#include <dpl/ace/parser.h>
-
-using namespace AceDB;
-
-PolicyEvaluator::~PolicyEvaluator()
-{
- delete m_combiner;
-}
-
-bool PolicyEvaluator::initPDP()
-{
- ConfigurationManager * configMgr = ConfigurationManager::getInstance();
- if (configMgr == NULL) {
- LogError("ACE fatal error: failed to create configuration manager");
- return false;
- }
-
- Parser parser;
- m_root = parser.parse(
- configMgr->getFullPathToCurrentPolicyFile(),
- configMgr->getFullPathToCurrentPolicyXMLSchema());
-
- if (NULL == m_root) {
- LogError("ACE fatal error: cannot parse XML file");
- }
-
- return true;
-}
-
-bool PolicyEvaluator::fillAttributeWithPolicy()
-{
- if (m_attributeSet.empty()) {
- if (!extractAttributes()) {
- LogInfo(
- "Warning attribute set cannot be extracted. Returning Deny");
- return false;
- }
- } else {
- LogDebug("Required attribute set found in database");
- }
- return true;
-}
-
-PolicyResult PolicyEvaluator::effectToPolicyResult(Effect effect){
- if (Effect::Deny == effect) {
- return PolicyEffect::DENY;
- }
- if (Effect::Undetermined == effect) {
- return PolicyResult::Value::UNDETERMINED;
- }
- if (Effect::PromptOneShot == effect) {
- return PolicyEffect::PROMPT_ONESHOT;
- }
- if (Effect::PromptSession == effect) {
- return PolicyEffect::PROMPT_SESSION;
- }
- if (Effect::PromptBlanket == effect) {
- return PolicyEffect::PROMPT_BLANKET;
- }
- if (Effect::Permit == effect) {
- return PolicyEffect::PERMIT;
- }
- if (Effect::Inapplicable == effect) {
- return PolicyDecision::Value::NOT_APPLICABLE;
- }
- return PolicyEffect::DENY;
-}
-
-OptionalPolicyResult PolicyEvaluator::getPolicyForRequestInternal(bool fromCacheOnly)
-{
- //ADD_PROFILING_POINT("Search cached verdict in database", "start");
-
- OptionalPolicyResult result = AceDAO::getPolicyResult(
- m_attributeSet);
-
- //ADD_PROFILING_POINT("Search cached verdict in database", "stop");
-
- if (fromCacheOnly || !result.IsNull()) {
- return result;
- }
-
- //ADD_PROFILING_POINT("EvaluatePolicy", "start");
-
- Effect policyEffect = evaluatePolicies(m_root);
-
- //ADD_PROFILING_POINT("EvaluatePolicy", "stop");
-
- LogDebug("Policy effect is: " << toString(policyEffect));
-
- result = effectToPolicyResult(policyEffect);
-
- AceDAO::setPolicyResult(this->m_attributeSet, *result);
- return result;
-}
-
-// +----------------+---------+---------+------+--------+
-// |\User setting | PERMIT | PROMPT* | DENY | DEF |
-// | \ | | | | |
-// |Policy result\ | | | | |
-// |----------------+---------+---------+------+--------+
-// |PERMIT | PERMIT | PROMPT* | DENY | PERMIT |
-// |----------------+---------+---------+------+--------+
-// |PROMPT* | PROMPT* | PR MIN | DENY | PROMPT*|
-// |----------------+---------+---------+------+--------+
-// |DENY | DENY | DENY | DENY | DENY |
-// |----------------+---------+---------+------+--------+
-// |UNDETERMIND | UNDET | UNDET | DENY | UNDET |
-// |----------------+---------+---------+------+--------+
-// |NOT_AP | PEMIT | PROMPT* | DENY | NOT_AP |
-// +----------------+---------+---------+------+--------+
-
-static PolicyResult getMostRestrict(PreferenceTypes globalPreference,
- const PolicyResult &policyResult)
-{
- if (globalPreference == PreferenceTypes::PREFERENCE_PERMIT &&
- policyResult == PolicyEffect::PERMIT)
- {
- return PolicyEffect::PERMIT;
- }
-
- if (globalPreference == PreferenceTypes::PREFERENCE_DENY ||
- policyResult == PolicyEffect::DENY)
- {
- return PolicyEffect::DENY;
- }
-
- if (policyResult == PolicyResult::UNDETERMINED) {
- return PolicyResult::UNDETERMINED;
- }
-
- if (globalPreference == PreferenceTypes::PREFERENCE_DEFAULT)
- {
- return policyResult;
- }
-
- if (globalPreference == PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT ||
- policyResult == PolicyEffect::PROMPT_ONESHOT)
- {
- return PolicyEffect::PROMPT_ONESHOT;
- }
-
- if (globalPreference == PreferenceTypes::PREFERENCE_SESSION_PROMPT ||
- policyResult == PolicyEffect::PROMPT_SESSION)
- {
- return PolicyEffect::PROMPT_SESSION;
- }
-
- if (globalPreference == PreferenceTypes::PREFERENCE_BLANKET_PROMPT ||
- policyResult == PolicyEffect::PROMPT_BLANKET)
- {
- return PolicyEffect::PROMPT_BLANKET;
- }
-
- return PolicyEffect::PERMIT;
-}
-
-OptionalPolicyResult PolicyEvaluator::getPolicyForRequestFromCache(
- const Request &request)
-{
- return getPolicyForRequest(request, true);
-}
-
-PolicyResult PolicyEvaluator::getPolicyForRequest(const Request &request)
-{
- auto result = this->getPolicyForRequest(request, false);
- Assert(!result.IsNull() &&
- "Policy always has to be evaluated to valid state");
- return *result;
-}
-
-OptionalPolicyResult PolicyEvaluator::getPolicyForRequest(
- const Request &request,
- bool fromCacheOnly)
-{
- //ADD_PROFILING_POINT("getPolicyForRequest", "start");
- m_attributeSet.clear();
-
- try {
- // Check which attributes should be used
- // memory alocated, free in destructor
- //ADD_PROFILING_POINT("getAttributes", "start");
- AceDB::AceDAO::getAttributes(&m_attributeSet);
- //ADD_PROFILING_POINT("getAttributes", "stop");
-
- // If attributes can't be resolved then check the policy
- if (!fillAttributeWithPolicy()) {
- //ADD_PROFILING_POINT("getPolicyForRequest", "stop");
- return OptionalPolicyResult(PolicyEffect::DENY);
- }
-
- //ADD_PROFILING_POINT("getAttributesValues", "start");
- m_pip->getAttributesValues(&request, &m_attributeSet);
- //ADD_PROFILING_POINT("getAttributesValues", "stop");
- LogDebug("==== Attributes set by PIP ====");
- printAttributes(m_attributeSet);
- LogDebug("==== End of attributes set by PIP ====");
-
- OptionalPolicyResult policyResult =
- getPolicyForRequestInternal(fromCacheOnly);
-
- LogDebug("==== getPolicyForRequestInternal result (PolicyResult): "
- << policyResult << "=====");
-
- if (policyResult.IsNull()) {
- if (fromCacheOnly) {
- return OptionalPolicyResult::Null;
- } else {
- LogError("Policy evaluated to NULL value");
- Assert(false && "Policy evaluated to NULL value");
- return OptionalPolicyResult::Null;
- }
- }
-
- PreferenceTypes globalPreference =
- SettingsLogic::findGlobalUserSettings(request);
-
- auto ret = getMostRestrict(globalPreference, *policyResult);
- //ADD_PROFILING_POINT("getPolicyForRequest", "stop");
- return OptionalPolicyResult(ret);
-
- } catch (AceDB::AceDAO::Exception::DatabaseError &e) {
- LogError("Database error");
- DPL::Exception::DisplayKnownException(e);
- //ADD_PROFILING_POINT("getPolicyForRequest", "stop");
- return OptionalPolicyResult(PolicyEffect::DENY);
- }
-}
-
-
-bool PolicyEvaluator::extractAttributes()
-{
- if (m_root == NULL) {
- return false;
- }
-
- //We check if root target matches. In general the root's target should be empty
- //Otherwise it would have to have all the subjects available specified
- //But just to be on the safe side ( and for tests) add this checking
- const Policy * policy = dynamic_cast<const Policy *>(m_root->getElement());
- Assert(
- policy != NULL &&
- "Policy element has been null while attribute extracting");
-
- extractTargetAttributes(policy);
- extractAttributesFromSubtree(m_root); //Enter recursion
-
- return true;
-}
-
-void PolicyEvaluator::extractTargetAttributes(const Policy *policy)
-{
- std::list<const Subject *>::const_iterator it =
- policy->getSubjects()->begin();
- for (; it != policy->getSubjects()->end(); ++it)
- {
- const std::list<Attribute> & attrList = (*it)->getTargetAttributes();
- FOREACH(it2, attrList)
- {
- BaseAttributePtr attr(new Attribute((*it2).getName(),
- (*it2).getMatchFunction(), (*it2).getType()));
- m_attributeSet.insert(attr);
- }
- }
-}
-
-/**
- *
- * @param *root - the root of the original (full) subtree of politics
- * @param *newRoot - the pointer to the root of the copy (reduced) subtree of politics
- */
-void PolicyEvaluator::extractAttributesFromSubtree(const TreeNode *root)
-{
- const ChildrenSet & children = root->getChildrenSet();
-
- for (
- std::list<TreeNode *>::const_iterator it = children.begin();
- it != children.end();
- ++it
- ) {
- TreeNode * node = *it;
- if (node->getTypeID() != TreeNode::Policy && node->getTypeID() !=
- TreeNode::PolicySet) {
- //It is not a policy so we may be sure that we have already checked that SubjectId matches
- //Add new node to new tree and extract attributes
-
- extractAttributesFromRules(node);
- } else { //TreeNode is a Policy or PolicySet
- const Policy * policy =
- dynamic_cast<const Policy *>(node->getElement());
- //We will be needing also the attributes from target
- if (policy) {
- extractTargetAttributes(policy);
- } else {
- LogError(" extractAttributesFromSubtree policy=NULL");
- }
- //Enter recursion
- extractAttributesFromSubtree(node);
- }
- }
-}
-
-bool PolicyEvaluator::extractAttributesFromRules(const TreeNode *root)
-{
- Assert(
- root->getTypeID() == TreeNode::Rule
- &&
- "Tree structure, extracting attributes from node that is not a rule");
- Rule * rule = dynamic_cast<Rule *>(root->getElement());
- Assert(rule != NULL);
- //Get attributes from rule
- rule->getAttributes(&m_attributeSet);
-
- //[CR] consider returned value, because its added only to eliminate errors
- return true;
-}
-
-Effect PolicyEvaluator::evaluatePolicies(const TreeNode * root)
-{
- if (root == NULL) {
- LogInfo("Error: policy tree doesn't exist. "
- "Probably xml file is missing");
- return Deny;
- }
-
- if (m_attributeSet.empty()) {
- LogInfo("Warning: evaluatePolicies: attribute set was empty");
- }
- m_combiner->setAttributeSet(&m_attributeSet);
- return m_combiner->combinePolicies(root);
-}
-
-int PolicyEvaluator::updatePolicy(const char* newPolicy)
-{
- ConfigurationManager* configMgr = ConfigurationManager::getInstance();
-
- if (NULL == configMgr) {
- LogError("ACE fatal error: failed to create configuration manager");
- return POLICY_PARSING_ERROR;
- }
-
- int result = POLICY_PARSING_SUCCESS;
- if (newPolicy == NULL) {
- LogError("Policy Update: incorrect policy name");
- return POLICY_FILE_ERROR;
- }
- LogDebug("Starting update policy: " << newPolicy);
-
- Parser parser;
- TreeNode *backup = m_root;
-
- m_root = parser.parse(
- newPolicy,
- configMgr->getFullPathToCurrentPolicyXMLSchema());
-
- if (NULL == m_root) {
- m_root = backup;
- LogError("Policy Update: corrupted policy file");
- result = POLICY_PARSING_ERROR;
- } else {
- m_currentPolicyFile = newPolicy;
- backup->releaseResources();
- LogInfo("Policy Update: successful.");
- try {
- AceDAO::resetDatabase();
- } catch (AceDAO::Exception::DatabaseError &e) {
- }
- }
- return result;
-}
-
-std::string PolicyEvaluator::getCurrentPolicy(){
- return m_currentPolicyFile;
-}
-
-const char * toString(Validity validity)
-{
- switch (validity) {
- case Validity::ONCE:
- return "Once";
- break;
- case Validity::SESSION:
- return "Session";
- case Validity::ALWAYS:
- return "Always";
- default:
- return "WRONG VALIDITY";
- }
-}
-
-const char * toString(Verdict verdict)
-{
- switch (verdict) {
- case Verdict::VERDICT_PERMIT:
- return "Permit";
- case Verdict::VERDICT_DENY:
- return "Deny";
- case Verdict::VERDICT_INAPPLICABLE:
- return "Inapplicable";
- case Verdict::VERDICT_UNKNOWN:
- return "Unknown";
- case Verdict::VERDICT_UNDETERMINED:
- return "Undetermined";
- case Verdict::VERDICT_ERROR:
- return "Error";
- case Verdict::VERDICT_ASYNC:
- return "Async";
- default:
- return "Wrong verdict value";
- }
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : PolicyInformationPoint.cpp
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-#include <dpl/ace/PolicyInformationPoint.h>
-
-#include <map>
-#include <dpl/log/log.h>
-
-#include <dpl/assert.h>
-#include <dpl/foreach.h>
-
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-
-using namespace AceDB;
-
-PolicyInformationPoint::~PolicyInformationPoint()
-{
-}
-
-/* gather attributes values from adequate interfaces */
-PipResponse PolicyInformationPoint::getAttributesValues(const Request* request,
- AttributeSet* attributes)
-{
- int subjectReturn = 0;
- int resourceReturn = 0;
- int operationReturn = 0;
- int functionReturn = 0;
- /* create query lists */
- createQueries(attributes);
-
- /* check if subject attributes query has any elements*/
- if (!subjectAttributesQuery.empty()) {
- /* get Subject Attributes */
- subjectReturn = wrtInterface->getAttributesValues(
- *request,
- &subjectAttributesQuery);
- }
-
- AttributeSet::const_iterator iter2;
- FOREACH(iter, subjectAttributesQuery)
- {
- if (iter->second == NULL) {
- Attribute attr(*(iter->first));
- attr.setType(Attribute::Type::Subject);
- iter2 = std::find_if(attributes->begin(),
- attributes->end(),
- BaseAttribute::UnaryPredicate(&attr));
- Assert(iter2 != attributes->end() && "This should not happen, "
- "the attribute MUST be in attribute set");
- (*iter2)->setUndetermind(true);
- }
- }
-
- /* check if resource attributes query has any elements*/
- if (!resourceAttributesQuery.empty()) {
- /* get Resource Attributes */
- resourceReturn = resourceInformation->getAttributesValues(
- *request,
- &resourceAttributesQuery);
- /* error analyzys*/
- resourceReturn <<= ERROR_SHIFT_RESOURCE;
- }
-
- FOREACH(iter, resourceAttributesQuery)
- {
- if (iter->second == NULL) {
- LogInfo("Found undetermined attribute");
- Attribute attr(*(iter->first));
- attr.setType(Attribute::Type::Resource);
- iter2 = std::find_if(attributes->begin(),
- attributes->end(),
- BaseAttribute::UnaryPredicate(&attr));
- Assert(iter2 != attributes->end() && "This should not happen, "
- "the attribute MUST be in attribute set");
- (*iter2)->setUndetermind(true);
- }
- }
-
- /* check if resource attributes query has any elements*/
- if (!environmentAttributesQuery.empty()) {
- /* get enviroment attributes */
- operationReturn = operationSystem->getAttributesValues(
- *request,
- &environmentAttributesQuery);
- /* error analyzys*/
- operationReturn <<= ERROR_SHIFT_OS;
- }
-
- FOREACH(iter, environmentAttributesQuery)
- {
- if (iter->second == NULL) {
- //it doesnt change uniqueness of a set element so we can const_cast
- Attribute attr(*(iter->first));
- attr.setType(Attribute::Type::Environment);
- iter2 = find_if(attributes->begin(),
- attributes->end(),
- BaseAttribute::UnaryPredicate(&attr));
- Assert(iter2 != attributes->end() && "This should not happen, "
- "the attribute MUST be in attribute set");
- (*iter2)->setUndetermind(true);
- }
- }
-
- /* check if functionParam attributes query has any elements*/
- if (!functionParamAttributesQuery.empty() && request->getFunctionParam()) {
- /* get params attributes */
- functionReturn = request->getFunctionParam()->getAttributesValues(
- *request,
- &functionParamAttributesQuery);
- /* error analyzys*/
- functionReturn <<= ERROR_SHIFT_FP;
- }
-
- FOREACH(iter, functionParamAttributesQuery)
- {
- if (iter->second == NULL) {
- //it doesnt change uniqueness of a set element so we can const_cast
- Attribute attr(*(iter->first));
- attr.setType(Attribute::Type::FunctionParam);
- iter2 = find_if(attributes->begin(),
- attributes->end(),
- BaseAttribute::UnaryPredicate(&attr));
- Assert(iter2 != attributes->end() && "This should not happen, "
- "the attribute MUST be in attribute set");
- (*iter2)->setUndetermind(true);
- }
- }
-
- /** clear query lists*/
- resourceAttributesQuery.clear();
- environmentAttributesQuery.clear();
- subjectAttributesQuery.clear();
- functionParamAttributesQuery.clear();
-
- return subjectReturn | resourceReturn | operationReturn | functionReturn;
-}
-
-/** create query lists */
-void PolicyInformationPoint::createQueries(AttributeSet* attributes)
-{
- AttributeSet::const_iterator it;
-
- enum Attribute::Type type;
-
- /**iterate all attributes and split them into adequate query */
- FOREACH (it, *attributes) {
- type = (*it)->getType();
-
- switch (type) {
- case Attribute::Type::Subject:
- subjectAttributesQuery.push_back(ATTRIBUTE((*it)->getName(),
- (*it)->getValue()));
- break;
-
- case Attribute::Type::Environment:
- environmentAttributesQuery.push_back(ATTRIBUTE((*it)->getName(),
- (*it)->getValue()));
- break;
-
- case Attribute::Type::Resource:
- resourceAttributesQuery.push_back(ATTRIBUTE((*it)->getName(),
- (*it)->getValue()));
- break;
-
- case Attribute::Type::FunctionParam:
- functionParamAttributesQuery.push_back(ATTRIBUTE((*it)->getName(),
- (*it)->getValue()));
- break;
-
- default:
- break;
- }
- }
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Rule.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#include <iostream>
-#include <dpl/log/log.h>
-
-#include <dpl/ace/Rule.h>
-#include <dpl/ace/Serializer.h>
-
-void Rule::printData()
-{
- std::cout << "Rule: effect: " << printEffect(this->effect) <<
- " condition: " << this->condition;
-}
-
-std::string Rule::printEffect(const Effect effect) const
-{
- switch (effect) {
- case Deny:
- return "Deny";
- case PromptBlanket:
- return "PromptBlanket";
- case PromptOneShot:
- return "PromptOneShot";
- case PromptSession:
- return "PromptSession";
- case Permit:
- return "Permit";
- case Inapplicable:
- return "Inapplicable";
- case Error:
- return "Error";
- default:
- return "ERROR";
- }
-}
-
-Effect Rule::evaluateRule(const AttributeSet * attrSet) const
-{
- Attribute::MatchResult result = condition.evaluateCondition(attrSet);
-
- if (result == Attribute::MatchResult::MRUndetermined) {
- // LogInfo("Rule is undetermined");
- return Undetermined;
- } else if (result == Attribute::MatchResult::MRTrue) {
- // LogInfo("Rule effect "<<printEffect(effect));
- return effect;
- }
- // LogInfo("Rule is inapplicable");
- return Inapplicable;
-}
-
-Rule::Rule(std::istream& is)
-{
- Serializer* serializer = Serializer::getInstance();
-
- condition = serializer->deserializeCondition(is);
- effect = serializer->deserializeEffect(is);
-}
-
-void Rule::serialize(std::ostream& os)
-{
- Serializer* serializer = Serializer::getInstance();
-
- serializer->serializeCondition(os, condition);
- serializer->serializeEffect(os, effect);
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <dpl/log/log.h>
-#include <dpl/foreach.h>
-#include <dpl/ace/Serializer.h>
-#include <dpl/ace/NodeFactory.h>
-
-Serializer* Serializer::pInstance = NULL;
-
-Serializer* Serializer::getInstance()
-{
- if (pInstance == NULL) {
- pInstance = new Serializer;
- }
- return pInstance;
-}
-
-void Serializer::serializeInt(std::ostream& os,
- int value)
-{
- os.write((char*)(&value), sizeof(value));
- //LogInfo("SerializeInt: " <<value);
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-int Serializer::deserializeInt(std::istream& is)
-{
- int value = 0;
- is.read((char*)(&value), sizeof(value));
-
- LogInfo("DEserializeInt: " << value);
- return value;
-}
-
-void Serializer::serializeString(std::ostream& os,
- const std::string& text) const
-{
- int dataLength = text.size();
- os.write((char*)(&dataLength), sizeof(dataLength));
- os.write(text.c_str(), dataLength);
-
- Assert(os.bad() == false && "Error Writing to file failure");
-
- //LogInfo("SerializeString: " <<text);
-}
-
-std::string Serializer::deserializeString(std::istream& is)
-{
- //length
- int dataLength = 0;
- is.read((char*)(&dataLength), sizeof(dataLength));
-
- char *buf = new char[dataLength + 1];
- is.read(buf, dataLength);
- buf[dataLength] = '\0';
-
- std::string result = buf;
- delete[] buf;
-
- //LogInfo("DEserializeString: " <<result);
- return result;
-}
-
-void Serializer::serializeListAttributes(std::ostream& os,
- const std::list<Attribute>& inputList)
-{
- int dataLength = inputList.size();
- os.write((char*)(&dataLength), sizeof(dataLength));
-
- //LogInfo("SerializeListAttributes SIZE: " <<dataLength);
- FOREACH(it,inputList)
- {
- it->serialize(os);
- }
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-std::list<Attribute> Serializer::deserializeListAttributes(std::istream& is)
-{
- std::list<Attribute> outputList;
-
- int numElem = 0;
- is.read((char*)(&numElem), sizeof(numElem));
-
- //LogInfo("DESerializeListAttributes SIZE: " <<numElem);
-
- Attribute* attr;
-
- for (int i = 0; i < numElem; i++) {
- attr = new Attribute(is);
- outputList.push_back(*attr);
- delete attr;
- }
-
- return outputList;
-}
-
-void Serializer::serializeType(std::ostream& os,
- const Attribute::Type& typeId) const
-{
- os.write((char*)(&typeId), sizeof(typeId));
-
- Assert(os.bad() == false && "Error Writing to file failure");
-
- //LogInfo("SerializeTypeId: " <<typeId);
-}
-
-Attribute::Type Serializer::deserializeType(std::istream& is)
-{
- Attribute::Type typeId(AceDB::BaseAttribute::Type::Subject);
-
- is.read((char*)(&typeId), sizeof(typeId));
- //LogInfo("DEserializeTypeId: " <<typeId);
- return typeId;
-}
-
-void Serializer::serializeListStrings(std::ostream& os,
- const std::list<std::string>& inputList) const
-{
- int dataLength = inputList.size();
- os.write((char*)(&dataLength), sizeof(dataLength));
-
- FOREACH(it, inputList)
- {
- serializeString(os, *it);
- }
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-std::list<std::string> Serializer::deserializeListStrings(std::istream& is)
-{
- std::list<std::string> outputList;
-
- int numElem = 0;
- is.read((char*)(&numElem), sizeof(numElem));
-
- for (int i = 0; i < numElem; i++) {
- outputList.push_back(this->deserializeString(is));
- }
-
- return outputList;
-}
-
-void Serializer::serializeMatch(std::ostream& os,
- const Attribute::Match& match) const
-{
- os.write((char*)(&match), sizeof(match));
- // LogInfo("SerializeMatch: " << match);
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-Attribute::Match Serializer::deserializeMatch(std::istream& is)
-{
- Attribute::Match match(Attribute::Match::Error);
- is.read((char*)(&match), sizeof(match));
- // LogInfo("DESerializeMatch: " << match);
- return match;
-}
-
-bool Serializer::serializeModifier(std::ostream& os,
- const Attribute::Modifier& modifier) const
-{
- os.write((char*)(&modifier), sizeof(modifier));
- // LogInfo("SerializeModifier: " << modifier);
- return 0;
-}
-
-Attribute::Modifier Serializer::deserializeModifier(std::istream& is)
-{
- Attribute::Modifier modifier(Attribute::Modifier::Non);
- is.read((char*)(&modifier), sizeof(modifier));
- // LogInfo("DESerializeModifer: " << modifier);
- return modifier;
-}
-
-//TODO zrobic z tego szablon - z list jezeli sie da
-void Serializer::serializeListTreeNode(std::ostream& os,
- std::list<TreeNode*>& inputList)
-{
- int dataLength = inputList.size();
- os.write((char*)(&dataLength), sizeof(dataLength));
-
- // LogInfo("SerializeListTreeNode SIZE: " <<dataLength);
- FOREACH(it, inputList)
- {
- (*it)->serialize(os);
- }
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-std::list<TreeNode* > Serializer::deserializeListTreeNode(std::istream&is,
- TreeNode* parent)
-{
- std::list<TreeNode* > outputList;
-
- int numElem = 0;
- is.read((char*)(&numElem), sizeof(numElem));
-
- // LogInfo("DESerializeListTreeNode SIZE: " <<numElem);
-
- TreeNode* node;
-
- for (int i = 0; i < numElem; i++) {
- node = new TreeNode(is, parent);
- outputList.push_back(node);
- }
-
- return outputList;
-}
-
-void Serializer::serializeTypeAbstract(std::ostream& os,
- const TreeNode::TypeID& typeId)
-{
- os.write((char*)(&typeId), sizeof(typeId));
- // LogInfo(" Serialize TypeAbstract: " << typeId);
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-TreeNode::TypeID Serializer::deserializeTypeAbstract(std::istream& is)
-{
- TreeNode::TypeID typeId(TreeNode::Policy);
- is.read((char*)(&typeId), sizeof(typeId));
- // LogInfo(" DESerialize TypeAbstract: " << typeId);
- return typeId;
-}
-
-void Serializer::serializeAbstractElement(std::ostream& os,
- AbstractTreeElement* element)
-{
- element->serialize(os);
-
- // LogInfo("Serialize AbstractElem: " << element);
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-AbstractTreeElement* Serializer::deserializeAbstractElement(std::istream& is,
- TreeNode::TypeID& typeId)
-{
- NodeFactory* factory = NodeFactory::getInstance();
-
- AbstractTreeElement* element;
-
- element = factory->create(is, typeId);
-
- //LogInfo("DESerialize AbstractElem: " << typeId);
- return element;
-}
-
-void Serializer::serializeListSubjects(std::ostream& os,
- std::list<const Subject*>& inputList)
-{
- int dataLength = inputList.size();
- os.write((char*)(&dataLength), sizeof(dataLength));
-
- //LogInfo("Serialize list Subjects SIZE: " << dataLength);
-
- FOREACH (it, inputList)
- {
- //serialize method doesn't change anything in object
- const_cast<Subject* >((*it))->serialize(os);
- }
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-std::list<const Subject*>* Serializer::deserializeListSubjects(std::istream& is)
-{
- std::list<const Subject*>* outputList = new std::list<const Subject*>;
-
- int numElem = 0;
- is.read((char*)(&numElem), sizeof(numElem));
-
- //LogInfo("DESerialize list Subjects SIZE: " <<numElem);
- Subject* subject;
-
- for (int i = 0; i < numElem; i++) {
- subject = new Subject(is);
- outputList->push_back(subject);
- }
-
- return outputList;
-}
-
-void Serializer::serializeCombineAlgorithm(std::ostream& os,
- const Policy::CombineAlgorithm& combAlg)
-{
- os.write((char*)(&combAlg), sizeof(combAlg));
- //LogInfo("Serialize Combine Alg:" << combAlg);
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-Policy::CombineAlgorithm Serializer::deserializeCombineAlgorithm(
- std::istream& is)
-{
- Policy::CombineAlgorithm combAlg(Policy::DenyOverride);
- is.read((char*)(&combAlg), sizeof(combAlg));
- //LogInfo("DESerialize Combine Alg:" << combAlg);
- return combAlg;
-}
-
-void Serializer::serializeCombineType(std::ostream& os,
- const Condition::CombineType& combType)
-{
- os.write((char*)(&combType), sizeof(combType));
- //LogInfo("Serialize CombineType: " <<combType);
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-Condition::CombineType Serializer::deserializeCombineType(std::istream& is)
-{
- Condition::CombineType combType(Condition::AND);
- is.read((char*)(&combType), sizeof(combType));
- //LogInfo("Deserialize CombineType: " <<combType);
- return combType;
-}
-
-void Serializer::serializeListConditions(std::ostream& os,
- std::list<Condition>& inputList)
-{
- int dataLength = inputList.size();
- os.write((char*)(&dataLength), sizeof(dataLength));
-
- //LogInfo("Serialize List Conditions SIZE:" <<dataLength);
- FOREACH (it, inputList)
- {
- it->serialize(os);
- }
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-std::list<Condition> Serializer::deserializeListConditions(std::istream& is,
- Condition* parent)
-{
- std::list<Condition> outputList;
-
- int numElem = 0;
- is.read((char*)(&numElem), sizeof(numElem));
-
- //LogInfo("DESerialize list Condition SIZE: " <<numElem);
- Condition* cond;
-
- for (int i = 0; i < numElem; i++) {
- cond = new Condition(is, parent);
- outputList.push_back(*cond);
- delete cond;
- }
-
- return outputList;
-}
-
-void Serializer::serializeEffect(std::ostream& os,
- Effect effect)
-{
- os.write((char*)(&effect), sizeof(effect));
- //LogInfo("Serialize Effect: " << effect);
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-Effect Serializer::deserializeEffect(std::istream& is)
-{
- Effect effect(Deny);
- is.read((char*)(&effect), sizeof(effect));
- //LogInfo("DESerialize Effect: " << effect);
- return effect;
-}
-
-void Serializer::serializeCondition(std::ostream& os,
- Condition& cond)
-{
- cond.serialize(os);
-
- Assert(os.bad() == false && "Error Writing to file failure");
-}
-
-Condition& Serializer::deserializeCondition(std::istream& is)
-{
- //[CR] maybe we should use Factory here
- Condition * cond = new Condition(is);
- return *cond;
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file SettingsLogic.cpp
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief SettingsLogic implementation
- */
-
-#include <dpl/ace/SettingsLogic.h>
-
-#include <dpl/log/log.h>
-#include <dpl/foreach.h>
-
-#include <dpl/ace/Preference.h>
-
-using namespace AceDB;
-
-Preference SettingsLogic::findGlobalUserSettings(
- const std::string &resource,
- WidgetHandle handler)
-{
- Preference p = AceDAO::getWidgetDevCapSetting(resource, handler);
- if (PreferenceTypes::PREFERENCE_DEFAULT == p) {
- return AceDAO::getDevCapSetting(resource);
- } else {
- return p;
- }
-}
-
-Preference SettingsLogic::findGlobalUserSettings(
- const Request &request)
-{
- Request::DeviceCapabilitySet devset = request.getDeviceCapabilitySet();
- Assert(!devset.empty() && "No device cap set in request");
- return findGlobalUserSettings(
- *(devset.begin()),
- request.getWidgetHandle());
-}
-
-Preference SettingsLogic::getDevCapSetting(const std::string &resource)
-{
- return AceDAO::getDevCapSetting(resource);
-}
-
-void SettingsLogic::getDevCapSettings(PreferenceMap *globalSettingsMap)
-{
- AceDAO::getDevCapSettings(globalSettingsMap); // NULL check inside
-}
-
-
-void SettingsLogic::setDevCapSetting(const std::string &resource,
- Preference preference)
-{
- if (resource.empty()) {
- LogInfo("WARNING: setting resource settings for empty resource name");
- }
-
- AceDAO::addResource(resource);
-
- if (preference == PreferenceTypes::PREFERENCE_DEFAULT) {
- return;
- }
-
- Assert((PreferenceTypes::PREFERENCE_PERMIT == preference ||
- PreferenceTypes::PREFERENCE_DENY == preference ||
- PreferenceTypes::PREFERENCE_BLANKET_PROMPT == preference ||
- PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT == preference ||
- PreferenceTypes::PREFERENCE_SESSION_PROMPT == preference));
-
- AceDAO::setDevCapSetting(resource,preference);
-}
-
-void SettingsLogic::setAllDevCapSettings(
- const std::list < std::pair < const std::string*,
- Preference > > &resourcesList)
-{
- std::list < std::pair < const std::string*,
- Preference > >::const_iterator iter;
- for (iter = resourcesList.begin(); iter != resourcesList.end(); ++iter) {
- SettingsLogic::setDevCapSetting(*(iter->first), iter->second);
- }
-}
-
-void SettingsLogic::removeDevCapSetting(const std::string &resource)
-{
- AceDAO::removeDevCapSetting(resource);
-}
-
-void SettingsLogic::updateDevCapSetting(const std::string &resource,
- Preference p)
-{
- if (PreferenceTypes::PREFERENCE_DEFAULT == p) {
- SettingsLogic::removeDevCapSetting(resource);
- } else {
- SettingsLogic::setDevCapSetting(resource, p);
- }
-}
-
-Preference SettingsLogic::getWidgetDevCapSetting(
- const std::string &resource,
- WidgetHandle handler)
-{
- return AceDAO::getWidgetDevCapSetting(resource, handler);
-}
-
-void SettingsLogic::getWidgetDevCapSettings(PermissionList *outputList)
-{
- AceDAO::getWidgetDevCapSettings(outputList); // NULL check inside
-}
-
-
-void SettingsLogic::setWidgetDevCapSetting(
- const std::string &resource,
- WidgetHandle handler,
- Preference preference)
-{
- if (resource.empty()) {
- LogError("Empty resource");
- return;
- }
-
- LogDebug("userSetting, resource: " << resource <<
- " app_id: " << handler);
-
- AceDAO::addResource(resource);
- SettingsLogic::removeWidgetDevCapSetting(resource, handler);
-
- if (PreferenceTypes::PREFERENCE_DEFAULT == preference) {
- return;
- }
-
- Assert((PreferenceTypes::PREFERENCE_PERMIT == preference ||
- PreferenceTypes::PREFERENCE_DENY == preference ||
- PreferenceTypes::PREFERENCE_BLANKET_PROMPT == preference ||
- PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT == preference ||
- PreferenceTypes::PREFERENCE_SESSION_PROMPT == preference));
-
- AceDAO::setWidgetDevCapSetting(resource, handler, preference);
-}
-
-
-void SettingsLogic::setWidgetDevCapSettings(const PermissionList &permissionsList)
-{
- FOREACH(i, permissionsList) {
- SettingsLogic::setWidgetDevCapSetting(i->devCap,
- i->appId,
- i->access);
- }
-}
-
-
-void SettingsLogic::removeWidgetDevCapSetting(const std::string &resource,
- WidgetHandle handler)
-{
- AceDAO::removeWidgetDevCapSetting(resource, handler);
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <dpl/log/log.h>
-#include <dpl/foreach.h>
-
-#include <dpl/ace/Subject.h>
-#include <dpl/ace/Serializer.h>
-#include <dpl/ace/NodeFactory.h>
-
-bool Subject::matchSubject(const AttributeSet *attrSet,
- bool &isUndetermined) const
-{
- bool result = true;
- Attribute::MatchResult match = Attribute::MatchResult::MRUndetermined;
-
- FOREACH(it, targetAttributes)
- {
- AttributeSet::const_iterator attr =
- std::find_if(attrSet->begin(),
- attrSet->end(),
- AceDB::BaseAttribute::UnaryPredicate(&(*it)));
- if (attr == attrSet->end()) {
- LogError("Cannot find attribute value for " << *(it->getName()));
- Assert(false &&
- "Attribute for subject hasn't been found."
- "It shoud not happen. This attribute should be undetermined,"
- "not missing");
- result = false; //According to BONDI 1.0 for signle subject all attributes must match
- isUndetermined = true;
- break;
- }
-
- match = it->matchAttributes(&(*(*attr)));
-
- if (match == Attribute::MatchResult::MRUndetermined) {
- result = false;
- isUndetermined = true;
- /// LogError("Subject doesn match and UNDETERMINED");
- break; //According to BONDI 1.0 for signle subject all attributes must match
- } else if (match == Attribute::MatchResult::MRFalse) {
- result = false;
- // LogError("Subject doesn match and DETERMINED");
- break; //According to BONDI 1.0 for signle subject all attributes must match
- }
- }
-
- return result;
-}
-
-const std::list<Attribute>& Subject::getTargetAttributes() const
-{
- return targetAttributes;
-}
-
-Subject::Subject(std::istream& is)
-{
- Serializer* serializer = Serializer::getInstance();
-
- subjectId = serializer->deserializeString(is);
- targetAttributes = serializer->deserializeListAttributes(is);
-}
-
-bool Subject::serialize (std::ostream& os)
-{
- Serializer* serializer = Serializer::getInstance();
-
- serializer->serializeString(os, subjectId);
- serializer->serializeListAttributes(os, targetAttributes);
-
- return 0;
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <dpl/ace/TreeNode.h>
-#include <dpl/assert.h>
-#include <dpl/ace/Serializer.h>
-#include <dpl/log/log.h>
-
-//Tree node destructor is a tricky part, only the original tree should remove the elements
-//release resources should be called when we want to destroy the whole tree
-TreeNode::~TreeNode()
-{
-}
-
-bool TreeNode::serialize(std::ostream& os)
-{
- Serializer* serializer = Serializer::getInstance();
-
- //does node have any child - anty Inf recursion
- if (!children.empty()) {
- serializer->serializeInt(os, 1);
- serializer->serializeListTreeNode(os, children);
- } else {
- serializer->serializeInt(os, 0);
- }
-
- serializer->serializeTypeAbstract(os, typeID);
- serializer->serializeAbstractElement(os, element);
-
- //LOG << "TreeNode Serialized" << std::endl;
- return 0;
-}
-
-TreeNode::TreeNode(std::istream& is,
- TreeNode* parent)
-{
- Serializer* serializer = Serializer::getInstance();
-
- this->parent = parent;
-
- //check if this node has any child
- int hasChild = 0;
- hasChild = serializer->deserializeInt(is);
-
- if (hasChild) { //[CR] - 0 remove copying list ....
- children = serializer->deserializeListTreeNode(is, this);
- }
-
- typeID = serializer->deserializeTypeAbstract(is);
- element = serializer->deserializeAbstractElement(is, typeID);
- //LOG << "TreeNode DESERIALIZED" << std::endl;
-}
-
-//TODO release resources is releaseTheSubtree and delete the element
-void TreeNode::releaseResources()
-{
- Assert(this != 0);
- delete element;
- std::list<TreeNode*>::iterator it = this->children.begin();
- while (it != children.end()) {
- (*it)->releaseResources();
- ++it;
- }
- delete this;
-}
-
-// KW void TreeNode::releaseTheSubtree(){
-// KW
-// KW std::list<TreeNode *>::iterator it = children.begin();
-// KW
-// KW for(; it != children.end();it++){
-// KW (*it)->releaseTheSubtree();
-// KW }
-// KW delete this;
-// KW }
-
-int TreeNode::level = 0;
-
-// KW void TreeNode::printSubtree(){
-// KW
-// KW TreeNode::level++;
-// KW
-// KW for(int i=0;i<level;i++)
-// KW {
-// KW std::cout<<" ";
-// KW }
-// KW std::cout<<"l"<<level<<": ";
-// KW std::cout<<this;
-// KW
-// KW ChildrenIterator it = this->children.begin();
-// KW
-// KW for(;it != children.end();++it){
-// KW (*it)->printSubtree();
-// KW }
-// KW
-// KW TreeNode::level--;
-// KW }
-
-std::ostream & operator<<(std::ostream & out,
- const TreeNode * node)
-{
- std::string tmp;
-
- switch (node->getTypeID()) {
- case TreeNode::Policy:
- tmp = "Policy";
- break;
- case TreeNode::PolicySet:
- tmp = "PolicySet";
- break;
- case TreeNode::Rule:
- tmp = "Rule";
- break;
- default:
- break;
- }
-
- out << "" << tmp << "-> children count: " << node->children.size() <<
- ": " << std::endl;
- AbstractTreeElement * el = node->getElement();
- if (el != NULL) {
- el->printData();
- } else {
- std::cout << "Empty element!" << std::endl;
- }
-
- return out;
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <memory>
-#include <functional>
-#include <string.h>
-#include <stdarg.h>
-#include <dpl/log/log.h>
-
-#include <dpl/ace/parser.h>
-#include <string.h>
-
-namespace {
-
-class ParserWarningLogger
-{
- public:
- void operator()(const std::string& logMsg)
- {
- LogWarning(logMsg);
- }
-};
-
-class ParserErrorLogger
-{
- public:
- void operator()(const std::string& logMsg)
- {
- LogError(logMsg);
- }
-};
-
-template <class Logger>
-void xmlLogFunction(void* /*ctx*/, const char *msg, ...)
-{
- const int BUFFER_SIZE = 1024;
- char buffer[BUFFER_SIZE];
- buffer[BUFFER_SIZE - 1] = '\0';
- Logger l;
-
- va_list va;
- va_start(va, msg);
- vsnprintf(buffer, BUFFER_SIZE - 1, msg, va);
- va_end(va);
-
- std::string logmsg(buffer);
- l(logmsg);
-}
-
-}
-
-const char *Parser::TOKEN_PARAM = "param:";
-
-Parser::Parser() :
- reader(NULL),
- root(NULL),
- currentRoot(NULL),
- currentSubject(NULL),
- currentCondition(NULL),
- currentAttribute(NULL),
- currentText(NULL),
- processingSignature(false),
- canonicalizeOnce(false)
-{
- processingSignature = true;
- canonicalizeOnce = true;
-}
-
-Parser::~Parser()
-{
- /* parse function destroys reader */
- // free(this->xmlFilename);
-}
-
-TreeNode* Parser::parse(const std::string& filename, const std::string& schema)
-{
- if(root != NULL) {
- root->releaseResources();
- root = NULL;
- }
-
- LogDebug("Parser: opening file " << filename);
-
- xmlDocPtr xmlDocument = xmlParseFile(filename.c_str());
- if (!xmlDocument) {
- LogError("Couldn't parse file " << filename);
- return root;
- }
-
- std::unique_ptr <xmlDoc, std::function<void(xmlDoc*)> >
- doc(xmlDocument, xmlFreeDoc);
-
- xmlSchemaParserCtxtPtr xmlSchemaParserContext =
- xmlSchemaNewParserCtxt(schema.c_str());
-
- if (!xmlSchemaParserContext) {
- LogError("Couldn't load xml schema: " << schema);
- return root;
- }
-
- std::unique_ptr <
- xmlSchemaParserCtxt,
- std::function<void(xmlSchemaParserCtxt*)> >
- schemaContext(
- xmlSchemaParserContext,
- xmlSchemaFreeParserCtxt);
-
- LogDebug("Setting callbacks");
-
- xmlSchemaSetParserErrors(
- schemaContext.get(),
- static_cast<xmlValidityErrorFunc>
- (&xmlLogFunction<ParserErrorLogger>),
- static_cast<xmlValidityWarningFunc>
- (&xmlLogFunction<ParserWarningLogger>),
- NULL);
-
- xmlSchemaPtr xmlSchema = xmlSchemaParse(schemaContext.get());
-
- if (!xmlSchema) {
- LogError("Couldn't parse xml schema: " << xmlSchema);
- return root;
- }
-
- xmlSchemaValidCtxtPtr xmlValidContext = xmlSchemaNewValidCtxt(xmlSchema);
-
- if (!xmlValidContext) {
- LogError("Couldn't create validation context!");
- return root;
- }
-
- std::unique_ptr <
- xmlSchemaValidCtxt,
- std::function<void(xmlSchemaValidCtxt*)> >
- schemaValidContext(
- xmlValidContext,
- xmlSchemaFreeValidCtxt);
-
- xmlSchemaSetValidErrors(
- schemaValidContext.get(),
- static_cast<xmlValidityErrorFunc>
- (&xmlLogFunction<ParserErrorLogger>),
- static_cast<xmlValidityWarningFunc>
- (&xmlLogFunction<ParserWarningLogger>),
- NULL);
-
- xmlSchemaSetValidOptions(
- schemaValidContext.get(),
- XML_SCHEMA_VAL_VC_I_CREATE);
-
- bool result =
- (xmlSchemaValidateDoc(
- schemaValidContext.get(),
- xmlDocument) == 0 ? true : false);
-
- if (!result) {
- LogError("Couldn't validate policy file: " << filename <<
- " against xml schema: " << schema);
-
- return root;
- }
-
- LogInfo("Policy file: " << filename << " validated!");
-
- xmlTextReaderPtr xmlReader = xmlReaderWalker(xmlDocument);
-
- //[CR] consider using ASSERT/DASSERT
- if (NULL == xmlReader) {
- LogError("Error, xml reader cannot be created. Probably xml file is missing (opening file " << filename << ")");
- return root;
- }
-
- std::unique_ptr <xmlTextReader, std::function<void(xmlTextReader*)> >
- reader(xmlReader, xmlFreeTextReader);
-
- int ret;
- ret = xmlTextReaderRead(reader.get());
- while (ret == 1) {
- std::unique_ptr<xmlChar, std::function<void(xmlChar*)> >
- name(xmlTextReaderName(reader.get()), xmlFree);
-
- if (!strcmp("policy-set", (const char *)name.get())) {
- processingSignature = false;
- } else if (!strcmp("SignedInfo",
- (const char *)name.get()) && canonicalizeOnce) {
- #if 0 //TODO I think we don't need canonicalization in ACE only in PM,
- //we have to verify it tough
- extractNodeToFile(reader, "output.xml");
- //TODO we should be able to handle more than one canonicalization algorithm
- canonicalize("output.xml", "canon.xml", Canonicalization::C14N);
- canonicalizeOnce = false;
- #endif
- }
- //Do not process signature of xml file
- if(!processingSignature) {
- processNode(reader.get());
- }
- ret = xmlTextReaderRead(reader.get());
- }
-
- if (ret != 0) {
- LogError("Error while parsing XML file");
- if (root) {
- root->releaseResources();
- root = NULL;
- }
- }
-
- return root;
-}
-
-void Parser::processNode(xmlTextReaderPtr reader)
-{
- //TODO this is interesting, xmlTextReaderNodeType returns int but I am pretty sure
- //those integers coresponds to xmlReaderTypes
- xmlReaderTypes type =
- static_cast<xmlReaderTypes>(xmlTextReaderNodeType(reader));
-
- switch (type) {
- //Start element
- case XML_READER_TYPE_ELEMENT:
- startNodeHandler(reader);
- break;
- //End element
- case XML_READER_TYPE_END_ELEMENT:
- endNodeHandler(reader);
- break;
- //Text element
- case XML_READER_TYPE_TEXT:
- textNodeHandler(reader);
- break;
- default:
- //Do not handle other xml tags
- break;
- }
-}
-
-void Parser::startNodeHandler(xmlTextReaderPtr reader)
-{
- xmlChar *name = xmlTextReaderName(reader);
-
- switch (*name) {
- case 'p': //policy and policy-set
- if (*(name + 6) == 0) {
- handlePolicy(reader, TreeNode::Policy);
- } else {
- handlePolicy(reader, TreeNode::PolicySet);
- }
- break;
- case 'r': //rule and resource-match
- if (*(name + 1) == 'u') {
- handleRule(reader);
- } else if (*(name + 9) == 'm') {
- handleMatch(reader, Attribute::Type::Resource);
- } else {
- handleAttr(reader);
- }
- break;
- case 's': //subject and subject-match
- if (*(name + 7) == 0) {
- handleSubject();
- } else if (*(name + 8) == 'm') { //subject match
- handleSubjectMatch(reader);
- } else { //subject attr
- handleAttr(reader);
- }
- break;
- case 'c': //condition
- handleCondition(reader);
- break;
- case 'e': //environment-match
- if (*(name + 12) == 'm') {
- handleMatch(reader, Attribute::Type::Environment);
- } else { //env-attr
- handleAttr(reader);
- }
- break;
- }
- xmlFree(name);
-}
-
-void Parser::endNodeHandler(xmlTextReaderPtr reader)
-{
- xmlChar *name = xmlTextReaderName(reader);
-
- switch (*name) {
- case 'p': //policy and policy-set
- //Restore old root
- currentRoot = currentRoot->getParent();
- break;
- case 'r': //Rule and resource match
- if (*(name + 1) == 'u') { //Rule
- currentRoot = currentRoot->getParent();
- } else { //Resource-match
- consumeCurrentText(); //consume text if any available
- consumeCurrentAttribute(); //consume attribute
- }
- break;
- case 's': //subject and subject-match
- if (*(name + 7) == 0) { //handle subject
- consumeCurrentSubject();
- } else if (*(name + 8) == 'm') { //handle subject match
- consumeCurrentText();
- consumeSubjectMatch();
- }
- //Subject-match end doesn't require handling
- break;
- case 'c': //condition
- consumeCurrentCondition();
- break;
- case 'e': //environment-match
- consumeCurrentText(); //consume text if any available
- consumeCurrentAttribute(); //consume attribute
- break;
- }
- xmlFree(name);
-}
-
-void Parser::textNodeHandler(xmlTextReaderPtr reader)
-{
- delete currentText;
- xmlChar * text = xmlTextReaderValue(reader);
- Assert(text != NULL && "Parser couldn't parse PCDATA");
-
- currentText = new std::string(reinterpret_cast<const char * >(text));
- trim(currentText);
- xmlFree(text);
-}
-
-void Parser::handlePolicy(xmlTextReaderPtr reader,
- TreeNode::TypeID type)
-{
- Policy::CombineAlgorithm algorithm;
-
- //Get first attribute
- xmlChar * combAlg = xmlTextReaderGetAttribute(reader, BAD_CAST("combine"));
-
- Assert(combAlg != NULL && "Parser error while getting attributes");
- algorithm = convertToCombineAlgorithm(combAlg);
-
- //Create TreeNode element
- Policy * policy = NULL;
- if (type == TreeNode::Policy) {
- policy = new Policy();
- } else {
- policy = new PolicySet();
- }
- policy->setCombineAlgorithm(algorithm);
- TreeNode * node = new TreeNode(currentRoot, type, policy);
- //Add new tree node to current's root children set
- if (currentRoot != NULL) {
- currentRoot->addChild(node);
- }
-
- //Switch the current root to the new node
- if (!xmlTextReaderIsEmptyElement(reader)) {
- //Current root switching is necessary only if tag is not empty
- currentRoot = node;
- }
- if (root == NULL) {
- root = currentRoot;
- }
-
- if (NULL == currentRoot) {
- node->releaseResources();
- }
-
- xmlFree(combAlg);
-}
-
-void Parser::handleRule(xmlTextReaderPtr reader)
-{
- Effect effect = Inapplicable;
-
- //[CR] create macros for attribute names
- xmlChar * eff = xmlTextReaderGetAttribute(reader, BAD_CAST("effect")); //get the rule attribute
-
- Assert(eff != NULL && "Parser error while getting attributes");
- effect = convertToEffect(eff);
-
- Rule * rule = NULL;
- rule = new Rule();
- rule->setEffect(effect);
-
- TreeNode * node = new TreeNode(currentRoot, TreeNode::Rule, rule);
- //Add new tree node to current's root children set
- if (currentRoot != NULL) { //
- currentRoot->addChild(node);
- }
-
- if (!xmlTextReaderIsEmptyElement(reader)) {
- currentRoot = node;
- }
-
- if (NULL == currentRoot) {
- node->releaseResources();
- }
-
- xmlFree(eff);
-}
-
-void Parser::handleSubject()
-{
- currentSubject = new Subject();
- //TODO what about empty subject tag
-}
-
-void Parser::handleCondition(xmlTextReaderPtr reader)
-{
- Condition::CombineType combineType = Condition::AND;
-
- xmlChar * combine = xmlTextReaderGetAttribute(reader, BAD_CAST("combine")); //get the rule attribute
-
- Assert(combine != NULL && "Parser error while getting attributes");
-
- combineType = *combine == 'a' ? Condition::AND : Condition::OR;
-
- Condition * condition = new Condition();
- condition->setCombineType(combineType);
- condition->setParent(currentCondition);
-
- currentCondition = condition;
- //TODO what about empty condition tag?
-}
-
-//Subject match is handled differently than resource or environment match
-//Because it cannot have any children tags and can only include PCDATA
-void Parser::handleSubjectMatch(xmlTextReaderPtr reader)
-{
- //processing Subject
- int attributes = xmlTextReaderAttributeCount(reader);
-
- xmlChar * func = NULL;
- xmlChar * value = NULL;
- xmlChar * attrName = xmlTextReaderGetAttribute(reader, BAD_CAST("attr")); //get the first attribute
-
- if (attributes == 2) {
- //match attribute ommited, text value will be used
- func = xmlTextReaderGetAttribute(reader, BAD_CAST("func"));
- } else if (attributes == 3) {
- value = xmlTextReaderGetAttribute(reader, BAD_CAST("match"));
- func = xmlTextReaderGetAttribute(reader, BAD_CAST("func"));
- } else {
- Assert(false && "Wrong XML file format");
- }
-
- // creating temporiary object is not good idea
- // but we have no choice untill Attribute have constructor taking std::string*
- std::string temp(reinterpret_cast<const char *>(attrName));
- Attribute * attr = new Attribute(&temp, convertToMatchFunction(
- func), Attribute::Type::Subject);
- if (value != NULL) { //add value of the attribute if possible
- //[CR] consider create Attribute::addValue(char *) function
- std::string temp(reinterpret_cast<const char *>(value));
- attr->addValue(&temp);
- }
- currentAttribute = attr;
-
- if (xmlTextReaderIsEmptyElement(reader)) {
- Assert(value != NULL && "XML file format is wrong");
- //Attribute value is required to obtain the match value easier
- consumeSubjectMatch(value);
- }
-
- if (attributes == 2 || attributes == 3) {
- xmlFree(func);
- }
- xmlFree(value);
- xmlFree(attrName);
-}
-
-void Parser::handleMatch(xmlTextReaderPtr reader,
- Attribute::Type type)
-{
- int attributes = xmlTextReaderAttributeCount(reader);
-
- xmlChar * func = NULL;
- xmlChar * value = NULL;
- xmlChar * attrName = xmlTextReaderGetAttribute(reader, BAD_CAST("attr")); //get the first attribute
-
- if (attributes == 2) {
- //match attribute ommited, text value will be used
- func = xmlTextReaderGetAttribute(reader, BAD_CAST("func"));
- //the content may be resource-attr or PCDATA
- } else if (attributes == 3) {
- value = xmlTextReaderGetAttribute(reader, BAD_CAST("match"));
- func = xmlTextReaderGetAttribute(reader, BAD_CAST("func"));
- } else {
- Assert(false && "Wrong XML file format");
- }
-
- // FunctionParam type is sybtype of Resource.
- // FunctionParam is used to storage attriburess of call functions.
- if (0 ==
- xmlStrncmp(attrName, BAD_CAST(TOKEN_PARAM),
- xmlStrlen(BAD_CAST(TOKEN_PARAM))) && type ==
- Attribute::Type::Resource) {
- type = Attribute::Type::FunctionParam;
- }
-
- std::string temp(reinterpret_cast<const char*>(attrName));
- Attribute * attr = new Attribute(&temp, convertToMatchFunction(func), type);
- currentAttribute = attr;
-
- if (xmlTextReaderIsEmptyElement(reader)) {
- Assert(value != NULL && "XML is currupted");
- std::string tempVal(reinterpret_cast<const char*>(value));
- currentAttribute->addValue(&tempVal);
- consumeCurrentAttribute();
- }
-
- if (attributes == 2 || attributes == 3) {
- xmlFree(func);
- }
- xmlFree(value);
- xmlFree(attrName);
-}
-
-Policy::CombineAlgorithm Parser::convertToCombineAlgorithm(xmlChar* algorithm)
-{
- switch (*algorithm) {
- case 'f':
- if (*(algorithm + 6) == 'a') { //first applicable
- return Policy::FirstApplicable;
- }
- return Policy::FirstTargetMatching;
- case 'd':
- return Policy::DenyOverride;
- case 'p':
- return Policy::PermitOverride;
- default:
- Assert(false && "Wrong combine algorithm name");
- return Policy::DenyOverride;
- }
-}
-
-Effect Parser::convertToEffect(xmlChar *effect)
-{
- switch (*effect) {
- case 'd': //deny
- return Deny;
- break;
- case 'p':
- //permit, prompt-blanket, prompt-session, prompt-oneshot
- if (*(effect + 1) == 'e') {
- return Permit;
- }
- switch (*(effect + 7)) {
- case 'b':
- return PromptBlanket;
- case 's':
- return PromptSession;
- case 'o':
- return PromptOneShot;
- default:
- Assert(false && "Effect is Error");
- return Error;
- }
- break;
- default:
- Assert(false && "Effect is Error");
- return Error;
- }
- return Inapplicable;
-}
-
-Attribute::Match Parser::convertToMatchFunction(xmlChar * func)
-{
- if (func == NULL) {
- LogError("[ERROR] match function value is NULL");
- return Attribute::Match::Error;
- }
-
- if (*func == 'g') {
- return Attribute::Match::Glob;
- } else if (*func == 'e') {
- return Attribute::Match::Equal;
- } else if (*func == 'r') {
- return Attribute::Match::Regexp;
- } else {
- LogError("[ERROR] match function value is NULL");
- return Attribute::Match::Error;
- }
- Assert(false);
-}
-
-void Parser::handleAttr(xmlTextReaderPtr reader)
-{
- xmlChar * attrValue = xmlTextReaderGetAttribute(reader, BAD_CAST("attr")); //get the first attribute
- Assert(attrValue != NULL && "Error while obtaining attribute");
-
- std::string temp(reinterpret_cast<const char*>(attrValue));
- currentAttribute->addValue(&temp);
-
- xmlFree(attrValue);
-}
-
-void Parser::consumeCurrentText()
-{
- Assert(currentText != NULL);
- currentAttribute->addValue(currentText);
- delete currentText;
-
- currentText = NULL;
-}
-
-void Parser::consumeCurrentAttribute()
-{
- Assert(currentAttribute != NULL);
-
- currentCondition->addAttribute(*currentAttribute);
- delete currentAttribute;
-
- currentAttribute = NULL;
-}
-
-void Parser::consumeCurrentSubject()
-{
- Policy * policy = dynamic_cast<Policy *>(currentRoot->getElement());
- Assert(policy != NULL);
- policy->addSubject(currentSubject);
- //TODO maybe keep subjects not subject pointers in Policies and consume subjects here
- currentSubject = NULL;
-}
-
-void Parser::consumeCurrentCondition()
-{
- Condition * temp = NULL;
- if (currentCondition != NULL) {
- if (currentCondition->getParent() != NULL) { //Condition is a child of another condition
- currentCondition->getParent()->addCondition(*currentCondition);
- } else { //Condition parent is a Rule
- Rule * rule = dynamic_cast<Rule *>(currentRoot->getElement());
- Assert(rule != NULL);
- rule->setCondition(*currentCondition);
- }
- temp = currentCondition->getParent();
- delete currentCondition;
- }
- currentCondition = temp; //switch current condition ( it may be switched to NULL if condition's parent was rule
-}
-
-void Parser::consumeSubjectMatch(xmlChar * value)
-{
- Assert(
- currentAttribute != NULL &&
- "consuming subject match without attribute set");
-
- if (currentSubject != NULL) {
- currentSubject->addNewAttribute(*currentAttribute);
- //[CR] matching/modyfing functions transform uri.host to uri ( etc. ) so strncmp is not needed, string equality will do
- if (!strncmp(currentAttribute->getName()->c_str(), "uri",
- 3) ||
- !strncmp(currentAttribute->getName()->c_str(), "id", 2)) {
- if (value != NULL) {
- currentSubject->setSubjectId(reinterpret_cast<const char *>(
- value));
- } else if (currentAttribute->getValue()->size()) {
- currentSubject->setSubjectId(
- currentAttribute->getValue()->front());
- } else {
- Assert(false);
- }
- }
- } else if (currentCondition != NULL) {
- currentCondition->addAttribute(*currentAttribute);
- }
-
- delete currentAttribute;
- currentAttribute = NULL;
-}
-
-void Parser::trim(std::string * str)
-{
- std::string::size_type pos = str->find_last_not_of(whitespaces);
- if (pos != std::string::npos) {
- str->erase(pos + 1);
- pos = str->find_first_not_of(whitespaces);
- if (pos != std::string::npos) {
- str->erase(0, pos);
- }
- } else {
- str->erase(str->begin(), str->end());
- LogInfo("Warning, empty string as attribute value");
- }
-}
-
-// KW void Parser::canonicalize(const char * input, const char * output, CanonicalizationAlgorithm canonicalizationAlgorithm){
-// KW
-// KW xmlDocPtr doc = xmlParseFile(input);
-// KW //xmlDocDump(stdout, doc);
-// KW
-// KW if(doc == NULL)
-// KW {
-// KW LogError("Canonicalization error, cannot parser xml file");
-// KW }
-// KW
-// KW
-// KW int mode = -1;
-// KW if(canonicalizationAlgorithm == C14N)
-// KW {
-// KW mode = 0;
-// KW }
-// KW else if(canonicalizationAlgorithm == C14NEXCLUSIVE)
-// KW {
-// KW mode = 1;
-// KW }
-// KW
-// KW
-// KW xmlC14NDocSave(doc, NULL, mode, NULL, 0, output, 0);
-// KW
-// KW xmlFreeDoc(doc);
-// KW
-// KW }
-
-// KW int Parser::extractNodeToFile(xmlTextReaderPtr reader, const char * filename){
-// KW
-// KW xmlNodePtr node = xmlTextReaderExpand(reader);
-// KW xmlBufferPtr buff = xmlBufferCreate();
-// KW xmlNodeDump(buff, node->doc, node, 0, 0);
-// KW FILE * file = fopen(filename, "w");
-// KW if(file == NULL){
-// KW LogError("Error while trying to open file "<<filename);
-// KW return -1;
-// KW }
-// KW int ret = xmlBufferDump(file, buff);
-// KW fclose(file);
-// KW xmlBufferFree(buff);
-// KW return ret;
-// KW
-// KW }
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file AceDAOReadOnly.h
- * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef ACE_DAO_READ_ONLY_H_
-#define ACE_DAO_READ_ONLY_H_
-
-#include <openssl/md5.h>
-#include <dpl/string.h>
-#include <dpl/exception.h>
-#include <dpl/ace-dao-ro/PreferenceTypes.h>
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-#include <dpl/ace-dao-ro/BasePermission.h>
-#include <dpl/ace-dao-ro/IRequest.h>
-#include <dpl/ace/PolicyEffect.h>
-#include <dpl/ace/PolicyResult.h>
-#include <dpl/ace/PromptDecision.h>
-#include <dpl/ace-dao-ro/wrt_db_types.h>
-
-namespace AceDB {
-
-class AceDAOReadOnly
-{
- public:
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, DatabaseError)
- };
-
- AceDAOReadOnly() {}
-
- static void attachToThread();
- static void detachFromThread();
-
- // policy effect/decision
- static OptionalPolicyResult getPolicyResult(
- const BaseAttributeSet &attributes);
-
- static OptionalPolicyResult getPolicyResult(
- const DPL::String &attrHash);
-
- // prompt decision
- static OptionalCachedPromptDecision getPromptDecision(
- const DPL::String &hash,
- const std::string &userParam);
- static OptionalCachedPromptDecision getPromptDecision(
- const BaseAttributeSet &attribites,
- const std::string &userParam);
-
- // resource settings
- static PreferenceTypes getDevCapSetting(const std::string &resource);
- static void getDevCapSettings(PreferenceTypesMap *preferences);
-
- // user settings
- static void getWidgetDevCapSettings(BasePermissionList *permissions);
- static PreferenceTypes getWidgetDevCapSetting(
- const std::string &resource,
- WidgetHandle handler);
-
- static void getAttributes(BaseAttributeSet *attributes);
-
- // static dev cap permissions
- //
- // (For a given widget handle, a set of device caps is
- // granted "statically", i.e. it is determined at installation
- // time that the widget will always get (at launch) the SMACK
- // permissions needed to use those device caps).
- //
- // 'permissions' is an output parameter - it must point to
- // an existing set and the function will clear it and fill
- // with the device cap names as described.
- static void getStaticDevCapPermissions(
- int widgetHandle,
- std::set<DPL::String> *permissions);
-
- protected:
- static int promptDecisionToInt(PromptDecision decision);
- static PromptDecision intToPromptDecision(int decision);
-};
-
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file AceDAOUtil.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef WRT_ACE_DAO_UTILITIES_H_
-#define WRT_ACE_DAO_UTILITIES_H_
-
-#include <dpl/db/thread_database_support.h>
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-#include <dpl/ace-dao-ro/PreferenceTypes.h>
-#include <dpl/ace-dao-ro/VerdictTypes.h>
-#include <orm_generator_ace.h>
-
-namespace AceDB {
-
-namespace AceDaoUtilities {
-
-BaseAttribute::Type intToAttributeType(int val);
-int attributeTypeToInt(BaseAttribute::Type type);
-int preferenceToInt(PreferenceTypes p);
-PreferenceTypes intToPreference(int p);
-VerdictTypes intToVerdict(int v);
-int verdictToInt(VerdictTypes v);
-bool getSubjectByUri(const std::string &uri,
- DPL::DB::ORM::ace::AceSubject::Row &row);
-bool getResourceByUri(const std::string &uri,
- DPL::DB::ORM::ace::AceDevCap::Row &row);
-
-extern DPL::DB::ThreadDatabaseSupport m_databaseInterface;
-
-}
-
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file IAttribute.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef ACCESS_CONTROL_DAO_BASEATTRIBUTE_H_
-#define ACCESS_CONTROL_DAO_BASEATTRIBUTE_H_
-
-#include <list>
-#include <set>
-#include <string>
-#include <dpl/shared_ptr.h>
-#include <dpl/assert.h>
-
-namespace AceDB {
-
-class BaseAttribute;
-typedef DPL::SharedPtr<BaseAttribute> BaseAttributePtr;
-
-class BaseAttribute
-{
-
- public:
- /**
- * Types of attributes
- */
- enum class Type { Subject, Environment, Resource, FunctionParam, Undefined };
-
- struct UnaryPredicate
- {
- public:
- UnaryPredicate(const AceDB::BaseAttribute *comp = NULL) :
- m_priv(comp)
- {
- }
-
- bool operator()(const AceDB::BaseAttributePtr &comp)
- {
- Assert(m_priv != NULL);
- if (m_priv->getName()->compare(*comp->getName()) != 0) {
- return false;
- }
- return m_priv->getType() == comp->getType();
- }
-
- bool operator()(const AceDB::BaseAttributePtr &comp1,
- const AceDB::BaseAttributePtr &comp2)
- {
- if (comp1->getType() != comp2->getType()) {
- return comp1->getType() < comp2->getType();
- }
- return comp1->getName()->compare(*comp2->getName()) < 0;
- }
-
- private:
- const AceDB::BaseAttribute *m_priv;
- };
-
- public:
- BaseAttribute() :
- m_typeId(Type::Undefined),
- m_undetermindState(false)
- {}
-
- virtual void setName(const std::string& name)
- {
- m_name = name;
- }
- virtual void setName(const std::string* name)
- {
- m_name = *name;
- }
-
- virtual void setType(const Type& type)
- {
- m_typeId = type;
- }
- virtual Type getType() const
- {
- return m_typeId;
- }
-
- virtual const std::string* getName() const
- {
- return &m_name;
- }
-
- //TODO think
- virtual void setUndetermind(bool tmp)
- {
- m_undetermindState = tmp;
- }
- virtual bool isUndetermind() const
- {
- return m_undetermindState;
- }
- virtual std::list<std::string> * getValue() const
- {
- return const_cast<std::list<std::string>* >(&value);
- }
- virtual bool isValueEmpty() const
- {
- return value.empty();
- }
-
- virtual void setValue(const std::list<std::string>& arg)
- {
- value = arg;
- }
-
- virtual ~BaseAttribute()
- {
- }
-
- static const char * typeToString(Type type);
-
- virtual std::string toString() const;
-
- protected:
- std::string m_name;
- Type m_typeId;
- bool m_undetermindState;
- std::list<std::string> value; //string bag list
-};
-
-typedef std::set<BaseAttributePtr, BaseAttribute::UnaryPredicate> BaseAttributeSet;
-
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file IPermission.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef ACCESS_CONTROL_DAO_BASEPERMISSION_H_
-#define ACCESS_CONTROL_DAO_BASEPERMISSION_H_
-
-#include <dpl/ace-dao-ro/PreferenceTypes.h>
-#include <dpl/ace-dao-ro/wrt_db_types.h>
-
-namespace AceDB{
-
-struct BasePermission
-{
- BasePermission(WidgetHandle handler,
- const std::string& devCap,
- PreferenceTypes accessAllowed) :
- appId(handler),
- devCap(devCap),
- access(accessAllowed)
- {
- }
-
- WidgetHandle appId;
- std::string devCap;
- PreferenceTypes access;
-};
-
-typedef std::list<BasePermission> BasePermissionList;
-
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file IRequest.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef ACCESS_CONTROL_DAO_IREQUEST_H_
-#define ACCESS_CONTROL_DAO_IREQUEST_H_
-
-namespace AceDB{
-
-class IRequest
-{
-public:
- virtual ~IRequest(){}
-};
-
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file PreferenceTypes.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef ACCESS_CONTROL_DAO_PREFERENCETYPES_H_
-#define ACCESS_CONTROL_DAO_PREFERENCETYPES_H_
-
-#include <map>
-#include <string>
-
-namespace AceDB{
-
-enum class PreferenceTypes
-{
- PREFERENCE_PERMIT,
- PREFERENCE_DENY,
- PREFERENCE_DEFAULT,
- PREFERENCE_BLANKET_PROMPT,
- PREFERENCE_SESSION_PROMPT,
- PREFERENCE_ONE_SHOT_PROMPT
-};
-
-
-typedef std::map<std::string, PreferenceTypes> PreferenceTypesMap;
-
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/* @file PromptModel.h
- * @author Justyna Mejzner (j.kwiatkowsk@samsung.com)
- * @author Jaroslaw Osmanski (j.osmanski@samsung.com)
- * @version 1.0
- *
- */
-
-#ifndef WRT_SRC_ACCESSCONTROL_ENGINE_PROMPT_MODEL_H_
-#define WRT_SRC_ACCESSCONTROL_ENGINE_PROMPT_MODEL_H_
-
-#include <memory>
-#include <string>
-#include <vector>
-
-#include <dpl/optional_typedefs.h>
-#include <dpl/singleton.h>
-
-namespace Prompt {
-typedef std::vector<std::string> ButtonLabels;
-
-class PromptLabels
-{
-public:
- PromptLabels(int promptType,
- const Prompt::ButtonLabels& questionLabel,
- const std::string& mainLabel);
- DPL::OptionalString getCheckLabel() const;
- bool isAllowed(const size_t buttonNumber) const;
- int getPromptType() const;
- const ButtonLabels& getButtonLabels() const;
- const std::string& getMainLabel() const;
-
-private:
- int m_promptType;
- ButtonLabels m_buttonLabels;
- std::string m_mainLabel;
-};
-
-typedef std::unique_ptr<PromptLabels> PromptLabelsPtr;
-
-enum Validity
-{
- ONCE,
- SESSION,
- ALWAYS
-};
-
-class PromptAnswer
-{
-public:
- PromptAnswer(bool isAccessAllowed, Validity validity);
- PromptAnswer(int aPromptType, unsigned int buttonAns, bool checkAns);
- bool isAccessAllowed() const;
- Validity getValidity() const;
-
-private:
- bool m_isAccessAllowed;
- Validity m_validity;
-};
-
-class PromptModel
-{
- public:
- static PromptLabels* getOneShotModel(const std::string& resourceId);
- static PromptLabels* getSessionModel(const std::string& resourceId);
- static PromptLabels* getBlanketModel(const std::string& resourceId);
-
- enum PromptType
- {
- PROMPT_ONESHOT,
- PROMPT_SESSION,
- PROMPT_BLANKET
- };
-};
-
-} // Prompt
-
-#endif /* WRT_SRC_ACCESSCONTROL_ENGINE_PROMPT_MODEL_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file TimedVerdict.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef ACCESS_CONTROL_DAO_TIMEDVERDICT_H_
-#define ACCESS_CONTROL_DAO_TIMEDVERDICT_H_
-
-#include <dpl/ace-dao-ro/VerdictTypes.h>
-
-namespace AceDB{
-
-struct TimedVerdict
-{
- VerdictTypes decision;
- /*Below values are optional,its filled only when verdict depend on session*/
- std::string session;
- int subjectVerdictId;
-};
-
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file VerdictTypes.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef ACCESS_CONTROL_DAO_VERDICTTYPES_H_
-#define ACCESS_CONTROL_DAO_VERDICTTYPES_H_
-
-namespace AceDB{
-
-enum class VerdictTypes
-{
- VERDICT_PERMIT,
- VERDICT_DENY,
- //Verdict is innapplicable if policy evaluate to INAPPLICABLE,
- //in this case WRT should decide what to do
- VERDICT_INAPPLICABLE,
- VERDICT_UNDETERMINED,
- VERDICT_UNKNOWN, //Verdict is unknown if Verdicts manager cannot find it
- VERDICT_ASYNC,
- VERDICT_ERROR
-};
-
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- * @file common_dao_types.h
- * @author Michal Ciepielski (m.ciepielski@samsung.com)
- * @version 1.0
- * @brief This file contains the declaration of common data types for wrtdb
- */
-
-#ifndef WRT_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_
-#define WRT_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_
-
-#include <set>
-#include <string>
-#include <map>
-#include <vector>
-#include <list>
-#include <dpl/optional_typedefs.h>
-#include <dpl/shared_ptr.h>
-
-namespace WrtDB {
-namespace Powder {
-
-typedef std::set<DPL::String> StringSet;
-//! Widget description
-struct Description
-{
- //!Content level
- typedef enum
- {
- Level0 = 0,
- Level1,
- Level2,
- Level3,
- Level4,
- Level5,
- LevelUnknown
- } LevelEnum;
- struct LevelEntry
- {
- LevelEnum level; //!< content level
-
- typedef StringSet Context;
-
- //! POWDER context
- //! xa This material appears in an artistic context
- //! xb This material appears in an educational context
- //! xc This material appears in a medical context
- //! xd This material appears in a sports context
- //! xe This material appears in a violent context
- Context context;
- explicit LevelEntry(LevelEnum level = LevelUnknown);
- //! Function checks if context is valid
- //! \param[in] level POWDER content level
- //! \param[in] context POWDER context
- bool isContextValid(LevelEnum level,
- const DPL::OptionalString& context) const;
- };
-
- struct CategoryEntry
- {
- //! Levels entries for POWDER description
- typedef std::vector <LevelEntry> LevelsContainer;
- LevelsContainer levels;
- //! Function checks if context is valid
- //! \param[out] reason set if context invalid
- //! \param[in] level POWDER content level
- //! \param[in] context POWDER context
- bool isCategoryValid(LevelEntry& reason,
- LevelEnum level,
- const DPL::OptionalString& context) const;
- };
-
- //! POWDER Category -> Category entry map for Widget
- //!
- //! nu Nudity
- //! se Sex
- //! vi Violence
- //! la Potentially offensive language
- //! dr Drug use
- //! ga Gambling
- //! ha Hate or harmful activities
- //! ug Use of user-generated content
- typedef std::map<DPL::String, CategoryEntry> CategoryEntries;
-
- CategoryEntries categories;
-
- //! Age rating for widget
- //! If Null not set
- DPL::OptionalInt ageRating;
-};
-} // namespace Powder
-
-namespace ChildProtection {
-
-//! Blacklist with forbidden URLs
-//! It should be stored in WidgetDAO
-typedef std::vector<DPL::String> BlackList;
-
-//! Widget Child protection record
-//! Record should be stored in WingetDAO
-struct Record
-{
- //! Child protection enabled
- bool enabled;
- explicit Record(bool enabled) :
- enabled(enabled)
- {
- }
-};
-
-//! Powder processing
-struct PowderRules
-{
- //! Rule set by parent about forbidden category
- //! Powder category
- //! nu Nudity
- //! se Sex
- //! vi Violence
- //! la Potentially offensive language
- //! dr Drug use
- //! ga Gambling
- //! ha Hate or harmful activities
- //! ug Use of user-generated content
- //! Powder context
- //! xa This material appears in an artistic conteaxt
- //! xb This material appears in an educational context
- //! xc This material appears in a medical context
- //! xd This material appears in a sports context
- //! xe This material appears in a violent context
- struct CategoryRule
- {
- DPL::String category;
- Powder::Description::LevelEnum level;
- DPL::OptionalString context;
- explicit CategoryRule(const DPL::String& category = DPL::String(),
- Powder::Description::LevelEnum level =
- Powder::Description::LevelUnknown,
- const DPL::OptionalString& context = DPL::OptionalString());
- };
-
- struct PowderResult
- {
- //! Reasoning outcome: part of POWDER description used to invalidate
- Powder::Description::LevelEntry invalidDescription;
- //! Reasoning outcome: rule set by parent not full filed by description
- CategoryRule invalidRule;
-
- //! Reasoning outcome: type of invalidity
- enum InvalidReason
- {
- InvalidRule, //!< One of rules was not fulfilled
- InvalidAge, //!< Age is invalid
- AgeRatingNotSet, //!< Age rating for widget is not set
- Valid //!< Description valid
- };
- InvalidReason reason;
- explicit PowderResult(InvalidReason reason = Valid,
- const Powder::Description::LevelEntry& invalidDescription =
- Powder::Description::LevelEntry(),
- const CategoryRule& invalidRule = CategoryRule());
- };
-
- typedef std::pair<bool, PowderResult> ResultPair;
-
- //! Function checks if rule is fulfilled by description
- //! \param[in] rule checked rule
- //! \param[in] description
- //! \retval true rule is valid
- //! \retval false rule is invalid
- ResultPair isRuleValidForDescription(const CategoryRule& rule,
- const Powder::Description& description) const;
- //! Function checks if age limit is fulfilled by description
- //! \param[in] description
- //! \retval true age is valid
- //! \retval false age is invalid
- ResultPair isAgeValidForDescription(
- const Powder::Description& description) const;
-
- //! It is the maximum age rating valid for child
- //! Uniform age is stored in WidgetDAO
- DPL::OptionalInt ageLimit;
-
- //! Set to true if age rating is required
- //! If ageLimit is not set value is ignored
- bool isAgeRatingRequired;
-
- //! Set of rules configured by parent
- //! Rules are stored in WidgetDAO and are uniform for all widgets
- typedef std::vector<CategoryRule> RulesContainer;
- RulesContainer rules;
-
- //! Function check if Widget description is valid for ChildProtection
- //! configuration
- //! \param description widget description
- //! \retval true widget is valid
- //! \retval false widget is invalid
- ResultPair isDescriptionValid(const Powder::Description& description)
- const;
-
- PowderRules() :
- isAgeRatingRequired(false)
- {
- }
-};
-} // namespace ChildProtection
-
-class PluginMetafileData
-{
- public:
- struct Feature
- {
- std::string m_name;
- std::set<std::string> m_deviceCapabilities;
-
- bool operator< (const Feature& obj) const
- {
- return m_name < obj.m_name;
- }
- };
- typedef std::set<Feature> FeatureContainer;
-
- public:
-
- PluginMetafileData()
- {
- }
-
- std::string m_libraryName;
- std::string m_featuresInstallURI;
- std::string m_featuresKeyCN;
- std::string m_featuresRootCN;
- std::string m_featuresRootFingerprint;
-
- FeatureContainer m_featureContainer;
-};
-
-class PluginObjectsDAO
-{
- public:
- typedef std::set<std::string> Objects;
- typedef DPL::SharedPtr<Objects> ObjectsPtr;
-
- public:
- explicit PluginObjectsDAO() {}
-
- protected:
- ObjectsPtr m_implemented;
- ObjectsPtr m_dependent;
-};
-
-/**
- * @brief Widget id describes web-runtime global widget identifier.
- *
- * Notice that only up to one widget can exist at the same time.
- * DbWidgetHandle can be translated into corresponding WidgetModel by invoking
- * FindWidgetModel routine.
- */
-typedef int DbWidgetHandle;
-
-/**
- * @brief Structure to hold the information of widget's size
- */
-struct DbWidgetSize
-{
- DPL::OptionalInt width;
- DPL::OptionalInt height;
-
- DbWidgetSize(DPL::OptionalInt w = DPL::OptionalInt::Null,
- DPL::OptionalInt h = DPL::OptionalInt::Null) :
- width(w),
- height(h)
- {
- }
-};
-
-inline bool operator ==(const DbWidgetSize &objA, const DbWidgetSize &objB)
-{
- if (!objA.height || !objA.width || !objB.width || !objB.height) {
- return false;
- } else {
- return *objA.height == *objB.height && *objA.width == *objB.width;
- }
-}
-
-/**
- * Widget [G]lobal [U]nique [ID]entifier
- * Orginated from appstore ID
- */
-typedef DPL::OptionalString WidgetGUID;
-
-struct WidgetAccessInfo
-{
- DPL::String strIRI; /* origin iri */
- bool bSubDomains; /* do we want access to subdomains ? */
-
- bool operator ==(const WidgetAccessInfo& info) const
- {
- return info.strIRI == strIRI &&
- info.bSubDomains == bSubDomains;
- }
-};
-
-typedef std::list<WidgetAccessInfo> WidgetAccessInfoList;
-
-typedef std::list<DPL::String> WindowModeList;
-
-/**
- * @brief Widget configuration parameter key
- */
-typedef DPL::String WidgetParamKey;
-
-/**
- * @brief Widget configuration parameter value
- */
-typedef DPL::String WidgetParamValue;
-
-/**
- * @brief A map of widget configuration parameters.
- *
- * Widget configuration parameters are read from database and are stored
- * along with feature that they describe.
- */
-typedef std::multimap<WidgetParamKey, WidgetParamValue> WidgetParamMap;
-
-/**
- * @brief Widget feature host information about possible javascript extensions
- * that widget may use
- *
- * Widget features are declared in configuration file in widget installation
- * package. Each declared special feature is contained in some wrt-plugin that
- * declares to implement it. After widget launch wrt searches for proper plugin
- * libraries and load needed features.
- *
- * Widget features can be required or optional. It is possible to start widget
- * without missing feature. When required feature cannot be loaded widget will
- * not start.
- */
-
-enum {
- INVALID_PLUGIN_HANDLE = -1
-};
-typedef int DbPluginHandle;
-
-struct DbWidgetFeature
-{
- DPL::String name; /// Feature name
- bool required; /// Whether feature is required
- DbPluginHandle pluginId; /// Plugin id that implement this feature
- WidgetParamMap params; /// Widget's params
-
- DbWidgetFeature() :
- required(false),
- pluginId(INVALID_PLUGIN_HANDLE)
- {
- }
-};
-
-inline bool operator < (const DbWidgetFeature &objA,
- const DbWidgetFeature &objB)
-{
- return objA.name.compare(objB.name) < 0;
-}
-
-inline bool operator==(const DbWidgetFeature &featureA,
- const DbWidgetFeature &featureB)
-{
- return featureA.name == featureB.name &&
- featureA.required == featureB.required &&
- featureA.pluginId == featureB.pluginId;
-}
-
-/**
- * @brief Default container for features list
- */
-typedef std::multiset<DbWidgetFeature> DbWidgetFeatureSet;
-
-/**
- * @brief Default container with DbWidgetHandle's
- */
-typedef std::list<DbWidgetHandle> DbWidgetHandleList;
-
-/**
- * @brief Widget specific type
- *
- * Widget type describes belowed in WAC, TIZEN WebApp
- */
-enum AppType
-{
- APP_TYPE_UNKNOWN = 0, // unknown
- APP_TYPE_WAC10, // WAC 1.0
- APP_TYPE_WAC20, // WAC 2.0
- APP_TYPE_TIZENWEBAPP, // Tizen webapp
-};
-
-class WidgetType
-{
- public:
- WidgetType()
- :appType(APP_TYPE_UNKNOWN)
- {
- }
- WidgetType(const AppType type)
- :appType(type)
- {
- }
- bool operator== (const AppType& other) const
- {
- return appType == other;
- }
- std::string getApptypeToString()
- {
- switch (appType) {
-#define X(x) case x: return #x;
- X(APP_TYPE_UNKNOWN)
- X(APP_TYPE_WAC10)
- X(APP_TYPE_WAC20)
- X(APP_TYPE_TIZENWEBAPP)
-#undef X
- default:
- return "UNKNOWN";
- }
- }
-
- AppType appType;
-};
-
-} // namespace WrtDB
-
-struct WidgetSetting
-{
- DPL::String settingName;
- DPL::String settingValue;
-
- bool operator ==(const WidgetSetting& info) const
- {
- return (info.settingName == settingName &&
- info.settingValue == settingValue);
- }
- bool operator !=(const WidgetSetting& info) const
- {
- return (info.settingName != settingName ||
- info.settingValue != settingValue);
- }
-};
-
-typedef std::list<WidgetSetting> WidgetSettings;
-
-/**
- * @brief Widget Application Service
- *
- * Application sercvice describes details of behaviour
- * when widget receives aul bundle data.
- */
-struct WidgetApplicationService
-{
- public:
- DPL::String src; /* start uri */
- DPL::String operation; /* service name */
- DPL::String scheme; /* scheme type*/
- DPL::String mime; /* mime type */
-
- bool operator== (const WidgetApplicationService& other) const
- {
- return src == other.src &&
- operation == other.operation &&
- scheme == other.scheme &&
- mime == other.mime;
- }
-};
-
-typedef std::list<WidgetApplicationService> WidgetApplicationServiceList;
-#endif /* WRT_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file AceDAO.h
- * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef ACEDAO_H_
-#define ACEDAO_H_
-
-#include <set>
-#include <list>
-#include <map>
-#include <string>
-
-#include <dpl/optional_typedefs.h>
-#include <dpl/string.h>
-#include <dpl/ace-dao-ro/AceDAOReadOnly.h>
-#include <dpl/ace-dao-ro/ValidityTypes.h>
-
-namespace AceDB {
-/*
- *
- */
-class AceDAO : public AceDAOReadOnly
-{
- public:
-
- AceDAO() {}
-
- // Policy Decisions
- static void setPolicyResult(
- const BaseAttributeSet &attributes,
- const PolicyResult &policyResult);
-
- static void removePolicyResult(
- const BaseAttributeSet &attributes);
-
- // PromptDecision
- static void setPromptDecision(
- const DPL::String &hash,
- const DPL::String &userParam,
- const DPL::OptionalString &session,
- PromptDecision decision);
- static void setPromptDecision(
- const BaseAttributeSet &attributes,
- const DPL::String &userParam,
- const DPL::OptionalString &session,
- PromptDecision decision);
-
- static void clearPromptDecisions(void);
-
- // reseting database
- static void clearWidgetDevCapSettings(void);
- static void clearDevCapSettings(void);
- static void clearAllSettings(void);
- static void resetDatabase(void);
-
- // resource settings
- static void setDevCapSetting(const std::string &resource,
- PreferenceTypes preference);
- static void removeDevCapSetting(const std::string &resource);
-
- // user settings
- static void setWidgetDevCapSetting(
- const std::string &resource,
- WidgetHandle handler,
- PreferenceTypes);
- static void removeWidgetDevCapSetting(
- const std::string &resource,
- WidgetHandle handler);
-
- // resource and subject management
- static int addResource(const std::string &request);
-
- // utilities
- static void addAttributes(const BaseAttributeSet &attributes);
-
- // set static dev cap permissions
- //
- // (For a given widget handle, a set of device caps is
- // granted "statically", i.e. it is determined at installation
- // time that the widget will always get (at launch) the SMACK
- // permissions needed to use those device caps).
- //
- // 'permissions' is the set of device cap names to be assigned
- // as "statically permitted" to the given widget handle
- static void setStaticDevCapPermissions(
- int widgetHandle,
- const std::set<DPL::String> &permissions);
-
-};
-}
-#endif /* ACEDAO_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef WRT_SRC_ACCESS_CONTROL_LOGIC_ABSTRACT_POLICY_ENFORCEMENT_POINTS_H
-#define WRT_SRC_ACCESS_CONTROL_LOGIC_ABSTRACT_POLICY_ENFORCEMENT_POINTS_H
-
-#include <dpl/ace/WRT_INTERFACE.h>
-#include <dpl/event/inter_context_delegate.h>
-#include <dpl/ace/PolicyResult.h>
-
-class AbstractPolicyEnforcementPoint
-{
- public:
- typedef DPL::Event::ICDelegate<PolicyResult> ResponseReceiver;
- virtual PolicyResult check(Request &request) = 0;
-};
-
-#endif /* WRT_SRC_ACCESS_CONTROL_LOGIC_ABSTRACT_POLICY_ENFORCEMENT_POINTS_H */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-class AbstractPolicyInformationPoint
-{
- public:
- virtual ~AbstractPolicyInformationPoint() {}
-};
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : AbstractTreeElement.h
-// @ Date : 2009-05-25
-// @ Author : Samsung
-//
-//
-#if !defined(_ABSTRACTTREEELEMENT_H)
-#define _ABSTRACTTREEELEMENT_H
-
-#include <list>
-#include "Effect.h"
-#include <iostream>
-
-class AbstractTreeElement
-{
- public:
-
- virtual ~AbstractTreeElement()
- {
- }
-
- virtual void printData() = 0;
-
- virtual void serialize(std::ostream& os) = 0;
- protected:
-};
-
-#endif //_ABSTRACTTREEELEMENT_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _ASYNCVERDICT_H
-#define _ASYNCVERDICT_H
-
-#include <dpl/ace/Verdict.h>
-#include <dpl/ace/WRT_INTERFACE.h>
-#include <dpl/ace/Request.h>
-
-class AsyncVerdictResultListener
-{
- public:
- virtual void onVerdict(const Verdict &verdict,
- const Request *request) = 0;
- virtual ~AsyncVerdictResultListener()
- {
- }
-};
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Attribute.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#if !defined(_ATTRIBUTE_H)
-#define _ATTRIBUTE_H
-
-#include <string>
-#include <iostream>
-#include <set>
-#include <list>
-
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-
-class Attribute : public AceDB::BaseAttribute
-{
- public:
- /**
- * Types of match functions
- */
- enum class Match { Equal, Glob, Regexp, Error };
- /**
- * Types of attribute value modifiers
- */
- enum class Modifier { Non, Scheme, Authority, SchemeAuthority, Host, Path };
- /**
- * Possible match results
- */
- enum class MatchResult { MRUndetermined = -1, MRFalse = 0, MRTrue = 1};
-
- public:
-
- /**
- * New attribute constructor
- * @param name name of the new attribute
- * @param matchFunction match function used in the attribute
- * @param type attribute type
- */
- Attribute(const std::string *name,
- const Match matchFunction,
- const Type type);
-
- /**
- * Constructor used by ACE serializer
- * @param is Input stream to which the object will be serialized
- * @deprecated
- */
- Attribute(std::istream& is);
-
- /**
- * Constructor used to create default attribute ( used for unit tests )
- * @param nm name of the default attribute
- */
- Attribute(const std::string& nm) :
- matchFunction(Match::Error),
- modifierFunction(Modifier::Non)
- {
- m_name = nm;
- m_typeId = Type::Subject;
- m_undetermindState = false;
- }
-
- /**
- * Destructor
- */
- virtual ~Attribute();
-
- bool serialize(std::ostream& os) const;
-
- std::list<std::string> * getValue() const
- {
- return AceDB::BaseAttribute::getValue();
- }
- Match getMatchFunction() const
- {
- return matchFunction;
- }
-
- /* --- Setters --- */
- void addValue (const std::string *value);
-
- MatchResult matchAttributes(const BaseAttribute *) const;
-
- /**
- * Operator used in for attribute set,used to distinguished only attribute names
- * It cannot take attribute type into consideration
- */
- bool operator< (const Attribute & obj) const
- {
- int result = this->m_name.compare(*obj.getName());
- if (result == 0) { //If names are equal check attribute types
- if (this->m_typeId < obj.getType()) {
- result = -1;
- } else if (this->m_typeId > obj.getType()) {
- result = 1;
- }
- }
- //If result is negative that means that 'this' was '<' than obj
- return result < 0;
- }
-
- /** Checks if object type is equal to argument */
- bool instanceOf(Type type_)
- {
- return type_ == m_typeId;
- }
-
- friend std::ostream & operator<<(std::ostream & out,
- const Attribute & attr);
-
- protected:
-
- bool searchAndCut(const char *);
-
- /*
- * URI definition from rfc2396
- *
- * <scheme>://<authority><path>?<query>
- * Each of the components may be absent, apart from the scheme.
- * Host is a part of authority as in definition below:
- *
- * authority = server | reg_name
- * server = [ [ userinfo "@" ] hostport ]
- * <userinfo>@<host>:<port>
- *
- * Extract from rfc2396
- * The authority component is preceded by a double slash "//" and is
- * terminated by the next slash "/", question-mark "?", or by the end of
- * the URI. Within the authority component, the characters ";", ":",
- * "@", "?", and "/" are reserved.
- *
- * Modifiers should return pointer to empty string if given part of string was empty.
- * Modifiers should return NULL if the string to be modified was not an URI.
- */
- std::string * uriScheme(const std::string *) const;
- std::string * uriAuthority(const std::string *) const;
- std::string * uriSchemeAuthority(const std::string *) const;
- std::string * uriHost(const std::string *) const;
- std::string * uriPath(const std::string *) const;
- std::string * applyModifierFunction(const std::string * val) const;
-
- bool parse(const std::string *input,
- std::string *part) const;
- bool find_error(const std::string *part) const;
-
- bool checkScheme(const std::string *scheme) const;
- bool checkAuthority(const std::string *scheme) const;
- std::string * getHost(const std::string *scheme) const;
- bool checkPath(const std::string *scheme) const;
-
- bool isSchemeAllowedCharacter(int c) const;
- bool isSegmentAllowedCharacter(int c) const;
- bool isUserInfoAllowedString(const std::string *str) const;
- bool isHostAllowedString(const std::string *str) const;
- bool isHostNameAllowedString(const std::string * str) const;
- bool isIPv4AllowedString(const std::string * str) const;
- bool isDomainLabelAllowedString(const char * data,
- int lenght) const;
- bool isTopLabelAllowedString(const char* data,
- int lenght) const;
-
- bool isUnreserved(int c) const;
- bool isAlphanum(int c) const;
- bool isEscaped(const char esc[3]) const;
- bool isHex(int c) const;
-
- MatchResult lists_comparator(
- const std::list<std::string> *first,
- const std::list<std::string> *second,
- MatchResult (*comparator)(const std::string *,
- const std::string *)) const;
-
- /**
- * Map used to check if character is a 'mark'
- */
- static const bool mark[256];
- /**
- * Map used to check if character is a 'digit'
- *
- */
- static const bool digit[256];
- /**
- * Map used to check if character is an 'alphanumeric' value
- *
- */
- static const bool alpha[256];
-
- protected:
- Match matchFunction;
- Modifier modifierFunction;
-};
-
-typedef AceDB::BaseAttributeSet AttributeSet;
-
-//TODO remove later or ifdef debug methods
-void printAttributes(const AttributeSet& attrs);
-void printAttributes(const std::list<Attribute> & attrs);
-
-#endif //_ATTRIBUTE_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Combiner.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#if !defined(_COMBINER_H)
-#define _COMBINER_H
-
-#include <set>
-
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace/TreeNode.h>
-
-class Combiner
-{
- protected:
-
- const AttributeSet * attrSet;
-
- public:
-
- virtual Effect combineRules(const TreeNode * rule) = 0;
- virtual Effect combinePolicies(const TreeNode * policy) = 0;
-
- const AttributeSet * getAttributeSet() const
- {
- return this->attrSet;
- }
- void setAttributeSet(const AttributeSet * attrSet)
- {
- this->attrSet = attrSet;
- }
- virtual ~Combiner()
- {
- } //attrSet is deleted elsewhere
-};
-
-#endif //_COMBINER_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : CombinerImpl.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#ifndef _COMBINER_IMPL_H
-#define _COMBINER_IMPL_H
-
-#include <list>
-#include <dpl/log/log.h>
-
-#include "Combiner.h"
-#include "Effect.h"
-#include "Policy.h"
-#include "Subject.h"
-
-class CombinerImpl : public Combiner
-{
- public:
-
- virtual Effect combineRules(const TreeNode * rule);
- virtual Effect combinePolicies(const TreeNode * policy);
-
- virtual ~CombinerImpl()
- {
- }
-
- protected:
-
- bool checkIfTargetMatches(const std::list<const Subject *> * subjectsSet,
- bool &isUndetermined);
-
- Effect combine(Policy::CombineAlgorithm algorithm,
- std::list<Effect> & effects);
-
- Effect denyOverrides(const std::list<Effect> & effects);
- Effect permitOverrides(const std::list<Effect> & effects);
- Effect firstApplicable(const std::list<Effect> & effects);
- Effect firstMatchingTarget(const std::list<Effect> & effects);
-
- std::list<int> * convertEffectsToInts(const std::list<Effect> * effects);
- Effect convertIntToEffect(int intEffect);
-
- void showEffectList(std::list<Effect> & effects)
- {
- std::list<Effect>::iterator it = effects.begin();
- for (; it != effects.end(); ++it) {
- LogDebug(toString(*it));
- }
- }
-
- private:
- bool isError(const std::list<Effect> & effects);
- static const int
- DenyInt,
- UndeterminedInt,
- PromptOneShotInt,
- PromptSessionInt,
- PromptBlanketInt,
- PermitInt,
- InapplicableInt,
- NotMatchingTargetInt,
- ErrorInt;
-};
-
-#endif //_COMBINERIMPL_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-// File: Condition.h
-// Author: notroot
-//
-// Created on June 3, 2009, 9:00 AM
-//
-#ifndef _CONDITION_H
-#define _CONDITION_H
-
-#include <list>
-#include <set>
-#include <iostream>
-#include <dpl/foreach.h>
-
-#include "Attribute.h"
-#include "Effect.h"
-#include "TreeNode.h"
-
-class Condition
-{
- public:
- enum CombineType
- {
- AND, OR
- };
-
- void addCondition(const Condition & condition)
- {
- this->conditions.push_back(condition);
- }
-
- void addAttribute(const Attribute & attribute)
- {
- this->attributes.push_back(attribute);
- }
-
- void setCombineType(CombineType type)
- {
- this->combineType = type;
- }
-
- Condition() : combineType(AND),
- parent(NULL)
- {
- }
-
- Condition(CombineType type) : combineType(type),
- parent(NULL)
- {
- }
-
- virtual ~Condition()
- {
- }
-
- Condition * getParent()
- {
- return this->parent;
- }
-
- void setParent(Condition * condition)
- {
- this->parent = condition;
- }
-
- Attribute::MatchResult evaluateCondition(
- const AttributeSet * attrSet) const;
-
- friend std::ostream & operator<<(std::ostream & out,
- Condition & condition)
- {
- FOREACH (it, condition.attributes)
- {
- out << *it;
- }
- return out;
- }
- //[CR] change function name
- void getAttributes(AttributeSet * attrSet);
-
- //deserializer, TODO - first condition doesnt have Condtion parent
- Condition(std::istream&,
- Condition* parent = NULL);
-
- bool serialize(std::ostream&);
-
- private:
- Attribute::MatchResult evaluateChildConditions(
- const AttributeSet * attrSet,
- bool &isFinalMatch,
- bool & undefinedMatchFound) const;
-
- Attribute::MatchResult evaluateAttributes(
- const AttributeSet * attrSet,
- bool& isFinalMatch,
- bool & undefinedMatchFound) const;
-
- // KW Attribute::MatchResult performANDalgorithm(const std::set<Attribute> * attributes) const;
-
- // KW Attribute::MatchResult performORalgorithm(const std::set<Attribute> * attributes) const;
-
- bool isEmpty() const
- {
- return attributes.empty() && conditions.empty();
- }
-
- bool isAndCondition() const
- {
- return combineType == AND;
- }
-
- bool isOrCondition() const
- {
- return combineType == OR;
- }
-
- std::list<Condition> conditions;
- CombineType combineType;
- std::list<Attribute> attributes;
- Condition *parent;
-};
-
-#endif /* _CONDITION_H */
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _CONFIGURATIONMANAGER_H_
-#define _CONFIGURATIONMANAGER_H_
-
-#include <list>
-#include <string.h>
-#include <string>
-#include <libxml/xmlreader.h>
-#include "Constants.h"
-#include <fstream>
-#include <iostream>
-#include <dpl/log/log.h>
-
-#define ATTR_ACTIVE_POLICY BAD_CAST("active")
-
-#define PARSER_ERROR 1
-#define PARSER_SUCCESS 0
-
-class ConfigurationManager
-{
- public:
- enum ConfigurationManagerResult
- {
- CM_OPERATION_SUCCESS = 0,
- CM_GENERAL_ERROR = -1,
- CM_FILE_EXISTS = -2,
- CM_REMOVE_ERROR = -3,
- CM_REMOVE_CURRENT = -4,
- CM_REMOVE_NOT_EXISTING = -5
- };
-
- /**
- * Current policy file getter
- * @return Name of the current ACE policy file
- */
- std::string getCurrentPolicyFile(void) const;
-
- /**
- * ACE policy file path getter
- * @return Full path to ACE current policy file
- */
- std::string getFullPathToCurrentPolicyFile(void) const;
-
- /**
- * ACE policy dtd file path getter
- * @return Full path to ACE current policy file
- */
- std::string getFullPathToCurrentPolicyXMLSchema(void) const;
-
- /**
- * ACE policy storage path getter
- * @return Full path to ACE policy file storage
- */
- std::string getStoragePath(void) const;
-
- /**
- * Adds file to ACE policy storage
- * @param filePath full path to policy to be added
- * @return CM_OPERATION_SUCCESS on success,
- * CM_FILE_EXISTS if file with the same name already exists in the storage (the new file is not added),
- * other error code on other error
- *
- */
- int addPolicyFile(const std::string & filePath);
-
- /**
- * Removes file with a given filename from ACE policy storage
- * @param fileName name of the policy to be removed
- * @return CM_OPERATION_SUCCESS on success,
- * CM_REMOVE_CURRENT if file to be removed is a current file (it cannot be removed)
- * CM_REMOVE_NOT_EXISTING if file already doesn't exists
- * other error code on other error
- *
- */
- int removePolicyFile(const std::string& fileName);
-
- //change current PolicyFile
- /**
- * @param filePath Name of the policy file in the policy storage that should be made
- * a current policy file
- * @param CM_OPERATION_SUCCESS on success or error code on error
- */
- int changeCurrentPolicyFile(const std::string& filePath);
-
- //TODO this getInstance() method is a little bit to complicated
- /**
- * Method to obtain instance of configuration manager
- * @return retuns pointer to configuration manager or NULL in case of error
- */
- static ConfigurationManager * getInstance()
- {
- if (!instance) {
- instance = new ConfigurationManager();
- if (instance->parse(std::string(ACE_CONFIGURATION_PATH)) !=
- PARSER_SUCCESS) {
- delete instance;
- LogError(
- "Couldn't parse configuration file " ACE_CONFIGURATION_PATH);
- return NULL;
- }
- }
- return instance;
- }
-
- /**
- * Extracts filename from full path
- * @param path Full path from which filename should be extracted
- * @return returns extracted filename
- */
- std::string extractFilename(const std::string& path) const;
-
- protected:
-
- /**
- * Parse given ACE configuration file
- * @param configFileName full path to configuration file to be parsed
- * @return PARSER_SUCCESS on succes, PARSER_ERROR on error
- */
- int parse(const std::string &configFileName);
- /**
- * @param path full path to the file which size should be obtained
- * @return size of a given file in bytes
- */
- int getFileSize(const std::string & path) const;
- bool copyFile(FILE * source,
- FILE * destination,
- int lenght = 1024) const;
- bool checkIfFileExistst(const std::string & newFilePath) const;
-
- const std::list<std::string> & getPolicyFiles() const
- {
- return policyFiles;
- }
-
- const std::string & getConfigFile() const
- {
- return configFile;
- }
-
- ConfigurationManager() : xmlActive(false)
- {
- }
- virtual ~ConfigurationManager()
- {
- }
-
- private:
-
- /**
- * Internal parser methods
- */
- void extractFileAttributes(void);
- void startNodeHandler(void);
- void endNodeHandler(void);
- void textNodeHandler(void);
- void processNode(void);
- //Save configuration file
- int saveConfig();
-
- //Private fields for parser state representation
- xmlTextReaderPtr reader;
- std::string currentText;
- bool xmlActive;
-
- static ConfigurationManager * instance;
-
- /**
- * Full path to ACE configuration file
- */
- std::string configFile;
- /**
- * ACE policy file storage path
- */
- std::string storagePath;
- /**
- * Name of the current ACE policy
- */
- std::string currentPolicyFile;
- /**
- * List of available ACE policy files
- */
- std::list<std::string> policyFiles;
-
- //////////NEW
-};
-
-#endif
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file Constants.h
- * @author Piotr Fatyga (p.fatyga@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef _CONSTANTS_H
-#define _CONSTANTS_H
-
-#define ACE_MAIN_STORAGE "/usr/etc/ace"
-#define ACE_CONFIGURATION_PATH ACE_MAIN_STORAGE "/config.xml"
-#define ACE_CONFIGURATION_DTD ACE_MAIN_STORAGE "/config.dtd"
-#define ACE_DTD_LOCATION ACE_MAIN_STORAGE "/bondixml.dtd"
-
-/////////////////FOR GUI//////////////////////
-
-#define MYSTERIOUS_BITMAP "/usr/apps/org.tizen.policy/d.png"
-#define MYSTERIOUS_BITMAP2 "/usr/apps/org.tizen.policy/file.png"
-
-///////////////////FOR TESTS//////////////////////////
-
-#define COMBINER_TEST "/usr/etc/ace/CMTest/com_general-test.xml"
-#define CONFIGURATION_MGR_TEST_PATH "/usr/etc/ace/CMTest/"
-#define CONFIGURATION_MGR_TEST_CONFIG ACE_MAIN_STORAGE "/CMTest/pms_config.xml"
-#define CONFIGURATION_MGR_TEST_POLICY_STORAGE ACE_MAIN_STORAGE "/CMTest/active"
-#define CONFIGURATION_MGR_TEST_POLICY_STORAGE_MOVED ACE_MAIN_STORAGE \
- "/CMTest/activeMoved"
-#define CONFIGURATION_MGR_TEST_POLICY CONFIGURATION_MGR_TEST_POLICY_STORAGE \
- "/pms_general-test.xml"
-#define POLICIES_TO_SIGN_DIR ACE_MAIN_STORAGE "/SignerTests/"
-
-#define OUTPUT_DIR ACE_MAIN_STORAGE "/SignerTests/signedPolicies/"
-#define PRIVATE_KEY_DIR ACE_MAIN_STORAGE "/SignerTests/PrvKey/"
-#define X509_DATA_BASE_DIR ACE_MAIN_STORAGE "/SignerTests/X509Data/"
-
-#endif /* _CONSTANTS_H */
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Effect.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#if !defined(_EFFECT_H)
-#define _EFFECT_H
-
-enum Effect
-{
- Deny =0,
- Undetermined=1, // jk mb added this enum, so the ones below are inceremented!!!!!!!
- PromptOneShot =2,
- PromptSession =3,
- PromptBlanket =4,
- Permit =5,
- Inapplicable =6,
- NotMatchingTarget=7,
- Error
-};
-
-const char * toString(Effect);
-
-#endif //_EFFECT_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#if !defined(_NODE_FACTORY_H)
-#define _NODE_FACTORY_H
-
-#include <iostream>
-#include "TreeNode.h"
-#include "Policy.h"
-#include "PolicySet.h"
-#include "Rule.h"
-
-class NodeFactory
-{
- public:
- static NodeFactory* getInstance();
- AbstractTreeElement* create(std::istream&,
- TreeNode:: TypeID);
- private:
- NodeFactory()
- {
- }
- static NodeFactory* pInstance;
-};
-
-#endif
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : PermissionTriple.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#if !defined(_PERMISSION_TRIPLE_H)
-#define _PERMISSION_TRIPLE_H
-
-#include <string>
-#include <list>
-#include <dpl/ace-dao-ro/PreferenceTypes.h>
-#include <dpl/ace-dao-ro/BasePermission.h>
-
-typedef AceDB::BasePermission PermissionTriple;
-typedef AceDB::BasePermissionList PermissionList;
-
-struct GeneralSetting
-{
- GeneralSetting(const std::string& resourceName,
- AceDB::PreferenceTypes accessAllowed) : generalSettingName(resourceName),
- access(accessAllowed)
- {
- }
- std::string generalSettingName;
- AceDB::PreferenceTypes access;
-};
-
-#endif //_PERMISSION_TRIPLE_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Policy.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#if !defined(_POLICY_H)
-#define _POLICY_H
-
-#include <list>
-
-#include <dpl/ace/AbstractTreeElement.h>
-#include <dpl/ace/Effect.h>
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace/Subject.h>
-#include <iostream>
-#include <dpl/noncopyable.h>
-
-class Policy : public AbstractTreeElement,
- DPL::Noncopyable
-{
- public:
- enum CombineAlgorithm { DenyOverride, PermitOverride, FirstApplicable,
- FirstTargetMatching };
-
- Policy(std::istream& is);
-
- void serialize(std::ostream& os);
-
- Policy()
- {
- combineAlgorithm = DenyOverride;
- subjects = new std::list<const Subject *>();
- }
-
- CombineAlgorithm getCombineAlgorithm() const
- {
- return this->combineAlgorithm;
- }
-
- void setCombineAlgorithm(CombineAlgorithm algorithm)
- {
- this->combineAlgorithm = algorithm;
- }
-
- const std::list<const Subject *> * getSubjects() const
- {
- return this->subjects;
- }
-
- void addSubject(const Subject * subject)
- {
- if (this->subjects == NULL) {
- return;
- }
- this->subjects->push_back(subject);
- }
-
- virtual ~Policy();
-
- void printData();
-
- std::string printCombineAlgorithm(CombineAlgorithm algorithm);
-
- private:
- std::list<const Subject *> *subjects;
- CombineAlgorithm combineAlgorithm;
-};
-
-const char * toString(Policy::CombineAlgorithm algorithm);
-
-#endif //_POLICY_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file PolicyEffect.h
- * @author B.Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief This file contains the declaration of PolicyEffect type.
- */
-#ifndef _SRC_ACCESS_CONTROL_COMMON_POLICY_EFFECT_H_
-#define _SRC_ACCESS_CONTROL_COMMON_POLICY_EFFECT_H_
-
-enum class PolicyEffect {
- DENY = 0,
- PERMIT,
- PROMPT_ONESHOT,
- PROMPT_SESSION,
- PROMPT_BLANKET
-};
-
-inline static std::ostream & operator<<(std::ostream& stream,
- PolicyEffect effect)
-{
- switch (effect) {
- case PolicyEffect::DENY: stream << "DENY"; break;
- case PolicyEffect::PERMIT: stream << "PERMIT"; break;
- case PolicyEffect::PROMPT_ONESHOT: stream << "PROMPT_ONESHOT"; break;
- case PolicyEffect::PROMPT_SESSION: stream << "PROMPT_SESSION"; break;
- case PolicyEffect::PROMPT_BLANKET: stream << "PROMPT_BLANKET"; break;
- default: Assert(false && "Invalid PolicyEffect constant");
- }
- return stream;
-}
-
-#endif // _SRC_ACCESS_CONTROL_COMMON_POLICY_EFFECT_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * This class simply redirects the access requests to access control engine.
- * The aim is to hide access control engine specific details from WRT modules.
- * It also implements WRT_INTERFACE.h interfaces, so that ACE could access
- * WRT specific and other information during the decision making.
- *
- * @file security_logic.h
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @author Ming Jin(ming79.jin@samsung.com)
- * @brief Implementation file for security logic
- */
-#ifndef POLICY_ENFORCEMENT_POINT_H
-#define POLICY_ENFORCEMENT_POINT_H
-
-#include <memory>
-#include <string>
-#include <map>
-
-//#include <glib/gthread.h>
-//#include <glib/gerror.h>
-//#include <glib.h>
-
-//#include <dpl/optional.h>
-#include <dpl/event/inter_context_delegate.h>
-#include <dpl/event/property.h>
-
-#include <dpl/ace/AbstractPolicyEnforcementPoint.h>
-#include <dpl/ace/PolicyResult.h>
-
-// Forwards
-class IWebRuntime;
-class IResourceInformation;
-class IOperationSystem;
-class PolicyEvaluator;
-class PolicyInformationPoint;
-class Request;
-
-class PolicyEnforcementPoint : public AbstractPolicyEnforcementPoint
-{
- public:
- OptionalPolicyResult checkFromCache(Request &request);
- PolicyResult check(Request &request);
- OptionalPolicyResult check(Request &request,
- bool fromCacheOnly);
-
- virtual ~PolicyEnforcementPoint();
-
- class PEPException
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, AlreadyInitialized)
- };
-
- /**
- * This function take ownership of objects pass in call.
- * Object will be deleted after call Deinitialize function.
- */
- void initialize(IWebRuntime *wrt,
- IResourceInformation *resource,
- IOperationSystem *operation);
- void terminate();
-
- void updatePolicy(const std::string &policy);
-
- PolicyEvaluator *getPdp() const { return this->m_pdp; }
- PolicyInformationPoint *getPip() const { return this->m_pip; }
-
- protected:
- PolicyEnforcementPoint();
- friend class SecurityLogic;
- private: // private data
- IWebRuntime *m_wrt;
- IResourceInformation *m_res;
- IOperationSystem *m_sys;
- PolicyEvaluator *m_pdp;
- PolicyInformationPoint *m_pip;
-};
-
-#endif // POLICY_ENFORCEMENT_POINT_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : PolicyEvaluator.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#ifndef _POLICY_EVALUATOR_H
-#define _POLICY_EVALUATOR_H
-
-#include <memory>
-#include <set>
-#include <string>
-
-#include <dpl/event/event_listener.h>
-#include <dpl/log/log.h>
-#include <dpl/noncopyable.h>
-
-#include <dpl/ace/AsyncVerdictResultListener.h>
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace/ConfigurationManager.h>
-#include <dpl/ace/Constants.h>
-#include <dpl/ace/Effect.h>
-#include <dpl/ace/Policy.h>
-#include <dpl/ace/PolicyInformationPoint.h>
-#include <dpl/ace/PolicyResult.h>
-#include <dpl/ace/Request.h>
-#include <dpl/ace/Subject.h>
-#include <dpl/ace/Verdict.h>
-#include <dpl/ace/UserDecision.h>
-#include <dpl/ace/CombinerImpl.h>
-
-
-class PolicyEvaluator : DPL::Noncopyable
-{
- protected:
-
- /**
- * Internal method used to initiate policy evaluation. Called after attribute set has been fetched
- * by PIP.
- * @param root root of the policies tree to be evaluated
- */
- virtual Effect evaluatePolicies(const TreeNode * root);
-
- enum updateErrors
- {
- POLICY_PARSING_SUCCESS = 0,
- POLICY_FILE_ERROR = 1,
- PARSER_CREATION_ERROR,
- POLICY_PARSING_ERROR
- };
- private:
- AttributeSet m_attributeSet;
-
- TreeNode * m_root;
- Combiner * m_combiner;
- AsyncVerdictResultListener * m_verdictListener;
- PolicyInformationPoint * m_pip;
- // Required by unittests.
- std::string m_currentPolicyFile;
-
- /**
- * Method used to extract attributes from subtree defined by PolicySet
- * @param root original TreeStructure root node
- * @param newRoot copy of TreeStructure containing only policies that matches current request
- *
- */
- void extractAttributesFromSubtree(const TreeNode *root);
-
- /**
- * Method used to extract attributes from Tree Structure
- * @return pointer to set of attributes needed to evaluate current request
- * @return if extraction has been successful
- * TODO return reducte tree structure
- * TODO change comments
- */
- bool extractAttributesFromRules(const TreeNode *);
-
- /**
- * Extracts attributes from target of a given policy that are required to be fetched by PIP
- */
- void extractTargetAttributes(const Policy *policy);
- bool extractAttributes();
-
- OptionalPolicyResult getPolicyForRequestInternal(bool fromCacheOnly);
- PolicyResult effectToPolicyResult(Effect effect);
- public:
- PolicyEvaluator(PolicyInformationPoint * pip) :
- m_root(NULL),
- m_combiner(new CombinerImpl()),
- m_verdictListener(NULL),
- m_pip(pip)
- {
- }
-
- bool extractAttributesTest()
- {
- m_attributeSet.clear();
- if (!extractAttributes()) {
- LogInfo("Warnign attribute set cannot be extracted. Returning Deny");
- return true;
- }
-
- return extractAttributes();
- }
-
- AttributeSet * getAttributeSet()
- {
- return &m_attributeSet;
- }
-
- virtual bool initPDP();
- virtual ~PolicyEvaluator();
- virtual PolicyResult getPolicyForRequest(const Request &request);
- virtual OptionalPolicyResult getPolicyForRequestFromCache(
- const Request &request);
- virtual OptionalPolicyResult getPolicyForRequest(const Request &request,
- bool fromCacheOnly);
- bool fillAttributeWithPolicy();
-
- virtual int updatePolicy(const char *);
- // Required by unittests.
- // It's used to check environment before each unittest.
- std::string getCurrentPolicy();
-};
-
-#endif //_POLICYEVALUATOR_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file AbstractObjectFactory.h
- * @author Piotr Fatyga (p.fatyga@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef _ABSTRACTOBJECTFACTORY_H
-#define _ABSTRACTOBJECTFACTORY_H
-
-#include <dpl/ace/PolicyEvaluator.h>
-
-class AbstractPolicyEvaluatorFactory
-{
- public:
- virtual PolicyEvaluator * createPolicyEvaluator(PolicyInformationPoint *pip)
- const = 0;
-};
-
-class PolicyEvaluatorFactory : public AbstractPolicyEvaluatorFactory
-{
- public:
- PolicyEvaluator * createPolicyEvaluator(PolicyInformationPoint *pip) const
- {
- return new PolicyEvaluator(pip);
- }
-};
-
-#endif /* _ABSTRACTOBJECTFACTORY_H */
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : PolicyInformationPoint.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#ifndef _POLICY_INFORMATION_POINT_H
-#define _POLICY_INFORMATION_POINT_H
-
-#include <set>
-
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace/Request.h>
-
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-
-#include <dpl/ace/WRT_INTERFACE.h>
-
-typedef int PipResponse;
-
-class PolicyInformationPoint
-{
- private:
-
- /** queries for interfaces*/
- std::list<ATTRIBUTE> resourceAttributesQuery;
- std::list<ATTRIBUTE> environmentAttributesQuery;
- std::list<ATTRIBUTE> subjectAttributesQuery;
- std::list<ATTRIBUTE> functionParamAttributesQuery;
-
- /** create queries */
- void createQueries(AttributeSet* attributes);
-
- IWebRuntime* wrtInterface;
- IResourceInformation* resourceInformation;
- IOperationSystem* operationSystem;
-
- public:
- static const int ERROR_SHIFT_RESOURCE = 3;
- static const int ERROR_SHIFT_OS = 6;
- static const int ERROR_SHIFT_FP = 9;
-
- /** Mask used to identify PIP error */
- enum ResponseTypeMask
- {
- SUCCESS = 0,
- /* WebRuntime Error */
- WRT_UNKNOWN_SUBJECT = 1 << 0,
- WRT_UNKNOWN_ATTRIBUTE = 1 << 1,
- WRT_INTERNAL_ERROR = 1 << 2,
- /* Resource Information Storage Error */
- RIS_UNKNOWN_RESOURCE = 1 << 3,
- RIS_UNKNOWN_ATTRIBUTE = 1 << 4,
- RIS_INTERNAL_ERROR = 1 << 5,
- /*Operating system */
- OS_UNKNOWN_ATTRIBUTE = 1 << 6,
- OS_INTERNAL_ERROR = 1 << 7
- };
-
- //TODO add checking values of attributes
- /** gather attributes values from adequate interfaces */
- virtual PipResponse getAttributesValues(const Request* request,
- AttributeSet* attributes);
- virtual ~PolicyInformationPoint();
- PolicyInformationPoint(IWebRuntime *wrt,
- IResourceInformation *resource,
- IOperationSystem *system) : wrtInterface(wrt),
- resourceInformation(resource),
- operationSystem(system)
- {
- }
- virtual void update(IWebRuntime *wrt,
- IResourceInformation *resource,
- IOperationSystem *system)
- {
- wrtInterface = wrt;
- resourceInformation = resource;
- operationSystem = system;
- }
- IWebRuntime * getWebRuntime()
- {
- return wrtInterface;
- }
-};
-
-#endif //_POLICY_INFORMATION_POINT_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef _SRC_ACCESS_CONTROL_COMMON_POLICY_RESULT_H_
-#define _SRC_ACCESS_CONTROL_COMMON_POLICY_RESULT_H_
-
-#include <dpl/assert.h>
-#include <dpl/optional.h>
-#include <dpl/optional_typedefs.h>
-
-#include <dpl/ace/PolicyEffect.h>
-
-typedef DPL::Optional<PolicyEffect> OptionalPolicyEffect;
-
-class PolicyDecision
-{
-public:
- enum Value { NOT_APPLICABLE = -1 };
-
- PolicyDecision(PolicyEffect effect)
- : m_isPolicyEffect(true)
- , m_effect(effect)
- {}
-
- PolicyDecision(const PolicyDecision &decision)
- : m_isPolicyEffect(decision.m_isPolicyEffect)
- , m_effect(decision.m_effect)
- {}
-
- PolicyDecision(Value)
- : m_isPolicyEffect(false)
- {}
-
- bool operator==(const PolicyDecision &decision) const {
- return (m_isPolicyEffect
- && decision.m_isPolicyEffect
- && m_effect == decision.m_effect)
- || (!m_isPolicyEffect && !decision.m_isPolicyEffect);
- }
-
- bool operator==(Value) const {
- return !m_isPolicyEffect;
- }
-
- bool operator!=(const PolicyDecision &decision) const {
- return !(*this == decision);
- }
-
- bool operator!=(Value value) const {
- return !(*this == value);
- }
-
- OptionalPolicyEffect getEffect() const
- {
- if (!m_isPolicyEffect) {
- return OptionalPolicyEffect();
- }
- return OptionalPolicyEffect(m_effect);
- }
-
- std::ostream & toStream(std::ostream& stream) {
- if (m_isPolicyEffect)
- stream << m_effect;
- else
- stream << "NOT-APPLICABLE";
- return stream;
- }
-
-private:
- bool m_isPolicyEffect;
- PolicyEffect m_effect;
-};
-
-inline static bool operator==(PolicyEffect e, const PolicyDecision &d) {
- return d.operator==(e);
-}
-
-inline static bool operator!=(PolicyEffect e, const PolicyDecision &d) {
- return !(e == d);
-}
-
-inline static std::ostream & operator<<(std::ostream& stream,
- PolicyDecision decision)
-{
- return decision.toStream(stream);
-}
-
-class PolicyResult {
-public:
- enum Value { UNDETERMINED = -2 };
-
- // This constructor is required by dpl controller and by dpl optional
- PolicyResult()
- : m_isDecision(false)
- , m_decision(PolicyDecision::Value::NOT_APPLICABLE) // don't care
- {}
-
- PolicyResult(PolicyEffect effect)
- : m_isDecision(true)
- , m_decision(effect)
- {}
-
- PolicyResult(const PolicyDecision &decision)
- : m_isDecision(true)
- , m_decision(decision)
- {}
-
- PolicyResult(const PolicyResult &result)
- : m_isDecision(result.m_isDecision)
- , m_decision(result.m_decision)
- {}
-
- PolicyResult(PolicyDecision::Value value)
- : m_isDecision(true)
- , m_decision(value)
- {}
-
- PolicyResult(Value)
- : m_isDecision(false)
- , m_decision(PolicyDecision::Value::NOT_APPLICABLE) // don't care
- {}
-
- bool operator==(const PolicyResult &result) const {
- return (m_isDecision
- && result.m_isDecision
- && m_decision == result.m_decision)
- || (!m_isDecision && !result.m_isDecision);
- }
-
- bool operator==(Value) const {
- return !m_isDecision;
- }
-
- bool operator!=(const PolicyResult &result) const {
- return !(*this == result);
- }
-
- bool operator!=(Value value) const {
- return !(*this == value);
- }
-
- OptionalPolicyEffect getEffect() const
- {
- if (!m_isDecision) {
- return OptionalPolicyEffect();
- }
- return m_decision.getEffect();
- }
-
- static int serialize(const PolicyResult &policyResult)
- {
- if (!policyResult.m_isDecision) {
- return BD_UNDETERMINED;
- } else if (policyResult.m_decision ==
- PolicyDecision::Value::NOT_APPLICABLE)
- {
- return BD_NOT_APPLICABLE;
- } else if (policyResult.m_decision == PolicyEffect::PROMPT_BLANKET) {
- return BD_PROMPT_BLANKET;
- } else if (policyResult.m_decision == PolicyEffect::PROMPT_SESSION) {
- return BD_PROMPT_SESSION;
- } else if (policyResult.m_decision == PolicyEffect::PROMPT_ONESHOT) {
- return BD_PROMPT_ONESHOT;
- } else if (policyResult.m_decision == PolicyEffect::PERMIT) {
- return BD_PERMIT;
- } else if (policyResult.m_decision == PolicyEffect::DENY) {
- return BD_DENY;
- }
- Assert(false && "Unknown value of policyResult.");
- }
-
- static PolicyResult deserialize(int dec){
- switch (dec) {
- case BD_DENY:
- return PolicyEffect::DENY;
- case BD_PERMIT:
- return PolicyEffect::PERMIT;
- case BD_PROMPT_ONESHOT:
- return PolicyEffect::PROMPT_ONESHOT;
- case BD_PROMPT_SESSION:
- return PolicyEffect::PROMPT_SESSION;
- case BD_PROMPT_BLANKET:
- return PolicyEffect::PROMPT_BLANKET;
- case BD_NOT_APPLICABLE:
- return PolicyDecision::Value::NOT_APPLICABLE;
- case BD_UNDETERMINED:
- return Value::UNDETERMINED;
- }
- Assert(false && "Broken database");
- }
-
- std::ostream & toStream(std::ostream& stream) {
- if (m_isDecision)
- stream << m_decision;
- else
- stream << "UNDETERMINED";
- return stream;
- }
-
-private:
- static const int BD_UNDETERMINED = 6;
- static const int BD_NOT_APPLICABLE = 5;
- static const int BD_PROMPT_BLANKET = 4;
- static const int BD_PROMPT_SESSION = 3;
- static const int BD_PROMPT_ONESHOT = 2;
- static const int BD_PERMIT = 1;
- static const int BD_DENY = 0;
-
- bool m_isDecision;
- PolicyDecision m_decision;
-};
-
-inline static bool operator==(const PolicyDecision &d, const PolicyResult &r) {
- return r == d;
-}
-
-inline static bool operator!=(const PolicyDecision &d, const PolicyResult &r) {
- return !(d == r);
-}
-
-inline static bool operator==(const PolicyEffect &e, const PolicyResult &r) {
- return e == r;
-}
-
-inline static bool operator!=(const PolicyEffect &e, const PolicyResult &r) {
- return !(e == r);
-}
-
-inline static std::ostream & operator<<(std::ostream& stream,
- PolicyResult result)
-{
- return result.toStream(stream);
-}
-
-typedef DPL::Optional<PolicyResult> OptionalPolicyResult;
-
-#endif // _SRC_ACCESS_CONTROL_COMMON_POLICY_RESULT_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : PolicySet.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#if !defined(_POLICYSET_H)
-#define _POLICYSET_H
-
-#include "Policy.h"
-#include <iostream>
-
-class PolicySet : public Policy
-{
- public:
-
- //TODO Clean this class
- //PolicySet(CombineAlgorithm algorithm, std::list<Attribute> * targetAttr,const std::string & subjectId)
- // : Policy(algorithm,targetAttr,subjectId)
- // {}
- PolicySet()
- {
- }
- ~PolicySet()
- {
- }
-
- PolicySet(std::istream& is) : Policy(is)
- {
- }
-};
-
-#endif //_POLICYSET_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Preference.h
-// @ Date : 2009-05-2
-// @ Author : Samsung
-//
-//
-
-#ifndef _Preference_H_
-#define _Preference_H_
-
-#include <map>
-#include <string>
-
-#include <dpl/ace-dao-ro/PreferenceTypes.h>
-
-typedef AceDB::PreferenceTypes Preference;
-typedef AceDB::PreferenceTypesMap PreferenceMap;
-
-#endif //_Preference_H
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef _SRC_ACCESS_CONTROL_COMMON_PROMPT_DECISION_H_
-#define _SRC_ACCESS_CONTROL_COMMON_PROMPT_DECISION_H_
-
-#include <dpl/optional.h>
-#include <dpl/optional_typedefs.h>
-
-enum class PromptDecision {
- ALLOW_ALWAYS,
- DENY_ALWAYS,
- ALLOW_THIS_TIME,
- DENY_THIS_TIME,
- ALLOW_FOR_SESSION,
- DENY_FOR_SESSION
-};
-
-typedef DPL::Optional<PromptDecision> OptionalPromptDecision;
-
-struct CachedPromptDecision {
- PromptDecision decision;
- DPL::OptionalString session;
-};
-
-typedef DPL::Optional<CachedPromptDecision> OptionalCachedPromptDecision;
-
-#endif // _SRC_ACCESS_CONTROL_COMMON_PROMPT_DECISION_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Request.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#ifndef _REQUEST_H_
-#define _REQUEST_H_
-
-#include <set>
-#include <string>
-#include <vector>
-
-#include <dpl/ace-dao-ro/IRequest.h>
-
-#include <dpl/ace/WRT_INTERFACE.h>
-
-class Request : public AceDB::IRequest
-{
- public:
- typedef std::string DeviceCapability;
- typedef std::set<DeviceCapability> DeviceCapabilitySet;
-
- Request(WidgetHandle widgetHandle,
- WidgetExecutionPhase phase,
- IFunctionParam *functionParam = 0)
- : m_widgetHandle(widgetHandle)
- , m_phase(phase)
- , m_functionParam(functionParam)
- {}
-
- WidgetHandle getWidgetHandle() const
- {
- return m_widgetHandle;
- }
-
- WidgetExecutionPhase getExecutionPhase() const
- {
- return m_phase;
- }
-
- IFunctionParam *getFunctionParam() const
- {
- return m_functionParam;
- }
-
- void addDeviceCapability(const std::string& device)
- {
- m_devcapSet.insert(device);
- }
-
- DeviceCapabilitySet getDeviceCapabilitySet() const
- {
- return m_devcapSet;
- }
-
- private:
- WidgetHandle m_widgetHandle;
- WidgetExecutionPhase m_phase;
- //! \brief list of function param (only for intercept)
- IFunctionParam *m_functionParam;
- //! \brief Set of defice capabilities
- DeviceCapabilitySet m_devcapSet;
-};
-
-typedef std::vector <Request> Requests;
-
-#endif //_REQUEST_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Rule.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#if !defined(_RULE_H)
-#define _RULE_H
-
-#include "Attribute.h"
-#include "Effect.h"
-#include "Condition.h"
-#include <dpl/assert.h>
-
-class Rule : public AbstractTreeElement
-{
- public:
-
- Effect evaluateRule(const AttributeSet * attrSet) const;
-
- // KW Rule(Effect effect, Condition condition) : effect(effect), condition(condition) {
- // KW //TODO we should set it to deny or smth, not inapplicable
- // KW }
-
- Rule()
- {
- //TODO we should set it to deny or smth, not inapplicable
- this->effect = Inapplicable;
- }
-
- // KW Effect getEffect() const {
- // KW return this->effect;
- // KW };
-
- void setEffect(Effect effect)
- {
- //We should not allow to set "Inapplicable" effect.
- //Rules cannot have effect that is inapplicable, evaluation of the rules may however
- //render the effect inapplicable.
- Assert(effect != Inapplicable);
- this->effect = effect;
- }
- void setCondition(Condition condition)
- {
- this->condition = condition;
- }
- void getAttributes(AttributeSet * attrSet)
- {
- condition.getAttributes(attrSet);
- }
-
- //deserialize
- Rule(std::istream& is);
- void serialize(std::ostream& os);
-
- //DEBUG methods
- std::string printEffect(const Effect effect) const;
- void printData();
-
- private:
-
- Effect effect;
- Condition condition;
-};
-
-#endif //_RULE_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#if !defined(_SERIALIZER_H)
-#define _SERIALIZER_H
-
-#include <string>
-#include <iostream>
-#include <fstream>
-
-#include "TreeNode.h"
-#include "Attribute.h"
-#include "Subject.h"
-#include "Policy.h"
-#include "Condition.h"
-
-class Serializer
-{
- public:
- static Serializer* getInstance();
-
- /**** Interaface ****************/
-
- /**
- * Serialized tree given by
- * @param root
- * */
- // KW void serializeTree(TreeNode* root);
-
- /**
- * deserialize tree
- * @return pointer to deserialized tree
- * or NULL if error occur
- * */
- // KW TreeNode* deserializeTree();
-
- /* ------------------------------*/
-
- void serializeInt(std::ostream& os,
- const int value);
- int deserializeInt(std::istream& is);
-
- void serializeString(std::ostream& os,
- const std::string& text) const;
- std::string deserializeString(std::istream& is);
-
- void serializeListAttributes(std::ostream& os,
- const std::list<Attribute>& inputList);
- std::list<Attribute> deserializeListAttributes(std::istream& is);
-
- void serializeType(std::ostream& os,
- const Attribute::Type& typeId) const;
- Attribute::Type deserializeType(std::istream& is);
-
- void serializeListStrings(std::ostream& os,
- const std::list<std::string>& inputList) const;
-
- std::list<std::string> deserializeListStrings(std::istream&is);
-
- void serializeMatch(std::ostream& os,
- const Attribute::Match& match) const;
- Attribute::Match deserializeMatch(std::istream& is);
- //TODO add smartptr
- bool serializeModifier(std::ostream& os,
- const Attribute::Modifier& modifier) const;
- Attribute::Modifier deserializeModifier(std::istream& is);
-
- void serializeListTreeNode(std::ostream& os,
- std::list<TreeNode*>& inputList);
- std::list<TreeNode* > deserializeListTreeNode(std::istream&is,
- TreeNode* parent);
-
- void serializeTypeAbstract(std::ostream& os,
- const TreeNode::TypeID& typeId);
- TreeNode::TypeID deserializeTypeAbstract(std::istream& is);
-
- void serializeAbstractElement(std::ostream& os,
- AbstractTreeElement* element);
- AbstractTreeElement* deserializeAbstractElement(std::istream& is,
- TreeNode::TypeID&);
-
- void serializeListSubjects(std::ostream& os,
- std::list<const Subject*>& inputList);
- std::list<const Subject*>* deserializeListSubjects(std::istream& is);
-
- void serializeCombineAlgorithm(std::ostream& os,
- const Policy::CombineAlgorithm & combAlg);
- Policy::CombineAlgorithm deserializeCombineAlgorithm(std::istream& is);
-
- void serializeCombineType(std::ostream& os,
- const Condition::CombineType& combType);
- Condition::CombineType deserializeCombineType(std::istream& is);
-
- void serializeListConditions(std::ostream& os,
- std::list<Condition>& inputList);
- std::list<Condition> deserializeListConditions(std::istream& is,
- Condition* parent);
-
- void serializeEffect(std::ostream& os,
- Effect effect);
- Effect deserializeEffect(std::istream& is);
-
- void serializeCondition(std::ostream& os,
- Condition& cond);
- Condition& deserializeCondition(std::istream& is);
-
- private:
- Serializer()
- {
- }
- static Serializer* pInstance;
-
- std::filebuf fileBuffer;
-};
-
-#endif
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file SettingsLogic.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief Header file for class getting/setting user/global ACE settings
- */
-
-#ifndef WRT_SRC_ACCESS_CONTROL_LOGIC_SETTINGS_LOGIC_H_
-#define WRT_SRC_ACCESS_CONTROL_LOGIC_SETTINGS_LOGIC_H_
-
-#include <set>
-#include <list>
-#include <map>
-#include <string>
-#include <dpl/ace-dao-ro/PreferenceTypes.h>
-#include <dpl/ace/Request.h>
-#include <dpl/ace/PermissionTriple.h>
-#include <dpl/ace-dao-rw/AceDAO.h>
-#include <dpl/ace-dao-ro/wrt_db_types.h>
-
-class SettingsLogic
-{
- public:
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, DatabaseError)
- };
-
- // global settings
- static AceDB::PreferenceTypes findGlobalUserSettings(
- const std::string &resource,
- WidgetHandle handler);
-
- static AceDB::PreferenceTypes findGlobalUserSettings(
- const Request &request);
-
- // resource settings
- static AceDB::PreferenceTypes getDevCapSetting(
- const std::string &request);
- static void getDevCapSettings(AceDB::PreferenceTypesMap *preferences);
- static void setDevCapSetting(const std::string &resource,
- AceDB::PreferenceTypes preference);
- static void setAllDevCapSettings(
- const std::list<std::pair<const std::string *,
- AceDB::PreferenceTypes> > &resourcesList);
- static void removeDevCapSetting(const std::string &resource);
- static void updateDevCapSetting(const std::string &resource,
- AceDB::PreferenceTypes p);
-
- // user settings
- static AceDB::PreferenceTypes getWidgetDevCapSetting(
- const std::string &resource,
- WidgetHandle handler);
- static void getWidgetDevCapSettings(PermissionList *permissions);
- static void setWidgetDevCapSetting(const std::string &resource,
- WidgetHandle handler,
- AceDB::PreferenceTypes preference);
- static void setWidgetDevCapSettings(const PermissionList &tripleList);
- static void removeWidgetDevCapSetting(const std::string &resource,
- WidgetHandle handler);
-
- private:
- SettingsLogic()
- {
- }
-
-};
-
-#endif /* WRT_SRC_ACCESS_CONTROL_LOGIC_SETTINGS_LOGIC_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-// File: Subject.h
-// Author: notroot
-//
-// Created on June 2, 2009, 8:47 AM
-//
-
-#ifndef _SUBJECT_H
-#define _SUBJECT_H
-
-#include <set>
-#include <list>
-#include <iostream>
-#include <dpl/assert.h>
-#include <dpl/noncopyable.h>
-
-#include "Attribute.h"
-
-class Subject : DPL::Noncopyable
-{
- std::string subjectId;
- std::list<Attribute> targetAttributes;
-
- public:
- Subject()
- {}
-
- //deserialize
- Subject(std::istream&);
-
- virtual bool serialize (std::ostream& os);
-
- const std::list<Attribute>& getTargetAttributes() const;
-
- void setSubjectId(const std::string & subjectId)
- {
- this->subjectId = subjectId;
- }
-
- //TODO maybe we should remove that becuase this causes a memory leak right now!! [CR] maybe thats true, maybe whe can remove this fun
- // KW void setTargetAttributes(std::list<Attribute> * targetAttributes){ this->targetAttributes = targetAttributes; }
-
- const std::string & getSubjectId() const
- {
- return this->subjectId;
- }
-
- void addNewAttribute(Attribute & attr)
- {
- this->targetAttributes.push_back(attr);
- }
-
- //TODO in 1.0 change to true/false/undetermined
- bool matchSubject(const AttributeSet *attrSet,
- bool &isUndetermined) const;
-
- ~Subject()
- {}
-};
-
-#endif /* _SUBJECT_H */
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _TEST_TIMER_H
-#define _TEST_TIMER_H
-
-#include <time.h>
-
-class TestTimer
-{
- time_t startt, endt;
-
- public:
- void start()
- {
- time(&startt);
- }
- void stop()
- {
- time(&endt);
- }
- double getTime()
- {
- return difftime(endt, startt);
- }
-};
-
-#endif //_TEST_TIMER_H
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : TreeNode.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#ifndef _TREE_NODE_H
-#define _TREE_NODE_H
-
-#include <iostream>
-#include <list>
-
-#include <dpl/ace/AbstractTreeElement.h>
-
-class TreeNode;
-
-typedef std::list<TreeNode *> ChildrenSet;
-typedef std::list<TreeNode *>::iterator ChildrenIterator;
-typedef std::list<TreeNode *>::const_iterator ChildrenConstIterator;
-
-class TreeNode
-{
- public:
- //TODO nazwac pozadnie TYPY - moze jakas konwencja ... ??!!
- enum TypeID { Policy =0, PolicySet=1, Rule=2};
-
- virtual bool serialize(std::ostream& os);
-
- TreeNode(std::istream& is,
- TreeNode* parent);
-
- const ChildrenSet & getChildrenSet() const
- {
- return children;
- }
-
- TreeNode * getParent() const
- {
- return this->parent;
- }
-
- void setParent(TreeNode *parent)
- {
- this->parent = parent;
- }
-
- TypeID getTypeID() const
- {
- return this->typeID;
- }
-
- void addChild(TreeNode *child)
- {
- child->setParent(this);
- children.push_back(child);
- }
-
- /**
- * Clone the node
- */
- // KW TreeNode * clone() { return new TreeNode(NULL,this->getTypeID(),this->getElement()); }
-
- TreeNode(TreeNode * parent,
- TypeID type,
- AbstractTreeElement * element) :
- parent(parent),
- typeID(type),
- element(element)
- {
- }
-
- AbstractTreeElement * getElement() const
- {
- return element;
- }
-
- private:
- virtual ~TreeNode();
-
- public:
- /*
- * It is common that we create a copy of tree structure created out of xml file. However we don't want to
- * copy abstract elements ( Policies and Rules ) because we need them only for reading. We want to modify the
- * tree structure though. Therefore we copy TreeNode. When the copy of the original tree is being destroyed method
- * releaseTheSubtree should be called on "root". It automatically traverse the tree and call TreeNode destructors for
- * each TreeNode in the tree. It doesn't remove the abstract elements in the tree ( there is always at most one abstract
- * element instance, when tree is copied it is a shallow copy.
- * When we want to completely get rid of the the tree and abstract elements we have to call releaseResources on tree root.
- * We may want to do this for instance when we want to serialize the tree to disc. releaseResource method traverses the tree
- * and releses the resources, as well as the TreeNode so NO releaseTheSubtree is required any more
- */
- void releaseResources();
-
- /**
- * Used to delete the copies of tree structure. The original tree structure should be removed with releaseResources method.
- * ReleaseTheSubtree method doesn't delete the abstract elements, only TreeNodes. It traverses the whole tree, so it should be
- * called on behalf of root of the tree
- */
- // KW void releaseTheSubtree();
-
- friend std::ostream & operator<<(std::ostream & out,
- const TreeNode * node);
- // KW void printSubtree();
-
- private:
- // KW TreeNode(const TreeNode& pattern){ (void)pattern; }
-
- std::list<TreeNode *> children;
- TreeNode * parent;
- //TODO standarize ID case
- TypeID typeID;
- AbstractTreeElement * element;
- static int level;
-};
-
-#endif //_TREE_NODE_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : UserDecision.h
-// @ Date : 2009-05-22
-// @ Author : Samsung
-//
-//
-
-#ifndef _USERDECISION_H
-#define _USERDECISION_H
-
-#include <dpl/ace/Verdict.h>
-#include <dpl/ace-dao-ro/ValidityTypes.h>
-
-typedef AceDB::ValidityTypes Validity;
-
-const char * toString(Validity validity);
-
-#endif //_USERDECISION_H
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : Verdict.h
-// @ Date : 2009-05-2
-// @ Author : Samsung
-//
-//
-
-#ifndef _VERDICT_H
-#define _VERDICT_H
-
-#include <string>
-#include <dpl/ace-dao-ro/VerdictTypes.h>
-#include <dpl/ace-dao-ro/TimedVerdict.h>
-
-typedef AceDB::VerdictTypes Verdict;
-//typedef AceDB::TimedVerdict TimedVerdict;
-
-const char * toString(Verdict verditct);
-
-#endif //_VERDICT_H
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _WRT_INERFACE_4_ACE_EXAMPLE_H_
-#define _WRT_INERFACE_4_ACE_EXAMPLE_H_
-
-#include <list>
-#include <map>
-#include <string>
-
-#include <dpl/ace-dao-ro/wrt_db_types.h>
-
-class Request;
-
-enum WidgetExecutionPhase
-{
- WidgetExecutionPhase_Unknown = 0,
- WidgetExecutionPhase_WidgetInstall = 1 << 0,
- WidgetExecutionPhase_WidgetInstantiate = 1 << 1,
- WidgetExecutionPhase_WebkitBind = 1 << 2,
- WidgetExecutionPhase_Invoke = 1 << 3
-};
-
-struct RequestContext
-{
- const WidgetHandle Handle;
- WidgetExecutionPhase Phase;
-
- RequestContext(WidgetHandle handle,
- WidgetExecutionPhase phase) :
- Handle(handle),
- Phase(phase)
- {
- }
-};
-
-// Pair of pointer to attribute name and pointer to list of value for
-// this attribute name
-typedef std::pair< const std::string* const, std::list<std::string>* >
-ATTRIBUTE;
-
-/*
- * Each function should return 0 as success and positive value as error
- *
- * Possible return value:
- * 0 - succes
- * 1 - subjectId/resourceId name unknown
- * 2 - unknown attribute name
- * 4 - interface error
- **/
-
-/************** Web Runtime ********************/
-
-class IWebRuntime
-{
- public:
-
- /**
- * gather and set attributes values for specified subjectId
- * and attribute name
- * @param subjectId is a name of subject (widget or internet site URI )
- * @param attributes is a list of pairs(
- * first: pointer to attribute name
- * second: list of values for attribute (std::string) -
- * its a list of string (BONDI requirement), but usually there will
- * be only one string
- * */
- virtual int getAttributesValues(const Request &request,
- std::list<ATTRIBUTE> *attributes) = 0;
-
- /*return current sessionId */
- virtual std::string getSessionId(const Request &request) = 0;
-
- virtual ~IWebRuntime()
- {
- }
-};
-
-/************** Resource Information ********************/
-class IResourceInformation
-{
- public:
- /**
- * gather and set attributes values for specified resourceId
- * and attribute name
- * @param resourceId is a name of subject (widget or internet site URI )
- * @param attributes is a list of pairs(
- * first: pointer to attribute name
- * second: list of values for attribute (std::string) -
- * its a list of string (BONDI requirement), but usually there will
- * be only one string
- * */
- virtual int getAttributesValues(const Request &request,
- std::list<ATTRIBUTE> *attributes) = 0;
-
- virtual ~IResourceInformation()
- {
- }
-};
-
-/************** Operation System ********************/
-class IOperationSystem
-{
- public:
-
- /**
- * gather and set attributes values for specified attribute name
- * @param attributes is a list of pairs(
- * first: pointer to attribute name
- * second: list of values for attribute (std::string) -
- * its a list of string (BONDI requirement), but usually
- * there will be only one string
- * */
- virtual int getAttributesValues(const Request &request,
- std::list<ATTRIBUTE> *attributes) = 0;
-
- virtual ~IOperationSystem()
- {
- }
-};
-
-class IFunctionParam
-{
- public:
- virtual int getAttributesValues(const Request &request,
- std::list<ATTRIBUTE> *attributes) = 0;
- virtual ~IFunctionParam()
- {
- }
-};
-
-#endif //_WRT_INERFACE_4_ACE_EXAMPLE_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-// @ Project : Access Control Engine
-// @ File Name : UserDecision.h
-// @ Date : 2009-05-22
-// @ Author : Samsung
-//
-//
-
-#ifndef _WIDGET_USAGE_H
-#define _WIDGET_USAGE_H
-
-#include <dpl/event/event_support.h>
-
-#include "Request.h"
-#include "AsyncVerdictResultListener.h"
-
-enum UsageValidity
-{
- USAGE_UNKNOWN,
- USAGE_ONCE,
- USAGE_SESSION,
- USAGE_ALWAYS
-};
-
-enum UsageVerdict
-{
- USAGE_VERDICT_PERMIT,
- USAGE_VERDICT_DENY,
- USAGE_VERDICT_INAPPLICABLE,
- USAGE_VERDICT_UNDETERMINED,
- USAGE_VERDICT_UNKNOWN,
- USAGE_VERDICT_ERROR
-};
-//Forward declaration
-class PolicyEvaluator;
-
-class PolicyEvaluatorData
-{
- private:
- Request m_request;
- UsageValidity m_validity;
- UsageVerdict m_verdict;
- AsyncVerdictResultListener *m_listener;
- public:
-
- PolicyEvaluatorData(const Request& request,
- AsyncVerdictResultListener *listener) :
- m_request(request),
- m_validity(USAGE_UNKNOWN),
- m_verdict(USAGE_VERDICT_ERROR),
- m_listener(listener)
- {
- }
-
- // KW UsageValidity getValidity() const {
- // KW return m_validity;
- // KW }
- // KW
- // KW UsageVerdict getVerdict() const {
- // KW return m_verdict;
- // KW }
- // KW
- // KW void setValidity(UsageValidity validity) {
- // KW this->m_validity = validity;
- // KW }
- // KW
- // KW void setVerdict(UsageVerdict verdict) {
- // KW this->m_verdict = verdict;
- // KW }
-
- const Request& getRequest() const
- {
- return m_request;
- }
-
- AsyncVerdictResultListener* getListener() const
- {
- return m_listener;
- }
-};
-
-#endif //_USERDECISION_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * This file contain consts for Signing Template and Policy Manager
- * This values will be used to specified and identified algorithms in xml policy documents.
- * Its consistent with BONDI 1.0 released requirements
- *
- * NOTE: This values should be verified when ACF will be updated to the latest version of BONDI requirements
- * This values comes from widget digital signature 1.0 - required version of this doc is very important
- *
- **/
-
-#ifndef ACF_CONSTS_TYPES_H
-#define ACF_CONSTS_TYPES_H
-
-//Digest Algorithms
-extern const char* DIGEST_ALG_SHA256;
-
-//Canonicalization Algorithms
-extern const char* CANONICAL_ALG_C14N;
-
-//Signature Algorithms
-extern const char* SIGNATURE_ALG_RSA_with_SHA256;
-extern const char* SIGNATURE_ALG_DSA_with_SHA1;
-extern const char* SIGNATURE_ALG_ECDSA_with_SHA256;
-
-#endif
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-//
-//
-//
-// @ Project : Access Control Engine
-// @ File Name : parser.h
-// @ Date : 2009-05-06
-// @ Author : Samsung
-//
-//
-
-#ifndef _PARSER_H_
-#define _PARSER_H_
-
-//#include "/usr/include/libxml2/libxml/parser.h"
-#include <string>
-#include <libxml/xmlreader.h>
-#include <libxml/c14n.h>
-#include <libxml/xpath.h>
-#include <libxml/xpathInternals.h>
-
-#include "Policy.h"
-#include "PolicySet.h"
-#include "Request.h"
-#include "Rule.h"
-#include "Attribute.h"
-#include "TreeNode.h"
-#include "Subject.h"
-#include "Condition.h"
-
-#define whitespaces " \n\t\r"
-
-enum CanonicalizationAlgorithm
-{
- C14N,
- C14NEXCLUSIVE
-};
-
-class Parser
-{
- private:
-
- xmlTextReaderPtr reader;
-
- TreeNode * root;
- TreeNode * currentRoot;
- Subject * currentSubject;
- Condition * currentCondition;
- Attribute * currentAttribute;
- std::string * currentText;
-
- bool processingSignature;
- bool canonicalizeOnce;
-
- void processNode(xmlTextReaderPtr reader);
-
- //Node Handlers
- void endNodeHandler(xmlTextReaderPtr reader);
- void textNodeHandler(xmlTextReaderPtr reader);
- void startNodeHandler(xmlTextReaderPtr reader);
-
- //Node names handlers
- void handleAttr(xmlTextReaderPtr reader);
- void handleRule(xmlTextReaderPtr reader);
- void handleSubject();
- void handleCondition(xmlTextReaderPtr reader);
- void handleSubjectMatch(xmlTextReaderPtr reader);
- void handleMatch(xmlTextReaderPtr reader,
- Attribute::Type);
- void handlePolicy(xmlTextReaderPtr reader,
- TreeNode::TypeID type);
-
- //helpers
- Policy::CombineAlgorithm convertToCombineAlgorithm(xmlChar*);
- Effect convertToEffect(xmlChar *effect);
- Attribute::Match convertToMatchFunction(xmlChar * func);
- void consumeCurrentText();
- void consumeCurrentAttribute();
- void consumeSubjectMatch(xmlChar * value = NULL);
- void consumeCurrentSubject();
- void consumeCurrentCondition();
- void trim(std::string *);
- // KW void canonicalize(const char *, const char *, CanonicalizationAlgorithm canonicalizationAlgorithm);
- // KW int extractNodeToFile(xmlTextReaderPtr reader, const char * filename);
-
- static const char *TOKEN_PARAM;
- public:
- Parser();
- ~Parser();
- TreeNode * parse(const std::string& filename, const std::string& schema);
-};
-
-#endif //_PARSER_H
+++ /dev/null
-SQL(
- PRAGMA foreign_keys = ON;
- BEGIN TRANSACTION;
-)
-
-CREATE_TABLE(AcePolicyResult)
- COLUMN_NOT_NULL(decision, INTEGER, check(decision between 0 and 6))
- COLUMN_NOT_NULL(hash, TEXT,)
- TABLE_CONSTRAINTS(
- PRIMARY KEY(hash)
- )
-CREATE_TABLE_END()
-
-CREATE_TABLE(AcePromptDecision)
- COLUMN_NOT_NULL(user_param, TEXT,)
- COLUMN_NOT_NULL(decision, INTEGER, check(decision between 0 and 5))
- COLUMN(session, TEXT,)
- COLUMN_NOT_NULL(hash, TEXT,)
- TABLE_CONSTRAINTS(
- PRIMARY KEY(hash,user_param)
- )
-CREATE_TABLE_END()
-
-CREATE_TABLE(AceAttribute)
- COLUMN_NOT_NULL(attr_id, INTEGER, primary key autoincrement)
- COLUMN_NOT_NULL(name, TEXT,)
- COLUMN_NOT_NULL(type, INTEGER, check(type between 0 and 3))
-
- TABLE_CONSTRAINTS(unique(name,type))
-CREATE_TABLE_END()
-
-CREATE_TABLE(AceSubject)
- COLUMN_NOT_NULL(subject_id, INTEGER, primary key autoincrement)
- COLUMN_NOT_NULL(id_uri, TEXT, unique)
-CREATE_TABLE_END()
-
-CREATE_TABLE(AceDevCap)
- COLUMN_NOT_NULL(resource_id, INTEGER, primary key autoincrement)
- COLUMN_NOT_NULL(id_uri, TEXT, unique)
- COLUMN_NOT_NULL(general_setting,INTEGER, check(general_setting between -1 and 4))
-CREATE_TABLE_END()
-
-CREATE_TABLE(AceWidgetDevCapSetting)
- COLUMN_NOT_NULL(app_id, INTEGER, not null)
- COLUMN_NOT_NULL(resource_id, INTEGER, references AceDevCap(resource_id))
- COLUMN_NOT_NULL(access_value, INTEGER, check(access_value between -1 and 4))
-
- TABLE_CONSTRAINTS(unique(app_id,resource_id))
-CREATE_TABLE_END()
-
-CREATE_TABLE(AceStaticDevCapPermission)
- COLUMN_NOT_NULL(app_id, INTEGER, not null)
- COLUMN_NOT_NULL(dev_cap, TEXT,)
-
- TABLE_CONSTRAINTS(unique(app_id,dev_cap))
-CREATE_TABLE_END()
-
-SQL(
- COMMIT;
-)
+++ /dev/null
-DATABASE_START(ace)
-
-#include "ace_db"
-#include "version_db"
-
-DATABASE_END()
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef ORM_GENERATOR_ACE_H
-#define ORM_GENERATOR_ACE_H
-
-#define ORM_GENERATOR_DATABASE_NAME ace_db_definitions
-#include <dpl/db/orm_generator.h>
-#undef ORM_GENERATOR_DATABASE_NAME
-
-#endif
+++ /dev/null
-SQL(
- BEGIN TRANSACTION;
- CREATE TABLE DB_CHECKSUM (version INT);
- COMMIT;
-)
--- /dev/null
+ADD_CUSTOM_COMMAND(
+ OUTPUT ${CMAKE_BINARY_DIR}/modules/auto_save_dao/database_checksum_autosave.h
+ COMMAND ${CMAKE_SOURCE_DIR}/modules/auto_save_dao/orm/gen_db_md5.sh
+ ARGS ${CMAKE_BINARY_DIR}/modules/auto_save_dao/database_checksum_autosave.h
+ ${CMAKE_SOURCE_DIR}/modules/auto_save_dao/orm/autosave_db
+ DEPENDS ${CMAKE_SOURCE_DIR}/modules/auto_save_dao/orm/autosave_db
+ ${CMAKE_SOURCE_DIR}/modules/auto_save_dao/orm/gen_db_md5.sh
+ COMMENT "Generating WRT auto save database checksum"
+ )
+
+ADD_CUSTOM_COMMAND( OUTPUT .wrt_autosave.db
+ COMMAND rm -f ${CMAKE_CURRENT_BINARY_DIR}/.wrt_autosave.db
+ COMMAND gcc -Wall -include ${CMAKE_BINARY_DIR}/modules/auto_save_dao/database_checksum_autosave.h -I${PROJECT_SOURCE_DIR}/modules/db/include -I${PROJECT_SOURCE_DIR}/modules/auto_save_dao/orm -E ${PROJECT_SOURCE_DIR}/modules/auto_save_dao/orm/autosave_db_sql_generator.h | grep --invert-match "^#" > ${CMAKE_CURRENT_BINARY_DIR}/wrt_autosave_db.sql
+ COMMAND sqlite3 ${CMAKE_CURRENT_BINARY_DIR}/.wrt_autosave.db ".read ${CMAKE_CURRENT_BINARY_DIR}/wrt_autosave_db.sql" || rm -f ${CMAKE_CURRENT_BINARY_DIR}/.wrt_autosave.db
+ DEPENDS ${CMAKE_BINARY_DIR}/modules/auto_save_dao/database_checksum_autosave.h ${PROJECT_SOURCE_DIR}/modules/auto_save_dao/orm/autosave_db_sql_generator.h ${PROJECT_SOURCE_DIR}/modules/auto_save_dao/orm/autosave_db
+ )
+
+ADD_CUSTOM_COMMAND( OUTPUT .wrt_autosave.db-journal
+ COMMAND touch
+ ARGS ${CMAKE_CURRENT_BINARY_DIR}/.wrt_autosave.db-journal
+ )
+
+ADD_CUSTOM_TARGET(Sqlite3DbAutoSave ALL DEPENDS .wrt_autosave.db .wrt_autosave.db-journal)
+INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/wrt_autosave_db.sql DESTINATION share/wrt-engine/)
+
+###############################################################################
+
+INCLUDE(FindPkgConfig)
+
+PKG_CHECK_MODULES(AUTO_SAVE_DAO_DEPS
+ glib-2.0
+ REQUIRED)
+
+SET(AUTO_SAVE_DAO_INCLUDE_DIRS
+ ${PROJECT_SOURCE_DIR}/modules/auto_save_dao/include
+ ${PROJECT_SOURCE_DIR}/modules/auto_save_dao/orm
+ ${PROJECT_SOURCE_DIR}/modules/core/include
+ ${PROJECT_SOURCE_DIR}/modules/db/include
+ ${PROJECT_SOURCE_DIR}/modules/log/include
+ ${AUTO_SAVE_DAO_DEPS_INCLUDE_DIRS}
+)
+
+SET(AUTO_SAVE_DAO_SOURCES
+ dao/common_dao_types.cpp
+ dao/AutoSaveDatabase.cpp
+)
+
+SET(AUTO_SAVE_DAO_RO_SOURCES
+ dao/auto_save_dao_read_only.cpp
+)
+
+SET(AUTO_SAVE_DAO_RW_SOURCES
+ dao/auto_save_dao.cpp
+)
+
+INCLUDE_DIRECTORIES(${AUTO_SAVE_DAO_INCLUDE_DIRS})
+
+ADD_LIBRARY(${TARGET_AUTO_SAVE_DAO_LIB} SHARED ${AUTO_SAVE_DAO_SOURCES})
+SET_TARGET_PROPERTIES(${TARGET_AUTO_SAVE_DAO_LIB} PROPERTIES SOVERSION ${API_VERSION} VERSION ${VERSION})
+SET_TARGET_PROPERTIES(${TARGET_AUTO_SAVE_DAO_LIB} PROPERTIES COMPILE_FLAGS "-include ${CMAKE_BINARY_DIR}/modules/auto_save_dao/database_checksum_autosave.h")
+TARGET_LINK_LIBRARIES(${TARGET_AUTO_SAVE_DAO_LIB} ${TARGET_DPL_EFL} ${TARGET_DPL_DB_EFL} ${AUTO_SAVE_DAO_DEPS_LIBRARIES})
+
+ADD_LIBRARY(${TARGET_AUTO_SAVE_DAO_RO_LIB} SHARED ${AUTO_SAVE_DAO_RO_SOURCES})
+SET_TARGET_PROPERTIES(${TARGET_AUTO_SAVE_DAO_RO_LIB} PROPERTIES SOVERSION ${API_VERSION} VERSION ${VERSION})
+SET_TARGET_PROPERTIES(${TARGET_AUTO_SAVE_DAO_RO_LIB} PROPERTIES COMPILE_FLAGS "-include ${CMAKE_BINARY_DIR}/modules/auto_save_dao/database_checksum_autosave.h")
+TARGET_LINK_LIBRARIES(${TARGET_AUTO_SAVE_DAO_RO_LIB} ${TARGET_AUTO_SAVE_DAO_LIB})
+
+ADD_LIBRARY(${TARGET_AUTO_SAVE_DAO_RW_LIB} SHARED ${AUTO_SAVE_DAO_RW_SOURCES})
+SET_TARGET_PROPERTIES(${TARGET_AUTO_SAVE_DAO_RW_LIB} PROPERTIES SOVERSION ${API_VERSION} VERSION ${VERSION})
+SET_TARGET_PROPERTIES(${TARGET_AUTO_SAVE_DAO_RW_LIB} PROPERTIES COMPILE_FLAGS "-include ${CMAKE_BINARY_DIR}/modules/auto_save_dao/database_checksum_autosave.h")
+TARGET_LINK_LIBRARIES(${TARGET_AUTO_SAVE_DAO_RW_LIB} ${TARGET_AUTO_SAVE_DAO_RO_LIB})
+
+INSTALL(TARGETS ${TARGET_AUTO_SAVE_DAO_LIB} DESTINATION lib)
+INSTALL(TARGETS ${TARGET_AUTO_SAVE_DAO_RO_LIB} DESTINATION lib)
+INSTALL(TARGETS ${TARGET_AUTO_SAVE_DAO_RW_LIB} DESTINATION lib)
+
+INSTALL(FILES
+ include/wrt-commons/auto-save-dao/common_dao_types.h
+ include/wrt-commons/auto-save-dao/AutoSaveDatabase.h
+ DESTINATION include/dpl-efl/wrt-commons/auto-save-dao
+)
+
+INSTALL(FILES
+ include/wrt-commons/auto-save-dao-ro/auto_save_dao_read_only.h
+ DESTINATION include/dpl-efl/wrt-commons/auto-save-dao-ro
+)
+
+INSTALL(FILES
+ include/wrt-commons/auto-save-dao-rw/auto_save_dao.h
+ DESTINATION include/dpl-efl/wrt-commons/auto-save-dao-rw
+)
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/**
- *
- *
- * @file AceDAOConversions.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#ifndef WRT_ACE_DAO_CONVERSIONS_H_
-#define WRT_ACE_DAO_CONVERSIONS_H_
-#include <dpl/string.h>
-#include <dpl/ace-dao-ro/BaseAttribute.h>
+#include <wrt-commons/auto-save-dao/AutoSaveDatabase.h>
-namespace AceDB {
-namespace AceDaoConversions {
+using namespace AutoSaveDB;
-DPL::String convertToHash(const BaseAttributeSet &attributes);
-
-}
+namespace {
+const char* AUTOSAVE_DB_DATABASE = "/opt/dbspace/.wrt_autosave.db";
+DPL::DB::SqlConnection::Flag::Type AUTOSAVE_DB_FLAGS =
+ DPL::DB::SqlConnection::Flag::UseLucene;
}
-#endif
+DPL::Mutex g_autoSaveDbQueriesMutex;
+DPL::DB::ThreadDatabaseSupport Interface::m_autoSavedbInterface(
+ AUTOSAVE_DB_DATABASE, AUTOSAVE_DB_FLAGS);
+
--- /dev/null
+/*
+ * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file auto_save_dao.cpp
+ * @author Jihoon Chung (jihoon.chung@samsung.com)
+ * @version 1.0
+ * @brief This file contains the definition of auto save dao class.
+ */
+
+#include <wrt-commons/auto-save-dao-rw/auto_save_dao.h>
+#include <wrt-commons/auto-save-dao/AutoSaveDatabase.h>
+#include <orm_generator_autosave.h>
+
+using namespace DPL::DB::ORM;
+using namespace DPL::DB::ORM::autosave;
+using namespace AutoSaveDB::Interface;
+
+namespace AutoSaveDB {
+
+#define SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN Try
+
+#define SQL_CONNECTION_EXCEPTION_HANDLER_END(message) \
+ Catch(DPL::DB::SqlConnection::Exception::Base) { \
+ LogError(message); \
+ ReThrowMsg(AutoSaveDAO::Exception::DatabaseError, \
+ message); \
+ }
+
+AutoSaveDAO::AutoSaveDAO() :
+ AutoSaveDAOReadOnly()
+{
+}
+
+AutoSaveDAO::~AutoSaveDAO()
+{
+}
+
+void AutoSaveDAO::attachDatabaseRW(void)
+{
+ m_autoSavedbInterface.AttachToThread(
+ DPL::DB::SqlConnection::Flag::RW);
+}
+
+void AutoSaveDAO::detachDatabase(void)
+{
+ m_autoSavedbInterface.DetachFromThread();
+}
+
+void AutoSaveDAO::setAutoSaveIdPasswd(const DPL::String &url,
+ const AutoSaveData &saveData)
+{
+ SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN
+ {
+ ScopedTransaction transaction(&m_autoSavedbInterface);
+ AutoSaveIdPasswd::Row row;
+
+ row.Set_address(url);
+ row.Set_userId(saveData.userId);
+ row.Set_passwd(saveData.passwd);
+
+ DPL::Optional<AutoSaveData> savedData =
+ getAutoSaveIdPasswd(url);
+
+ if (!savedData.IsNull()) {
+ AUTOSAVE_DB_UPDATE(update, AutoSaveIdPasswd, &m_autoSavedbInterface)
+
+ update->Where(Equals<AutoSaveIdPasswd::address>(url));
+ update->Values(row);
+ update->Execute();
+ } else {
+ AUTOSAVE_DB_INSERT(
+ insert, AutoSaveIdPasswd, &m_autoSavedbInterface);
+ insert->Values(row);
+ insert->Execute();
+ }
+
+ transaction.Commit();
+ }
+ SQL_CONNECTION_EXCEPTION_HANDLER_END(
+ "Fail to register id, passwd for autosave")
+}
+
+#undef SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN
+#undef SQL_CONNECTION_EXCEPTION_HANDLER_END
+
+} // namespace AutoSaveDB
--- /dev/null
+/*
+ * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * This file contains the declaration of auto save dao class.
+ *
+ * @file auto_save_dao_read_only.cpp
+ * @author Jihoon Chung (jihoon.chung@samsung.com)
+ * @version 1.0
+ * @brief This file contains the declaration of auto save dao
+ */
+
+#include <wrt-commons/auto-save-dao-ro/auto_save_dao_read_only.h>
+#include <wrt-commons/auto-save-dao/AutoSaveDatabase.h>
+#include <orm_generator_autosave.h>
+
+using namespace DPL::DB::ORM;
+using namespace DPL::DB::ORM::autosave;
+using namespace AutoSaveDB::Interface;
+
+
+namespace AutoSaveDB {
+
+#define SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN Try
+
+#define SQL_CONNECTION_EXCEPTION_HANDLER_END(message) \
+ Catch(DPL::DB::SqlConnection::Exception::Base) { \
+ LogError(message); \
+ ReThrowMsg(AutoSaveDAOReadOnly::Exception::DatabaseError, \
+ message); \
+ }
+
+AutoSaveDAOReadOnly::AutoSaveDAOReadOnly()
+{
+}
+
+AutoSaveDAOReadOnly::~AutoSaveDAOReadOnly()
+{
+}
+
+void AutoSaveDAOReadOnly::attachDatabaseRO(void)
+{
+ m_autoSavedbInterface.AttachToThread(
+ DPL::DB::SqlConnection::Flag::RO);
+}
+
+void AutoSaveDAOReadOnly::detachDatabase(void)
+{
+ m_autoSavedbInterface.DetachFromThread();
+}
+
+DPL::Optional<AutoSaveData>
+ AutoSaveDAOReadOnly::getAutoSaveIdPasswd(const DPL::String &url)
+{
+ SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN
+ {
+ AUTOSAVE_DB_SELECT(select, AutoSaveIdPasswd, &m_autoSavedbInterface);
+ select->Where(Equals<AutoSaveIdPasswd::address>(url));
+ AutoSaveIdPasswd::Select::RowList rows = select->GetRowList();
+
+ if (rows.empty()) {
+ return DPL::Optional<AutoSaveData>::Null;
+ }
+
+ AutoSaveData saveData;
+ saveData.userId = rows.front().Get_userId();
+ saveData.passwd = rows.front().Get_passwd();
+ return saveData;
+ }
+ SQL_CONNECTION_EXCEPTION_HANDLER_END("Failed to get autosave data string")
+}
+
+#undef SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN
+#undef SQL_CONNECTION_EXCEPTION_HANDLER_END
+
+} // namespace AutoSaveDB
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/*
- * @file AceDatabase.cpp
- * @author Lukasz Marek (l.marek@samsung.com)
+/**
+ *
+ * @file common_dao_types.cpp
+ * @author Jihoon Chung (jihoon.chung@samsung.com)
* @version 1.0
- * @brief This file contains the declaration of ace database
+ * @brief This file contains the implementation of
+ * common data types for autoSavedb
*/
-#include <dpl/ace-dao-ro/AceDatabase.h>
+#include <wrt-commons/auto-save-dao/common_dao_types.h>
+#include <dpl/log/log.h>
-DPL::Mutex g_aceDbQueriesMutex;
+namespace AutoSaveDB {
+} // namespace AutoSaveDB
--- /dev/null
+/*
+ * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * This file contains the declaration of auto save dao class.
+ *
+ * @file auto_save_dao_read_only.h
+ * @author Jihoon Chung (jihoon.chung@samsung.com)
+ * @version 1.0
+ * @brief This file contains the declaration of auto save dao
+ */
+
+#ifndef _AUTO_SAVE_DAO_READ_ONLY_H_
+#define _AUTO_SAVE_DAO_READ_ONLY_H_
+
+#include <dpl/string.h>
+#include <dpl/exception.h>
+#include <wrt-commons/auto-save-dao/common_dao_types.h>
+
+namespace AutoSaveDB {
+
+class AutoSaveDAOReadOnly
+{
+ public:
+ /**
+ * AutoSaveDAOReadOnly Exception classes
+ */
+ class Exception
+ {
+ public:
+ DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
+ DECLARE_EXCEPTION_TYPE(Base, DatabaseError)
+ };
+
+ public:
+
+ AutoSaveDAOReadOnly();
+ virtual ~AutoSaveDAOReadOnly();
+
+ static void attachDatabaseRO(void);
+ static void detachDatabase(void);
+
+ /**
+ * This method gets Autofill for Webkit
+ */
+ static DPL::Optional<AutoSaveData> getAutoSaveIdPasswd(
+ const DPL::String &url);
+
+};
+
+} // namespace AutoSaveDB
+
+#endif // _AUTO_SAVE_DAO_READ_ONLY_H_
+
--- /dev/null
+/*
+ * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * This file contains the declaration of auto save dao class.
+ *
+ * @file auto_save_dao.h
+ * @author Jihoon Chung (jihoon.chung@samsung.com)
+ * @version 1.0
+ * @brief This file contains the declaration of auto save dao
+ */
+#ifndef _AUTO_SAVE_DAO_H_
+#define _AUTO_SAVE_DAO_H_
+
+#include <wrt-commons/auto-save-dao-ro/auto_save_dao_read_only.h>
+
+namespace AutoSaveDB {
+
+class AutoSaveDAO : public AutoSaveDAOReadOnly
+{
+ public:
+
+ AutoSaveDAO();
+ virtual ~AutoSaveDAO();
+
+ static void attachDatabaseRW(void);
+ static void detachDatabase(void);
+
+ /**
+ * This method sets Autofill for Webkit
+ */
+ static void setAutoSaveIdPasswd(
+ const DPL::String &url, const AutoSaveData &saveData);
+
+};
+
+} // namespace AutoSaveDB
+
+#endif // _AUTO_SAVE_DAO_H_
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/*
- * @file AceDatabase.h
- * @author Lukasz Marek (l.marek@samsung.com)
- * @version 1.0
- * @brief This file contains the declaration of ace database
- */
-#ifndef WRT_ENGINE_SRC_ACCESS_CONTROL_ACE_DATABASE_H
-#define WRT_ENGINE_SRC_ACCESS_CONTROL_ACE_DATABASE_H
+#ifndef _AUTOSAVEDATABASE_H_
+#define _AUTOSAVEDATABASE_H_
#include <dpl/thread.h>
#include <dpl/mutex.h>
+#include <dpl/db/thread_database_support.h>
-extern DPL::Mutex g_aceDbQueriesMutex;
+extern DPL::Mutex g_autoSaveDbQueriesMutex;
-#define ACE_DB_INTERNAL(tlsCommand, InternalType, interface) \
+#define AUTOSAVE_DB_INTERNAL(tlsCommand, InternalType, interface) \
static DPL::ThreadLocalVariable<InternalType> *tlsCommand ## Ptr = NULL; \
{ \
- DPL::Mutex::ScopedLock lock(&g_aceDbQueriesMutex); \
+ DPL::Mutex::ScopedLock lock(&g_autoSaveDbQueriesMutex); \
if (!tlsCommand ## Ptr) { \
static DPL::ThreadLocalVariable<InternalType> tmp; \
tlsCommand ## Ptr = &tmp; \
DPL::ThreadLocalVariable<InternalType> &tlsCommand = *tlsCommand ## Ptr; \
if (tlsCommand.IsNull()) { tlsCommand = InternalType(interface); }
-#define ACE_DB_SELECT(name, type, interface) \
- ACE_DB_INTERNAL(name, type::Select, interface)
+#define AUTOSAVE_DB_SELECT(name, type, interface) \
+ AUTOSAVE_DB_INTERNAL(name, type::Select, interface)
+
+#define AUTOSAVE_DB_INSERT(name, type, interface) \
+ AUTOSAVE_DB_INTERNAL(name, type::Insert, interface)
+
+#define AUTOSAVE_DB_UPDATE(name, type, interface) \
+ AUTOSAVE_DB_INTERNAL(name, type::Update, interface)
+
+#define AUTOSAVE_DB_DELETE(name, type, interface) \
+ AUTOSAVE_DB_INTERNAL(name, type::Delete, interface)
-#define ACE_DB_INSERT(name, type, interface) \
- ACE_DB_INTERNAL(name, type::Insert, interface)
+namespace AutoSaveDB {
+namespace Interface {
-#define ACE_DB_UPDATE(name, type, interface) \
- ACE_DB_INTERNAL(name, type::Update, interface)
+extern DPL::DB::ThreadDatabaseSupport m_autoSavedbInterface;
-#define ACE_DB_DELETE(name, type, interface) \
- ACE_DB_INTERNAL(name, type::Delete, interface)
+} // namespace Interface
+} // namespace AutoSaveDB
+#endif /* _AUTOSAVEDATABASE_H_ */
-#endif // WRT_ENGINE_SRC_ACCESS_CONTROL_ACE_DATABASE_H
*/
/**
*
- *
- * @file ValidityTypes.h
- * @author Grzegorz Krawczyk (g.krawczyk@samsung.com)
- * @version 0.1
- * @brief
+ * @file common_dao_types.h
+ * @author Jihoon Chung (jihoon.chung@samsung.com)
+ * @version 1.0
+ * @brief This file contains the declaration of
+ * common data types for auto save database.
*/
+#ifndef SHARE_COMMON_DAO_TYPES_H_
+#define SHARE_COMMON_DAO_TYPES_H_
-#ifndef ACCESS_CONTROL_DAO_VALIDITYTYPES_H_
-#define ACCESS_CONTROL_DAO_VALIDITYTYPES_H_
+#include <dpl/optional_typedefs.h>
-namespace AceDB{
+namespace AutoSaveDB {
-enum class ValidityTypes
+struct AutoSaveData
{
- ONCE,
- SESSION,
- ALWAYS,
- UNWRITEABLE
+ DPL::String userId;
+ DPL::String passwd;
};
-}
+} // namespace AutoSaveDB
-#endif
+#endif /* SHARE_COMMON_DAO_TYPES_H_ */
--- /dev/null
+SQL(
+ BEGIN TRANSACTION;
+)
+
+CREATE_TABLE(AutoSaveIdPasswd)
+ COLUMN_NOT_NULL(address, VARCHAR(256), unique)
+ COLUMN_NOT_NULL(userId, VARCHAR(128),)
+ COLUMN_NOT_NULL(passwd, VARCHAR(128),)
+CREATE_TABLE_END()
+
+SQL(
+ COMMIT;
+)
--- /dev/null
+DATABASE_START(autosave)
+
+#include "autosave_db"
+#include "version_db"
+
+DATABASE_END()
* limitations under the License.
*/
/*
- * @file wrt_db_sql_generator.h
- * @author Bartosz Janiak (b.janiak@samsung.com)
+ * @file autosave_db_sql_generator.h
+ * @author Jihoon Chung (jihoon.chung@samsung.com)
* @version 1.0
- * @brief Macro definitions for generating the SQL input file from database definition.
+ * @brief Macro definitions for generating the SQL
+ * input file from database definition.
*/
//Do not include this file directly! It is used only for SQL code generation.
-
#include <dpl/db/orm_macros.h>
-#include "ace_db_definitions"
+#include "autosave_db_definitions"
* limitations under the License.
*/
-#ifndef ORM_GENERATOR_VCORE_H
-#define ORM_GENERATOR_VCORE_H
+#ifndef _ORM_GENERATOR_AUTOSAVE_H_
+#define _ORM_GENERATOR_AUTOSAVE_H_
-#define ORM_GENERATOR_DATABASE_NAME vcore_db_definitions
+#define ORM_GENERATOR_DATABASE_NAME autosave_db_definitions
#include <dpl/db/orm_generator.h>
#undef ORM_GENERATOR_DATABASE_NAME
-#endif // ORM_GENERATOR_VCORE_H
+#endif // _ORM_GENERATOR_AUTOSAVE_H_
${PROJECT_SOURCE_DIR}/modules/core/include/dpl/apply.h
${PROJECT_SOURCE_DIR}/modules/core/include/dpl/assert.h
${PROJECT_SOURCE_DIR}/modules/core/include/dpl/atomic.h
+ ${PROJECT_SOURCE_DIR}/modules/core/include/dpl/auto_ptr.h
${PROJECT_SOURCE_DIR}/modules/core/include/dpl/binary_queue.h
${PROJECT_SOURCE_DIR}/modules/core/include/dpl/bool_operator.h
${PROJECT_SOURCE_DIR}/modules/core/include/dpl/char_traits.h
* limitations under the License.
*/
/*
- * @file ValidatorCommon.h
+ * @file auto_ptr.h
* @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @author Tomasz Swierczek (t.swierczek@samsung.com)
* @version 1.0
- * @brief This file contais definictions of common types used in ValidationCore.
+ * @brief This file contais definictions of specific AutoPtr class.
*/
-#ifndef _VALIDATORCOMMON_H_
-#define _VALIDATORCOMMON_H_
+#ifndef _AUTO_PTR_H_
+#define _AUTO_PTR_H_
#include <list>
#include <set>
#include <string>
-namespace ValidationCore {
-typedef std::set< std::string > ReferenceSet;
-typedef std::list< std::string > ObjectList;
-
+namespace DPL {
/*
* base deleter func
*/
template <typename T>
-struct ValidatorCoreUniversalFree {};
+struct UniversalFree {};
// Template Specialization
-#define VC_DECLARE_DELETER(type, function) \
+#define DECLARE_DELETER(type, function) \
template <> \
- struct ValidatorCoreUniversalFree <type> { \
+ struct UniversalFree <type> { \
void universal_free(type *ptr){ \
if (ptr) { \
function(ptr); } \
AutoPtr & operator=(const AutoPtr &second)
{
if (this != &second) {
- ValidatorCoreUniversalFree<T> deleter;
+ UniversalFree<T> deleter;
deleter.universal_free(m_data);
m_data = second.m_data;
second.m_data = 0;
~AutoPtr()
{
- ValidatorCoreUniversalFree<T> deleter;
+ UniversalFree<T> deleter;
deleter.universal_free(m_data);
}
private:
mutable T *m_data;
};
-} // namespace ValidationCore
+} // namespace DPL
-#endif // _VALIDATORCOMMON_H_
+#endif // AUTO_PTR
None = 1<<0,
UseLucene = 1<<1
};
+
+ enum Option
+ {
+ RO = SQLITE_OPEN_NOMUTEX | SQLITE_OPEN_READONLY,
+ RW =
+ SQLITE_OPEN_NOMUTEX | SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE
+ };
};
// RowID
// Synchronization object
ScopedPtr<SynchronizationObject> m_synchronizationObject;
- virtual void Connect(const std::string &address, Flag::Type = Flag::None);
+ virtual void Connect(const std::string &address,
+ Flag::Type = Flag::None, Flag::Option = Flag::RO);
virtual void Disconnect();
void TurnOnForeignKeys();
*/
explicit SqlConnection(const std::string &address = std::string(),
Flag::Type flags = Flag::None,
+ Flag::Option options = Flag::RO,
SynchronizationObject *synchronizationObject =
AllocDefaultSynchronizationObject());
{
}
- void AttachToThread()
+ void AttachToThread(
+ DPL::DB::SqlConnection::Flag::Option options =
+ DPL::DB::SqlConnection::Flag::RO)
{
Linger() = false;
// Initialize SQL connection described in traits
LogInfo("Attaching thread database connection: " << m_address);
- Connection() = new DPL::DB::SqlConnection(m_address.c_str(), m_flags);
+ Connection() = new DPL::DB::SqlConnection(m_address.c_str(), m_flags, options);
RefCounter() = 0;
return Optional<String>(s);
}
-void SqlConnection::Connect(const std::string &address, Flag::Type flag)
+void SqlConnection::Connect(const std::string &address,
+ Flag::Type type,
+ Flag::Option flag)
{
- if (m_connection != NULL)
- {
+ if (m_connection != NULL) {
LogPedantic("Already connected.");
return;
}
// Connect to database
int result;
- if (flag & Flag::UseLucene)
- {
+ if (type & Flag::UseLucene) {
result = db_util_open_with_options(
address.c_str(),
&m_connection,
- SQLITE_OPEN_NOMUTEX | SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
+ flag,
NULL);
m_usingLucene = true;
LogPedantic("Lucene index enabled");
- }
- else
- {
+ } else {
result = sqlite3_open_v2(
address.c_str(),
&m_connection,
- SQLITE_OPEN_NOMUTEX | SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE,
+ flag,
NULL);
m_usingLucene = false;
LogPedantic("Lucene index disabled");
}
- if (result == SQLITE_OK)
- {
+ if (result == SQLITE_OK) {
LogPedantic("Connected to DB");
- }
- else
- {
+ } else {
LogPedantic("Failed to connect to DB!");
ThrowMsg(Exception::ConnectionBroken, address);
}
SqlConnection::SqlConnection(const std::string &address,
Flag::Type flag,
+ Flag::Option option,
SynchronizationObject *synchronizationObject)
: m_connection(NULL),
m_usingLucene(false),
LogPedantic("Opening database connection to: " << address);
// Connect to DB
- SqlConnection::Connect(address, flag);
+ SqlConnection::Connect(address, flag, option);
if (!m_synchronizationObject)
{
}
}
-}
\ No newline at end of file
+}
${PROJECT_SOURCE_DIR}/modules/event/src/abstract_event_call.cpp
${PROJECT_SOURCE_DIR}/modules/event/src/abstract_event_dispatcher.cpp
${PROJECT_SOURCE_DIR}/modules/event/src/controller.cpp
- ${PROJECT_SOURCE_DIR}/modules/event/src/event_delivery.cpp
- ${PROJECT_SOURCE_DIR}/modules/event/src/event_delivery_detail.cpp
${PROJECT_SOURCE_DIR}/modules/event/src/event_listener.cpp
${PROJECT_SOURCE_DIR}/modules/event/src/event_support.cpp
${PROJECT_SOURCE_DIR}/modules/event/src/generic_event_call.cpp
${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/abstract_event_call.h
${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/abstract_event_dispatcher.h
${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/controller.h
- ${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/event_delivery_detail.h
- ${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/event_delivery.h
- ${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/event_delivery_injector.h
- ${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/event_delivery_messages.h
${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/event_listener.h
${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/event_support.h
${PROJECT_SOURCE_DIR}/modules/event/include/dpl/event/generic_event_call.h
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file event_delivery.h
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file is the header file of event delivery class
- */
-#ifndef DPL_EVENT_DELIVERY_H
-#define DPL_EVENT_DELIVERY_H
-
-#include <dpl/event/event_delivery_detail.h>
-#include <dpl/event/event_delivery_messages.h>
-#include <dpl/event/event_support.h>
-#include <dpl/noncopyable.h>
-#include <dpl/shared_ptr.h>
-#include <dpl/exception.h>
-#include <dpl/assert.h>
-#include <dpl/foreach.h>
-#include <list>
-#include <map>
-#include <typeinfo>
-#include <string>
-
-/*
- * Event delivery system
- *
- * Sample usages:
- *
- * I. Listening for standard predefined notifications
- *
- * class MyClass
- * : public EventListener<EventMessages::RoamingChanged>
- * {
- * void OnEventReceived(const EventMessages::RoamingChanged& event)
- * {
- * std::cout << "Roaming is now " << event.GetRoamingEnabled() ? "ENABLED" : "DISABLED" << std::endl;
- * }
- *
- * public:
- * MyClass()
- * {
- * EventDeliverySystem::AddListener<EventMessages::RoamingChanged>(this);
- * }
- *
- * virtual ~MyClass()
- * {
- * EventDeliverySystem::RemoveListener<EventMessages::RoamingChanged>(this);
- * }
- *
- * void SendSampleSignal()
- * {
- * EventMessages::RoamingChanged roamingMessage(true);
- * EventDeliverySystem::Publish(roamingMessage);
- * }
- * }
- *
- * II. Creation of custom generic events, and listening for them
- *
- * EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_2(MyEvent, int, float);
- *
- * class MyClass
- * : public EventListener<MyEvent>
- * {
- * void OnEventReceived(const MyEvent &event)
- * {
- * std::cout << "Event contents: " << event.GetArg0() << ", " << event.GetArg1() << std::endl;
- * }
- *
- * public:
- * MyClass()
- * {
- * EventDeliverySystem::AddListener<MyEvent>(this);
- * }
- *
- * virtual ~MyClass()
- * {
- * EventDeliverySystem::RemoveListener<MyEvent>(this);
- * }
- *
- * void SendSampleSignal()
- * {
- * MyEvent myEvent(5, 3.14f);
- * EventDeliverySystem::Publish(myEvent);
- * }
- * }
- *
- * In source file, one must add implementation of event delivery message:
- *
- * EVENT_DELIVERY_IMPLEMENT_EVENT_MESSAGE(MyEvent)
- *
- */
-namespace DPL
-{
-namespace Event
-{
-
-class AbstractEventDeliverySystemPublisher
-{
-public:
- virtual ~AbstractEventDeliverySystemPublisher() = 0;
-};
-
-template<typename EventType>
-class EventDeliverySystemPublisher
- : private EventSupport<EventType>
- , public AbstractEventDeliverySystemPublisher
-{
-public:
- typedef typename EventSupport<EventType>::EventListenerType EventListenerType;
-
-private:
- friend class EventDeliverySystem;
-
- EventDeliverySystemPublisher(EventListenerType *eventListener)
- : m_eventListener(eventListener)
- {
- EventSupport<EventType>::AddListener(m_eventListener);
- }
-
- EventListenerType *m_eventListener;
-
-public:
- ~EventDeliverySystemPublisher()
- {
- EventSupport<EventType>::RemoveListener(m_eventListener);
- }
-
- void PublishEvent(const EventType &event)
- {
- EmitEvent(event, EmitMode::Queued);
- }
-
- EventListenerType *GetListener() const
- {
- return m_eventListener;
- }
-};
-
-template<typename Type>
-class EventDeliverySystemTraits
-{
-public:
- typedef Type EventType;
- typedef EventDeliverySystemPublisher<EventType> PublisherType;
- typedef typename PublisherType::EventListenerType EventListenerType;
- typedef SharedPtr<PublisherType> PublisherPtrType;
- typedef std::list<PublisherPtrType> PublisherPtrContainerType;
-};
-
-class EventDeliverySystem
- : private Noncopyable
-{
-private:
- typedef SharedPtr<AbstractEventDeliverySystemPublisher> AbstractPublisherPtrType;
- typedef std::list<AbstractPublisherPtrType> AbstractPublisherPtrContainerType;
- typedef AbstractPublisherPtrContainerType::const_iterator AbstractPublisherPtrContainerTypeConstIterator;
- typedef AbstractPublisherPtrContainerType::iterator AbstractPublisherPtrContainerTypeIterator;
- typedef std::map<std::string, AbstractPublisherPtrContainerType> AbstractPublisherPtrContainerMapType;
-
- template<class EventType>
- class CrtDeleteCheck
- {
- private:
- const AbstractPublisherPtrContainerType &m_publisherContainer;
-
- public:
- CrtDeleteCheck(const AbstractPublisherPtrContainerType &publisherContainer)
- : m_publisherContainer(publisherContainer)
- {
- }
-
- virtual ~CrtDeleteCheck()
- {
- Assert(m_publisherContainer.empty() && "All event delivery listeners must be removed before exit!");
- }
- };
-
- // Map containing publishers for all registered events
- static AbstractPublisherPtrContainerMapType m_publishers;
-
- // Detail implementation: lazy initialized
- static EventDeliverySystemDetail m_detailSystem;
-
- EventDeliverySystem()
- {
- }
-
- template<typename EventType>
- static AbstractPublisherPtrContainerType &GetPublisherContainerRef()
- {
- std::string typeId = typeid(EventType).name();
-
- //FIXME: problem with linking per compilation unit won't hurt this check?
- static CrtDeleteCheck<EventType> crtDeleteCheck(m_publishers[typeId]);
- (void)crtDeleteCheck;
-
- return m_publishers[typeId];
- }
-
- template<typename EventType>
- static typename EventDeliverySystemTraits<EventType>::PublisherPtrContainerType GetPublisherContainer()
- {
- std::string typeId = typeid(EventType).name();
- typedef typename EventDeliverySystemTraits<EventType>::PublisherPtrContainerType PublisherContainerType;
- typedef typename EventDeliverySystemTraits<EventType>::PublisherType PublisherType;
- typedef typename EventDeliverySystemTraits<EventType>::PublisherPtrType PublisherPtrType;
-
- AbstractPublisherPtrContainerType eventPublishers = m_publishers[typeId];
- PublisherContainerType publisherContainer;
-
- FOREACH(iterator, eventPublishers)
- {
- PublisherPtrType publisher =
- StaticPointerCast<PublisherType>(*iterator);
- publisherContainer.push_back(publisher);
- }
-
- return publisherContainer;
- }
-
- // Detail access
- template<typename EventType>
- static void Inject(const EventType &event)
- {
- typedef typename EventDeliverySystemTraits<EventType>::PublisherPtrContainerType PublisherContainerType;
- typedef typename EventDeliverySystemTraits<EventType>::PublisherPtrType PublisherPtrType;
-
- PublisherContainerType publisherContainer = GetPublisherContainer<EventType>();
- typename PublisherContainerType::iterator iterator;
-
- for (iterator = publisherContainer.begin(); iterator != publisherContainer.end(); ++iterator)
- {
- PublisherPtrType &publisher = *iterator;
- publisher->PublishEvent(event);
- }
- }
-
- template<typename EventType>
- class PublisherPtrContainerListenerPredicate
- {
- public:
- typedef EventListener<EventType> EventListenerType;
-
- private:
- EventListenerType *m_listener;
-
- public:
- PublisherPtrContainerListenerPredicate(EventListenerType *listener)
- : m_listener(listener)
- {
- }
-
- bool operator()(const AbstractPublisherPtrType &publisher) const
- {
- return StaticPointerCast<typename EventDeliverySystemTraits<EventType>::PublisherType>(publisher)->GetListener() == m_listener;
- }
- };
-
- friend class EventDeliverySystemInjector;
-
-public:
- virtual ~EventDeliverySystem()
- {
- }
-
- template<typename EventType>
- static void AddListener(EventListener<EventType> *listener)
- {
- typedef typename EventDeliverySystemTraits<EventType>::PublisherType PublisherType;
- typedef typename EventDeliverySystemTraits<EventType>::PublisherPtrType PublisherPtrType;
- typedef typename EventDeliverySystemTraits<EventType>::PublisherPtrContainerType PublisherPtrContainerType;
-
- typedef PublisherPtrContainerListenerPredicate<EventType> PublisherPtrContainerListenerPredicateType;
-
- AbstractPublisherPtrContainerType &publisherContainer = GetPublisherContainerRef<EventType>();
- AbstractPublisherPtrContainerTypeConstIterator iterator =
- std::find_if(publisherContainer.begin(), publisherContainer.end(), PublisherPtrContainerListenerPredicateType(listener));
-
- Assert(iterator == publisherContainer.end() && "Listener already exists");
-
- // Add new publisher
- publisherContainer.push_back(AbstractPublisherPtrType(new PublisherType(listener)));
-
- // When first listener is inserted, start to listen for events
- if (publisherContainer.size() == 1) {
- m_detailSystem.Listen(EventType());
- }
- }
-
- template<typename EventType>
- static void RemoveListener(EventListener<EventType> *listener)
- {
- typedef typename EventDeliverySystemTraits<EventType>::PublisherType PublisherType;
- typedef typename EventDeliverySystemTraits<EventType>::PublisherPtrType PublisherPtrType;
- typedef typename EventDeliverySystemTraits<EventType>::PublisherPtrContainerType PublisherPtrContainerType;
-
- typedef PublisherPtrContainerListenerPredicate<EventType> PublisherPtrContainerListenerPredicateType;
-
- AbstractPublisherPtrContainerType &publisherContainer = GetPublisherContainerRef<EventType>();
-
- AbstractPublisherPtrContainerTypeIterator iterator =
- std::find_if(publisherContainer.begin(), publisherContainer.end(), PublisherPtrContainerListenerPredicateType(listener));
-
- Assert(iterator != publisherContainer.end() && "Listener does not exist");
-
- // Remove publisher
- publisherContainer.erase(iterator);
-
- // When last listener was removed, stop to listen for events
- if (publisherContainer.empty())
- m_detailSystem.Unlisten(EventType());
- }
-
- template<typename EventType>
- static void Publish(const EventType &event)
- {
- m_detailSystem.Publish(event);
- }
-};
-
-}
-} // namespace DPL
-
-#endif // DPL_EVENT_DELIVERY_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file event_delivery_detail.h
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file is the header file of event delivery EFL detail class
- */
-#ifndef DPL_EVENT_DELIVERY_DETAIL_EFL_H
-#define DPL_EVENT_DELIVERY_DETAIL_EFL_H
-
-#include <dpl/event/event_delivery_messages.h>
-#include <dpl/framework_vconf.h>
-#include <dpl/noncopyable.h>
-#include <dpl/assert.h>
-#include <string>
-#include <list>
-
-namespace DPL
-{
-namespace Event
-{
-
-class EventDeliverySystemDetail
- : private Noncopyable
-{
-private:
- // Generic noti event prefixes
- static const char *NOTI_EVENT_ID_GENERIC_0;
- static const char *NOTI_EVENT_ID_GENERIC_1;
- static const char *NOTI_EVENT_ID_GENERIC_2;
- static const char *NOTI_EVENT_ID_GENERIC_3;
- static const char *NOTI_EVENT_ID_GENERIC_4;
-
- // Other noti events
- static const char *NOTI_EVENT_ID_NULL;
-
- // Main noti handle
- int m_notiHandle;
-
- // Noti signaling class
- class NotiSignal
- {
- private:
- EventDeliverySystemDetail *m_receiver;
- const char *m_gcid;
- int m_sysnoti;
- std::string m_eventName;
-
- public:
- NotiSignal(EventDeliverySystemDetail *receiver, const char *gcid, const std::string &eventName)
- : m_receiver(receiver),
- m_gcid(gcid),
- m_sysnoti(-1),
- m_eventName(eventName)
- {
- Assert(receiver != NULL);
- }
-
- NotiSignal(EventDeliverySystemDetail *receiver, int sysnoti)
- : m_receiver(receiver),
- m_gcid(NULL),
- m_sysnoti(sysnoti)
- {
- Assert(receiver != NULL);
- }
-
- const char *GetGcid() const
- {
- return m_gcid;
- }
-
- int GetSysNoti() const
- {
- return m_sysnoti;
- }
-
- std::string GetEventName() const
- {
- return m_eventName;
- }
-
- EventDeliverySystemDetail *GetReceiver() const
- {
- return m_receiver;
- }
- };
-
- // Registered noti singal list
- typedef std::list<NotiSignal> NotiSignalList;
- NotiSignalList m_notiSignalList;
-
- // setting library callbacks
- class SettingSignal
- {
- private:
- EventDeliverySystemDetail *m_receiver;
- std::string m_key;
-
- public:
- SettingSignal(EventDeliverySystemDetail *receiver, const std::string &key)
- : m_receiver(receiver),
- m_key(key)
- {
- }
-
- std::string GetKey() const
- {
- return m_key;
- }
-
- EventDeliverySystemDetail *GetReceiver() const
- {
- return m_receiver;
- }
- };
-
- typedef std::list<SettingSignal> SettingSignalList;
- SettingSignalList m_settingSignalList;
-
- // Global noti callbacks
- class GlobalNotiSignal
- {
- private:
- EventDeliverySystemDetail *m_receiver;
- std::string m_key;
-
- public:
- GlobalNotiSignal(EventDeliverySystemDetail *receiver, const std::string &key)
- : m_receiver(receiver),
- m_key(key)
- {
- }
-
- std::string GetKey() const
- {
- return m_key;
- }
-
- EventDeliverySystemDetail *GetReceiver() const
- {
- return m_receiver;
- }
- };
-
- typedef std::list<GlobalNotiSignal> GlobalNotiSignalList;
- GlobalNotiSignalList m_globalNotiSignalList;
-
- // Utilities
- std::string ReadFile(const std::string &fileName) const;
- std::string GetGenericNotiFilePath(const std::string &eventName) const;
-
- // Noti callback registration/unregistration
- void RegisterFileNotiCallback(const char *gcid, const std::string &eventName);
- void UnregisterFileNotiCallback(const std::string &eventName);
-
- void RegisterSettingCallback(const std::string &key);
- void UnregisterSettingCallback(const std::string &key);
-
- void RegisterGlobalNotiCallback(const std::string &key);
- void UnregisterGlobalNotiCallback(const std::string &key);
-
- // Emit noti signal
- void SignalGenericNoti(const std::string &eventName, const std::string &contents) const;
-
- // Signals
- static void OnNotiGlobalSignal(void *notiData);
- static void OnSettingSignal(keynode_t *keyNode, void *userParam);
- static void OnGlobalNotiSignal(void *globalNotiData);
-
- void OnNotiSignal(NotiSignal *notiSignal);
-
-public:
- EventDeliverySystemDetail();
- virtual ~EventDeliverySystemDetail();
-
- void Listen(const EventMessages::RoamingChanged &event);
- void Listen(const EventMessages::NetworkTypeChanged &event);
- void Listen(const EventMessages::HibernationEnter &event);
- void Listen(const EventMessages::HibernationLeave &event);
-
- void Unlisten(const EventMessages::RoamingChanged &event);
- void Unlisten(const EventMessages::NetworkTypeChanged &event);
- void Unlisten(const EventMessages::HibernationEnter &event);
- void Unlisten(const EventMessages::HibernationLeave &event);
-
- void Publish(const EventMessages::Generic0 &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_0) + event.GetGcid();
- SignalGenericNoti(eventName, event.SerializeType());
- }
-
- template<typename Arg0Type>
- void Publish(const EventMessages::Generic1<Arg0Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_1) + event.GetGcid();
- SignalGenericNoti(eventName, event.SerializeType());
- }
-
- template<typename Arg0Type, typename Arg1Type>
- void Publish(const EventMessages::Generic2<Arg0Type, Arg1Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_2) + event.GetGcid();
- SignalGenericNoti(eventName, event.SerializeType());
- }
-
- template<typename Arg0Type, typename Arg1Type, typename Arg2Type>
- void Publish(const EventMessages::Generic3<Arg0Type, Arg1Type, Arg2Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_3) + event.GetGcid();
- SignalGenericNoti(eventName, event.SerializeType());
- }
-
- template<typename Arg0Type, typename Arg1Type, typename Arg2Type, typename Arg3Type>
- void Publish(const EventMessages::Generic4<Arg0Type, Arg1Type, Arg2Type, Arg3Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_4) + event.GetGcid();
- SignalGenericNoti(eventName, event.SerializeType());
- }
-
- void Listen(const EventMessages::Generic0 &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_0) + event.GetGcid();
- RegisterFileNotiCallback(event.GetGcid(), eventName);
- }
-
- template<typename Arg0Type>
- void Listen(const EventMessages::Generic1<Arg0Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_1) + event.GetGcid();
- RegisterFileNotiCallback(event.GetGcid(), eventName);
- }
-
- template<typename Arg0Type, typename Arg1Type>
- void Listen(const EventMessages::Generic2<Arg0Type, Arg1Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_2) + event.GetGcid();
- RegisterFileNotiCallback(event.GetGcid(), eventName);
- }
-
- template<typename Arg0Type, typename Arg1Type, typename Arg2Type>
- void Listen(const EventMessages::Generic3<Arg0Type, Arg1Type, Arg2Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_3) + event.GetGcid();
- RegisterFileNotiCallback(event.GetGcid(), eventName);
- }
-
- template<typename Arg0Type, typename Arg1Type, typename Arg2Type, typename Arg3Type>
- void Listen(const EventMessages::Generic4<Arg0Type, Arg1Type, Arg2Type, Arg3Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_4) + event.GetGcid();
- RegisterFileNotiCallback(event.GetGcid(), eventName);
- }
-
- void Unlisten(const EventMessages::Generic0 &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_0) + event.GetGcid();
- UnregisterFileNotiCallback(eventName);
- }
-
- template<typename Arg0Type>
- void Unlisten(const EventMessages::Generic1<Arg0Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_1) + event.GetGcid();
- UnregisterFileNotiCallback(eventName);
- }
-
- template<typename Arg0Type, typename Arg1Type>
- void Unlisten(const EventMessages::Generic2<Arg0Type, Arg1Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_2) + event.GetGcid();
- UnregisterFileNotiCallback(eventName);
- }
-
- template<typename Arg0Type, typename Arg1Type, typename Arg2Type>
- void Unlisten(const EventMessages::Generic3<Arg0Type, Arg1Type, Arg2Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_3) + event.GetGcid();
- UnregisterFileNotiCallback(eventName);
- }
-
- template<typename Arg0Type, typename Arg1Type, typename Arg2Type, typename Arg3Type>
- void Unlisten(const EventMessages::Generic4<Arg0Type, Arg1Type, Arg2Type, Arg3Type> &event)
- {
- std::string eventName = std::string(NOTI_EVENT_ID_GENERIC_4) + event.GetGcid();
- UnregisterFileNotiCallback(eventName);
- }
-};
-
-}
-} // namespace DPL
-
-#endif // DPL_EVENT_DELIVERY_DETAIL_EFL_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file event_delivery_injector.h
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file is the header file of event delivery injector
- */
-#ifndef DPL_EVENT_DELIVERY_INJECTOR_H
-#define DPL_EVENT_DELIVERY_INJECTOR_H
-
-#include <dpl/event/event_delivery.h>
-#include <dpl/noncopyable.h>
-#include <dpl/log/log.h>
-#include <utility>
-#include <string>
-#include <map>
-
-namespace DPL
-{
-namespace Event
-{
-
-class EventDeliverySystemInjector
- : private Noncopyable
-{
-private:
- EventDeliverySystemInjector()
- {
- }
-
- typedef void (*MetaCall)(const std::string &metaData);
- typedef std::map<const char *, MetaCall> MetaCallContainer;
- MetaCallContainer m_metaCalls;
-
-public:
- virtual ~EventDeliverySystemInjector()
- {
- }
-
- static EventDeliverySystemInjector &Instance()
- {
- static EventDeliverySystemInjector instance;
- return instance;
- }
-
- void PublishMetaType(const char *metaType, const std::string &metaData)
- {
- // Unwrap meta type (indirect Publish meta call)
- m_metaCalls[metaType](metaData);
- }
-
- template<typename EventMessageType>
- void Publish(const EventMessageType &message)
- {
- EventDeliverySystem::Inject(message);
- }
-
- void RegisterMetaCall(const char *metaType, MetaCall metaCall)
- {
- m_metaCalls.insert(std::make_pair(metaType, metaCall));
- }
-};
-
-}
-} // namespace DPL
-
-#endif // DPL_EVENT_DELIVERY_INJECTOR_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file event_delivery_messages.h
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file is the header file of event delivery messages
- */
-#ifndef DPL_EVENT_DELIVERY_MESSAGES_H
-#define DPL_EVENT_DELIVERY_MESSAGES_H
-
-#include <cstring>
-#include <sstream>
-#include <string>
-#include <vector>
-
-namespace DPL
-{
-namespace Event
-{
-
-namespace EventMessages
-{
-/**
- * Generic event message base
- *
- * Custom events are derived from these templates
- * Only template GenericN members are serialized
- *
- * Assumptions:
- *
- * 1. Arg* must be default constructible
- * 2. For Arg* there must be defined << and >> operators
- */
-class GenericBase
-{
-private:
- const char *m_gcid; ///< Global class ID
- static const char SEPARATOR = '\254'; ///< Unique serialized data separator
- static const size_t DESERIALIZE_STRING_FIELD_CHUNK_SIZE = 128; ///< Chunk size while parsing serialized event data
-
-protected:
- template<class Type>
- void SerializeField(std::ostream &stream, const Type &type) const
- {
- stream << type;
- }
-
- void SerializeSeparator(std::ostream &stream) const
- {
- stream << SEPARATOR;
- }
-
- std::vector<std::string> SplitStream(const std::string &stream) const
- {
- char separator[2] = {};
- separator[0] = SEPARATOR;
- std::vector<std::string> splitVector;
-
- char *splitTab = new char[stream.size() + 1];
- strcpy(splitTab, stream.c_str());
-
- // Split serialized stream
- char *savePtr;
- char *splitPtr = strtok_r(splitTab, separator, &savePtr);
-
- while (splitPtr != NULL)
- {
- splitVector.push_back(std::string(splitPtr));
- splitPtr = strtok_r(NULL, separator, &savePtr);
- }
-
- delete [] splitTab;
-
- return splitVector;
- }
-
- template<class Type>
- Type DeserializeField(std::istream &stream, const Type &) const
- {
- Type type;
- stream >> type;
- return type;
- }
-
- std::string DeserializeField(std::istream &stream, const std::string &) const
- {
- std::string result;
- char buffer[DESERIALIZE_STRING_FIELD_CHUNK_SIZE];
-
- for (;;)
- {
- stream.get(buffer, DESERIALIZE_STRING_FIELD_CHUNK_SIZE);
-
- if (stream.gcount() < 1)
- break;
-
- result += std::string(buffer, buffer + stream.gcount());
- }
-
- return result;
- }
-
-public:
- /**
- * Init constructor
- */
- explicit GenericBase(const char *gcid)
- : m_gcid(gcid)
- {
- }
-
- /**
- * Destructor
- */
- virtual ~GenericBase()
- {
- }
-
- const char *GetGcid() const { return m_gcid; }
-
- /**
- * Serialize event n-tuple
- *
- * @return Ouput serialized stream
- * @warning Internal use only
- */
- virtual std::string SerializeType() const = 0;
-
- /**
- * Deserialize event n-tuple
- *
- * @param[in] stream Input stream to deserialize from
- * @warning Internal use only
- */
- virtual void DeserializeType(const std::string &stream) = 0;
-};
-
-class Generic0
- : public GenericBase
-{
-public:
- /**
- * Init constructor
- */
- explicit Generic0(const char *Gcid)
- : GenericBase(Gcid)
- {
- }
-
- /**
- * Destructor
- */
- virtual ~Generic0()
- {
- }
-
- /**
- * Serialize event 0-tuple
- *
- * @return Ouput serialized stream
- * @warning Internal use only
- */
- virtual std::string SerializeType() const
- {
- return std::string();
- }
-
- /**
- * Deserialize event 0-tuple
- *
- * @param[in] stream Input stream to deserialize from
- * @warning Internal use only
- */
- virtual void DeserializeType(const std::string &stream)
- {
- (void)stream;
- }
-};
-
-template<typename Arg0Type>
-class Generic1
- : public GenericBase
-{
-public:
- typedef Arg0Type Arg0;
-
-private:
- Arg0 m_arg0;
-
-public:
- /**
- * Init constructor
- */
- explicit Generic1(const char *Gcid)
- : GenericBase(Gcid),
- m_arg0()
- {
- }
-
- /**
- * Full init constructor
- */
- explicit Generic1(const char *Gcid, const Arg0 &arg0)
- : GenericBase(Gcid),
- m_arg0(arg0)
- {
- }
-
- /**
- * Destructor
- */
- virtual ~Generic1()
- {
- }
-
- /**
- * Retrieve value of argument 0 from tuple
- *
- * @return Argument value
- */
- const Arg0 &GetArg0() const
- {
- return m_arg0;
- }
-
- /**
- * Set value of argument 0 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg0(const Arg0 &value)
- {
- m_arg0 = value;
- }
-
- /**
- * Serialize event 1-tuple
- *
- * @return Ouput serialized stream
- * @warning Internal use only
- */
- virtual std::string SerializeType() const
- {
- std::ostringstream s;
- SerializeField(s, m_arg0);
- return s.str();
- }
-
- /**
- * Deserialize event 1-tuple
- *
- * @param[in] stream Input stream to deserialize from
- * @warning Internal use only
- */
- virtual void DeserializeType(const std::string &stream)
- {
- std::vector<std::string> splitVector = SplitStream(stream);
- if (splitVector.size() != 1)
- return;
- std::istringstream s0(splitVector[0]);
- m_arg0 = DeserializeField(s0, Arg0());
- }
-};
-
-template<typename Arg0Type, typename Arg1Type>
-class Generic2
- : public GenericBase
-{
-public:
- typedef Arg0Type Arg0;
- typedef Arg1Type Arg1;
-
-private:
- Arg0 m_arg0;
- Arg1 m_arg1;
-
-public:
- /**
- * Init constructor
- */
- explicit Generic2(const char *Gcid)
- : GenericBase(Gcid),
- m_arg0(),
- m_arg1()
- {
- }
-
- /**
- * Full init constructor
- */
- explicit Generic2(const char *Gcid, const Arg0 &arg0, const Arg1 &arg1)
- : GenericBase(Gcid),
- m_arg0(arg0),
- m_arg1(arg1)
- {
- }
-
- /**
- * Destructor
- */
- virtual ~Generic2()
- {
- }
-
- /**
- * Retrieve value of argument 0 from tuple
- *
- * @return Argument value
- */
- const Arg0 &GetArg0() const
- {
- return m_arg0;
- }
-
- /**
- * Set value of argument 0 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg0(const Arg0 &value)
- {
- m_arg0 = value;
- }
-
- /**
- * Retrieve value of argument 1 from tuple
- *
- * @return Argument value
- */
- const Arg1 &GetArg1() const
- {
- return m_arg1;
- }
-
- /**
- * Set value of argument 1 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg1(const Arg1 &value)
- {
- m_arg1 = value;
- }
-
- /**
- * Serialize event 2-tuple
- *
- * @return Ouput serialized stream
- * @warning Internal use only
- */
- virtual std::string SerializeType() const
- {
- std::ostringstream s;
- SerializeField(s, m_arg0);
- SerializeSeparator(s);
- SerializeField(s, m_arg1);
- return s.str();
- }
-
- /**
- * Deserialize event 2-tuple
- *
- * @param[in] stream Input stream to deserialize from
- * @warning Internal use only
- */
- virtual void DeserializeType(const std::string &stream)
- {
- std::vector<std::string> splitVector = SplitStream(stream);
- if (splitVector.size() != 2)
- return;
- std::istringstream s0(splitVector[0]);
- std::istringstream s1(splitVector[1]);
- m_arg0 = DeserializeField(s0, Arg0());
- m_arg1 = DeserializeField(s1, Arg1());
- }
-};
-
-template<typename Arg0Type, typename Arg1Type, typename Arg2Type>
-class Generic3
- : public GenericBase
-{
-public:
- typedef Arg0Type Arg0;
- typedef Arg1Type Arg1;
- typedef Arg2Type Arg2;
-
-private:
- Arg0 m_arg0;
- Arg1 m_arg1;
- Arg2 m_arg2;
-
-public:
- /**
- * Init constructor
- */
- explicit Generic3(const char *Gcid)
- : GenericBase(Gcid),
- m_arg0(),
- m_arg1(),
- m_arg2()
- {
- }
-
- /**
- * Full init constructor
- */
- explicit Generic3(const char *Gcid, const Arg0 &arg0, const Arg1 &arg1, const Arg2 &arg2)
- : GenericBase(Gcid),
- m_arg0(arg0),
- m_arg1(arg1),
- m_arg2(arg2)
- {
- }
-
- /**
- * Destructor
- */
- virtual ~Generic3()
- {
- }
-
- /**
- * Retrieve value of argument 0 from tuple
- *
- * @return Argument value
- */
- const Arg0 &GetArg0() const
- {
- return m_arg0;
- }
-
- /**
- * Set value of argument 0 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg0(const Arg0 &value)
- {
- m_arg0 = value;
- }
-
- /**
- * Retrieve value of argument 1 from tuple
- *
- * @return Argument value
- */
- const Arg1 &GetArg1() const
- {
- return m_arg1;
- }
-
- /**
- * Set value of argument 1 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg1(const Arg1 &value)
- {
- m_arg1 = value;
- }
-
- /**
- * Retrieve value of argument 2 from tuple
- *
- * @return Argument value
- */
- const Arg2 &GetArg2() const
- {
- return m_arg2;
- }
-
- /**
- * Set value of argument 2 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg2(const Arg2 &value)
- {
- m_arg2 = value;
- }
-
- /**
- * Serialize event 3-tuple
- *
- * @return Ouput serialized stream
- * @warning Internal use only
- */
- virtual std::string SerializeType() const
- {
- std::ostringstream s;
- SerializeField(s, m_arg0);
- SerializeSeparator(s);
- SerializeField(s, m_arg1);
- SerializeSeparator(s);
- SerializeField(s, m_arg2);
- return s.str();
- }
-
- /**
- * Deserialize event 3-tuple
- *
- * @param[in] stream Input stream to deserialize from
- * @warning Internal use only
- */
- virtual void DeserializeType(const std::string &stream)
- {
- std::vector<std::string> splitVector = SplitStream(stream);
- if (splitVector.size() != 3)
- return;
- std::istringstream s0(splitVector[0]);
- std::istringstream s1(splitVector[1]);
- std::istringstream s2(splitVector[2]);
- m_arg0 = DeserializeField(s0, Arg0());
- m_arg1 = DeserializeField(s1, Arg1());
- m_arg2 = DeserializeField(s2, Arg2());
- }
-};
-
-template<typename Arg0Type, typename Arg1Type, typename Arg2Type, typename Arg3Type>
-class Generic4
- : public GenericBase
-{
-public:
- typedef Arg0Type Arg0;
- typedef Arg1Type Arg1;
- typedef Arg2Type Arg2;
- typedef Arg3Type Arg3;
-
-private:
- Arg0 m_arg0;
- Arg1 m_arg1;
- Arg2 m_arg2;
- Arg3 m_arg3;
-
-public:
- /**
- * Init constructor
- */
- explicit Generic4(const char *Gcid)
- : GenericBase(Gcid),
- m_arg0(),
- m_arg1(),
- m_arg2(),
- m_arg3()
- {
- }
-
- /**
- * Full init constructor
- */
- explicit Generic4(const char *Gcid, const Arg0 &arg0, const Arg1 &arg1, const Arg2 &arg2, const Arg3 &arg3)
- : GenericBase(Gcid),
- m_arg0(arg0),
- m_arg1(arg1),
- m_arg2(arg2),
- m_arg3(arg3)
- {
- }
-
- /**
- * Destructor
- */
- virtual ~Generic4()
- {
- }
-
- /**
- * Retrieve value of argument 0 from tuple
- *
- * @return Argument value
- */
- const Arg0 &GetArg0() const
- {
- return m_arg0;
- }
-
- /**
- * Set value of argument 0 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg0(const Arg0 &value)
- {
- m_arg0 = value;
- }
-
- /**
- * Retrieve value of argument 1 from tuple
- *
- * @return Argument value
- */
- const Arg1 &GetArg1() const
- {
- return m_arg1;
- }
-
- /**
- * Set value of argument 1 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg1(const Arg1 &value)
- {
- m_arg1 = value;
- }
-
- /**
- * Retrieve value of argument 2 from tuple
- *
- * @return Argument value
- */
- const Arg2 &GetArg2() const
- {
- return m_arg2;
- }
-
- /**
- * Set value of argument 2 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg2(const Arg2 &value)
- {
- m_arg2 = value;
- }
-
- /**
- * Retrieve value of argument 3 from tuple
- *
- * @return Argument value
- */
- const Arg3 &GetArg3() const
- {
- return m_arg3;
- }
-
- /**
- * Set value of argument 3 in tuple
- *
- * @param[in] value Argument value
- */
- void SetArg3(const Arg3 &value)
- {
- m_arg3 = value;
- }
-
- /**
- * Serialize event 4-tuple
- *
- * @return Ouput serialized stream
- * @warning Internal use only
- */
- virtual std::string SerializeType() const
- {
- std::ostringstream s;
- SerializeField(s, m_arg0);
- SerializeSeparator(s);
- SerializeField(s, m_arg1);
- SerializeSeparator(s);
- SerializeField(s, m_arg2);
- SerializeSeparator(s);
- SerializeField(s, m_arg3);
- return s.str();
- }
-
- /**
- * Deserialize event 4-tuple
- *
- * @param[in] stream Input stream to deserialize from
- * @warning Internal use only
- */
- virtual void DeserializeType(const std::string &stream)
- {
- std::vector<std::string> splitVector = SplitStream(stream);
- if (splitVector.size() != 4)
- return;
- std::istringstream s0(splitVector[0]);
- std::istringstream s1(splitVector[1]);
- std::istringstream s2(splitVector[2]);
- std::istringstream s3(splitVector[3]);
- m_arg0 = DeserializeField(s0, Arg0());
- m_arg1 = DeserializeField(s1, Arg1());
- m_arg2 = DeserializeField(s2, Arg2());
- m_arg3 = DeserializeField(s3, Arg3());
- }
-};
-
-// Event declarators
-#define EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_0(EventType) \
- void EventType##_Inject(const std::string &metaData); \
- struct EventType##_StaticDeclarator \
- { \
- static char Name[0xFF]; \
- EventType##_StaticDeclarator(); \
- }; \
- class EventType : public DPL::Event::EventMessages::Generic0 \
- { \
- public: \
- EventType() : DPL::Event::EventMessages::Generic0(EventType##_StaticDeclarator::Name) {} \
- };
-
-#define EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_1(EventType, EventArg0Type) \
- void EventType##_Inject(const std::string &metaData); \
- struct EventType##_StaticDeclarator \
- { \
- static char Name[0xFF]; \
- EventType##_StaticDeclarator(); \
- }; \
- class EventType : public DPL::Event::EventMessages::Generic1<EventArg0Type> \
- { \
- public: \
- EventType() : DPL::Event::EventMessages::Generic1<EventArg0Type>(EventType##_StaticDeclarator::Name) {} \
- EventType(const Arg0 &arg0) : DPL::Event::EventMessages::Generic1<EventArg0Type>(EventType##_StaticDeclarator::Name, arg0) {} \
- };
-
-#define EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_2(EventType, EventArg0Type, EventArg1Type) \
- void EventType##_Inject(const std::string &metaData); \
- struct EventType##_StaticDeclarator \
- { \
- static char Name[0xFF]; \
- EventType##_StaticDeclarator(); \
- }; \
- class EventType : public DPL::Event::EventMessages::Generic2<EventArg0Type, EventArg1Type> \
- { \
- public: \
- EventType() : DPL::Event::EventMessages::Generic2<EventArg0Type, EventArg1Type>(EventType##_StaticDeclarator::Name) {} \
- EventType(const Arg0 &arg0, const Arg1 &arg1) : DPL::Event::EventMessages::Generic2<EventArg0Type, EventArg1Type>(EventType##_StaticDeclarator::Name, arg0, arg1) {} \
- };
-
-#define EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_3(EventType, EventArg0Type, EventArg1Type, EventArg2Type) \
- void EventType##_Inject(const std::string &metaData); \
- struct EventType##_StaticDeclarator \
- { \
- static char Name[0xFF]; \
- EventType##_StaticDeclarator(); \
- }; \
- class EventType : public DPL::Event::EventMessages::Generic3<EventArg0Type, EventArg1Type, EventArg2Type> \
- { \
- public: \
- EventType() : DPL::Event::EventMessages::Generic3<EventArg0Type, EventArg1Type, EventArg2Type>(EventType##_StaticDeclarator::Name) {} \
- EventType(const Arg0 &arg0, const Arg1 &arg1, const Arg2 &arg2) : DPL::Event::EventMessages::Generic3<EventArg0Type, EventArg1Type, EventArg2Type>(EventType##_StaticDeclarator::Name, arg0, arg1, arg2) {} \
- };
-
-#define EVENT_DELIVERY_DECLARE_EVENT_MESSAGE_4(EventType, EventArg0Type, EventArg1Type, EventArg2Type, EventArg3Type) \
- void EventType##_Inject(const std::string &metaData); \
- struct EventType##_StaticDeclarator \
- { \
- static char Name[0xFF]; \
- EventType##_StaticDeclarator(); \
- }; \
- class EventType : public DPL::Event::EventMessages::Generic4<EventArg0Type, EventArg1Type, EventArg2Type, EventArg3Type> \
- { \
- public: \
- EventType() : DPL::Event::EventMessages::Generic4<EventArg0Type, EventArg1Type, EventArg2Type, EventArg3Type>(EventType##_StaticDeclarator::Name) {} \
- EventType(const Arg0 &arg0, const Arg1 &arg1, const Arg2 &arg2, const Arg3 &arg3) : DPL::Event::EventMessages::Generic4<EventArg0Type, EventArg1Type, EventArg2Type, EventArg3Type>(EventType##_StaticDeclarator::Name, arg0, arg1, arg2, arg3) {} \
- };
-
-#define EVENT_DELIVERY_IMPLEMENT_EVENT_MESSAGE(EventType) \
- char EventType##_StaticDeclarator::Name[0xFF] = {}; \
- void EventType##_Inject(const std::string &metaData) \
- { \
- EventType newType; \
- newType.DeserializeType(metaData); \
- DPL::Event::EventDeliverySystemInjector::Instance().Publish(newType); \
- } \
- EventType##_StaticDeclarator::EventType##_StaticDeclarator() \
- { \
- strcpy(Name, #EventType); \
- DPL::Event::EventDeliverySystemInjector::Instance().RegisterMetaCall(EventType##_StaticDeclarator::Name, EventType##_Inject); \
- } \
- namespace { EventType##_StaticDeclarator dummyInitializer_##EventType##_StaticDeclarator; }
-
-// BUILT-IN EVENTS
-class RoamingChanged
-{
-protected:
- bool m_enabled; ///< Status whether roaming is enabled during call
-
-public:
- /**
- * Constructor
- */
- RoamingChanged()
- : m_enabled(false)
- {
- }
-
- /**
- * Init constructor
- */
- RoamingChanged(bool enabled)
- : m_enabled(enabled)
- {
- }
-
- /**
- * Destructor
- */
- virtual ~RoamingChanged()
- {
- }
-
- /**
- * Retrieve status whether roaming is enabled
- *
- * @return Current roaming status
- */
- bool GetEnabled() const
- {
- return m_enabled;
- }
-};
-
-class NetworkTypeChanged
-{
-protected:
- /**
- * Status whether phone is working in:
- * home network (true)
- * roaming (false)
- */
- bool m_homeNetwork;
-
-public:
- /**
- * Constructor
- */
- NetworkTypeChanged()
- : m_homeNetwork(true)
- {
- }
-
- /**
- * Init constructor
- */
- NetworkTypeChanged(bool homeNetwork)
- : m_homeNetwork(homeNetwork)
- {
- }
-
- /**
- * Destructor
- */
- virtual ~NetworkTypeChanged()
- {
- }
-
- /**
- * Retrieve status whether home network is active
- *
- * @return Current network status
- */
- bool IsHomeNetwork() const
- {
- return m_homeNetwork;
- }
-
- /**
- * Retrieve status whether home network is active
- *
- * @return Current network status
- */
- bool IsRoaming() const
- {
- return !m_homeNetwork;
- }
-};
-
-class HibernationEnter
-{
-public:
- /**
- * Constructor
- */
- HibernationEnter()
- {
- }
-
- /**
- * Destructor
- */
- virtual ~HibernationEnter()
- {
- }
-};
-
-class HibernationLeave
-{
-public:
- /**
- * Constructor
- */
- HibernationLeave()
- {
- }
-
- /**
- * Destructor
- */
- virtual ~HibernationLeave()
- {
- }
-};
-
-} // namespace EventMessages
-}
-} // namespace DPL
-
-#endif // DPL_EVENT_DELIVERY_MESSAGES_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file wrt_event_delivery.cpp
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file is the implementation file of event delivery class
- */
-#include <dpl/event/event_delivery.h>
-#include <dpl/main.h>
-
-namespace DPL
-{
-namespace Event
-{
-
-EventDeliverySystemDetail EventDeliverySystem::m_detailSystem;
-EventDeliverySystem::AbstractPublisherPtrContainerMapType EventDeliverySystem::m_publishers;
-
-namespace // anonymous
-{
-int InitializeMainSingleton();
-
-int g_dummyInitializer = InitializeMainSingleton();
-
-int InitializeMainSingleton()
-{
- (void)g_dummyInitializer;
- MainSingleton::Instance();
- return 0;
-}
-} // namespace anonymous
-
-AbstractEventDeliverySystemPublisher::~AbstractEventDeliverySystemPublisher() { }
-
-}
-} // namespace DPL
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file wrt_event_delivery_detail.cpp
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file is the implementation file of event delivery EFL detail class
- */
-#include <dpl/event/event_delivery_detail.h>
-#include <dpl/event/event_delivery_injector.h>
-#include <dpl/framework_appcore.h>
-#include <dpl/framework_vconf.h>
-#include <dpl/scoped_array.h>
-#include <dpl/assert.h>
-#include <dpl/log/log.h>
-#include <heynoti.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <fstream>
-#include <string>
-#include <cstdio>
-
-namespace // anonymous
-{
-const char *GENERIC_NOTI_ROOT_PATH = "/tmp/noti/generic";
-} // namespace anonymous
-
-namespace DPL
-{
-namespace Event
-{
-
-const char *EventDeliverySystemDetail::NOTI_EVENT_ID_GENERIC_0 = "GenericEvent0_";
-const char *EventDeliverySystemDetail::NOTI_EVENT_ID_GENERIC_1 = "GenericEvent1_";
-const char *EventDeliverySystemDetail::NOTI_EVENT_ID_GENERIC_2 = "GenericEvent2_";
-const char *EventDeliverySystemDetail::NOTI_EVENT_ID_GENERIC_3 = "GenericEvent3_";
-const char *EventDeliverySystemDetail::NOTI_EVENT_ID_GENERIC_4 = "GenericEvent4_";
-
-// Global noti signal names
-const char *GlobalNotiHibernationEnterSignal = "HIBERNATION_ENTER";
-const char *GlobalNotiHibernationLeaveSignal = "HIBERNATION_LEAVE";
-
-EventDeliverySystemDetail::EventDeliverySystemDetail()
-{
- // Open noti subsystem
- LogInfo("Initializing core_util_noti subsystem...");
-
- m_notiHandle = heynoti_init();
- Assert(m_notiHandle != -1);
-
- // Assume that there is ECORE environment running, attach noti library to it
- LogPedantic("Attaching core_util_noti subsystem to ECORE...");
-
- int ret = heynoti_attach_handler(m_notiHandle);
- Assert(ret != -1);
-
- (void)ret;
-
- LogInfo("core_util_noti subsystem successfuly initialized.");
-}
-
-EventDeliverySystemDetail::~EventDeliverySystemDetail()
-{
- // All signal handlers should be deattached
- Assert(m_notiSignalList.empty());
- Assert(m_settingSignalList.empty());
- Assert(m_globalNotiSignalList.empty());
-
- // Detach noti library from ECORE environment
- LogPedantic("Detaching core_util_noti subsystem from ECORE...");
-
- int ret = heynoti_detach_handler(m_notiHandle);
- Assert(ret != -1);
-
- (void)ret;
-
- // Close noti sybsystem
- LogInfo("Deinitializing core_util_noti subsystem...");
-
- Assert(m_notiHandle != -1);
- heynoti_close(m_notiHandle);
-
- LogInfo("core_util_noti subsystem successfuly deinitialized.");
-}
-
-std::string EventDeliverySystemDetail::ReadFile(const std::string &fileName) const
-{
- LogPedantic("Reading event file: " << fileName << "...");
-
- std::ifstream fileStream(fileName.c_str(), std::ios::binary);
-
- if (fileStream.fail())
- return std::string("");
-
- fileStream.seekg (0, std::ios::end);
- std::streamoff length = fileStream.tellg();
- fileStream.seekg (0, std::ios::beg);
-
- ScopedArray<char> buffer(new char[length]);
- fileStream.read(buffer.Get(), static_cast<size_t>(length));
-
- if (fileStream.fail())
- return std::string();
-
- LogPedantic("Successfuly read: " << fileName << ".");
-
- return std::string(buffer.Get(), buffer.Get() + length);
-}
-
-void EventDeliverySystemDetail::OnNotiGlobalSignal(void *notiData)
-{
- Assert(notiData);
- NotiSignal *notiSignal = static_cast<NotiSignal *>(notiData);
- notiSignal->GetReceiver()->OnNotiSignal(notiSignal);
-}
-
-void EventDeliverySystemDetail::OnSettingSignal(keynode_t *keyNode, void *userParam)
-{
- SettingSignal *settingSignal = static_cast<SettingSignal *>(userParam);
- (void)settingSignal;
-
- LogPedantic("Got setting signal for key: " << settingSignal->GetKey());
-
- std::string key = vconf_keynode_get_name(keyNode);
-
- if (key == VCONFKEY_SETAPPL_STATE_DATA_ROAMING_BOOL)
- {
- int value = vconf_keynode_get_bool(keyNode);
- EventMessages::RoamingChanged message(value > 0);
- EventDeliverySystemInjector::Instance().Publish(message);
- }
- else if (key == VCONFKEY_TELEPHONY_SVC_ROAM)
- {
- int result = 0;
- if(vconf_get_int(VCONFKEY_TELEPHONY_SVC_ROAM, &result) != 0)
- {
- LogPedantic("Cannot get current roaming status");
- return;
- }
- else
- {
- bool homeNetwork = (result != VCONFKEY_TELEPHONY_SVC_ROAM_ON);
- EventMessages::NetworkTypeChanged message1(homeNetwork);
- EventDeliverySystemInjector::Instance().Publish(message1);
- }
- }
- else
- {
- LogPedantic("Unexpected setting signal key: " << key << "!");
- return;
- }
-}
-
-void EventDeliverySystemDetail::OnGlobalNotiSignal(void *globalNotiData)
-{
- GlobalNotiSignal *globalNotiSignal = static_cast<GlobalNotiSignal *>(globalNotiData);
-
- LogPedantic("Got global noti signal for key: " << globalNotiSignal->GetKey());
-
- std::string key = globalNotiSignal->GetKey();
-
- if (key == GlobalNotiHibernationEnterSignal)
- {
- // We need to disconnect from VCONF
- for (SettingSignalList::iterator iterator = globalNotiSignal->GetReceiver()->m_settingSignalList.begin();
- iterator != globalNotiSignal->GetReceiver()->m_settingSignalList.end(); ++iterator)
- {
- // Unegister from VCONF signals
- int ret = vconf_ignore_key_changed(iterator->GetKey().c_str(), OnSettingSignal);
-
- if (ret == -1)
- LogPedantic("Failed to unlisten setting: " << key << ", errno = " << errno << ".");
- }
-
- // Publish
- EventMessages::HibernationEnter message;
- EventDeliverySystemInjector::Instance().Publish(message);
- }
- else if (key == GlobalNotiHibernationLeaveSignal)
- {
- // We need to reconnect to VCONF
- for (SettingSignalList::iterator iterator = globalNotiSignal->GetReceiver()->m_settingSignalList.begin();
- iterator != globalNotiSignal->GetReceiver()->m_settingSignalList.end(); ++iterator)
- {
- // Register for VCONF signals
- int ret = vconf_notify_key_changed(iterator->GetKey().c_str(), OnSettingSignal, &*iterator);
-
- if (ret == -1)
- LogPedantic("Failed to listen setting: key = " << key << ", errno = " << errno << ".");
- }
-
- // Publish
- EventMessages::HibernationLeave message;
- EventDeliverySystemInjector::Instance().Publish(message);
- }
- else
- {
- LogPedantic("Unexpected global noti signal key: " << key << "!");
- return;
- }
-}
-
-void EventDeliverySystemDetail::OnNotiSignal(NotiSignal *notiSignal)
-{
- LogPedantic("Got core_util_noti signal.");
-
- if (notiSignal->GetEventName().substr(0, strlen(NOTI_EVENT_ID_GENERIC_0)) == NOTI_EVENT_ID_GENERIC_0)
- {
- LogPedantic("GeneticEvent0 message signal.");
-
- EventDeliverySystemInjector::Instance().PublishMetaType(notiSignal->GetGcid(), ReadFile(GetGenericNotiFilePath(notiSignal->GetEventName())));
- }
- else if (notiSignal->GetEventName().substr(0, strlen(NOTI_EVENT_ID_GENERIC_1)) == NOTI_EVENT_ID_GENERIC_1)
- {
- LogPedantic("GeneticEvent1 message signal.");
-
- EventDeliverySystemInjector::Instance().PublishMetaType(notiSignal->GetGcid(), ReadFile(GetGenericNotiFilePath(notiSignal->GetEventName())));
- }
- else if (notiSignal->GetEventName().substr(0, strlen(NOTI_EVENT_ID_GENERIC_2)) == NOTI_EVENT_ID_GENERIC_2)
- {
- LogPedantic("GeneticEvent2 message signal.");
-
- EventDeliverySystemInjector::Instance().PublishMetaType(notiSignal->GetGcid(), ReadFile(GetGenericNotiFilePath(notiSignal->GetEventName())));
- }
- else if (notiSignal->GetEventName().substr(0, strlen(NOTI_EVENT_ID_GENERIC_3)) == NOTI_EVENT_ID_GENERIC_3)
- {
- LogPedantic("GeneticEvent3 message signal.");
-
- EventDeliverySystemInjector::Instance().PublishMetaType(notiSignal->GetGcid(), ReadFile(GetGenericNotiFilePath(notiSignal->GetEventName())));
- }
- else if (notiSignal->GetEventName().substr(0, strlen(NOTI_EVENT_ID_GENERIC_4)) == NOTI_EVENT_ID_GENERIC_4)
- {
- LogPedantic("GeneticEvent4 message signal.");
-
- EventDeliverySystemInjector::Instance().PublishMetaType(notiSignal->GetGcid(), ReadFile(GetGenericNotiFilePath(notiSignal->GetEventName())));
- }
-}
-
-void EventDeliverySystemDetail::RegisterFileNotiCallback(const char *gcid, const std::string &eventName)
-{
- LogPedantic("Registering core_util_noti callback: gcid = " << (gcid ? gcid : "<NULL>") << ", eventName = " << eventName << ".");
- Assert(m_notiHandle != -1);
-
- // Check if already registered for signal
- NotiSignalList::const_iterator iterator;
-
- for (iterator = m_notiSignalList.begin(); iterator != m_notiSignalList.end(); ++iterator)
- {
- if (iterator->GetEventName() == eventName)
- return;
- }
-
- // Make real noti path
- std::string filePath = GetGenericNotiFilePath(eventName);
-
- LogPedantic("Listening file: " << filePath << ".");
-
- // New noti signal
- m_notiSignalList.push_back(NotiSignal(this, gcid, eventName));
- NotiSignal *notiSignal = &m_notiSignalList.back();
-
- // Register for noti signals
- int ret = heynoti_subscribe_file(m_notiHandle, filePath.c_str(), OnNotiGlobalSignal, notiSignal, IN_CLOSE_WRITE);
-
- if (ret == -1)
- {
- LogPedantic("Failed to listen file: " << filePath << ".");
- return;
- }
-
- LogPedantic("Successfuly registered listening file: " << filePath << ".");
-}
-
-void EventDeliverySystemDetail::UnregisterFileNotiCallback(const std::string &eventName)
-{
- LogPedantic("Unegistering core_util_noti callback: eventName = " << eventName << ".");
-
- Assert(m_notiHandle != -1);
-
- NotiSignalList::iterator iterator;
-
- for (iterator = m_notiSignalList.begin(); iterator != m_notiSignalList.end(); ++iterator)
- {
- if (iterator->GetEventName() == eventName)
- break;
- }
-
- if (iterator == m_notiSignalList.end())
- return;
-
- // Remove registered slot
- m_notiSignalList.erase(iterator);
-
- // Make real noti path
- std::string filePath = GetGenericNotiFilePath(eventName);
-
- LogPedantic("Unlistening file: " << filePath << ".");
-
- // Register for noti signals
- int ret = heynoti_unsubscribe_file(m_notiHandle, filePath.c_str(), OnNotiGlobalSignal);
-
- if (ret == -1)
- {
- LogPedantic("Failed to unlisten file: " << filePath << ".");
- return;
- }
-}
-
-void EventDeliverySystemDetail::RegisterSettingCallback(const std::string &key)
-{
- LogPedantic("Registering setting: key = " << key << ".");
-
- // Check if already registered for signal
- SettingSignalList::const_iterator iterator;
-
- for (iterator = m_settingSignalList.begin(); iterator != m_settingSignalList.end(); ++iterator)
- {
- if (iterator->GetKey() == key)
- return;
- }
-
- // New noti signal
- m_settingSignalList.push_back(SettingSignal(this, key));
- SettingSignal *settingSignal = &m_settingSignalList.back();
-
- // Register for setting signals
- int ret = vconf_notify_key_changed(key.c_str(), OnSettingSignal, settingSignal);
-
- if (ret == -1)
- {
- LogPedantic("Failed to listen setting: key = " << key << ", errno = " << errno << ".");
- return;
- }
-
- LogPedantic("Successfuly registered setting: key = " << key << ".");
-}
-
-void EventDeliverySystemDetail::UnregisterSettingCallback(const std::string &key)
-{
- LogPedantic("Unegistering setting: key = " << key << ".");
-
- SettingSignalList::iterator iterator;
-
- for (iterator = m_settingSignalList.begin(); iterator != m_settingSignalList.end(); ++iterator)
- {
- if (iterator->GetKey() == key)
- break;
- }
-
- if (iterator == m_settingSignalList.end())
- return;
-
- // Remove registered slot
- m_settingSignalList.erase(iterator);
-
- // Register for noti signals
- int ret = vconf_ignore_key_changed(key.c_str(), OnSettingSignal);
-
- if (ret == -1)
- {
- LogPedantic("Failed to unlisten setting: " << key << ", errno = " << errno << ".");
- return;
- }
-}
-
-void EventDeliverySystemDetail::RegisterGlobalNotiCallback(const std::string &key)
-{
- LogPedantic("Registering global noti: key = " << key << ".");
-
- // Check if already registered for signal
- GlobalNotiSignalList::const_iterator iterator;
-
- for (iterator = m_globalNotiSignalList.begin(); iterator != m_globalNotiSignalList.end(); ++iterator)
- {
- if (iterator->GetKey() == key)
- return;
- }
-
- // New noti signal
- m_globalNotiSignalList.push_back(GlobalNotiSignal(this, key));
- GlobalNotiSignal *globalNotiSignal = &m_globalNotiSignalList.back();
-
- // Register for global noti signals
- int ret = heynoti_subscribe(m_notiHandle, key.c_str(), OnGlobalNotiSignal, globalNotiSignal);
-
- if (ret == -1)
- {
- LogPedantic("Failed to listen global noti: key = " << key << ", errno = " << errno << ".");
- return;
- }
-
- LogPedantic("Successfuly registered global noti: key = " << key << ".");
-}
-
-void EventDeliverySystemDetail::UnregisterGlobalNotiCallback(const std::string &key)
-{
- LogPedantic("Unegistering global noti: key = " << key << ".");
-
- GlobalNotiSignalList::iterator iterator;
-
- for (iterator = m_globalNotiSignalList.begin(); iterator != m_globalNotiSignalList.end(); ++iterator)
- {
- if (iterator->GetKey() == key)
- break;
- }
-
- if (iterator == m_globalNotiSignalList.end())
- return;
-
- // Remove registered slot
- m_globalNotiSignalList.erase(iterator);
-
- // Register for noti signals
- int ret = heynoti_unsubscribe(m_notiHandle, key.c_str(), OnGlobalNotiSignal);
-
- if (ret == -1)
- {
- LogPedantic("Failed to unlisten global noti: " << key << ", errno = " << errno << ".");
- return;
- }
-}
-
-void EventDeliverySystemDetail::SignalGenericNoti(const std::string &eventName, const std::string &contents) const
-{
- LogPedantic("Signaling core_util_noti with: eventName = " << eventName << ", buffer = " << contents << ".");
-
- Assert(m_notiHandle != -1);
-
- // Make real noto path
- std::string filePath = GetGenericNotiFilePath(eventName);
-
- LogPedantic("Signaling file: " << filePath << ".");
-
- // Emit noti signal with user data
- int fd = open(filePath.c_str(), O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR | S_IWUSR);
-
- if (fd == -1)
- {
- LogPedantic("Failed to signal file: " << filePath << ".");
- return;
- }
-
- // Write contents of signal to file
- std::string::size_type written = 0;
-
- while (written < contents.size())
- {
- int done = TEMP_FAILURE_RETRY(write(fd, static_cast<const void *>(&contents[written]), contents.size() - written));
-
- if (done <= 0)
- {
- LogPedantic("File stream broken: " << filePath << ".");
- break;
- }
-
- written += done;
- }
-
- // Close signal file
- int ret = close(fd);
-
- if (ret == -1)
- {
- LogPedantic("Failed to close signal file: " << filePath << ".");
- return;
- }
-}
-
-std::string EventDeliverySystemDetail::GetGenericNotiFilePath(const std::string &eventName) const
-{
- // Make sure that the path exists
- if (access(GENERIC_NOTI_ROOT_PATH, F_OK) == -1)
- {
- LogPedantic("No root path found. Creating root path...");
-
- // Create path
- if (mkdir(GENERIC_NOTI_ROOT_PATH, 0755) == -1)
- {
- LogPedantic("Failed to create root path!");
- return std::string("~") + eventName;
- }
-
- LogPedantic("Root path created.");
- }
-
- return std::string(GENERIC_NOTI_ROOT_PATH) + "/" + eventName;
-}
-
-void EventDeliverySystemDetail::Listen(const EventMessages::RoamingChanged &event)
-{
- LogPedantic("RoamingChanged message listen.");
-
- (void)event;
- RegisterSettingCallback(VCONFKEY_SETAPPL_STATE_DATA_ROAMING_BOOL);
-}
-
-void EventDeliverySystemDetail::Listen(const EventMessages::NetworkTypeChanged &event)
-{
- LogPedantic("NetworkTypeChanged message listen.");
-
- (void)event;
- RegisterSettingCallback(VCONFKEY_TELEPHONY_SVC_ROAM);
-}
-
-void EventDeliverySystemDetail::Listen(const EventMessages::HibernationEnter &event)
-{
- LogPedantic("HibernationEnter message listen.");
-
- (void)event;
- RegisterGlobalNotiCallback(GlobalNotiHibernationEnterSignal);
-}
-
-void EventDeliverySystemDetail::Listen(const EventMessages::HibernationLeave &event)
-{
- LogPedantic("HibernationLeave message listen.");
-
- (void)event;
- RegisterGlobalNotiCallback(GlobalNotiHibernationLeaveSignal);
-}
-
-void EventDeliverySystemDetail::Unlisten(const EventMessages::RoamingChanged &event)
-{
- LogPedantic("RoamingChanged message unlisten.");
-
- (void)event;
- UnregisterSettingCallback(VCONFKEY_SETAPPL_STATE_DATA_ROAMING_BOOL);
-}
-
-void EventDeliverySystemDetail::Unlisten(const EventMessages::NetworkTypeChanged &event)
-{
- LogPedantic("NetworkTypeChanged message unlisten.");
-
- (void)event;
- UnregisterSettingCallback(VCONFKEY_TELEPHONY_SVC_ROAM);
-}
-
-void EventDeliverySystemDetail::Unlisten(const EventMessages::HibernationEnter &event)
-{
- LogPedantic("HibernationEnter message unlisten.");
-
- (void)event;
- UnregisterGlobalNotiCallback(GlobalNotiHibernationEnterSignal);
-}
-
-void EventDeliverySystemDetail::Unlisten(const EventMessages::HibernationLeave &event)
-{
- LogPedantic("HibernationLeave message unlisten.");
-
- (void)event;
- UnregisterGlobalNotiCallback(GlobalNotiHibernationLeaveSignal);
-}
-
-}
-} // namespace DPL
const char* EDJ_NAME = "/usr/share/edje/ace/generic_popup.edj";
const char* POPUP_LAYOUT1 = "popup_layout1";
const char* POPUP_LAYOUT2 = "popup_layout2";
-const char* BUTTON_RESPONSE_CALLBACK_NAME = "response";
+const char* POPUP_PART_TITLE = "title,text";
+const char* POPUP_PART_BUTTON1 = "button1";
+const char* POPUP_PART_BUTTON2 = "button2";
+const char* POPUP_PART_BUTTON3 = "button3";
+const char* BUTTON_CLICKED_CALLBACK_NAME = "clicked";
const char* CHANGED_CALLBACK_NAME = "changed";
const unsigned int MAX_NUMBER_OF_VERTICAL = 2;
}
void ButtonCallback(EvasObject::IConnection* /*connection*/,
- void* event_info,
- void* /*unused*/)
+ void* /*event_info*/,
+ void* data)
{
LogInfo("ButtonCallback");
Assert(m_initialized);
AnswerCallbackData answerData;
- answerData.buttonAnswer = int(event_info);
+ answerData.buttonAnswer = reinterpret_cast<int>(data);
answerData.chackState = m_checkState;
answerData.password = m_password;
m_current->ForwardAnswer(answerData);
evas_object_size_hint_align_set(label, EVAS_HINT_FILL, EVAS_HINT_FILL);
evas_object_show(label);
- elm_layout_content_set(
+ elm_object_part_content_set(
layout,
DPL::lexical_cast<std::string>(themeIndex).c_str(),
label);
evas_object_size_hint_weight_set(check, EVAS_HINT_EXPAND, 0.0);
elm_object_text_set(check,
object.getCheckLabel().c_str());
- elm_layout_content_set(
+ elm_object_part_content_set(
layout,
DPL::lexical_cast<std::string>(themeIndex).c_str(),
check);
void DoRender(const PopupObject::Button& object,
EvasObject &parent)
{
- elm_popup_buttons_add(parent,
- 1,
- object.getLabel().c_str(),
- object.getLabelId(),
- NULL);
- parent.ConnectMemberSmartCallback(
- BUTTON_RESPONSE_CALLBACK_NAME,
- &Impl::ButtonCallback,
- this,
- static_cast<void*>(NULL));
+ EvasObject btn(elm_button_add(parent));
+
+ elm_object_text_set(btn, object.getLabel().c_str());
+ elm_object_part_content_set(parent, POPUP_PART_BUTTON1, btn);
+ btn.ConnectMemberSmartCallback(BUTTON_CLICKED_CALLBACK_NAME,
+ &Impl::ButtonCallback,
+ this,
+ reinterpret_cast<void*>(object.getLabelId()));
+ m_createdObjects.push_back(btn);
}
void DoRender(const PopupObject::Button& object1,
const PopupObject::Button& object2,
EvasObject &parent)
{
- elm_popup_buttons_add(parent,
- 2,
- object1.getLabel().c_str(),
- object1.getLabelId(),
- object2.getLabel().c_str(),
- object2.getLabelId(),
- NULL);
- parent.ConnectMemberSmartCallback(
- BUTTON_RESPONSE_CALLBACK_NAME,
- &Impl::ButtonCallback,
- this,
- static_cast<void*>(NULL));
+ EvasObject btn1(elm_button_add(parent));
+ EvasObject btn2(elm_button_add(parent));
+
+ elm_object_text_set(btn1, object1.getLabel().c_str());
+ elm_object_part_content_set(parent, POPUP_PART_BUTTON1, btn1);
+ btn1.ConnectMemberSmartCallback(BUTTON_CLICKED_CALLBACK_NAME,
+ &Impl::ButtonCallback,
+ this,
+ reinterpret_cast<void*>(object1.getLabelId()));
+
+ elm_object_text_set(btn2, object2.getLabel().c_str());
+ elm_object_part_content_set(parent, POPUP_PART_BUTTON2, btn2);
+ btn2.ConnectMemberSmartCallback(BUTTON_CLICKED_CALLBACK_NAME,
+ &Impl::ButtonCallback,
+ this,
+ reinterpret_cast<void*>(object2.getLabelId()));
+ m_createdObjects.push_back(btn1);
+ m_createdObjects.push_back(btn2);
}
void DoRender(const PopupObject::Button& object1,
const PopupObject::Button& object3,
EvasObject &parent)
{
- elm_popup_buttons_add(parent,
- 3,
- object1.getLabel().c_str(),
- object1.getLabelId(),
- object2.getLabel().c_str(),
- object2.getLabelId(),
- object3.getLabel().c_str(),
- object3.getLabelId(),
- NULL);
- parent.ConnectMemberSmartCallback(
- BUTTON_RESPONSE_CALLBACK_NAME,
- &Impl::ButtonCallback,
- this,
- static_cast<void*>(NULL));
+ EvasObject btn1(elm_button_add(parent));
+ EvasObject btn2(elm_button_add(parent));
+ EvasObject btn3(elm_button_add(parent));
+
+ elm_object_text_set(btn1, object1.getLabel().c_str());
+ elm_object_part_content_set(parent, POPUP_PART_BUTTON1, btn1);
+ btn1.ConnectMemberSmartCallback(BUTTON_CLICKED_CALLBACK_NAME,
+ &Impl::ButtonCallback,
+ this,
+ reinterpret_cast<void*>(object1.getLabelId()));
+
+ elm_object_text_set(btn2, object2.getLabel().c_str());
+ elm_object_part_content_set(parent, POPUP_PART_BUTTON2, btn2);
+ btn2.ConnectMemberSmartCallback(BUTTON_CLICKED_CALLBACK_NAME,
+ &Impl::ButtonCallback,
+ this,
+ reinterpret_cast<void*>(object2.getLabelId()));
+
+ elm_object_text_set(btn3, object3.getLabel().c_str());
+ elm_object_part_content_set(parent, POPUP_PART_BUTTON3, btn3);
+ btn3.ConnectMemberSmartCallback(BUTTON_CLICKED_CALLBACK_NAME,
+ &Impl::ButtonCallback,
+ this,
+ reinterpret_cast<void*>(object3.getLabelId()));
+ m_createdObjects.push_back(btn1);
+ m_createdObjects.push_back(btn2);
+ m_createdObjects.push_back(btn3);
}
EvasObject getBaseObject()
evas_object_size_hint_weight_set(main,
EVAS_HINT_EXPAND,
EVAS_HINT_EXPAND);
- elm_popup_title_label_set(main,
- m_current->GetTitle().c_str());
+ elm_object_part_text_set(main,
+ POPUP_PART_TITLE,
+ m_current->GetTitle().c_str());
m_createdObjects.push_back(main);
std::vector<PopupObject::Button> buttonObjectList;
}
Assert(m_themeIndexV <= MAX_NUMBER_OF_VERTICAL);
}
- elm_popup_content_set(main,
- layout);
+ elm_object_content_set(main,
+ layout);
// show buution
switch(buttonObjectList.size()) {
#include <dpl/exception.h>
namespace FileUtils {
+DECLARE_EXCEPTION_TYPE(DPL::Exception, CreateDirectoryException)
DECLARE_EXCEPTION_TYPE(DPL::Exception, RemoveDirectoryException)
bool FileExists(const DPL::String& absolutePath);
mode_t mode)
{
if (mkpath(path.c_str(), mode) == -1) {
- ThrowMsg(DPL::CommonException::InternalError, "Cannot make path");
+ ThrowMsg(CreateDirectoryException, "Cannot make path");
}
}
* so if you want to use this file, refer to the README file in root directory
*/
+#include <list>
+#include <set>
+#include <string>
#include <warp_iri.h>
#include <dpl/string.h>
+#include <dpl/auto_ptr.h>
#include <dpl/foreach.h>
#include <idna.h>
#include <istream>
#include <iri.h>
-#include <ValidatorCommon.h>
+//#include <ValidatorCommon.h>
namespace {
// All schemes which are supported by external application should be ignored
// This will create AutoPtr deleter for iri_struct.
// Deleter must be in the same namespace as definition of AutoPtr.
-namespace ValidationCore {
-VC_DECLARE_DELETER(iri_struct, iri_destroy)
-}
+
+namespace DPL{
+DECLARE_DELETER(iri_struct, iri_destroy)
+} // namespace DPL
WarpIRI::WarpIRI() :
m_domain(false),
return;
}
- ValidationCore::AutoPtr<iri_struct> iri(iri_parse(p_iri));
+ DPL::AutoPtr<iri_struct> iri(iri_parse(p_iri));
if (!iri.get()) {
LogError("Error in iri_parse!");
+++ /dev/null
-#DB vcore
-ADD_CUSTOM_COMMAND(
- OUTPUT ${CMAKE_BINARY_DIR}/modules/vcore/src/database_checksum_vcore.h
- COMMAND ${CMAKE_SOURCE_DIR}/modules/vcore/src/orm/gen_db_md5.sh
- ARGS ${CMAKE_BINARY_DIR}/modules/vcore/src/database_checksum_vcore.h
- ${CMAKE_SOURCE_DIR}/modules/vcore/src/orm/vcore_db
- DEPENDS ${CMAKE_SOURCE_DIR}/modules/vcore/src/orm/vcore_db
- ${CMAKE_SOURCE_DIR}/modules/vcore/src/orm/gen_db_md5.sh
- COMMENT "Generating VCORE database checksum"
- )
-
-ADD_CUSTOM_COMMAND( OUTPUT .vcore.db
- COMMAND rm -f ${CMAKE_CURRENT_BINARY_DIR}/.vcore.db
- COMMAND gcc -Wall -include ${CMAKE_BINARY_DIR}/modules/vcore/src/database_checksum_vcore.h -I${PROJECT_SOURCE_DIR}/modules/db/include/ -I${PROJECT_SOURCE_DIR}/modules/vcore/src/orm -E ${PROJECT_SOURCE_DIR}/modules/vcore/src/orm/vcore_db_sql_generator.h | grep --invert-match "^#" > ${CMAKE_CURRENT_BINARY_DIR}/vcore_db.sql
- COMMAND sqlite3 ${CMAKE_CURRENT_BINARY_DIR}/.vcore.db ".read ${CMAKE_CURRENT_BINARY_DIR}/vcore_db.sql" || rm -f ${CMAKE_CURRENT_BINARY_DIR}/.vcore.db
- DEPENDS ${CMAKE_BINARY_DIR}/modules/vcore/src/database_checksum_vcore.h ${PROJECT_SOURCE_DIR}/modules/vcore/src/orm/vcore_db_sql_generator.h ${PROJECT_SOURCE_DIR}/modules/vcore/src/orm/vcore_db
- )
-
-ADD_CUSTOM_COMMAND( OUTPUT .vcore.db-journal
- COMMAND touch
- ARGS ${CMAKE_CURRENT_BINARY_DIR}/.vcore.db-journal
- )
-
-ADD_CUSTOM_TARGET(Sqlite3DbVCORE ALL DEPENDS .vcore.db .vcore.db-journal)
-
-INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/vcore_db.sql
- DESTINATION share/wrt-engine/
- )
-
-ADD_SUBDIRECTORY(src)
+++ /dev/null
-INCLUDE(FindPkgConfig)
-
-PKG_CHECK_MODULES(VCORE_DEPS
- cert-svc
- ecore
- appcore-efl
- libxml-2.0
- libsoup-2.4
- openssl
- xmlsec1
- tapi
- REQUIRED)
-
-SET(VCORE_DIR
- ${PROJECT_SOURCE_DIR}/modules/vcore
- )
-
-SET(VCORE_SRC_DIR
- ${VCORE_DIR}/src/vcore
- )
-
-SET(VCORE_SOURCES
- ${VCORE_SRC_DIR}/Base64.cpp
- ${VCORE_SRC_DIR}/CachedCRL.cpp
- ${VCORE_SRC_DIR}/CachedOCSP.cpp
- ${VCORE_SRC_DIR}/Certificate.cpp
- ${VCORE_SRC_DIR}/CertificateCacheDAO.cpp
- ${VCORE_SRC_DIR}/CertificateCollection.cpp
- ${VCORE_SRC_DIR}/CertificateConfigReader.cpp
- ${VCORE_SRC_DIR}/CertificateLoader.cpp
- ${VCORE_SRC_DIR}/CertificateVerifier.cpp
- ${VCORE_SRC_DIR}/Config.cpp
- ${VCORE_SRC_DIR}/CRL.cpp
- ${VCORE_SRC_DIR}/Database.cpp
- ${VCORE_SRC_DIR}/DeveloperModeValidator.cpp
- ${VCORE_SRC_DIR}/OCSP.cpp
- ${VCORE_SRC_DIR}/OCSPCertMgrUtil.cpp
- ${VCORE_SRC_DIR}/OCSPUtil.c
- ${VCORE_SRC_DIR}/ReferenceValidator.cpp
- ${VCORE_SRC_DIR}/RevocationCheckerBase.cpp
- ${VCORE_SRC_DIR}/SaxReader.cpp
- ${VCORE_SRC_DIR}/SignatureFinder.cpp
- ${VCORE_SRC_DIR}/SignatureReader.cpp
- ${VCORE_SRC_DIR}/SignatureValidator.cpp
- ${VCORE_SRC_DIR}/SoupMessageSendBase.cpp
- ${VCORE_SRC_DIR}/SoupMessageSendSync.cpp
- ${VCORE_SRC_DIR}/SoupMessageSendAsync.cpp
- ${VCORE_SRC_DIR}/VerificationStatus.cpp
- ${VCORE_SRC_DIR}/ValidatorFactories.cpp
- ${VCORE_SRC_DIR}/VCore.cpp
- ${VCORE_SRC_DIR}/XmlsecAdapter.cpp
- )
-
-SET(VCORE_INCLUDES
- ${PROJECT_SOURCE_DIR}/modules/core/include
- ${PROJECT_SOURCE_DIR}/modules/log/include
- ${PROJECT_SOURCE_DIR}/modules/db/include
- ${VCORE_DEPS_INCLUDE_DIRS}
- ${VCORE_SRC_DIR}
- ${VCORE_DIR}/src
- ${VCORE_DIR}/src/orm
- ${VCORE_DIR}/src/legacy
- ${CMAKE_BINARY_DIR}/modules/vcore/src
- )
-
-ADD_DEFINITIONS(${VCORE_DEPS_CFLAGS})
-ADD_DEFINITIONS(${VCORE_DEPS_CFLAGS_OTHER})
-ADD_DEFINITIONS("-DSEPARATED_SINGLETON_IMPLEMENTATION")
-
-INCLUDE_DIRECTORIES(${VCORE_INCLUDES})
-
-ADD_LIBRARY(${TARGET_VCORE_LIB} SHARED ${VCORE_SOURCES})
-SET_TARGET_PROPERTIES(${TARGET_VCORE_LIB} PROPERTIES
- SOVERSION ${VERSION})
-
-ADD_DEPENDENCIES(${TARGET_VCORE_LIB} Sqlite3DbWTF)
-
-SET_TARGET_PROPERTIES(${TARGET_VCORE_LIB} PROPERTIES
- COMPILE_FLAGS -fPIC)
-
-TARGET_LINK_LIBRARIES(${TARGET_VCORE_LIB}
- ${VCORE_DEPS_LIBRARIES}
- ${TARGET_DPL_EFL}
- ${TARGET_DPL_DB_EFL}
- )
-
-INSTALL(TARGETS ${TARGET_VCORE_LIB}
- DESTINATION lib
- PERMISSIONS OWNER_READ GROUP_READ WORLD_READ
- )
-
-INSTALL(FILES
- ${VCORE_SRC_DIR}/Base64.h
- ${VCORE_SRC_DIR}/CachedCRL.h
- ${VCORE_SRC_DIR}/CachedOCSP.h
- ${VCORE_SRC_DIR}/Certificate.h
- ${VCORE_SRC_DIR}/CertificateCacheDAO.h
- ${VCORE_SRC_DIR}/CertificateCollection.h
- ${VCORE_SRC_DIR}/CertificateConfigReader.h
- ${VCORE_SRC_DIR}/CertificateLoader.h
- ${VCORE_SRC_DIR}/CertificateStorage.h
- ${VCORE_SRC_DIR}/CertificateVerifier.h
- ${VCORE_SRC_DIR}/CertStoreType.h
- ${VCORE_SRC_DIR}/Config.h
- ${VCORE_SRC_DIR}/CRL.h
- ${VCORE_SRC_DIR}/Database.h
- ${VCORE_SRC_DIR}/DeveloperModeValidator.h
- ${VCORE_SRC_DIR}/IAbstractResponseCache.h
- ${VCORE_SRC_DIR}/OCSP.h
- ${VCORE_SRC_DIR}/OCSPCertMgrUtil.h
- ${VCORE_SRC_DIR}/ParserSchema.h
- ${VCORE_SRC_DIR}/ReferenceValidator.h
- ${VCORE_SRC_DIR}/RevocationCheckerBase.h
- ${VCORE_SRC_DIR}/SaxReader.h
- ${VCORE_SRC_DIR}/scoped_gpointer.h
- ${VCORE_SRC_DIR}/SignatureData.h
- ${VCORE_SRC_DIR}/SignatureFinder.h
- ${VCORE_SRC_DIR}/SignatureReader.h
- ${VCORE_SRC_DIR}/SignatureValidator.h
- ${VCORE_SRC_DIR}/SoupMessageSendBase.h
- ${VCORE_SRC_DIR}/SoupMessageSendSync.h
- ${VCORE_SRC_DIR}/SoupMessageSendAsync.h
- ${VCORE_SRC_DIR}/SSLContainers.h
- ${VCORE_SRC_DIR}/VerificationStatus.h
- ${VCORE_SRC_DIR}/ValidatorCommon.h
- ${VCORE_SRC_DIR}/ValidatorFactories.h
- ${VCORE_SRC_DIR}/VCore.h
- ${VCORE_SRC_DIR}/XmlsecAdapter.h
- DESTINATION include/dpl-efl/dpl/vcore/vcore
- PERMISSIONS OWNER_READ GROUP_READ WORLD_READ
- )
-
+++ /dev/null
-Scripts required to create vcoredatabase.
+++ /dev/null
-#!/bin/sh
-CHECKSUM=`cat ${2} ${3} 2>/dev/null | md5sum 2>/dev/null | cut -d\ -f1 2>/dev/null`
-echo "#define DB_CHECKSUM DB_VERSION_${CHECKSUM}" > ${1}
-echo "#define DB_CHECKSUM_STR \"DB_VERSION_${CHECKSUM}\"" >> ${1}
-
+++ /dev/null
-SQL(
- PRAGMA foreign_keys = ON;
- BEGIN TRANSACTION;
-)
-CREATE_TABLE(OCSPResponseStorage)
- COLUMN_NOT_NULL(cert_chain, TEXT, primary key)
- COLUMN(end_entity_check, INT,)
- COLUMN(ocsp_status, INT,)
- COLUMN(next_update_time, BIGINT,)
-CREATE_TABLE_END()
-
-CREATE_TABLE(CRLResponseStorage)
- COLUMN_NOT_NULL(distribution_point,TEXT, primary key)
- COLUMN_NOT_NULL(crl_body, TEXT,)
- COLUMN(next_update_time, BIGINT,)
-CREATE_TABLE_END()
-
-SQL(
- COMMIT;
-)
+++ /dev/null
-DATABASE_START(vcore)
-
-#include "vcore_db"
-#include "version_db"
-
-DATABASE_END()
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-//Do not include this file directly! It is used only for SQL code generation.
-
-#include <dpl/db/orm_macros.h>
-
-#include "vcore_db_definitions"
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <algorithm>
-#include <string>
-#include <string.h>
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-
-#include <dpl/log/log.h>
-#include <dpl/scoped_free.h>
-
-#include "Base64.h"
-
-namespace ValidationCore {
-Base64Encoder::Base64Encoder() :
- m_b64(0),
- m_bmem(0),
- m_finalized(false)
-{
-}
-
-void Base64Encoder::append(const std::string &data)
-{
- if (m_finalized) {
- LogWarning("Already finalized.");
- ThrowMsg(Exception::AlreadyFinalized, "Already finalized");
- }
-
- if (!m_b64) {
- reset();
- }
- BIO_write(m_b64, data.c_str(), data.size());
-}
-
-void Base64Encoder::finalize()
-{
- if (m_finalized) {
- LogWarning("Already finalized.");
- ThrowMsg(Exception::AlreadyFinalized, "Already finalized.");
- }
- m_finalized = true;
- BIO_flush(m_b64);
-}
-
-std::string Base64Encoder::get()
-{
- if (!m_finalized) {
- LogWarning("Not finalized");
- ThrowMsg(Exception::NotFinalized, "Not finalized");
- }
- BUF_MEM *bptr = 0;
- BIO_get_mem_ptr(m_b64, &bptr);
- if (bptr == 0) {
- LogError("Bio internal error");
- ThrowMsg(Exception::InternalError, "Bio internal error");
- }
-
- if (bptr->length > 0) {
- return std::string(bptr->data, bptr->length - 1);
- }
- return std::string();
-}
-
-void Base64Encoder::reset()
-{
- m_finalized = false;
- BIO_free_all(m_b64);
- m_b64 = BIO_new(BIO_f_base64());
- m_bmem = BIO_new(BIO_s_mem());
- if (!m_b64 || !m_bmem) {
- LogError("Error during allocation memory in BIO");
- ThrowMsg(Exception::InternalError,
- "Error during allocation memory in BIO");
- }
- m_b64 = BIO_push(m_b64, m_bmem);
-}
-
-Base64Encoder::~Base64Encoder()
-{
- BIO_free_all(m_b64);
-}
-
-Base64Decoder::Base64Decoder() :
- m_finalized(false)
-{
-}
-
-void Base64Decoder::append(const std::string &data)
-{
- if (m_finalized) {
- LogWarning("Already finalized.");
- ThrowMsg(Exception::AlreadyFinalized, "Already finalized.");
- }
- m_input.append(data);
-}
-
-static bool whiteCharacter(char a)
-{
- if (a == '\n') { return true; }
- return false;
-}
-
-bool Base64Decoder::finalize()
-{
- if (m_finalized) {
- LogWarning("Already finalized.");
- ThrowMsg(Exception::AlreadyFinalized, "Already finalized.");
- }
-
- m_finalized = true;
-
- m_input.erase(std::remove_if(m_input.begin(),
- m_input.end(),
- whiteCharacter),
- m_input.end());
-
- for (size_t i = 0; i<m_input.size(); ++i) {
- if (isalnum(m_input[i])
- || m_input[i] == '+'
- || m_input[i] == '/'
- || m_input[i] == '=')
- {
- continue;
- }
- LogError("Base64 input contains illegal chars: " << m_input[i]);
- return false;
- }
-
- BIO *b64, *bmem;
- size_t len = m_input.size();
-
- DPL::ScopedFree<char> buffer(static_cast<char*>(malloc(len)));
-
- if (!buffer) {
- LogError("Error in malloc.");
- ThrowMsg(Exception::InternalError, "Error in malloc.");
- }
-
- memset(buffer.Get(), 0, len);
- b64 = BIO_new(BIO_f_base64());
- if (!b64) {
- LogError("Couldn't create BIO object.");
- ThrowMsg(Exception::InternalError, "Couldn't create BIO object.");
- }
- BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
- DPL::ScopedFree<char> tmp(strdup(m_input.c_str()));
- m_input.clear();
-
- bmem = BIO_new_mem_buf(tmp.Get(), len);
-
- if (!bmem) {
- BIO_free(b64);
- LogError("Internal error in BIO");
- ThrowMsg(Exception::InternalError, "Internal error in BIO");
- }
-
- bmem = BIO_push(b64, bmem);
-
- if (!bmem) {
- BIO_free(b64);
- LogError("Internal error in BIO");
- ThrowMsg(Exception::InternalError, "Internal error in BIO");
- }
-
- int readlen = BIO_read(bmem, buffer.Get(), len);
- m_output.clear();
-
- bool status = true;
-
- if (readlen > 0) {
- m_output.append(buffer.Get(), readlen);
- } else {
- status = false;
- }
-
- BIO_free_all(bmem);
- return status;
-}
-
-std::string Base64Decoder::get() const
-{
- if (!m_finalized) {
- LogWarning("Not finalized.");
- ThrowMsg(Exception::NotFinalized, "Not finalized");
- }
- return m_output;
-}
-
-void Base64Decoder::reset()
-{
- m_finalized = false;
- m_input.clear();
- m_output.clear();
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _BASE64_H_
-#define _BASE64_H_
-
-#include <string>
-#include <dpl/noncopyable.h>
-#include <dpl/exception.h>
-
-struct bio_st;
-typedef bio_st BIO;
-
-namespace ValidationCore {
-class Base64Encoder : public DPL::Noncopyable
-{
- public:
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, InternalError)
- DECLARE_EXCEPTION_TYPE(Base, NotFinalized)
- DECLARE_EXCEPTION_TYPE(Base, AlreadyFinalized)
- };
- Base64Encoder();
- void append(const std::string &data);
- void finalize();
- std::string get();
- void reset();
- ~Base64Encoder();
-
- private:
- BIO *m_b64;
- BIO *m_bmem;
- bool m_finalized;
-};
-
-class Base64Decoder : public DPL::Noncopyable
-{
- public:
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, InternalError)
- DECLARE_EXCEPTION_TYPE(Base, NotFinalized)
- DECLARE_EXCEPTION_TYPE(Base, AlreadyFinalized)
- };
- Base64Decoder();
- void append(const std::string &data);
-
- /*
- * Function will return false when BIO_read fails
- * (for example: when string was not in base64 format).
- */
- bool finalize();
- std::string get() const;
- void reset();
- ~Base64Decoder()
- {
- }
-
- private:
- std::string m_input;
- std::string m_output;
- bool m_finalized;
-};
-} // namespace ValidationCore
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Piotr Marcinkiewicz(p.marcinkiew@samsung.com)
- * @version 0.1
- * @file CRL.h
- * @brief Routines for certificate validation over CRL
- */
-
-#include "CRL.h"
-
-#include <set>
-#include <algorithm>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/ocsp.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-#include <dpl/log/log.h>
-#include <dpl/assert.h>
-#include <dpl/exception.h>
-#include <dpl/scoped_ptr.h>
-#include <dpl/scoped_array.h>
-#include <dpl/db/orm.h>
-#include <dpl/foreach.h>
-
-#include "Base64.h"
-#include "Certificate.h"
-#include "SoupMessageSendSync.h"
-#include "CertificateCacheDAO.h"
-
-namespace {
-const char *CRL_LOOKUP_DIR_1 = "/usr/share/cert-svc/ca-certs/code-signing/wac";
-const char *CRL_LOOKUP_DIR_2 = "/opt/share/cert-svc/certs/code-signing/wac";
-} //anonymous namespace
-
-namespace ValidationCore {
-
-CRL::StringList CRL::getCrlUris(const CertificatePtr &argCert)
-{
- StringList result = argCert->getCrlUris();
-
- if (!result.empty()) {
- return result;
- }
- LogInfo("No distribution points found. Getting from CA cert.");
- X509_STORE_CTX *ctx = createContext(argCert);
- X509_OBJECT obj;
-
- //Try to get distribution points from CA certificate
- int retVal = X509_STORE_get_by_subject(ctx, X509_LU_X509,
- X509_get_issuer_name(argCert->
- getX509()),
- &obj);
- X509_STORE_CTX_free(ctx);
- if (0 >= retVal) {
- LogError("No dedicated CA certificate available");
- return result;
- }
- CertificatePtr caCert(new Certificate(obj.data.x509));
- X509_OBJECT_free_contents(&obj);
- return caCert->getCrlUris();
-}
-
-CRL::CRL()
-{
- LogInfo("CRL storage initialization.");
- m_store = X509_STORE_new();
- if (!m_store) {
- LogError("Failed to create new store.");
- ThrowMsg(CRLException::StorageError,
- "Not possible to create new store.");
- }
- m_lookup = X509_STORE_add_lookup(m_store, X509_LOOKUP_hash_dir());
- if (!m_lookup) {
- cleanup();
- LogError("Failed to add hash dir lookup");
- ThrowMsg(CRLException::StorageError,
- "Not possible to add hash dir lookup.");
- }
- // Add hash dir pathname for CRL checks
- bool retVal = X509_LOOKUP_add_dir(m_lookup,
- CRL_LOOKUP_DIR_1, X509_FILETYPE_PEM) == 1;
- retVal &= retVal && (X509_LOOKUP_add_dir(m_lookup, CRL_LOOKUP_DIR_1,
- X509_FILETYPE_ASN1) == 1);
- retVal &= retVal && (X509_LOOKUP_add_dir(m_lookup, CRL_LOOKUP_DIR_2,
- X509_FILETYPE_PEM) == 1);
- retVal &= retVal && (X509_LOOKUP_add_dir(m_lookup, CRL_LOOKUP_DIR_2,
- X509_FILETYPE_ASN1) == 1);
- if (!retVal) {
- LogError("Failed to add lookup dir for PEM files.");
- cleanup();
- ThrowMsg(CRLException::StorageError,
- "Failed to add lookup dir for PEM files.");
- }
- LogInfo("CRL storage initialization complete.");
-}
-
-CRL::~CRL()
-{
- cleanup();
-}
-
-void CRL::cleanup()
-{
- LogInfo("Free CRL storage");
- // STORE is responsible for LOOKUP release
- // X509_LOOKUP_free(m_lookup);
- X509_STORE_free(m_store);
-}
-
-CRL::RevocationStatus CRL::checkCertificate(const CertificatePtr &argCert)
-{
- RevocationStatus retStatus = {false, false};
- int retVal = 0;
- StringList crlUris = getCrlUris(argCert);
- FOREACH(it, crlUris) {
- CRLDataPtr crl = getCRL(*it);
- if (!crl) {
- LogDebug("CRL not found for URI: " << *it);
- continue;
- }
- X509_CRL *crlInternal = convertToInternal(crl);
-
- //Check date
- if (X509_CRL_get_nextUpdate(crlInternal)) {
- retVal = X509_cmp_current_time(
- X509_CRL_get_nextUpdate(crlInternal));
- retStatus.isCRLValid = retVal > 0;
- } else {
- // If nextUpdate is not set assume it is actual.
- retStatus.isCRLValid = true;
- }
- LogInfo("CRL valid: " << retStatus.isCRLValid);
- X509_REVOKED rev;
- rev.serialNumber = X509_get_serialNumber(argCert->getX509());
- // sk_X509_REVOKED_find returns index if serial number is found on list
- retVal = sk_X509_REVOKED_find(crlInternal->crl->revoked, &rev);
- X509_CRL_free(crlInternal);
- retStatus.isRevoked = retVal != -1;
- LogInfo("CRL revoked: " << retStatus.isRevoked);
-
- if (!retStatus.isRevoked && isOutOfDate(crl)) {
- LogDebug("Certificate is not Revoked, but CRL is outOfDate.");
- continue;
- }
-
- return retStatus;
- }
- // If there is no CRL for any of URIs it means it's not possible to
- // tell anything about revocation status but it's is not an error.
- return retStatus;
-}
-
-CRL::RevocationStatus CRL::checkCertificateChain(CertificateCollection
- certChain)
-{
- if (!certChain.sort()) {
- LogError("Certificate list doesn't create chain.");
- ThrowMsg(CRLException::InvalidParameter,
- "Certificate list doesn't create chain.");
- }
-
- RevocationStatus ret;
- ret.isCRLValid = true;
- ret.isRevoked = false;
- const CertificateList &certList = certChain.getChain();
- FOREACH(it, certList) {
- if (!(*it)->isRootCert()) {
- LogInfo("Certificate common name: " << *((*it)->getCommonName()));
- RevocationStatus certResult = checkCertificate(*it);
- ret.isCRLValid &= certResult.isCRLValid;
- ret.isRevoked |= certResult.isRevoked;
- if (ret.isCRLValid && !ret.isRevoked) {
- addToStorage(*it);
- }
- if (ret.isRevoked) {
- return ret;
- }
- }
- }
- return ret;
-}
-
-VerificationStatus CRL::checkEndEntity(CertificateCollection &chain)
-{
- if (!chain.sort() && !chain.empty()) {
- LogInfo("Could not find End Entity certificate. "
- "Collection does not form chain.");
- return VERIFICATION_STATUS_ERROR;
- }
- CertificateList::const_iterator iter = chain.begin();
- RevocationStatus stat = checkCertificate(*iter);
- if (stat.isRevoked) {
- return VERIFICATION_STATUS_REVOKED;
- }
- if (stat.isCRLValid) {
- return VERIFICATION_STATUS_GOOD;
- }
- return VERIFICATION_STATUS_ERROR;
-}
-
-void CRL::addToStorage(const CertificatePtr &argCert)
-{
- X509_STORE_add_cert(m_store, argCert->getX509());
-}
-
-bool CRL::isOutOfDate(const CRLDataPtr &crl) const {
- X509_CRL *crlInternal = convertToInternal(crl);
-
- bool result = false;
- if (X509_CRL_get_nextUpdate(crlInternal)) {
- if (0 > X509_cmp_current_time(X509_CRL_get_nextUpdate(crlInternal))) {
- result = true;
- } else {
- result = false;
- }
- } else {
- result = true;
- }
- X509_CRL_free(crlInternal);
- return result;
-}
-
-bool CRL::updateList(const CertificatePtr &argCert,
- const UpdatePolicy updatePolicy)
-{
- LogInfo("Update CRL for certificate");
-
- // Retrieve distribution points
- StringList crlUris = getCrlUris(argCert);
- FOREACH(it, crlUris) {
- // Try to get CRL from database
- LogInfo("Getting CRL for URI: " << *it);
-
- bool downloaded = false;
-
- CRLDataPtr crl;
-
- // If updatePolicy == UPDATE_ON_DEMAND we dont care
- // about data in cache. New crl must be downloaded.
- if (updatePolicy == UPDATE_ON_EXPIRED) {
- crl = getCRL(*it);
- }
-
- if (!!crl && isOutOfDate(crl)) {
- LogDebug("Crl out of date - downloading.");
- crl = downloadCRL(*it);
- downloaded = true;
- }
-
- if (!crl) {
- LogDebug("Crl not found in cache - downloading.");
- crl = downloadCRL(*it);
- downloaded = true;
- }
-
- if (!crl) {
- LogDebug("Failed to obtain CRL. URL: " << *it);
- continue;
- }
-
- if (!!crl && isOutOfDate(crl)) {
- LogError("CRL out of date. Broken URL: " << *it);
- }
-
- // Make X509 internal structure
- X509_CRL *crlInternal = convertToInternal(crl);
-
- //Check if CRL is signed
- if (!verifyCRL(crlInternal, argCert)) {
- LogError("Failed to verify CRL. URI: " << crl->uri);
- X509_CRL_free(crlInternal);
- return false;
- }
- X509_CRL_free(crlInternal);
-
- if (downloaded) {
- updateCRL(crl);
- }
- return true;
- }
-
- return false;
-}
-
-void CRL::addToStore(const CertificateCollection &collection)
-{
- FOREACH(it, collection){
- addToStorage(*it);
- }
-}
-
-bool CRL::updateList(const CertificateCollection &collection,
- UpdatePolicy updatePolicy)
-{
- bool failed = false;
-
- FOREACH(it, collection){
- failed |= !updateList(*it, updatePolicy);
- }
-
- return !failed;
-}
-
-bool CRL::verifyCRL(X509_CRL *crl,
- const CertificatePtr &cert)
-{
- X509_OBJECT obj;
- X509_STORE_CTX *ctx = createContext(cert);
-
- /* get issuer certificate */
- int retVal = X509_STORE_get_by_subject(ctx, X509_LU_X509,
- X509_CRL_get_issuer(crl), &obj);
- X509_STORE_CTX_free(ctx);
- if (0 >= retVal) {
- LogError("Unknown CRL issuer certificate!");
- return false;
- }
-
- /* extract public key and verify signature */
- EVP_PKEY *pkey = X509_get_pubkey(obj.data.x509);
- X509_OBJECT_free_contents(&obj);
- if (!pkey) {
- LogError("Failed to get issuer's public key.");
- return false;
- }
- retVal = X509_CRL_verify(crl, pkey);
- EVP_PKEY_free(pkey);
- if (0 > retVal) {
- LogError("Failed to verify CRL.");
- return false;
- } else if (0 == retVal) {
- LogError("CRL is invalid");
- return false;
- }
- LogInfo("CRL is valid.");
- return true;
-}
-
-bool CRL::isPEMFormat(const CRLDataPtr &crl) const
-{
- const char *pattern = "-----BEGIN X509 CRL-----";
- std::string content(crl->buffer, crl->length);
- if (content.find(pattern) != std::string::npos) {
- LogInfo("CRL is in PEM format.");
- return true;
- }
- LogInfo("CRL is in DER format.");
- return false;
-}
-
-X509_CRL *CRL::convertToInternal(const CRLDataPtr &crl) const
-{
- //At this point it's not clear does crl have DER or PEM format
- X509_CRL *ret = NULL;
- if (isPEMFormat(crl)) {
- BIO *bmem = BIO_new_mem_buf(crl->buffer, crl->length);
- if (!bmem) {
- LogError("Failed to allocate memory in BIO");
- ThrowMsg(CRLException::InternalError,
- "Failed to allocate memory in BIO");
- }
- ret = PEM_read_bio_X509_CRL(bmem, NULL, NULL, NULL);
- BIO_free_all(bmem);
- } else {
- //If it's not PEM it must be DER format
- std::string content(crl->buffer, crl->length);
- const unsigned char *buffer =
- reinterpret_cast<unsigned char*>(crl->buffer);
- ret = d2i_X509_CRL(NULL, &buffer, crl->length);
- }
- if (!ret) {
- LogError("Failed to convert to internal structure");
- ThrowMsg(CRLException::InternalError,
- "Failed to convert to internal structure");
- }
- return ret;
-}
-
-X509_STORE_CTX *CRL::createContext(const CertificatePtr &argCert)
-{
- X509_STORE_CTX *ctx;
- ctx = X509_STORE_CTX_new();
- if (!ctx) {
- ThrowMsg(CRLException::StorageError, "Failed to create new context.");
- }
- X509_STORE_CTX_init(ctx, m_store, argCert->getX509(), NULL);
- return ctx;
-}
-
-CRL::CRLDataPtr CRL::downloadCRL(const std::string &uri)
-{
- using namespace SoupWrapper;
-
- char *cport = 0, *chost = 0,*cpath = 0;
- int use_ssl = 0;
-
- if (!OCSP_parse_url(const_cast<char*>(uri.c_str()),
- &chost,
- &cport,
- &cpath,
- &use_ssl))
- {
- LogWarning("Error in OCSP_parse_url");
- return CRLDataPtr();
- }
-
- std::string host = chost;
- if (cport) {
- host += ":";
- host += cport;
- }
-
- free(cport);
- free(chost);
- free(cpath);
-
- SoupMessageSendSync message;
- message.setHost(uri);
- message.setHeader("Host", host);
-
- if (SoupMessageSendSync::REQUEST_STATUS_OK != message.sendSync()) {
- LogWarning("Error in sending network request.");
- return CRLDataPtr();
- }
-
- SoupMessageSendBase::MessageBuffer mBuffer = message.getResponse();
- return CRLDataPtr(new CRLData(mBuffer,uri));
-}
-
-CRL::CRLDataPtr CRL::getCRL(const std::string &uri) const
-{
- CRLCachedData cachedCrl;
- cachedCrl.distribution_point = uri;
- if (!CertificateCacheDAO::getCRLResponse(&cachedCrl)) {
- LogInfo("CRL not present in database. URI: " << uri);
- return CRLDataPtr();
- }
-
- std::string body = cachedCrl.crl_body;
-
- LogInfo("CRL found in database.");
- //TODO: remove when ORM::blob available
- //Encode buffer to base64 format to store in database
-
- Base64Decoder decoder;
- decoder.append(body);
- if (!decoder.finalize()) {
- LogError("Failed to decode base64 format.");
- ThrowMsg(CRLException::StorageError, "Failed to decode base64 format.");
- }
- std::string crlBody = decoder.get();
-
- DPL::ScopedArray<char> bodyBuffer(new char[crlBody.length()]);
- crlBody.copy(bodyBuffer.Get(), crlBody.length());
- return CRLDataPtr(new CRLData(bodyBuffer.Release(), crlBody.length(),
- uri));
-}
-
-void CRL::updateCRL(const CRLDataPtr &crl)
-{
- //TODO: remove when ORM::blob available
- //Encode buffer to base64 format to store in database
- Base64Encoder encoder;
- if (!crl || !crl->buffer) {
- ThrowMsg(CRLException::InternalError, "CRL buffer is empty");
- }
- encoder.append(std::string(crl->buffer, crl->length));
- encoder.finalize();
- std::string b64CRLBody = encoder.get();
-
- time_t nextUpdateTime = 0;
- X509_CRL *crlInternal = convertToInternal(crl);
-
- if (X509_CRL_get_nextUpdate(crlInternal)) {
- asn1TimeToTimeT(X509_CRL_get_nextUpdate(crlInternal),
- &nextUpdateTime);
- }
-
- X509_CRL_free(crlInternal);
- //Update/insert crl body
- CertificateCacheDAO::setCRLResponse(crl->uri,b64CRLBody,nextUpdateTime);
-}
-} // ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Piotr Marcinkiewicz(p.marcinkiew@samsung.com)
- * @version 0.4
- * @file CRL.h
- * @brief Routines for certificate validation over CRL
- */
-
-#ifndef WRT_ENGINE_SRC_VALIDATION_CORE_ENGINE_CRL_H_
-#define WRT_ENGINE_SRC_VALIDATION_CORE_ENGINE_CRL_H_
-
-#include <dpl/exception.h>
-#include <dpl/shared_ptr.h>
-#include <dpl/noncopyable.h>
-#include <dpl/log/log.h>
-
-#include "Certificate.h"
-#include "CertificateCollection.h"
-#include "SoupMessageSendBase.h"
-#include "VerificationStatus.h"
-
-namespace ValidationCore {
-namespace CRLException {
-DECLARE_EXCEPTION_TYPE(DPL::Exception, CRLException)
-DECLARE_EXCEPTION_TYPE(CRLException, StorageError)
-DECLARE_EXCEPTION_TYPE(CRLException, DownloadFailed)
-DECLARE_EXCEPTION_TYPE(CRLException, InternalError)
-DECLARE_EXCEPTION_TYPE(CRLException, InvalidParameter)
-}
-
-class CachedCRL; // forward declaration
-
-class CRL
-{
- protected:
- X509_STORE *m_store;
- X509_LOOKUP *m_lookup;
-
- class CRLData : DPL::Noncopyable
- {
- public:
- //TODO: change to SharedArray when available
- char *buffer;
- size_t length;
- std::string uri;
-
- CRLData(char* _buffer,
- size_t _length,
- const std::string &_uri) :
- buffer(_buffer),
- length(_length),
- uri(_uri)
- {
- }
-
- CRLData(const SoupWrapper::SoupMessageSendBase::MessageBuffer &mBuff,
- const std::string &mUri)
- : uri(mUri)
- {
- buffer = new char[mBuff.size()];
- length = mBuff.size();
- memcpy(buffer, &mBuff[0], mBuff.size());
- }
-
- ~CRLData()
- {
- LogInfo("Delete buffer");
- delete[] buffer;
- }
- };
- typedef DPL::SharedPtr<CRLData> CRLDataPtr;
- typedef std::list<std::string> StringList;
-
- CRLDataPtr getCRL(const std::string &uri) const;
- CRLDataPtr downloadCRL(const std::string &uri);
- X509_STORE_CTX *createContext(const CertificatePtr &argCert);
- void updateCRL(const CRLDataPtr &crl);
- X509_CRL *convertToInternal(const CRLDataPtr &crl) const;
- StringList getCrlUris(const CertificatePtr &argCert);
- bool isPEMFormat(const CRLDataPtr &crl) const;
- bool verifyCRL(X509_CRL *crl,
- const CertificatePtr &cert);
- void addToStorage(const CertificatePtr &argCert);
- void cleanup();
- bool isOutOfDate(const CRLDataPtr &crl) const;
-
- friend class CachedCRL;
- public:
- enum UpdatePolicy
- {
- UPDATE_ON_EXPIRED, /**< Download and update CRL only when next update
- date has expired */
- UPDATE_ON_DEMAND /**< Download and update CRL regardless next update
- date */
- };
-
- struct RevocationStatus
- {
- bool isCRLValid; /**< True when CRL was valid during
- certificate validation */
- bool isRevoked; /**< True when certificate is revoked */
- };
-
- CRL();
- ~CRL();
-
- /**
- * @brief Checks if given certificate is revoked.
- *
- * @details This function doesn't update CRL list. If related CRL
- * is out of date the #isCRLValid return parameter is set to false.
- *
- * @param[in] argCert The certificate to check against revocation.
- * @return RevocationStatus.isRevoked True when certificate is revoked,
- * false otherwise.
- * RevocationStatus.isCRLValid True if related CRL has not expired,
- * false otherwise.
- */
- RevocationStatus checkCertificate(const CertificatePtr &argCert);
-
- /**
- * @brief Checks if any certificate from certificate chain is revoked.
- *
- * @details This function doesn't update CRL lists. If any of related
- * CRL is out of date the #isCRLValid parameter is set to true.
- * This function adds valid certificates from the chain to internal storage
- * map so they'll be available in further check operations for current
- * CRL object.
- *
- * @param[in] argCert The certificate chain to check against revocation.
- * @return RevocationStatus.isRevoked True when any from certificate chain
- * is revoked, false otherwise.
- * RevocationStatus.isCRLValid True if all of related CRLs has
- * not expired, false otherwise.
- */
- RevocationStatus checkCertificateChain(CertificateCollection certChain);
-
- VerificationStatus checkEndEntity(CertificateCollection &chain);
-
- /**
- * @brief Updates CRL related with given certificate.
- *
- * @details This function updates CRL list related with given certificate.
- * If CRL related with given certificate is not stored in database
- * then this function will download CRL and store it in database.
- *
- * @param[in] argCert The certificate for which the CRL will be updated
- * @param[in] updatePolicy Determine when CRL will be downloaded and updated
- * @return True when CRL for given certificate was updated successfully,
- * false otherwise.
- */
- bool updateList(const CertificatePtr &argCert,
- const UpdatePolicy updatePolicy);
-
- /**
- * @brief Updates CRL related with given certificates.
- *
- * @details This function updates CRL lists related with given certificates.
- * If CRL related with given certificate is not stored in database
- * then this function will download CRL and store it in database.
- *
- * @param[in] collection The certificate collection for which the CRL will
- * be updated
- * @param[in] updatePolicy Determine when CRL will be downloaded and updated
- * @return True when CRL for given certificate was updated successfully,
- * false otherwise.
- */
- bool updateList(const CertificateCollection &collection,
- const UpdatePolicy updatePolisy);
-
- /**
- * @brief Add certificate to known certificates store.
- *
- * @param[in] collection The certificate collection which will be
- * added to known certificate store.
- */
- void addToStore(const CertificateCollection &collection);
-};
-} // ValidationCore
-
-#endif //ifndef WRT_ENGINE_SRC_VALIDATION_CORE_ENGINE_CRL_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- * @file CachedCRL.cpp
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief Cached CRL class implementation
- */
-
-#include <string>
-#include <time.h>
-
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-#include <dpl/foreach.h>
-
-#include "CRL.h"
-#include "CachedCRL.h"
-#include "Certificate.h"
-#include "CertificateCacheDAO.h"
-
-namespace ValidationCore {
-
-const time_t CachedCRL::CRL_minTimeValid = 3600; // one hour in seconds
-
-const time_t CachedCRL::CRL_maxTimeValid = 3600 * 24 * 7; // one week in seconds
-
-const time_t CachedCRL::CRL_refreshBefore = 3600; // one hour in seconds
-
-VerificationStatus CachedCRL::check(const CertificateCollection &certs)
-{
- CRL crl;
- bool allValid = true;
- // we dont check CRL validity since
- // we may use crl for longer time
- // in smart cache than in regular CRL class (time clamping)
- crl.addToStore(certs);
- FOREACH(cert, certs){
- CRL::StringList crlUris = crl.getCrlUris(*cert);
- FOREACH(uri, crlUris) {
- allValid = allValid && updateCRLForUri(*uri,false);
- }
- }
- if (!allValid) {
- // problems with CRL validity
- LogDebug("Some CRLs not valid");
- }
- CRL::RevocationStatus stat = crl.checkCertificateChain(certs);
- if (stat.isRevoked) {
- LogDebug("Status REVOKED");
- return VERIFICATION_STATUS_REVOKED;
- }
- LogDebug("Status GOOD");
- return VERIFICATION_STATUS_GOOD;
-}
-
-VerificationStatus CachedCRL::checkEndEntity(CertificateCollection &certs)
-{
- if (certs.empty()) {
- LogError("Collection empty. This should never happen.");
- LogDebug("Status ERROR");
- return VERIFICATION_STATUS_ERROR;
- }
- if (!certs.sort()) {
- LogError("Could not find End Entity certificate. "
- "Collection does not form chain.");
- LogDebug("Status ERROR");
- return VERIFICATION_STATUS_ERROR;
- }
- CRL crl;
- bool allValid = true;
- // we dont check CRL validity since
- // we may use crl for longer time
- // in smart cache than in regular CRL class (time clamping)
- crl.addToStore(certs);
- CertificateList::const_iterator icert = certs.begin();
- if (icert != certs.end()) {
- CRL::StringList crlUris = crl.getCrlUris(*icert);
- FOREACH(uri, crlUris) {
- allValid = allValid && updateCRLForUri(*uri,false);
- }
- }
- if (!allValid) {
- // problems with CRL validity
- LogDebug("Some CRLs not valid");
- }
- CertificateList::const_iterator iter = certs.begin();
- CRL::RevocationStatus stat = crl.checkCertificate(*iter);
- if (stat.isRevoked) {
- LogDebug("Status REVOKED");
- return VERIFICATION_STATUS_REVOKED;
- }
- LogDebug("Status GOOD");
- return VERIFICATION_STATUS_GOOD;
-}
-
-void CachedCRL::updateCache()
-{
- CRLCachedDataList list;
- CertificateCacheDAO::getCRLResponseList(&list);
- FOREACH(db_crl, list) {
- updateCRLForUri(db_crl->distribution_point, true);
- }
-}
-
-bool CachedCRL::updateCRLForUri(const std::string & uri, bool useExpiredShift)
-{
- CRLCachedData cachedCRL;
- cachedCRL.distribution_point = uri;
- time_t now;
- time(&now);
- if (useExpiredShift) {
- now += CRL_refreshBefore;
- }
- if (CertificateCacheDAO::getCRLResponse(&cachedCRL)) {
- if (now < cachedCRL.next_update_time) {
- LogDebug("Cached CRL still valid for: " << uri);
- return true;
- }
- }
- // need to download new CRL
- CRL crl;
- CRL::CRLDataPtr list = crl.downloadCRL(uri);
- if (!list) {
- LogWarning("Could not retreive CRL from " << uri);
- return false;
- }
- crl.updateCRL(list);
- CertificateCacheDAO::getCRLResponse(&cachedCRL); // save it the way CRL does
- cachedCRL.next_update_time =
- getNextUpdateTime(now,cachedCRL.next_update_time);
- CertificateCacheDAO::setCRLResponse(cachedCRL.distribution_point,
- cachedCRL.crl_body,
- cachedCRL.next_update_time);
- return true;
-}
-
-time_t CachedCRL::getNextUpdateTime(time_t now, time_t response_validity)
-{
- time_t min = now + CRL_minTimeValid;
- time_t max = now + CRL_maxTimeValid;
- if (response_validity < min) {
- return min;
- }
- if (response_validity > max) {
- return max;
- }
- return response_validity;
-}
-
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- * @file CachedCRL.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief Header file for smart cached CRL class
- */
-
-#ifndef _SRC_VALIDATION_CORE_CACHED_CRL_
-#define _SRC_VALIDATION_CORE_CACHED_CRL_
-
-#include "CRL.h"
-#include "IAbstractResponseCache.h"
-
-namespace ValidationCore {
-
-class CachedCRL : public IAbstractResponseCache {
- public:
- // cache can't be refreshed more frequently than CRL_minTimeValid
- static const time_t CRL_minTimeValid;
-
- // to be even more secure, cache will be refreshed for certificate at least
- // after CRL_maxTimeValid from last response
- static const time_t CRL_maxTimeValid;
-
- // upon cache refresh, responses that will be invalid in CRL_refreshBefore
- // seconds will be refreshed
- static const time_t CRL_refreshBefore;
-
- VerificationStatus check(const CertificateCollection &certs);
- VerificationStatus checkEndEntity(CertificateCollection &certs);
- void updateCache();
-
- CachedCRL()
- {
- }
- virtual ~CachedCRL()
- {
- }
-
- private:
-
- // updates CRL cache for distributor URI
- // useExpiredShift ==true should be used in cron/global cache update
- // since it updates all CRLs that will be out of date in next
- // CRL_refreshBefore seconds
- bool updateCRLForUri(const std::string & uri,
- bool useExpiredShift);
- time_t getNextUpdateTime(time_t now, time_t response_validity);
-};
-
-} // namespace ValidationCore
-
-#endif /* _SRC_VALIDATION_CORE_CACHED_CRL_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- * @file CachedOCSP.cpp
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief Cached OCSP class implementation
- */
-
-#include <string>
-#include <time.h>
-
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-#include <dpl/foreach.h>
-
-#include "OCSP.h"
-#include "CachedOCSP.h"
-#include "Certificate.h"
-#include "CertificateCacheDAO.h"
-
-namespace ValidationCore {
-
-const time_t CachedOCSP::OCSP_minTimeValid = 3600; // one hour in seconds
-
-const time_t CachedOCSP::OCSP_maxTimeValid =
- 3600 * 24 * 7; // one week in seconds
-
-const time_t CachedOCSP::OCSP_refreshBefore = 3600; // one hour in seconds
-
-VerificationStatus CachedOCSP::check(const CertificateCollection &certs)
-{
- OCSPCachedStatus db_status;
- time_t now;
- time(&now);
-
- db_status.cert_chain = certs.toBase64String();
- db_status.end_entity_check = false;
-
- if (CertificateCacheDAO::getOCSPStatus(&db_status)) {
- LogDebug("Found cache entry for OCSP");
- if (now < db_status.next_update_time) {
- LogDebug("Cache response valid");
- return db_status.ocsp_status;
- }
- }
-
- // here we need to get OCSP result and add/update cache
- OCSP ocsp;
- CertificateList list = certs.getChain();
- ocsp.setTrustedStore(list);
-
- VerificationStatusSet statusSet = ocsp.validateCertificateList(list);
- db_status.ocsp_status = statusSet.convertToStatus();
- db_status.next_update_time = ocsp.getResponseValidity();
- CertificateCacheDAO::setOCSPStatus(db_status.cert_chain,
- db_status.ocsp_status,
- db_status.end_entity_check,
- getNextUpdateTime(
- now,
- db_status.next_update_time));
- return db_status.ocsp_status;
-}
-
-VerificationStatus CachedOCSP::checkEndEntity(CertificateCollection &certs)
-{
- OCSPCachedStatus db_status;
- time_t now;
- time(&now);
-
- db_status.cert_chain = certs.toBase64String();
- db_status.end_entity_check = true;
-
- if (CertificateCacheDAO::getOCSPStatus(&db_status)) {
- LogDebug("Found cache entry for OCSP");
- if (now < db_status.next_update_time) {
- LogDebug("Cache response valid");
- return db_status.ocsp_status;
- }
- }
-
- // here we need to send request via OCSP and add/update cache
- CertificateList clst;
- getCertsForEndEntity(certs, &clst);
-
- OCSP ocsp;
- ocsp.setTrustedStore(certs.getCertificateList());
-
- const char *defResponderURI = getenv(OCSP::DEFAULT_RESPONDER_URI_ENV);
-
- if (defResponderURI) {
- ocsp.setUseDefaultResponder(true);
- ocsp.setDefaultResponder(defResponderURI);
- }
-
- VerificationStatusSet statusSet = ocsp.validateCertificateList(clst);
- db_status.ocsp_status = statusSet.convertToStatus();
- db_status.next_update_time = ocsp.getResponseValidity();
-
- CertificateCacheDAO::setOCSPStatus(db_status.cert_chain,
- db_status.ocsp_status,
- db_status.end_entity_check,
- getNextUpdateTime(
- now,
- db_status.next_update_time));
-
- return db_status.ocsp_status;
-}
-
-void CachedOCSP::updateCache()
-{
- time_t now;
- time(&now);
- now += OCSP_refreshBefore;
- OCSPCachedStatusList list;
- CertificateCacheDAO::getOCSPStatusList(&list);
- FOREACH(db_status, list) {
- if (now >= db_status->next_update_time) {
- // this response needs to be refreshed
- // TODO: check result? update even errors? need to check RFC
- CertificateCollection col;
- col.load(db_status->cert_chain);
-
- OCSP ocsp;
- CertificateList chain = col.getChain();
- ocsp.setTrustedStore(chain);
-
- VerificationStatusSet statusSet;
-
- if (db_status->end_entity_check) {
- CertificateList clst;
- getCertsForEndEntity(col, &clst);
- statusSet = ocsp.validateCertificateList(clst);
- } else {
- statusSet = ocsp.validateCertificateList(chain);
- }
-
- db_status->ocsp_status = statusSet.convertToStatus();
- db_status->next_update_time = ocsp.getResponseValidity();
-
- CertificateCacheDAO::setOCSPStatus(db_status->cert_chain,
- db_status->ocsp_status,
- db_status->end_entity_check,
- db_status->next_update_time);
- }
- }
-}
-
-void CachedOCSP::getCertsForEndEntity(
- const CertificateCollection &certs, CertificateList* clst)
-{
- if (NULL == clst) {
- LogError("NULL pointer");
- return;
- }
-
- if (certs.isChain() && certs.size() >= 2) {
- CertificateList::const_iterator icert = certs.begin();
- clst->push_back(*icert);
- ++icert;
- clst->push_back(*icert);
- }
-}
-
-time_t CachedOCSP::getNextUpdateTime(time_t now, time_t response_validity)
-{
- long min = now + OCSP_minTimeValid;
- long max = now + OCSP_maxTimeValid;
- if (response_validity < min) {
- return min;
- }
- if (response_validity > max) {
- return max;
- }
- return response_validity;
-}
-
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- * @file CachedOCSP.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief Header file for smart cached OCSP class
- */
-
-#ifndef _SRC_VALIDATION_CORE_CACHED_OCSP_
-#define _SRC_VALIDATION_CORE_CACHED_OCSP_
-
-#include "OCSP.h"
-#include "IAbstractResponseCache.h"
-
-namespace ValidationCore {
-
-class CachedOCSP : public IAbstractResponseCache {
- public:
- // cache can't be refreshed more frequently than OCSP_minTimeValid
- static const time_t OCSP_minTimeValid;
-
- // to be even more secure, cache will be refreshed for certificate at least
- // after OCSP_minTimeValid from last response
- static const time_t OCSP_maxTimeValid;
-
- // upon cache refresh, responses that will be invalid in OCSP_refreshBefore
- // seconds will be refreshed
- static const time_t OCSP_refreshBefore;
-
- VerificationStatus check(const CertificateCollection &certs);
- VerificationStatus checkEndEntity(CertificateCollection &certs);
- void updateCache();
-
- CachedOCSP()
- {
- }
- virtual ~CachedOCSP()
- {
- }
-
- private:
-
- void getCertsForEndEntity(const CertificateCollection &certs,
- CertificateList* clst);
- time_t getNextUpdateTime(time_t now, time_t response_validity);
-};
-
-} // namespace ValidationCore
-
-#endif /* _SRC_VALIDATION_CORE_CACHED_OCSP_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTSTORETYPE_H_
-#define _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTSTORETYPE_H_
-
-namespace ValidationCore {
-namespace CertStoreId {
-typedef unsigned int Type;
-
-// RootCA certificates for developer mode.
-const Type DEVELOPER = 1;
-// RootCA certificates for author signatures.
-const Type WAC_PUBLISHER = 1 << 1;
-// RootCA certificates for wac-signed widgets.
-const Type WAC_ROOT = 1 << 2;
-// RootCA certificates for wac-members ie. operators, manufacturers.
-const Type WAC_MEMBER = 1 << 3;
-
-class Set
-{
- public:
- Set() :
- m_certificateStorage(0)
- {
- }
-
- void add(Type second)
- {
- m_certificateStorage |= second;
- }
-
- bool contains(Type second) const
- {
- return static_cast<bool>(m_certificateStorage & second);
- }
-
- bool isEmpty() const
- {
- return m_certificateStorage == 0;
- }
-
- private:
- Type m_certificateStorage;
-};
-} // namespace CertStoreId
-} // namespace ValidationCore
-
-#endif // _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTSTORETYPE_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#include "Certificate.h"
-
-#include <openssl/x509v3.h>
-
-#include <dpl/assert.h>
-#include <dpl/log/log.h>
-
-#include <Base64.h>
-
-namespace ValidationCore {
-
-int asn1TimeToTimeT(ASN1_TIME *t,
- time_t *res)
-{
- struct tm tm;
- int offset;
-
- (*res) = 0;
- if (!ASN1_TIME_check(t)) {
- return -1;
- }
-
- memset(&tm, 0, sizeof(tm));
-
-#define g2(p) (((p)[0] - '0') * 10 + (p)[1] - '0')
- if (t->type == V_ASN1_UTCTIME) {
- Assert(t->length > 12);
-
- /* this code is copied from OpenSSL asn1/a_utctm.c file */
- tm.tm_year = g2(t->data);
- if (tm.tm_year < 50) {
- tm.tm_year += 100;
- }
- tm.tm_mon = g2(t->data + 2) - 1;
- tm.tm_mday = g2(t->data + 4);
- tm.tm_hour = g2(t->data + 6);
- tm.tm_min = g2(t->data + 8);
- tm.tm_sec = g2(t->data + 10);
- if (t->data[12] == 'Z') {
- offset = 0;
- } else {
- Assert(t->length > 16);
-
- offset = g2(t->data + 13) * 60 + g2(t->data + 15);
- if (t->data[12] == '-') {
- offset = -offset;
- }
- }
- tm.tm_isdst = -1;
- } else {
- Assert(t->length > 14);
-
- tm.tm_year = g2(t->data) * 100 + g2(t->data + 2);
- tm.tm_mon = g2(t->data + 4) - 1;
- tm.tm_mday = g2(t->data + 6);
- tm.tm_hour = g2(t->data + 8);
- tm.tm_min = g2(t->data + 10);
- tm.tm_sec = g2(t->data + 12);
- if (t->data[14] == 'Z') {
- offset = 0;
- } else {
- Assert(t->length > 18);
-
- offset = g2(t->data + 15) * 60 + g2(t->data + 17);
- if (t->data[14] == '-') {
- offset = -offset;
- }
- }
- tm.tm_isdst = -1;
- }
-#undef g2
- (*res) = timegm(&tm) - offset * 60;
- return 0;
-}
-
-int asn1GeneralizedTimeToTimeT(ASN1_GENERALIZEDTIME *tm,
- time_t *res)
-{
- /*
- * This code is based on following assumption:
- * from openssl/a_gentm.c:
- * GENERALIZEDTIME is similar to UTCTIME except the year is
- * represented as YYYY. This stuff treats everything as a two digit
- * field so make first two fields 00 to 99
- */
- const int DATE_BUFFER_LENGTH = 15; // YYYYMMDDHHMMSSZ
-
- if (NULL == res || NULL == tm) {
- LogError("NULL pointer");
- return -1;
- }
-
- if (DATE_BUFFER_LENGTH != tm->length || NULL == tm->data) {
- LogError("Invalid ASN1_GENERALIZEDTIME");
- return -1;
- }
-
- struct tm time_s;
- if (sscanf ((char*)tm->data,
- "%4d%2d%2d%2d%2d%2d",
- &time_s.tm_year,
- &time_s.tm_mon,
- &time_s.tm_mday,
- &time_s.tm_hour,
- &time_s.tm_min,
- &time_s.tm_sec) < 6)
- {
- LogError("Could not extract time data from ASN1_GENERALIZEDTIME");
- return -1;
- }
-
- time_s.tm_year -= 1900;
- time_s.tm_mon -= 1;
- time_s.tm_isdst = 0; // UTC
- time_s.tm_gmtoff = 0; // UTC
- time_s.tm_zone = NULL; // UTC
-
- *res = mktime(&time_s);
-
- return 0;
-}
-
-Certificate::Certificate(X509 *cert)
-{
- Assert(cert);
- m_x509 = X509_dup(cert);
- if (!m_x509) {
- LogWarning("Internal Openssl error in d2i_X509 function.");
- ThrowMsg(Exception::OpensslInternalError,
- "Internal Openssl error in d2i_X509 function.");
- }
-}
-
-Certificate::Certificate(cert_svc_mem_buff &buffer)
-{
- Assert(buffer.data);
- const unsigned char *ptr = buffer.data;
- m_x509 = d2i_X509(NULL, &ptr, buffer.size);
- if (!m_x509) {
- LogWarning("Internal Openssl error in d2i_X509 function.");
- ThrowMsg(Exception::OpensslInternalError,
- "Internal Openssl error in d2i_X509 function.");
- }
-}
-
-Certificate::Certificate(const std::string &der,
- Certificate::FormType form)
-{
- Assert(der.size());
-
- int size;
- const unsigned char *ptr;
- std::string tmp;
-
- if (FORM_BASE64 == form) {
- Base64Decoder base64;
- base64.reset();
- base64.append(der);
- base64.finalize();
- tmp = base64.get();
- ptr = reinterpret_cast<const unsigned char*>(tmp.c_str());
- size = static_cast<int>(tmp.size());
- } else {
- ptr = reinterpret_cast<const unsigned char*>(der.c_str());
- size = static_cast<int>(der.size());
- }
-
- m_x509 = d2i_X509(NULL, &ptr, size);
- if (!m_x509) {
- LogError("Internal Openssl error in d2i_X509 function.");
- ThrowMsg(Exception::OpensslInternalError,
- "Internal Openssl error in d2i_X509 function.");
- }
-}
-
-Certificate::~Certificate()
-{
- X509_free(m_x509);
-}
-
-X509* Certificate::getX509(void) const
-{
- return m_x509;
-}
-
-std::string Certificate::getDER(void) const
-{
- unsigned char *rawDer = NULL;
- int size = i2d_X509(m_x509, &rawDer);
- if (!rawDer || size <= 0) {
- LogError("i2d_X509 failed");
- ThrowMsg(Exception::OpensslInternalError,
- "i2d_X509 failed");
- }
-
- std::string output(reinterpret_cast<char*>(rawDer), size);
- OPENSSL_free(rawDer);
- return output;
-}
-
-std::string Certificate::getBase64(void) const
-{
- Base64Encoder base64;
- base64.reset();
- base64.append(getDER());
- base64.finalize();
- return base64.get();
-}
-
-bool Certificate::isSignedBy(const CertificatePtr &parent) const
-{
- if (!parent) {
- LogDebug("Invalid certificate parameter.");
- return false;
- }
- return 0 == X509_NAME_cmp(X509_get_subject_name(parent->m_x509),
- X509_get_issuer_name(m_x509));
-}
-
-Certificate::Fingerprint Certificate::getFingerprint(
- Certificate::FingerprintType type) const
-{
- size_t fingerprintlength = EVP_MAX_MD_SIZE;
- unsigned char fingerprint[EVP_MAX_MD_SIZE];
- Fingerprint raw;
-
- if (type == FINGERPRINT_MD5) {
- if (!X509_digest(m_x509, EVP_md5(), fingerprint, &fingerprintlength)) {
- LogError("MD5 digest counting failed!");
- ThrowMsg(Exception::OpensslInternalError,
- "MD5 digest counting failed!");
- }
- }
-
- if (type == FINGERPRINT_SHA1) {
- if (!X509_digest(m_x509, EVP_sha1(), fingerprint,
- &fingerprintlength))
- {
- LogError("SHA1 digest counting failed");
- ThrowMsg(Exception::OpensslInternalError,
- "SHA1 digest counting failed!");
- }
- }
-
- raw.resize(fingerprintlength); // improve performance
- std::copy(fingerprint, fingerprint + fingerprintlength, raw.begin());
-
- return raw;
-}
-
-DPL::OptionalString Certificate::getField(FieldType type,
- int fieldNid) const
-{
- X509_NAME *subjectName = NULL;
- switch (type) {
- case FIELD_ISSUER:
- subjectName = X509_get_issuer_name(m_x509);
- break;
- case FIELD_SUBJECT:
- subjectName = X509_get_subject_name(m_x509);
- break;
- default:
- Assert("Invalid type");
- }
-
- if (!subjectName) {
- LogError("Error during subject name extraction.");
- ThrowMsg(Exception::OpensslInternalError,
- "Error during subject name extraction.");
- }
-
- X509_NAME_ENTRY *subjectEntry = NULL;
-
- DPL::Optional < DPL::String > output;
-
- int entryCount = X509_NAME_entry_count(subjectName);
-
- for (int i = 0; i < entryCount; ++i) {
- subjectEntry = X509_NAME_get_entry(subjectName,
- i);
-
- if (!subjectEntry) {
- continue;
- }
-
- int nid = OBJ_obj2nid(
- static_cast<ASN1_OBJECT*>(
- X509_NAME_ENTRY_get_object(subjectEntry)));
-
- if (nid != fieldNid) {
- continue;
- }
-
- ASN1_STRING* pASN1Str = subjectEntry->value;
-
- unsigned char* pData = NULL;
- int nLength = ASN1_STRING_to_UTF8(&pData,
- pASN1Str);
-
- if (nLength < 0) {
- LogError("Reading field error.");
- ThrowMsg(Exception::OpensslInternalError,
- "Reading field error.");
- }
-
- std::string strEntry(reinterpret_cast<char*>(pData),
- nLength);
- output = DPL::FromUTF8String(strEntry);
- OPENSSL_free(pData);
- }
- return output;
-}
-
-DPL::OptionalString Certificate::getCommonName(FieldType type) const
-{
- return getField(type, NID_commonName);
-}
-
-DPL::OptionalString Certificate::getCountryName(FieldType type) const
-{
- return getField(type, NID_countryName);
-}
-
-DPL::OptionalString Certificate::getStateOrProvinceName(FieldType type) const
-{
- return getField(type, NID_stateOrProvinceName);
-}
-
-DPL::OptionalString Certificate::getLocalityName(FieldType type) const
-{
- return getField(type, NID_localityName);
-}
-
-DPL::OptionalString Certificate::getOrganizationName(FieldType type) const
-{
- return getField(type, NID_organizationName);
-}
-
-DPL::OptionalString Certificate::getOrganizationalUnitName(FieldType type) const
-{
- return getField(type, NID_organizationalUnitName);
-}
-
-DPL::OptionalString Certificate::getOCSPURL() const
-{
- // TODO verify this code
- DPL::OptionalString retValue;
- AUTHORITY_INFO_ACCESS *aia = static_cast<AUTHORITY_INFO_ACCESS*>(
- X509_get_ext_d2i(m_x509,
- NID_info_access,
- NULL,
- NULL));
-
- // no AIA extension in the cert
- if (NULL == aia) {
- return retValue;
- }
-
- int count = sk_ACCESS_DESCRIPTION_num(aia);
-
- for (int i = 0; i < count; ++i) {
- ACCESS_DESCRIPTION* ad = sk_ACCESS_DESCRIPTION_value(aia, i);
-
- if (OBJ_obj2nid(ad->method) == NID_ad_OCSP &&
- ad->location->type == GEN_URI)
- {
- void* data = ASN1_STRING_data(ad->location->d.ia5);
- retValue = DPL::OptionalString(DPL::FromUTF8String(
- static_cast<char*>(data)));
-
- break;
- }
- }
- sk_ACCESS_DESCRIPTION_free(aia);
- return retValue;
-}
-
-Certificate::AltNameSet Certificate::getAlternativeNameDNS() const
-{
- AltNameSet set;
-
- GENERAL_NAME *namePart = NULL;
-
- STACK_OF(GENERAL_NAME)* san =
- static_cast<STACK_OF(GENERAL_NAME)*>(
- X509_get_ext_d2i(m_x509,NID_subject_alt_name,NULL,NULL));
-
- while (sk_GENERAL_NAME_num(san) > 0) {
- namePart = sk_GENERAL_NAME_pop(san);
- if (GEN_DNS == namePart->type) {
- std::string temp =
- reinterpret_cast<char*>(ASN1_STRING_data(namePart->d.dNSName));
- DPL::String altDNSName = DPL::FromASCIIString(temp);
- set.insert(altDNSName);
- LogDebug("FOUND GEN_DNS: " << temp);
- } else {
- LogDebug("FOUND GEN TYPE ID: " << namePart->type);
- }
- }
- return set;
-}
-
-time_t Certificate::getNotAfter() const
-{
- ASN1_TIME *time = X509_get_notAfter(m_x509);
- if (!time) {
- LogError("Reading Not After error.");
- ThrowMsg(Exception::OpensslInternalError, "Reading Not After error.");
- }
- time_t output;
- if (asn1TimeToTimeT(time, &output)) {
- LogError("Converting ASN1_time to time_t error.");
- ThrowMsg(Exception::OpensslInternalError,
- "Converting ASN1_time to time_t error.");
- }
- return output;
-}
-
-bool Certificate::isRootCert()
-{
- // based on that root certificate has the same subject as issuer name
- return isSignedBy(this->SharedFromThis());
-}
-
-std::list<std::string>
-Certificate::getCrlUris() const
-{
- std::list<std::string> result;
-
- STACK_OF(DIST_POINT)* distPoints =
- static_cast<STACK_OF(DIST_POINT)*>(
- X509_get_ext_d2i(
- getX509(),
- NID_crl_distribution_points,
- NULL,
- NULL));
- if (!distPoints) {
- LogDebug("No distribution points in certificate.");
- return result;
- }
-
- int count = sk_DIST_POINT_num(distPoints);
- for (int i = 0; i < count; ++i) {
- DIST_POINT* point = sk_DIST_POINT_value(distPoints, i);
- if (!point) {
- LogError("Failed to get distribution point.");
- continue;
- }
- if (point->distpoint != NULL &&
- point->distpoint->name.fullname != NULL)
- {
- int countName =
- sk_GENERAL_NAME_num(point->distpoint->name.fullname);
- for (int j = 0; j < countName; ++j) {
- GENERAL_NAME* name = sk_GENERAL_NAME_value(
- point->distpoint->name.fullname, j);
- if (name != NULL && GEN_URI == name->type) {
- char *crlUri =
- reinterpret_cast<char*>(name->d.ia5->data);
- if (!crlUri) {
- LogError("Failed to get URI.");
- continue;
- }
- result.push_back(crlUri);
- }
- }
- }
- }
- sk_DIST_POINT_pop_free(distPoints, DIST_POINT_free);
- return result;
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTIFICATE_H_
-#define _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTIFICATE_H_
-
-#include <list>
-#include <string>
-#include <set>
-#include <vector>
-#include <ctime>
-
-#include <openssl/x509.h>
-
-#include <dpl/exception.h>
-#include <dpl/noncopyable.h>
-#include <dpl/shared_ptr.h>
-#include <dpl/enable_shared_from_this.h>
-#include <dpl/optional.h>
-#include <dpl/optional_typedefs.h>
-#include <dpl/string.h>
-
-#include <cert-service.h>
-
-namespace ValidationCore {
-
-// from OpenSSL asn1/a_utctm.c code
-int asn1TimeToTimeT(ASN1_TIME *t,
- time_t *res);
-
-
-int asn1GeneralizedTimeToTimeT(ASN1_GENERALIZEDTIME *tm,
- time_t *res);
-
-class Certificate;
-
-typedef DPL::SharedPtr<Certificate> CertificatePtr;
-typedef std::list<CertificatePtr> CertificateList;
-
-class Certificate : public DPL::EnableSharedFromThis<Certificate>
-{
- public:
- typedef std::vector<unsigned char> Fingerprint;
- typedef DPL::String AltName;
- typedef std::set<AltName> AltNameSet;
-
- enum FingerprintType
- {
- FINGERPRINT_MD5,
- FINGERPRINT_SHA1
- };
- enum FieldType
- {
- FIELD_ISSUER,
- FIELD_SUBJECT
- };
-
- enum FormType
- {
- FORM_DER,
- FORM_BASE64
- };
-
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, OpensslInternalError)
- };
-
- explicit Certificate(X509 *cert);
-
- explicit Certificate(cert_svc_mem_buff &buffer);
-
- explicit Certificate(const std::string &der,
- FormType form = FORM_DER);
-
- ~Certificate();
-
- // It returns pointer to internal structure!
- // Do not free this pointer!
- X509 *getX509(void) const;
-
- std::string getDER(void) const;
-
- std::string getBase64(void) const;
-
- // This const is cheating here because you have no
- // guarantee that X509_get_subject_name will not
- // change X509 object.
- bool isSignedBy(const CertificatePtr &parent) const;
-
- Fingerprint getFingerprint(FingerprintType type) const;
-
- DPL::OptionalString getCommonName(FieldType type = FIELD_SUBJECT) const;
- DPL::OptionalString getCountryName(FieldType type = FIELD_SUBJECT) const;
- DPL::OptionalString getStateOrProvinceName(
- FieldType type = FIELD_SUBJECT) const;
- DPL::OptionalString getLocalityName(FieldType type = FIELD_SUBJECT) const;
- DPL::OptionalString getOrganizationName(
- FieldType type = FIELD_SUBJECT) const;
- DPL::OptionalString getOrganizationalUnitName(
- FieldType type = FIELD_SUBJECT) const;
- DPL::OptionalString getOCSPURL() const;
-
- // Openssl supports 9 types of alternative name filed.
- // 4 of them are "string similar" types so it is possible
- // to create more generic function.
- AltNameSet getAlternativeNameDNS() const;
-
- time_t getNotAfter() const;
-
- /**
- * @brief This is convenient function.
- *
- * @details It can't be const function (however it doesn't change internal
- * object). For details see #isSignedBy() function description.
- */
- bool isRootCert();
-
- /**
- * @brief Gets list of CRL distribution's points URIs
- */
- std::list<std::string> getCrlUris() const;
-
- protected:
- DPL::OptionalString getField(FieldType type,
- int fieldNid) const;
-
- X509 *m_x509;
-};
-} // namespace ValidationCore
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file CertificateCacheDAO.cpp
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief CertificateCacheDAO implementation
- */
-
-#include "CertificateCacheDAO.h"
-#include "VCorePrivate.h"
-
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-#include <dpl/db/orm.h>
-#include <orm_generator_vcore.h>
-#include <vcore/Database.h>
-
-using namespace DPL::DB::ORM;
-using namespace DPL::DB::ORM::vcore;
-
-namespace ValidationCore {
-
-void CertificateCacheDAO::setOCSPStatus(const std::string& cert_chain,
- VerificationStatus ocsp_status,
- bool end_entity_check,
- time_t next_update_time)
-{
- Try {
- ScopedTransaction transaction(&ThreadInterface());
- OCSPCachedStatus status;
- status.cert_chain = cert_chain;
- status.end_entity_check = end_entity_check;
- if (getOCSPStatus(&status)) {
- // only need to update data in DB
- Equals<OCSPResponseStorage::cert_chain> e1(
- DPL::FromUTF8String(cert_chain));
- Equals<OCSPResponseStorage::end_entity_check> e2(
- end_entity_check ? 1 : 0);
-
- OCSPResponseStorage::Row row;
-
- row.Set_ocsp_status(ocsp_status);
- row.Set_next_update_time(next_update_time);
-
- VCORE_DB_UPDATE(update, OCSPResponseStorage, &ThreadInterface())
- update->Where(And(e1,e2));
- update->Values(row);
- update->Execute();
- } else {
- // need to insert data
- OCSPResponseStorage::Row row;
-
- row.Set_cert_chain(DPL::FromUTF8String(cert_chain));
- row.Set_ocsp_status(ocsp_status);
- row.Set_next_update_time(next_update_time);
- row.Set_end_entity_check(end_entity_check ? 1 : 0);
-
- VCORE_DB_INSERT(insert, OCSPResponseStorage, &ThreadInterface())
- insert->Values(row);
- insert->Execute();
- }
- transaction.Commit();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to setOCSPStatus");
- }
-}
-
-bool CertificateCacheDAO::getOCSPStatus(OCSPCachedStatus* cached_status)
-{
- if (NULL == cached_status) {
- LogError("NULL pointer");
- return false;
- }
- Try {
- Equals<OCSPResponseStorage::cert_chain> e1(
- DPL::FromUTF8String(cached_status->cert_chain));
- Equals<OCSPResponseStorage::end_entity_check> e2(
- cached_status->end_entity_check ? 1 : 0);
-
- VCORE_DB_SELECT(select, OCSPResponseStorage, &ThreadInterface())
-
- select->Where(And(e1,e2));
- std::list<OCSPResponseStorage::Row> rows = select->GetRowList();
- if (1 == rows.size()) {
- OCSPResponseStorage::Row row = rows.front();
- cached_status->ocsp_status = intToVerificationStatus(
- *(row.Get_ocsp_status()));
- cached_status->next_update_time = *(row.Get_next_update_time());
- return true;
- }
-
- LogDebug("Cached OCSP status not found");
- return false;
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getOCSPStatus");
- }
-}
-
-void CertificateCacheDAO::getOCSPStatusList(
- OCSPCachedStatusList* cached_status_list)
-{
- if (NULL == cached_status_list) {
- LogError("NULL pointer");
- return;
- }
- Try {
- VCORE_DB_SELECT(select, OCSPResponseStorage, &ThreadInterface())
- typedef std::list<OCSPResponseStorage::Row> RowList;
- RowList list = select->GetRowList();
-
- FOREACH(i, list) {
- OCSPCachedStatus status;
- status.cert_chain = DPL::ToUTF8String(i->Get_cert_chain());
- status.ocsp_status = intToVerificationStatus(
- *(i->Get_ocsp_status()));
- status.end_entity_check =
- *(i->Get_end_entity_check()) == 1 ? true : false;
- status.next_update_time = *(i->Get_next_update_time());
- cached_status_list->push_back(status);
- }
-
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getOCSPStatusList");
- }
-}
-
-
-void CertificateCacheDAO::setCRLResponse(const std::string& distribution_point,
- const std::string& crl_body,
- time_t next_update_time)
-{
- Try {
- ScopedTransaction transaction(&ThreadInterface());
- CRLCachedData data;
- data.distribution_point = distribution_point;
- if (getCRLResponse(&data)) {
- // only need to update data in DB
- VCORE_DB_UPDATE(update, CRLResponseStorage, &ThreadInterface())
- Equals<CRLResponseStorage::distribution_point> e1(
- DPL::FromUTF8String(distribution_point));
- CRLResponseStorage::Row row;
-
- update->Where(e1);
- row.Set_crl_body(DPL::FromUTF8String(crl_body));
- row.Set_next_update_time(next_update_time);
- update->Values(row);
- update->Execute();
- } else {
- // need to insert data
- VCORE_DB_INSERT(insert, CRLResponseStorage, &ThreadInterface())
- CRLResponseStorage::Row row;
-
- row.Set_distribution_point(DPL::FromUTF8String(distribution_point));
- row.Set_crl_body(DPL::FromUTF8String(crl_body));
- row.Set_next_update_time(next_update_time);
- insert->Values(row);
- insert->Execute();
- }
- transaction.Commit();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to setOCSPStatus");
- }
-}
-
-bool CertificateCacheDAO::getCRLResponse(CRLCachedData* cached_data)
-{
- if (NULL == cached_data) {
- LogError("NULL pointer");
- return false;
- }
- Try {
- VCORE_DB_SELECT(select, CRLResponseStorage, &ThreadInterface())
- Equals<CRLResponseStorage::distribution_point> e1(
- DPL::FromUTF8String(cached_data->distribution_point));
-
- select->Where(e1);
- std::list<CRLResponseStorage::Row> rows = select->GetRowList();
- if (1 == rows.size()) {
- CRLResponseStorage::Row row = rows.front();
- cached_data->crl_body = DPL::ToUTF8String(row.Get_crl_body());
- cached_data->next_update_time = *(row.Get_next_update_time());
- return true;
- }
-
- LogDebug("Cached CRL not found");
- return false;
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getCRLResponse");
- }
-}
-
-void CertificateCacheDAO::getCRLResponseList(
- CRLCachedDataList* cached_data_list)
-{
- if (NULL == cached_data_list) {
- LogError("NULL pointer");
- return;
- }
- Try {
- VCORE_DB_SELECT(select, CRLResponseStorage, &ThreadInterface())
- typedef std::list<CRLResponseStorage::Row> RowList;
- RowList list = select->GetRowList();
-
- FOREACH(i, list) {
- CRLCachedData response;
- response.distribution_point = DPL::ToUTF8String(
- i->Get_distribution_point());
- response.crl_body = DPL::ToUTF8String(i->Get_crl_body());
- response.next_update_time = *(i->Get_next_update_time());
- cached_data_list->push_back(response);
- }
-
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to getCRLResponses");
- }
-}
-
-void CertificateCacheDAO::clearCertificateCache()
-{
- Try {
- ScopedTransaction transaction(&ThreadInterface());
- VCORE_DB_DELETE(del1, OCSPResponseStorage, &ThreadInterface())
- del1->Execute();
- VCORE_DB_DELETE(del2, CRLResponseStorage, &ThreadInterface())
- del2->Execute();
- transaction.Commit();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(Exception::DatabaseError, "Failed to clearUserSettings");
- }
-}
-
-VerificationStatus CertificateCacheDAO::intToVerificationStatus(int p)
-{
- switch (p) {
- case 1:
- return VERIFICATION_STATUS_GOOD;
- case 1 << 1:
- return VERIFICATION_STATUS_REVOKED;
- case 1 << 2:
- return VERIFICATION_STATUS_UNKNOWN;
- case 1 << 3:
- return VERIFICATION_STATUS_VERIFICATION_ERROR;
- case 1 << 4:
- return VERIFICATION_STATUS_NOT_SUPPORT;
- case 1 << 5:
- return VERIFICATION_STATUS_CONNECTION_FAILED;
- case 1 << 6:
- return VERIFICATION_STATUS_ERROR;
- default:
- return VERIFICATION_STATUS_ERROR;
- }
-}
-
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file CertificateCacheDAO.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief Header file for class managing CRL and OCSP cached responses
- */
-
-#ifndef _WRT_SRC_CONFIGURATION_CERTIFICATE_CACHE_DAO_H_
-#define _WRT_SRC_CONFIGURATION_CERTIFICATE_CACHE_DAO_H_
-
-#include <string>
-#include <list>
-
-#include <dpl/exception.h>
-
-#include "VerificationStatus.h"
-
-namespace ValidationCore {
-
-struct OCSPCachedStatus
-{
- std::string cert_chain;
- VerificationStatus ocsp_status;
- bool end_entity_check;
- time_t next_update_time;
-};
-
-typedef std::list<OCSPCachedStatus> OCSPCachedStatusList;
-
-struct CRLCachedData
-{
- std::string distribution_point;
- std::string crl_body;
- time_t next_update_time;
-};
-
-typedef std::list<CRLCachedData> CRLCachedDataList;
-
-class CertificateCacheDAO {
- public:
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, DatabaseError)
- };
-
- // OCSP statuses
-
- static void setOCSPStatus(const std::string& cert_chain,
- VerificationStatus ocsp_status,
- bool end_entity_check,
- time_t next_update_time);
-
- /*
- * fill cert_chain and end_entity_check in cached_status
- * returns true iff cached status found without errors
- */
- static bool getOCSPStatus(OCSPCachedStatus* cached_status);
- static void getOCSPStatusList(OCSPCachedStatusList* cached_status_list);
-
- // CRL responses
-
- static void setCRLResponse(const std::string& distribution_point,
- const std::string& crl_body,
- time_t next_update_time);
-
- /*
- * fill distribution_point
- * returns true iff cached list for dist. point found without errors
- */
- static bool getCRLResponse(CRLCachedData* cached_data);
- static void getCRLResponseList(CRLCachedDataList* cached_data_list);
-
-
- // clears CRL and OCSP cached data
- static void clearCertificateCache();
-
- private:
-
- static VerificationStatus intToVerificationStatus(int p);
-
- CertificateCacheDAO()
- {
- }
-};
-
-} // namespace ValidationCore
-
-#endif /* _WRT_SRC_CONFIGURATION_CERTIFICATE_CACHE_DAO_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <vcore/CertificateCollection.h>
-
-#include <algorithm>
-
-#include <dpl/binary_queue.h>
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-
-#include <vcore/Base64.h>
-
-namespace {
-using namespace ValidationCore;
-
-inline std::string toBinaryString(int data)
-{
- char buffer[sizeof(int)];
- memcpy(buffer, &data, sizeof(int));
- return std::string(buffer, buffer + sizeof(int));
-}
-
-// helper functor for finding certificate basing on subject field
-class SubjectElementFinder
-{
- public:
- SubjectElementFinder(CertificatePtr &cert) : m_searchFor(cert)
- {
- }
- bool operator()(const CertificatePtr &cert) const
- {
- return cert->isSignedBy(m_searchFor);
- }
- void setCert(CertificatePtr &cert)
- {
- m_searchFor = cert;
- }
-
- private:
- CertificatePtr m_searchFor;
-};
-
-// helper functor for finding certificate basing on issuer field
-class IssuerElementFinder
-{
- public:
- IssuerElementFinder(CertificatePtr &cert) : m_searchFor(cert)
- {
- }
- bool operator()(const CertificatePtr &cert) const
- {
- return m_searchFor->isSignedBy(cert);
- }
- void setCert(CertificatePtr &cert)
- {
- m_searchFor = cert;
- }
-
- private:
- CertificatePtr m_searchFor;
-};
-
-//! Helper function
-// pops an element from list, finder is responsible for match certificates
-template <typename T>
-static CertificatePtr popAnElementFromList(CertificateList& lCertificates,
- const T& finder)
-{
- CertificatePtr pOutCertificate;
- CertificateList::iterator it =
- std::find_if(lCertificates.begin(), lCertificates.end(), finder);
-
- if (it != lCertificates.end()) {
- pOutCertificate = *it;
- lCertificates.erase(it);
- }
-
- return pOutCertificate;
-}
-} // namespace
-
-namespace ValidationCore {
-CertificateCollection::CertificateCollection() :
- m_collectionStatus(COLLECTION_UNSORTED)
-{
-}
-
-void CertificateCollection::clear(void)
-{
- m_collectionStatus = COLLECTION_UNSORTED;
- m_certList.clear();
-}
-
-void CertificateCollection::load(const CertificateList &certList)
-{
- m_collectionStatus = COLLECTION_UNSORTED;
- std::copy(certList.begin(),
- certList.end(),
- std::back_inserter(m_certList));
-}
-
-bool CertificateCollection::load(const std::string &buffer)
-{
- Base64Decoder base64;
- base64.reset();
- base64.append(buffer);
- if (!base64.finalize()) {
- LogWarning("Error during chain decoding");
- return false;
- }
- std::string binaryData = base64.get();
-
- DPL::BinaryQueue queue;
- queue.AppendCopy(binaryData.c_str(), binaryData.size());
-
- int certNum;
- queue.FlattenConsume(&certNum, sizeof(int));
-
- CertificateList list;
-
- for (int i = 0; i < certNum; ++i) {
- int certSize;
- queue.FlattenConsume(&certSize, sizeof(int));
- std::vector<char> rawDERCert;
- rawDERCert.resize(certSize);
- queue.FlattenConsume(&rawDERCert[0], certSize);
- Try {
- list.push_back(CertificatePtr(
- new Certificate(std::string(rawDERCert.begin(),
- rawDERCert.end()))));
- } Catch(Certificate::Exception::Base) {
- LogWarning("Error during certificate creation.");
- return false;
- }
- LogDebug("Read certificate from database. Certificate common name: " <<
- list.back()->getCommonName());
- }
- load(list);
- return true;
-}
-
-std::string CertificateCollection::toBase64String() const
-{
- std::ostringstream output;
- int certNum = m_certList.size();
- output << toBinaryString(certNum);
- FOREACH(i, m_certList){
- std::string derCert = (*i)->getDER();
- output << toBinaryString(derCert.size());
- output << derCert;
- }
- Base64Encoder base64;
- base64.reset();
- base64.append(output.str());
- base64.finalize();
- return base64.get();
-}
-
-CertificateList CertificateCollection::getCertificateList() const
-{
- return m_certList;
-}
-
-bool CertificateCollection::isChain() const
-{
- if (COLLECTION_SORTED != m_collectionStatus) {
- LogError("You must sort certificates first");
- ThrowMsg(Exception::WrongUsage,
- "You must sort certificates first");
- }
- return (COLLECTION_SORTED == m_collectionStatus) ? true : false;
-}
-
-bool CertificateCollection::sort()
-{
- if (COLLECTION_UNSORTED == m_collectionStatus) {
- sortCollection();
- }
- return (COLLECTION_SORTED == m_collectionStatus) ? true : false;
-}
-
-CertificateList CertificateCollection::getChain() const
-{
- if (COLLECTION_SORTED != m_collectionStatus) {
- LogError("You must sort certificates first");
- ThrowMsg(Exception::WrongUsage,
- "You must sort certificates first");
- }
- return m_certList;
-}
-
-void CertificateCollection::sortCollection()
-{
- CertificateList lCertificates = m_certList;
- // sorting is not necessary
- if (lCertificates.empty()) {
- m_collectionStatus = COLLECTION_SORTED;
- return;
- }
-
- // backup input list
- CertificateList lBackup = lCertificates;
-
- // create a new output list
- CertificateList lSortedCertificates;
-
- CertificatePtr pCertificate = lCertificates.front();
-
- lCertificates.pop_front();
- lSortedCertificates.push_back(pCertificate);
-
- // indicates whether any matching certificate was found
- bool bFound = false;
-
- CertificatePtr pSubjectCert = pCertificate;
-
- // lCertificates is very short (3 elements) so
- // O(n^2) algorithm is good enough.
- if (!lCertificates.empty()) {
- // First, find all predecessors for, next all successors
- // for pCertificate
- SubjectElementFinder subjectFinder(pCertificate);
- while ((pSubjectCert = popAnElementFromList(lCertificates,
- subjectFinder)) != NULL) {
- lSortedCertificates.push_front(pSubjectCert);
- subjectFinder.setCert(pSubjectCert);
- bFound = true;
- }
-
- CertificatePtr pIssuerCert = pCertificate;
-
- IssuerElementFinder issuerFinder(pCertificate);
- while ((pIssuerCert = popAnElementFromList(lCertificates,
- issuerFinder)) != NULL) {
- lSortedCertificates.push_back(pIssuerCert);
- issuerFinder.setCert(pIssuerCert);
- bFound = true;
- }
-
- if (!bFound || !lCertificates.empty()) {
- // well, those certificates don't form a valid chain
- LogWarning("Certificates don't form a valid chain");
- lCertificates = lBackup;
- m_collectionStatus = COLLECTION_CHAIN_BROKEN;
- return;
- }
- }
-
- m_certList = lSortedCertificates;
- m_collectionStatus = COLLECTION_SORTED;
-}
-} // namespace ValidationCore
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _WRT_ENGINE_SRC_VALIDATION_CORE_CERTIFICATECOLLECTION_H_
-#define _WRT_ENGINE_SRC_VALIDATION_CORE_CERTIFICATECOLLECTION_H_
-
-#include <list>
-#include <string>
-
-#include <dpl/exception.h>
-
-#include <vcore/Certificate.h>
-
-namespace ValidationCore {
-/*
- * This class is used to store Certificate Chain.
- * It could serialize chain to std::string in base64 form.
- * It could read chain written in base64 form.
- * It could check if collection creates certificate chain.
- */
-
-class CertificateCollection
-{
- public:
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, WrongUsage)
- };
-
- CertificateCollection();
-
- typedef CertificateList::const_iterator const_iterator;
-
- /*
- * Remove all certificates from collection.
- */
- void clear();
-
- /*
- * In current implemenation this function MUST success.
- *
- * This function will add new certificate to collection.
- * This function DOES NOT clean collection.
- */
- void load(const CertificateList &certList);
-
- /*
- * This function will return false if base64 string is broken
- * (is not encoded in base64 format) or one from certificate
- * is broken (is not encoded in der format).
- *
- * This function will add new certificate to collection.
- * This function DOES NOT clean collection.
- */
- bool load(const std::string &base64);
-
- /*
- * This function will return all certificates from
- * collection encoded in base64 format.
- */
- std::string toBase64String() const;
-
- /*
- * This will return all certificate from collection.
- */
- CertificateList getCertificateList() const;
-
- /*
- * This function will return true if certificates
- * in in this structure were sorted and create
- * certificate chain.
-
- * Note: You MUST sort certificates first.
- */
- bool isChain() const;
-
- /*
- * This function will return true if all certificate are
- * able to create certificate chain.
- *
- * This function will sort certificates if collection
- * is not sorted.
- *
- * Note: This function will make all iterators invalid.
- */
- bool sort();
-
- /*
- * This function will return Certificate chain.
- *
- * Note: You MUST sort certificates first and
- * check if certificates creates proper chain.
- */
- CertificateList getChain() const;
-
- /*
- * It returns size of certificate collection.
- */
- inline size_t size() const
- {
- return m_certList.size();
- }
-
- /*
- * Return true if collection is empty.
- */
- inline bool empty() const
- {
- return m_certList.empty();
- }
-
- /*
- * This will return end iterator to internal collection.
- *
- * Note: this iterator will lose validity if you call non const
- * method on CertificateCollection class.
- */
- inline const_iterator begin() const
- {
- return m_certList.begin();
- }
-
- /*
- * This will return end iterator to internal collection.
- *
- * Note: this iterator will lose validity if you call non const
- * method on CertificateCollection class.
- */
- inline const_iterator end() const
- {
- return m_certList.end();
- }
-
- /*
- * This function will return the last certificate from collection.
- *
- * Note: There is no point to call this function if certificate
- * collection is not sorted!
- */
- inline CertificatePtr back() const
- {
- return m_certList.back();
- }
-
- protected:
- void sortCollection(void);
-
- enum CollectionStatus
- {
- // Certificate collection are not sorted in any way
- COLLECTION_UNSORTED,
- // Certificate collection creates certificate chain
- COLLECTION_SORTED,
- // Cerfificate collection is not able to create certificate chain
- COLLECTION_CHAIN_BROKEN,
- };
-
- CollectionStatus m_collectionStatus;
- CertificateList m_certList;
-};
-
-typedef std::list<CertificateCollection> CertificateCollectionList;
-} // namespace ValidationCore
-
-#endif // _WRT_ENGINE_SRC_VALIDATION_CORE_CERTIFICATECHAIN_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#include "CertificateConfigReader.h"
-
-#include <cstdlib>
-
-#include <dpl/assert.h>
-
-namespace {
-const std::string XML_EMPTY_NAMESPACE = "";
-
-const std::string TOKEN_CERTIFICATE_SET = "CertificateSet";
-const std::string TOKEN_CERTIFICATE_DOMAIN = "CertificateDomain";
-const std::string TOKEN_FINGERPRINT_SHA1 = "FingerprintSHA1";
-
-const std::string TOKEN_ATTR_NAME = "name";
-const std::string TOKEN_VALUE_WAC_ROOT = "wacroot";
-const std::string TOKEN_VALUE_WAC_PUBLISHER = "wacpublisher";
-const std::string TOKEN_VALUE_WAC_MEMBER = "wacmember";
-const std::string TOKEN_VALUE_DEVELOPER = "developer";
-
-int hexCharToInt(char c)
-{
- if (c >= 'a' && c <= 'f') {
- return 10 + static_cast<int>(c) - 'a';
- }
- if (c >= 'A' && c <= 'F') {
- return 10 + static_cast<int>(c) - 'A';
- }
- if (c >= '0' && c <= '9') {
- return static_cast<int>(c) - '0';
- }
- return c;
-}
-} // anonymous namespace
-
-namespace ValidationCore {
-CertificateConfigReader::CertificateConfigReader() :
- m_certificateDomain(0),
- m_parserSchema(this)
-{
- m_parserSchema.addBeginTagCallback(
- TOKEN_CERTIFICATE_SET,
- XML_EMPTY_NAMESPACE,
- &CertificateConfigReader::blankFunction);
-
- m_parserSchema.addBeginTagCallback(
- TOKEN_CERTIFICATE_DOMAIN,
- XML_EMPTY_NAMESPACE,
- &CertificateConfigReader::tokenCertificateDomain);
-
- m_parserSchema.addBeginTagCallback(
- TOKEN_FINGERPRINT_SHA1,
- XML_EMPTY_NAMESPACE,
- &CertificateConfigReader::blankFunction);
-
- m_parserSchema.addEndTagCallback(
- TOKEN_CERTIFICATE_SET,
- XML_EMPTY_NAMESPACE,
- &CertificateConfigReader::blankFunction);
-
- m_parserSchema.addEndTagCallback(
- TOKEN_CERTIFICATE_DOMAIN,
- XML_EMPTY_NAMESPACE,
- &CertificateConfigReader::blankFunction);
-
- m_parserSchema.addEndTagCallback(
- TOKEN_FINGERPRINT_SHA1,
- XML_EMPTY_NAMESPACE,
- &CertificateConfigReader::tokenEndFingerprintSHA1);
-}
-
-void CertificateConfigReader::tokenCertificateDomain(CertificateIdentifier &)
-{
- std::string name = m_parserSchema.getReader().
- attribute(TOKEN_ATTR_NAME, SaxReader::THROW_DISABLE);
-
- if (name.empty()) {
- LogWarning("Invalid fingerprint file. Domain name is mandatory");
- ThrowMsg(Exception::InvalidFile,
- "Invalid fingerprint file. Domain name is mandatory");
- } else if (name == TOKEN_VALUE_DEVELOPER) {
- m_certificateDomain = CertStoreId::DEVELOPER;
- } else if (name == TOKEN_VALUE_WAC_ROOT) {
- m_certificateDomain = CertStoreId::WAC_ROOT;
- } else if (name == TOKEN_VALUE_WAC_PUBLISHER) {
- m_certificateDomain = CertStoreId::WAC_PUBLISHER;
- } else if (name == TOKEN_VALUE_WAC_MEMBER) {
- m_certificateDomain = CertStoreId::WAC_MEMBER;
- }
-}
-
-void CertificateConfigReader::tokenEndFingerprintSHA1(
- CertificateIdentifier &identificator)
-{
- std::string text = m_parserSchema.getText();
- text += ":"; // add guard at the end of fingerprint
- Certificate::Fingerprint fingerprint;
- int s = 0;
- int byteDescLen = 0;
- for (size_t i = 0; i < text.size(); ++i) {
- if (isxdigit(text[i])) {
- s <<= 4;
- s += hexCharToInt(text[i]);
- byteDescLen++;
- if (byteDescLen > 2) {
- Assert(0 && "Unsupported fingerprint format in xml file.");
- }
- } else if (text[i] == ':') {
- fingerprint.push_back(static_cast<unsigned char>(s));
- s = 0;
- byteDescLen = 0;
- } else {
- Assert(0 && "Unussported fingerprint format in xml file.");
- }
- }
- identificator.add(fingerprint, m_certificateDomain);
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef \
- _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTIFICATE_CONFIG_READER_H_
-#define \
- _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTIFICATE_CONFIG_READER_H_
-
-#include <string>
-#include <dpl/exception.h>
-
-#include "CertificateIdentifier.h"
-#include "CertStoreType.h"
-#include "ParserSchema.h"
-
-namespace ValidationCore {
-class CertificateConfigReader
-{
- public:
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, InvalidFile)
- };
- CertificateConfigReader();
-
- void initialize(const std::string &file,
- const std::string &scheme)
- {
- m_parserSchema.initialize(file, true, SaxReader::VALIDATION_XMLSCHEME,
- scheme);
- }
-
- void read(CertificateIdentifier &identificator)
- {
- m_parserSchema.read(identificator);
- }
-
- private:
- void blankFunction(CertificateIdentifier &)
- {
- }
- void tokenCertificateDomain(CertificateIdentifier &identificator);
- void tokenEndFingerprintSHA1(CertificateIdentifier &identificator);
-
- CertStoreId::Type m_certificateDomain;
- ParserSchema<CertificateConfigReader, CertificateIdentifier>
- m_parserSchema;
-};
-} // namespace ValidationCore
-
-#endif // _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTIFICATE_CONFIG_READER_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef \
- _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTIFICATEIDENTIFICATOR_H_
-#define \
- _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTIFICATEIDENTIFICATOR_H_
-
-#include <map>
-
-#include <dpl/noncopyable.h>
-
-#include "Certificate.h"
-#include "CertStoreType.h"
-
-namespace ValidationCore {
-class CertificateIdentifier : public DPL::Noncopyable
-{
- public:
- typedef std::map<Certificate::Fingerprint, CertStoreId::Set> FingerPrintMap;
-
- CertificateIdentifier()
- {
- }
- ~CertificateIdentifier()
- {
- }
-
- void add(const Certificate::Fingerprint &fingerprint,
- CertStoreId::Type domain)
- {
- fingerPrintMap[fingerprint].add(domain);
- }
-
- CertStoreId::Set find(const Certificate::Fingerprint &fingerprint) const
- {
- FingerPrintMap::const_iterator iter = fingerPrintMap.find(fingerprint);
- if (iter == fingerPrintMap.end()) {
- return CertStoreId::Set();
- }
- return iter->second;
- }
-
- CertStoreId::Set find(const CertificatePtr &certificate) const
- {
- return
- find(certificate->getFingerprint(Certificate::FINGERPRINT_SHA1));
- }
-
- private:
- FingerPrintMap fingerPrintMap;
-};
-} // namespace ValidationCore
-
-#endif // _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_CERTIFICATEIDENTIFICATOR_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <dpl/assert.h>
-#include <openssl/x509v3.h>
-#include <dpl/log/log.h>
-#include <dpl/noncopyable.h>
-#include <openssl/ecdsa.h>
-#include <openssl/evp.h>
-
-#include "Base64.h"
-#include "CertificateLoader.h"
-#include "SSLContainers.h"
-
-namespace {
-const int MIN_RSA_KEY_LENGTH = 1024;
-//const char *OID_CURVE_SECP256R1 = "urn:oid:1.2.840.10045.3.1.7";
-} // namespace anonymous
-
-namespace ValidationCore {
-//// COMPARATOR CLASS START ////
-
-//class CertificateLoaderECDSA : public CertificateLoader::CertificateLoaderComparator, DPL::Noncopyable {
-//public:
-// CertificateLoaderECDSA(const std::string &publicKey)
-// : m_ecPublicKey(NULL)
-// , m_searchKey(NULL)
-// {
-// m_bnCtx = BN_CTX_new(); // if fails we can continue anyway
-// m_tmpPoint = BN_new(); // if fails we can continue anyway
-// m_initialized = CertificateLoader::convertBase64NodeToBigNum(publicKey, &m_searchKey);
-//
-// if(!m_initialized)
-// LogError("Init failed!");
-// }
-//
-// virtual bool compare(X509 *x509cert){
-// if(!m_initialized)
-// return false;
-//
-// EVP_PKEY_free(m_ecPublicKey);
-//
-// m_ecPublicKey = X509_get_pubkey(x509cert);
-//
-// if(m_ecPublicKey == NULL)
-// return false;
-//
-// if(m_ecPublicKey->type != EVP_PKEY_EC){
-// LogError("ecPublicKey has wrong type!");
-// return false;
-// }
-//
-// // Pointer to internal data of ecPublicKey. Do not free!
-// EC_KEY *eckey = m_ecPublicKey->pkey.ec;
-//
-// const EC_POINT *ecpoint = EC_KEY_get0_public_key(eckey);
-// const EC_GROUP *ecgroup = EC_KEY_get0_group(eckey);
-//
-// m_tmpPoint = EC_POINT_point2bn(ecgroup, ecpoint, POINT_CONVERSION_UNCOMPRESSED, m_tmpPoint, m_bnCtx);
-//
-// if(BN_cmp(m_tmpPoint, m_searchKey) == 0)
-// return true;
-//
-// return false;
-// }
-//
-// ~CertificateLoaderECDSA(){
-// BN_CTX_free(m_bnCtx);
-// EVP_PKEY_free(m_ecPublicKey);
-// BN_free(m_searchKey);
-// BN_free(m_tmpPoint);
-// }
-//
-//private:
-// bool m_initialized;
-// EVP_PKEY *m_ecPublicKey;
-// BN_CTX *m_bnCtx;
-// BIGNUM *m_searchKey;
-// BIGNUM *m_tmpPoint;
-//};
-
-///// COMPARETORS CLASS END /////
-
-//// COMPARATOR RSA CLASS START ////
-
-//class CertificateLoaderRSA : public CertificateLoader::CertificateLoaderComparator, DPL::Noncopyable {
-//public:
-// CertificateLoaderRSA(const std::string &m_modulus,const std::string &m_exponent )
-// : m_rsaPublicKey(NULL)
-// , m_modulus_bn(NULL)
-// , m_exponent_bn(NULL)
-// {
-//
-// m_initialized_modulus = CertificateLoader::convertBase64NodeToBigNum(m_modulus, &m_modulus_bn);
-// m_initialized_exponent = CertificateLoader::convertBase64NodeToBigNum(m_exponent, &m_exponent_bn);
-//
-// if(!m_initialized_modulus || !m_initialized_exponent)
-// LogError("Init failed!");
-// }
-//
-// virtual bool compare(X509 *x509cert){
-//
-// if(!m_initialized_modulus || !m_initialized_exponent)
-// return false;
-//
-// EVP_PKEY_free(m_rsaPublicKey);
-// m_rsaPublicKey = X509_get_pubkey(x509cert);
-//
-// if(m_rsaPublicKey == NULL)
-// return false;
-//
-// if(m_rsaPublicKey->type != EVP_PKEY_RSA){
-// LogInfo("rsaPublicKey has wrong type!");
-// return false;
-// }
-//
-// RSA *rsa = NULL;
-// rsa = m_rsaPublicKey->pkey.rsa;
-//
-// if (BN_cmp(m_modulus_bn, rsa->n) == 0 &&
-// BN_cmp(m_exponent_bn, rsa->e) == 0 ){
-// LogError ("Compare TRUE");
-// return true;
-// }
-// return false;
-// }
-//
-// ~CertificateLoaderRSA(){
-// EVP_PKEY_free(m_rsaPublicKey);
-// BN_free(m_modulus_bn);
-// BN_free(m_exponent_bn);
-//
-// }
-//
-//private:
-// bool m_initialized_modulus;
-// bool m_initialized_exponent;
-// EVP_PKEY *m_rsaPublicKey;
-// BIGNUM *m_modulus_bn;
-// BIGNUM *m_exponent_bn;
-//};
-
-///// COMPARETORS RSA CLASS END /////
-
-CertificateLoader::CertificateLoaderResult CertificateLoader::
- loadCertificateBasedOnExponentAndModulus(const std::string &m_modulus,
- const std::string &m_exponent)
-{
- (void) m_modulus;
- (void) m_exponent;
- LogError("Not implemented.");
- return UNKNOWN_ERROR;
- // if (m_exponent.empty() || m_modulus.empty())
- // return WRONG_ARGUMENTS;
- //
- // CertificateLoaderRSA comparator(m_modulus,m_exponent);
- //
- // CertificateLoaderResult result = NO_ERROR;
- // for(int i=0; storeId[i]; ++i){
- // result = loadCertificate(std::string(storeId[i]), &comparator);
- //
- // if(result == ERR_NO_MORE_CERTIFICATES)
- // continue;
- //
- // return result;
- // }
- //
- // return result;
-}
-
-CertificateLoader::CertificateLoaderResult CertificateLoader::loadCertificate(
- const std::string &storageName,
- CertificateLoader::CertificateLoaderComparator *cmp)
-{
- (void) storageName;
- (void) cmp;
- LogError("Not Implemented");
- return UNKNOWN_ERROR;
- // long int result = OPERATION_SUCCESS;
- //
- // char storeId[CERTMGR_MAX_PLUGIN_ID_SIZE];
- // char type[CERTMGR_MAX_CERT_TYPE_SIZE];
- // certmgr_cert_id certId;
- // certmgr_ctx context;
- // certmgr_mem_buff certRetrieved;
- // unsigned char buffer[CERTMGR_MAX_BUFFER_SIZE];
- //
- // certmgr_cert_descriptor descriptor;
- //
- // certRetrieved.data = buffer;
- // certRetrieved.firstFree = 0;
- // certRetrieved.size = CERTMGR_MAX_BUFFER_SIZE;
- // certId.storeId = storeId;
- // certId.type = type;
- //
- // CERTMGR_INIT_CONTEXT((&context), (sizeof(context)))
- //
- // strncpy(context.storeId, storageName.c_str(), storageName.size());
- //
- // for(certRetrieved.firstFree = 0;
- // OPERATION_SUCCESS == (result = certmgr_retrieve_certificate_from_store(&context, &certRetrieved, &certId));
- // certRetrieved.firstFree = 0)
- // {
- //
- // if(OPERATION_SUCCESS!=certmgr_extract_certificate_data(&certRetrieved, &descriptor)){
- // LogError("Extracting Certificate Data failed \n");
- // continue;
- // }
- //
- // const unsigned char *ptr = certRetrieved.data;
- //
- // X509 *x509cert = d2i_X509(NULL, &ptr, certRetrieved.size);
- // if(x509cert == NULL){
- // certmgr_release_certificate_data(&descriptor);
- // LogError("Error extracting certificate (d2i_X509).");
- // return UNKNOWN_ERROR;
- // }
- //
- // LogDebug("The subject of this certificate is " << descriptor.mandatory.subject);
- // if(cmp->compare(x509cert)){
- // LogDebug("Found match. Coping bytes: " << certRetrieved.size);
- // m_certificatePtr = CertificatePtr(new Certificate(certRetrieved));
- // certmgr_release_certificate_data(&descriptor);
- // X509_free(x509cert);
- // break;
- // }
- //
- // LogDebug("Release");
- // X509_free(x509cert);
- // certmgr_release_certificate_data(&descriptor);
- // }
- //
- // if(ERR_NO_MORE_CERTIFICATES == result){
- // LogError("Certificates for given DN not found\n");
- // return CERTIFICATE_NOT_FOUND;
- // }
- //
- // if(result!= OPERATION_SUCCESS){
- // LogError("Certificate Manager Error\n");
- // return UNKNOWN_ERROR;
- // }
- //
- // LogDebug("Exit");
- // return NO_ERROR;
-}
-
-// TODO
-CertificateLoader::CertificateLoaderResult CertificateLoader::
- loadCertificateBasedOnSubjectName(const std::string &subjectName)
-{
- (void) subjectName;
- LogError("Not implemented.");
- return UNKNOWN_ERROR;
- // if(subjectName.empty())
- // {
- // return WRONG_ARGUMENTS;
- // }
- //
- // long int result = OPERATION_SUCCESS;
- //
- // char storeId[CERTMGR_MAX_PLUGIN_ID_SIZE];
- // char type[CERTMGR_MAX_CERT_TYPE_SIZE];
- // certmgr_cert_id certId;
- // certmgr_ctx context;
- // certmgr_mem_buff certRetrieved;
- // unsigned char buffer[CERTMGR_MAX_BUFFER_SIZE];
- //
- // certmgr_cert_descriptor descriptor;
- //
- // certRetrieved.data = buffer;
- // certRetrieved.firstFree = 0;
- // certRetrieved.size = CERTMGR_MAX_BUFFER_SIZE;
- // certId.storeId = storeId;
- // certId.type = type;
- //
- // CERTMGR_INIT_CONTEXT((&context), (sizeof(context)))
- //
- // for(certRetrieved.firstFree = 0;
- // OPERATION_SUCCESS == (result = certmgr_retrieve_certificate_from_store(&context, &certRetrieved, &certId));
- // certRetrieved.firstFree = 0)
- // {
- //
- // if(OPERATION_SUCCESS!=certmgr_extract_certificate_data(&certRetrieved, &descriptor)){
- // LogError("Extracting Certificate Data failed \n");
- // continue;
- // }
- //
- // if(!strcmp(subjectName.c_str(), descriptor.mandatory.subject)){
- // LogDebug("The subject of this certificate is " << descriptor.mandatory.subject);
- // m_certificatePtr = CertificatePtr(new Certificate(certRetrieved));
- // certmgr_release_certificate_data(&descriptor);
- // break;
- // }
- // LogDebug("Release");
- // certmgr_release_certificate_data(&descriptor);
- // }
- //
- // if(ERR_NO_MORE_CERTIFICATES == result) {
- // LogError("Certificates for given DN not found\n");
- // return CERTIFICATE_NOT_FOUND;
- // }
- // if(result!= OPERATION_SUCCESS){
- // LogError("Certificate Manager Error\n");
- // return UNKNOWN_ERROR;
- // }
- // LogDebug("Exit");
- // return NO_ERROR;
-}
-
-// KW CertificateLoader::CertificateLoaderResult CertificateLoader::loadCertificateBasedOnIssuerName(const std::string &issuerName, const std::string &serialNumber)
-// KW {
-// KW if(issuerName.empty() || serialNumber.empty())
-// KW {
-// KW return WRONG_ARGUMENTS;
-// KW }
-// KW
-// KW if(m_cmBuff.data){
-// KW delete[] m_cmBuff.data;
-// KW memset(&m_cmBuff, 0, sizeof(certmgr_mem_buff));
-// KW }
-// KW
-// KW LogDebug("IssuerName: " << issuerName << " serialNumber: " << serialNumber);
-// KW
-// KW //used to check status of retrieved certificate
-// KW long int result = OPERATION_SUCCESS;
-// KW char storeId[CERTMGR_MAX_PLUGIN_ID_SIZE];
-// KW char type[CERTMGR_MAX_CERT_TYPE_SIZE];
-// KW certmgr_cert_id certId;
-// KW certmgr_ctx context;
-// KW certmgr_mem_buff certRetrieved;
-// KW unsigned char buffer[CERTMGR_MAX_BUFFER_SIZE];
-// KW
-// KW certmgr_cert_descriptor descriptor;
-// KW
-// KW certRetrieved.data = buffer;
-// KW certRetrieved.firstFree = 0;
-// KW certRetrieved.size = CERTMGR_MAX_BUFFER_SIZE;
-// KW certId.storeId = storeId;
-// KW certId.type = type;
-// KW
-// KW CERTMGR_INIT_CONTEXT((&context), (sizeof(context)))
-// KW
-// KW for(certRetrieved.firstFree = 0;
-// KW OPERATION_SUCCESS == (result = certmgr_retrieve_certificate_from_store(&context, &certRetrieved, &certId));
-// KW certRetrieved.firstFree = 0)
-// KW {
-// KW
-// KW LogDebug("Extracting certificate from CertMgr");
-// KW
-// KW if( OPERATION_SUCCESS != certmgr_extract_certificate_data(&certRetrieved, &descriptor) ){
-// KW LogError("Extracting Certificate Data failed \n");
-// KW continue;
-// KW }
-// KW
-// KW LogDebug("Issuer: " << descriptor.mandatory.issuer);
-// KW
-// KW const unsigned char *ptr = certRetrieved.data;
-// KW char *tmp;
-// KW
-// KW X509 *x509cert = d2i_X509(NULL, &ptr, certRetrieved.size);
-// KW std::string serialNO = std::string(tmp = i2s_ASN1_INTEGER(NULL, X509_get_serialNumber(x509cert)));
-// KW OPENSSL_free(tmp);
-// KW X509_free(x509cert);
-// KW
-// KW LogInfo("Certificate number found: " << serialNO);
-// KW LogInfo("Certificate number looking for: " << serialNumber);
-// KW
-// KW if(!strcmp(issuerName.c_str(), descriptor.mandatory.issuer)
-// KW && serialNumber == serialNO)
-// KW {
-// KW LogError("The issuer of this certificate is " << descriptor.mandatory.issuer);
-// KW
-// KW m_cmBuff.data = new unsigned char[certRetrieved.size];
-// KW m_cmBuff.firstFree = m_cmBuff.size = certRetrieved.size;
-// KW memcpy(m_cmBuff.data, certRetrieved.data, certRetrieved.size);
-// KW certmgr_release_certificate_data(&descriptor);
-// KW break;
-// KW }
-// KW certmgr_release_certificate_data(&descriptor);
-// KW }
-// KW
-// KW if(ERR_NO_MORE_CERTIFICATES == result) {
-// KW LogError("Certificates not found");
-// KW return CERTIFICATE_NOT_FOUND;
-// KW }
-// KW if(result != OPERATION_SUCCESS){
-// KW LogError("Certificate Manager Error");
-// KW return UNKNOWN_ERROR;
-// KW }
-// KW return NO_ERROR;
-// KW }
-
-CertificateLoader::CertificateLoaderResult CertificateLoader::
- loadCertificateWithECKEY(const std::string &curveName,
- const std::string &publicKey)
-{
- (void) curveName;
- (void) publicKey;
- LogError("Not implemented.");
- return UNKNOWN_ERROR;
- // if(curveName != OID_CURVE_SECP256R1){
- // LogError("Found field id: " << curveName << " Expected: " << OID_CURVE_SECP256R1);
- // return UNSUPPORTED_CERTIFICATE_FIELD;
- // }
- //
- // CertificateLoaderECDSA comparator(publicKey);
- //
- // CertificateLoaderResult result = NO_ERROR;
- // for(int i=0; storeId[i]; ++i){
- // result = loadCertificate(std::string(storeId[i]), &comparator);
- //
- // if(result == ERR_NO_MORE_CERTIFICATES)
- // continue;
- //
- // return result;
- // }
- //
- // return result;
-}
-
-CertificateLoader::CertificateLoaderResult CertificateLoader::
- loadCertificateFromRawData(const std::string &rawData)
-{
- Try {
- Base64Decoder base;
- base.reset();
- base.append(rawData);
- if (!base.finalize()) {
- LogWarning("Certificate format is broken.");
- return UNKNOWN_ERROR;
- }
- std::string derCert = base.get();
- m_certificatePtr = CertificatePtr(new Certificate(derCert));
- } Catch(Certificate::Exception::Base) {
- LogWarning("Error reading certificate by openssl.");
- return UNKNOWN_ERROR;
- }
-
- // Check the key length if sig algorithm is RSA
- EVP_PKEY *pKey = X509_get_pubkey(m_certificatePtr->getX509());
-
- if (pKey->type == EVP_PKEY_RSA) {
- RSA* pRSA = pKey->pkey.rsa;
-
- if (pRSA) {
- int keyLength = RSA_size(pRSA);
-
- // key Length (modulus) is in bytes
- keyLength <<= 3;
- LogDebug("RSA key length: " << keyLength << " bits");
-
- if (keyLength < MIN_RSA_KEY_LENGTH) {
- LogError(
- "RSA key too short!" << "Has only " << keyLength << " bits");
- return CERTIFICATE_SECURITY_ERROR;
- }
- }
- }
-
- return NO_ERROR;
-}
-
-// DEPRACETED FUNCTION
-//CertificateLoader::CertificateLoaderResult CertificateLoader::loadCertificateFromRawData(const std::string &rawData)
-//{
-// certmgr_mem_buff cmBuff = {0,0,0};
-//
-// long int size;
-// cmBuff.data = certmgr_util_base64_decode(const_cast<void*>(static_cast<const void*>(rawData.c_str())), rawData.size(), &size);
-//
-// cmBuff.firstFree = cmBuff.size = size;
-//
-// certmgr_cert_descriptor descriptor;
-//
-// long int result = certmgr_extract_certificate_data(&cmBuff, &descriptor);
-//
-// if (result != OPERATION_SUCCESS)
-// {
-// LogError("Unable to load certificate");
-// return UNKNOWN_ERROR;
-// }
-//
-// certmgr_release_certificate_data(&descriptor);
-//
-// m_certificatePtr = CertificatePtr(new Certificate(cmBuff));
-//
-// // we have to use temp pointer cause d2i_x509 modifies its input
-// const unsigned char* tmpPtr = cmBuff.data;
-// X509* pCertificate = d2i_X509(NULL, &tmpPtr, cmBuff.size);
-//
-// if (pCertificate)
-// {
-// SSLSmartContainer<X509> pX509(pCertificate);
-//
-// // Check the key length if sig algorithm is RSA
-// EVP_PKEY *pKey = X509_get_pubkey(pX509);
-//
-// if (pKey->type == EVP_PKEY_RSA)
-// {
-// RSA* pRSA = pKey->pkey.rsa;
-//
-// if (pRSA)
-// {
-// int keyLength = RSA_size(pRSA);
-//
-// // key Length (modulus) is in bytes
-// keyLength <<= 3;
-// LogDebug("RSA key length: " << keyLength << " bits");
-//
-// if (keyLength < MIN_RSA_KEY_LENGTH)
-// {
-// LogError("RSA key too short!" << "Has only " << keyLength << " bits");
-// return CERTIFICATE_SECURITY_ERROR;
-// }
-// }
-// }
-// }
-//
-// return NO_ERROR;
-//}
-
-CertificateLoader::CertificateLoaderResult CertificateLoader::
- loadCertificateBasedOnDSAComponents(const std::string& strP,
- const std::string& strQ,
- const std::string& strG,
- const std::string& strY,
- const std::string& strJ,
- const std::string& strSeed,
- const std::string& strPGenCounter)
-{
- (void) strP;
- (void) strQ;
- (void) strG;
- (void) strY;
- (void) strJ;
- (void) strSeed;
- (void) strPGenCounter;
- LogError("Not implemented.");
- return UNKNOWN_ERROR;
- // (void)strY;
- // (void)strJ;
- // (void)strSeed;
- // (void)strPGenCounter;
- //
- // long int result = UNKNOWN_ERROR;
- //
- // char storeId[CERTMGR_MAX_PLUGIN_ID_SIZE];
- // char type[CERTMGR_MAX_CERT_TYPE_SIZE];
- // certmgr_cert_id certId;
- // certmgr_ctx context;
- // certmgr_mem_buff certRetrieved;
- //
- // unsigned char buffer[CERTMGR_MAX_BUFFER_SIZE];
- //
- // certmgr_cert_descriptor descriptor;
- //
- // certRetrieved.data = buffer;
- // certRetrieved.firstFree = 0;
- // certRetrieved.size = CERTMGR_MAX_BUFFER_SIZE;
- // certId.storeId = storeId;
- // certId.type = type;
- //
- // CERTMGR_INIT_CONTEXT((&context), (sizeof(context)))
- // std::string strStoreType("Operator");
- // strncpy(context.storeId, strStoreType.c_str(), strStoreType.length());
- //
- // for (certRetrieved.firstFree = 0;
- // OPERATION_SUCCESS == (result = certmgr_retrieve_certificate_from_store(&context, &certRetrieved, &certId));
- // certRetrieved.firstFree = 0)
- // {
- //
- // if (OPERATION_SUCCESS != certmgr_extract_certificate_data(&certRetrieved, &descriptor))
- // {
- // LogDebug("unable to retrieve cert from storage");
- // continue;
- // }
- //
- // X509* pCertificate = d2i_X509(NULL, (const unsigned char**) &(certRetrieved.data), certRetrieved.size);
- //
- // if (pCertificate)
- // {
- // EVP_PKEY *pKey = X509_get_pubkey(pCertificate);
- //
- // if (pKey->type == EVP_PKEY_DSA)
- // {
- // DSA* pDSA = pKey->pkey.dsa;
- //
- // if (pDSA)
- // {
- // BIGNUM *pDSApBigNum = NULL, *pDSAqBigNum = NULL, *pDSAgBigNum = NULL;
- //
- // convertBase64NodeToBigNum(strP, &pDSApBigNum);
- // convertBase64NodeToBigNum(strQ, &pDSAqBigNum);
- // convertBase64NodeToBigNum(strG, &pDSAgBigNum);
- //
- // if (pDSApBigNum && pDSAqBigNum && pDSAgBigNum &&
- // BN_cmp(pDSApBigNum, pDSA->p) == 0 &&
- // BN_cmp(pDSAqBigNum, pDSA->q) == 0 &&
- // BN_cmp(pDSAgBigNum, pDSA->g) == 0)
- // {
- // LogInfo("DSA Certificate found");
- // /* TODO load this certificate to m_cmBuff value */
- // LogError("Not implemented!");
- //
- // EVP_PKEY_free(pKey);
- // X509_free(pCertificate);
- //
- // BN_free(pDSApBigNum);
- // BN_free(pDSAqBigNum);
- // BN_free(pDSAgBigNum);
- //
- // certmgr_release_certificate_data(&descriptor);
- // return NO_ERROR;
- // }
- //
- // if (pDSApBigNum)
- // {
- // BN_free(pDSApBigNum);
- // }
- // if (pDSAqBigNum)
- // {
- // BN_free(pDSAqBigNum);
- // }
- // if (pDSAgBigNum)
- // {
- // BN_free(pDSAgBigNum);
- // }
- //
- // }
- // EVP_PKEY_free(pKey);
- // }
- // X509_free(pCertificate);
- // }
- // else
- // LogError("Unable to load certificate");
- //
- // certmgr_release_certificate_data(&descriptor);
- // }
- //
- // LogError("No DSA certificate with given parameters");
- //
- // return CERTIFICATE_NOT_FOUND;
-}
-
-bool CertificateLoader::convertBase64NodeToBigNum(const std::string& strNode,
- BIGNUM** ppBigNum)
-{
- (void) strNode;
- (void) ppBigNum;
- LogError("Not implemented.");
- return false;
- // if (!ppBigNum || *ppBigNum != NULL)
- // {
- // LogError("Ptr variable not initialized properly!");
- // return false;
- // }
- //
- // // decode base64 to binary
- // long int binBuffLength = 0;
- // unsigned char* binBuff = NULL;
- //
- // binBuff = certmgr_util_base64_decode(const_cast<char*> (strNode.c_str()), strNode.length(), &binBuffLength);
- //
- // if (!binBuff)
- // {
- // LogError("base64 decode failed");
- // return false;
- // }
- //
- // // convert binary to bignum
- // *ppBigNum = BN_bin2bn(binBuff, binBuffLength, *ppBigNum);
- //
- // free(binBuff);
- //
- // if (!(*ppBigNum))
- // {
- // LogError("Conversion from node to bignum failed");
- // return false;
- // }
- //
- // return true;
-}
-
-// KW bool CertificateLoader::convertBigNumToBase64Node(const BIGNUM* pBigNum, std::string& strNode)
-// KW {
-// KW if (!pBigNum)
-// KW {
-// KW LogError("null ptr");
-// KW return false;
-// KW }
-// KW
-// KW int nNumLength = BN_num_bytes(pBigNum);
-// KW unsigned char* buffer = new unsigned char[nNumLength + 1];
-// KW
-// KW // convert bignum to binary format
-// KW if (BN_bn2bin(pBigNum, buffer) < 0)
-// KW {
-// KW LogError("Conversion from bignum to binary failed");
-// KW delete []buffer;
-// KW return false;
-// KW }
-// KW
-// KW char* pBase64Node = NULL;
-// KW unsigned long int buffLen = 0;
-// KW certmgr_util_base64_encode(buffer, (unsigned long int) nNumLength, &pBase64Node, &buffLen);
-// KW
-// KW strNode.assign(pBase64Node, buffLen);
-// KW
-// KW delete []buffer;
-// KW return true;
-// KW }
-} // namespace ValidationCore
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _CERTIFICATELOADER_H_
-#define _CERTIFICATELOADER_H_
-
-#include <string>
-#include <string.h>
-
-#include <dpl/noncopyable.h>
-#include <openssl/ssl.h>
-
-#include <cert-service.h>
-
-#include "Certificate.h"
-
-namespace ValidationCore {
-class CertificateLoader : public DPL::Noncopyable
-{
- public:
- class CertificateLoaderComparator
- {
- public:
- virtual bool compare(X509 *x509cert) = 0;
- virtual ~CertificateLoaderComparator()
- {
- }
- };
-
- enum CertificateLoaderResult
- {
- NO_ERROR,
- CERTIFICATE_NOT_FOUND,
- UNSUPPORTED_CERTIFICATE_FIELD,
- WRONG_ARGUMENTS,
- CERTIFICATE_SECURITY_ERROR, //!< there are some issues with certificate security (i.e. key too short)
- UNKNOWN_ERROR
- };
-
- CertificateLoader()
- {
- }
-
- virtual ~CertificateLoader()
- {
- }
-
- CertificateLoaderResult loadCertificate(const std::string& storage,
- CertificateLoaderComparator *cmp);
-
- CertificateLoaderResult loadCertificateBasedOnSubjectName(
- const std::string &subjectName);
- CertificateLoaderResult loadCertificateBasedOnExponentAndModulus(
- const std::string &m_modulus,
- const std::string &m_exponent);
- // KW CertificateLoaderResult loadCertificateBasedOnIssuerName(const std::string &isserName,
- // KW const std::string &serialNumber);
-
- CertificateLoaderResult loadCertificateFromRawData(
- const std::string &rawData);
-
- CertificateLoaderResult loadCertificateBasedOnDSAComponents(
- const std::string& strP,
- const std::string& strQ,
- const std::string& strG,
- const std::string& strY,
- const std::string& strJ,
- const std::string& strSeed,
- const std::string& strPGenCounter);
-
- CertificateLoaderResult loadCertificateWithECKEY(
- const std::string &curveName,
- const std::string &publicKey);
-
- /**
- * converts base64 encoded node to SSL bignum
- * allocates mem on *ppBigNum, don't forget to free it later with BN_free!
- * returns conversion status
- */
- static bool convertBase64NodeToBigNum(const std::string& strNode,
- BIGNUM** ppBigNum);
-
- /*
- * encodes SSL bignum into base64 octstring
- * returns conversion status
- */
- // KW static bool convertBigNumToBase64Node(const BIGNUM* pBigNum, std::string& strNode);
-
- CertificatePtr getCertificatePtr() const
- {
- return m_certificatePtr;
- }
- private:
- CertificatePtr m_certificatePtr;
-};
-} // namespace ValidationCore
-
-#endif // _CERTIFICATELOADER_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef VCORE_SRC_VCORE_CERTIFICATESTORAGE_H
-#define VCORE_SRC_VCORE_CERTIFICATESTORAGE_H
-
-#include <list>
-#include <openssl/x509.h>
-
-namespace ValidationCore {
-typedef std::list < X509* > X509CertificatesList;
-}
-
-#endif // VCORE_SRC_VCORE_CERTIFICATESTORAGE_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Bartlomiej Grzelewski (b.grzelewski@gmail.com)
- * @version 0.1
- * @file CertificateVerifier.cpp
- * @brief This class integrates OCSP and CRL.
- */
-#include "CertificateVerifier.h"
-
-#include <dpl/assert.h>
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-
-namespace ValidationCore {
-
-CertificateVerifier::CertificateVerifier(bool enableOcsp, bool enableCrl)
-: m_enableOcsp(enableOcsp)
-, m_enableCrl(enableCrl)
-{}
-
-VerificationStatus CertificateVerifier::check(
- CertificateCollection &certCollection) const
-{
- LogDebug("== Certificate collection validation start ==");
- Assert(certCollection.isChain() && "Collection must form chain.");
-
- VerificationStatus statusOcsp;
- VerificationStatus statusCrl;
-
- if (m_enableOcsp) {
- statusOcsp = obtainOcspStatus(certCollection);
- } else {
- statusOcsp = VERIFICATION_STATUS_GOOD;
- }
-
- if (m_enableCrl) {
- statusCrl = obtainCrlStatus(certCollection);
- } else {
- statusCrl = VERIFICATION_STATUS_GOOD;
- }
- LogDebug("== Certificate collection validation end ==");
- return getStatus(statusOcsp, statusCrl);
-}
-
-VerificationStatus CertificateVerifier::obtainOcspStatus(
- const CertificateCollection &chain) const
-{
- LogDebug("== Obtain ocsp status ==");
- CachedOCSP ocsp;
- return ocsp.check(chain);
-}
-
-VerificationStatus CertificateVerifier::obtainCrlStatus(
- const CertificateCollection &chain) const
-{
- LogDebug("== Obtain crl status ==");
- CachedCRL crl;
- return crl.check(chain);
-}
-
-VerificationStatus CertificateVerifier::getStatus(
- VerificationStatus ocsp,
- VerificationStatus crl) const
-{
- if (ocsp == VERIFICATION_STATUS_REVOKED ||
- crl == VERIFICATION_STATUS_REVOKED)
- {
- LogDebug("Return status: REVOKED");
- return VERIFICATION_STATUS_REVOKED;
- }
-
- if (ocsp == VERIFICATION_STATUS_GOOD) {
- LogDebug("Return status: GOOD");
- return VERIFICATION_STATUS_GOOD;
- }
-
- if (ocsp == VERIFICATION_STATUS_UNKNOWN) {
- LogDebug("Return status: UNKNOWN");
- return VERIFICATION_STATUS_UNKNOWN;
- }
-
- if (ocsp == VERIFICATION_STATUS_NOT_SUPPORT) {
- LogDebug("Return status: NOT_SUPPORT");
- return VERIFICATION_STATUS_GOOD;
- }
-
- LogDebug("Return status: ERROR");
- return VERIFICATION_STATUS_ERROR;
-}
-
-VerificationStatus CertificateVerifier::checkEndEntity(
- CertificateCollectionList &collectionList) const
-{
- VerificationStatusSet statusOcsp;
- VerificationStatusSet statusCrl;
-
- if (m_enableOcsp) {
- CachedOCSP ocsp;
- FOREACH(it, collectionList){
- statusOcsp.add(ocsp.checkEndEntity(*it));
- }
- } else {
- statusOcsp.add(VERIFICATION_STATUS_GOOD);
- }
-
- if (m_enableCrl) {
- CachedCRL crl;
- FOREACH(it, collectionList){
- statusCrl.add(crl.checkEndEntity(*it));
- }
- } else {
- statusCrl.add(VERIFICATION_STATUS_GOOD);
- }
- LogDebug("== Certificate collection validateion end ==");
- return getStatus(statusOcsp.convertToStatus(), statusCrl.convertToStatus());
-}
-
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Bartlomiej Grzelewski (b.grzelewski@gmail.com)
- * @version 0.1
- * @file CertificateVerifier.h
- * @brief This class integrates OCSP and CRL into one module.
- */
-#ifndef _SRC_VALIDATION_CORE_CERTIFICATE_VERIFIER_H_
-#define _SRC_VALIDATION_CORE_CERTIFICATE_VERIFIER_H_
-
-#include "Certificate.h"
-#include "CertificateCollection.h"
-#include "CachedCRL.h"
-#include "CachedOCSP.h"
-#include "VerificationStatus.h"
-
-namespace ValidationCore {
-
-class CertificateVerifier {
- public:
- explicit CertificateVerifier(bool enableOcsp, bool enableCrl);
- ~CertificateVerifier(){}
-
- /*
- * Run OCSP and CRL for all certificates in collection.
- * Collection must represent chain.
- *
- * Evaluate status. This function converts ocsp status set
- * into one status - the most restricted. This one ocsp status
- * and status from crl is evaluated to end result.
- *
- * Algorithm to evaluate result is represented in table:
- *
- * +--------------+-------+-------+-------+------------+---------+
- * | OCSP |Good |Revoked|Unknown|Undetermined|Not |
- * | | | | | |supported|
- * | CRL | | | | | |
- * +--------------+-------+-------+-------+------------+---------+
- * | GOOD |GOOD |Revoked|Unknown|Undetermined|Good |
- * +--------------+-------+-------+-------+------------+---------+
- * | REVOKED |Revoked|Revoked|Revoked|Revoked |Revoked |
- * +--------------+-------+-------+-------+------------+---------+
- * | UNDETERMINED |Good |Revoked|Unknown|Undetermined|Good |
- * +--------------+-------+-------+-------+------------+---------+
- * | Not supported|Good |Revoked|Unknown|Undetermined|Good |
- * +--------------+-------+-------+-------+------------+---------+
- *
- * As Undetermind function returns VERIFICATION_STATUS_ERROR.
- */
-
- VerificationStatus check(CertificateCollection &certCollection) const;
-
- VerificationStatus checkEndEntity(
- CertificateCollectionList &certCollectionList) const;
-
- private:
- VerificationStatus obtainOcspStatus(
- const CertificateCollection &chain) const;
- VerificationStatus obtainCrlStatus(
- const CertificateCollection &chain) const;
- VerificationStatus getStatus(VerificationStatus ocsp,
- VerificationStatus crl) const;
-
- bool m_enableOcsp;
- bool m_enableCrl;
-};
-
-} // namespace ValidationCore
-
-#endif // _SRC_VALIDATION_CORE_CERTIFICATE_VERIFIER_H_
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "Config.h"
-
-#include <dpl/singleton_impl.h>
-IMPLEMENT_SINGLETON(ValidationCore::Config)
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef _SRC_VALIDATION_CORE_VALIDATION_CORE_CONFIG_H_
-#define _SRC_VALIDATION_CORE_VALIDATION_CORE_CONFIG_H_
-
-#include <string>
-
-#include <dpl/singleton.h>
-
-namespace ValidationCore {
-class Config {
-public:
- /*
- * Set path to config file with certificate description.
- */
- bool setXMLConfigPath(const std::string& path) {
- if (!m_certificateXMLConfigPath.empty()) {
- return false;
- }
- m_certificateXMLConfigPath = path;
- return true;
- }
-
- /*
- * Set path to schema of config file.
- */
- bool setXMLSchemaPath(const std::string& path) {
- if (!m_certificateXMLSchemaPath.empty()) {
- return false;
- }
- m_certificateXMLSchemaPath = path;
- return true;
- }
-
- /*
- * Set path to database with OCSP/CRL Cache.
- */
- bool setDatabasePath(const std::string& path) {
- if (!m_databasePath.empty()) {
- return false;
- }
- m_databasePath = path;
- return true;
- }
-
- /*
- * Get path to config file with certificate description.
- */
- std::string getXMLConfigPath() {
- return m_certificateXMLConfigPath;
- }
-
- /*
- * Get path to schema of config file.
- */
- std::string getXMLSchemaPath() {
- return m_certificateXMLSchemaPath;
- }
-
- /*
- * Get path to database with OCSP/CRL Cache.
- */
- std::string getDatabasePath() {
- return m_databasePath;
- }
-
-private:
- std::string m_certificateXMLConfigPath;
- std::string m_certificateXMLSchemaPath;
- std::string m_databasePath;
-};
-
-typedef DPL::Singleton<Config> ConfigSingleton;
-
-} // namespace ValidationCore
-
-#endif // _SRC_VALIDATION_CORE_VALIDATION_CORE_CONFIG_H_
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file webruntime_database.cpp
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file contains the definition of webruntime database
- */
-#include "Database.h"
-
-#include <string>
-#include <dpl/log/log.h>
-#include <dpl/db/sql_connection.h>
-
-#include "Config.h"
-
-const char* VCoreDatabaseConnectionTraits::Address()
-{
- /* This function should be fixed but some changes in
- * dpl are required.
- */
-// return ValidationCore::VCConfigSingleton::Instance().
-// getDatabasePath().c_str();
-
- LogWarning(
- "VCore will use hardcoded path for database: /opt/dbspace/.vcore.db");
- return "/opt/dbspace/.vcore.db";
-}
-
-DPL::Mutex g_vcoreDbQueriesMutex;
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file webruntime_database.h
- * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
- * @version 1.0
- * @brief This file contains the declaration of webruntime database
- */
-#ifndef VCORE_SRC_VCORE_DATABASE_H
-#define VCORE_SRC_VCORE_DATABASE_H
-
-#include <dpl/db/thread_database_support.h>
-#include <dpl/db/sql_connection.h>
-#include <dpl/mutex.h>
-#include <dpl/thread.h>
-
-struct VCoreDatabaseConnectionTraits
-{
- static const char *Address();
-
- static DPL::DB::SqlConnection::Flag::Type Flags()
- {
- return DPL::DB::SqlConnection::Flag::UseLucene;
- }
-};
-
-extern DPL::Mutex g_vcoreDbQueriesMutex;
-
-#define VCORE_DB_INTERNAL(tlsCommand, InternalType, interface) \
- static DPL::ThreadLocalVariable<InternalType> *tlsCommand ## Ptr = NULL; \
- { \
- DPL::Mutex::ScopedLock lock(&g_vcoreDbQueriesMutex); \
- if (!tlsCommand ## Ptr) { \
- static DPL::ThreadLocalVariable<InternalType> tmp; \
- tlsCommand ## Ptr = &tmp; \
- } \
- } \
- DPL::ThreadLocalVariable<InternalType> &tlsCommand = *tlsCommand ## Ptr; \
- if (tlsCommand.IsNull()) { tlsCommand = InternalType(interface); }
-
-#define VCORE_DB_SELECT(name, type, interface) \
- VCORE_DB_INTERNAL(name, type::Select, interface)
-
-#define VCORE_DB_INSERT(name, type, interface) \
- VCORE_DB_INTERNAL(name, type::Insert, interface)
-
-#define VCORE_DB_UPDATE(name, type, interface) \
- VCORE_DB_INTERNAL(name, type::Update, interface)
-
-#define VCORE_DB_DELETE(name, type, interface) \
- VCORE_DB_INTERNAL(name, type::Delete, interface)
-
-#endif // define VCORE_SRC_VCORE_DATABASE_H
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file DeveloperModeValidator.cpp
- * @author Bartosz Janiak (b.janiak@samsung.com)
- * @version 1.0
- * @brief DeveloperModeValidatorValidator - implementing WAC 2.0 spec, including TargetRestriction
- */
-
-#include "DeveloperModeValidator.h"
-#include <algorithm>
-#include <vconf.h>
-#include <ITapiMisc.h>
-#include <dpl/log/log.h>
-#include <dpl/scoped_free.h>
-
-namespace ValidationCore {
-
-DeveloperModeValidator::DeveloperModeValidator(bool complianceMode,
- const std::string& fakeIMEI,
- const std::string& fakeMEID):
- m_complianceModeEnabled(complianceMode),
- m_fakeIMEI(fakeIMEI),
- m_fakeMEID(fakeMEID)
-{
-}
-
-void DeveloperModeValidator::check(const SignatureData &data)
-{
- LogDebug("entered");
- const SignatureData::IMEIList& IMEIList = data.getIMEIList();
- const SignatureData::MEIDList& MEIDList = data.getMEIDList();
-
- if (IMEIList.empty() && MEIDList.empty()) {
- LogDebug("No TargetRestriction in signature.");
- return;
- }
-
- if (!IMEIList.empty()) {
- std::string phoneIMEIString = m_fakeIMEI;
- if (!m_complianceModeEnabled) {
- LogDebug("Compilance Mode is not enabled");
- DPL::ScopedFree<char> phoneIMEI(
- vconf_get_str(VCONFKEY_TELEPHONY_IMEI));
- if (!phoneIMEI.Get()) {
- ThrowMsg(Exception::NoTargetRestrictionSatisfied,
- "Unable to get phone IMEI from vconf.");
- }
- phoneIMEIString = phoneIMEI.Get();
- }
-
- LogDebug("Phone IMEI: " << phoneIMEIString);
- if (IMEIList.end() ==
- std::find(IMEIList.begin(), IMEIList.end(), phoneIMEIString))
- {
- Throw(Exception::NoTargetRestrictionSatisfied);
- }
- }
-
- if (!MEIDList.empty()) {
- std::string phoneMEIDString = m_fakeMEID;
- if (!m_complianceModeEnabled)
- {
- TelMiscSNInformation phoneInfo;
- if (TAPI_API_SUCCESS !=
- tel_get_misc_me_sn(TAPI_MISC_ME_MEID, &phoneInfo))
- {
- ThrowMsg(Exception::NoTargetRestrictionSatisfied,
- "Unable to get phone MEID from Tapi service.");
- }
- phoneMEIDString = reinterpret_cast<char*>(phoneInfo.szNumber);
- }
-
- LogDebug("Phone MEID: " << phoneMEIDString);
- if (MEIDList.end() ==
- std::find(MEIDList.begin(), MEIDList.end(), phoneMEIDString))
- {
- Throw(Exception::NoTargetRestrictionSatisfied);
- }
- }
- LogDebug("exit: ok");
-}
-
-} //ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file DeveloperModeValidator.h
- * @author Bartosz Janiak (b.janiak@samsung.com)
- * @version 1.0
- * @brief DeveloperModeValidatorValidator - implementing WAC 2.0 spec, including TargetRestriction
- */
-
-#ifndef \
- WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_DEVELOPER_MODE_VALIDATOR_H
-#define \
- WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_DEVELOPER_MODE_VALIDATOR_H
-
-#include <string>
-#include <dpl/exception.h>
-#include "SignatureData.h"
-
-namespace ValidationCore {
-
-class DeveloperModeValidator
-{
- public:
- explicit DeveloperModeValidator(bool complianceMode = false,
- const std::string &fakeIMEI = "",
- const std::string &fakeMEID = "");
-
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, UnableToLoadTestCertificate)
- DECLARE_EXCEPTION_TYPE(Base, NoTargetRestrictionSatisfied)
- };
-
- void check(const SignatureData &data);
- private:
- bool m_complianceModeEnabled;
- std::string m_fakeIMEI;
- std::string m_fakeMEID;
-};
-
-}
-#endif /* WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_DEVELOPER_MODE_VALIDATOR_H */
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- *
- * @file AbstractResponseCache.h
- * @author Tomasz Swierczek (t.swierczek@samsung.com)
- * @version 0.1
- * @brief Common interface for OCSP/CRL caches
- */
-
-#ifndef _SRC_VALIDATION_CORE_IABSTRACT_RESPONSE_CACHE_H_
-#define _SRC_VALIDATION_CORE_IABSTRACT_RESPONSE_CACHE_H_
-
-#include "Certificate.h"
-#include "CertificateCollection.h"
-#include "VerificationStatus.h"
-
-namespace ValidationCore {
-
-class IAbstractResponseCache {
- public:
- virtual VerificationStatus check(const CertificateCollection &certs) = 0;
- virtual VerificationStatus checkEndEntity(CertificateCollection &certs) = 0;
- virtual void updateCache() = 0;
-
- virtual ~IAbstractResponseCache()
- {
- }
-};
-
-} // namespace ValidationCore
-
-#endif /* _SRC_VALIDATION_CORE_IABSTRACT_RESPONSE_CACHE_H_ */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Tomasz Morawski(t.morawski@samsung.com)
- * @author Michal Ciepielski(m.ciepielski@samsung.com)
- * @author Piotr Marcinkiewicz(p.marcinkiew@samsung.com)
- * @version 0.4
- * @file OCPS.cpp
- * @brief Routines for certificate validation over OCSP
- */
-
-#include "OCSP.h"
-
-#include <string.h>
-#include <algorithm>
-
-#include <openssl/ssl.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-#include <dpl/log/log.h>
-#include <dpl/assert.h>
-#include <dpl/foreach.h>
-#include <dpl/scoped_array.h>
-#include <dpl/scoped_free.h>
-
-#include <libsoup/soup.h>
-
-#include "Certificate.h"
-#include "SoupMessageSendSync.h"
-
-extern "C" {
-// This function is needed to fix "Invalid conversion from void*
-// to unsigned char*" C++ compiler error during calling
-// i2d_OCSP_REQUEST_bio macro
- extern bool convertToBuffer(OCSP_REQUEST* req,
- char** buf,
- int* size);
-}
-
-namespace {
-const int ConnectionTimeoutInSeconds = 6;
-const int ConnectionRetryCount = 5;
-
-//! Maximum leeway in validity period in seconds: default 1 day
-//! (@see checkRevocationStatus function code)
-
-//! Maximum validity time for revocation status (1 day)
-const int MaxValidatyPeriodInSeconds = 24 * 60 * 60;
-
-//! Max age (@see checkRevocationStatus function code)
-const int MaxAge = -1;
-}
-
-namespace ValidationCore {
-
-const char* OCSP::DEFAULT_RESPONDER_URI_ENV = "OCSP_DEFAULT_RESPONDER_URI";
-
-OCSP::DigestAlgorithmMap createDigestAlgMap()
-{
- OCSP::DigestAlgorithmMap mDigestAlg = OCSP::DigestAlgorithmMap();
-
- mDigestAlg.insert(std::make_pair(OCSP::SHA1, EVP_sha1()));
- mDigestAlg.insert(std::make_pair(OCSP::SHA224, EVP_sha224()));
- mDigestAlg.insert(std::make_pair(OCSP::SHA256, EVP_sha256()));
- mDigestAlg.insert(std::make_pair(OCSP::SHA384, EVP_sha384()));
- mDigestAlg.insert(std::make_pair(OCSP::SHA512, EVP_sha512()));
-
- return mDigestAlg;
-}
-
-OCSP::DigestAlgorithmMap OCSP::m_sDigestAlgMap = createDigestAlgMap();
-
-OCSP::OCSP() :
- /* Upgrade of openssl is required to support sha256 */
- // m_pCertIdDigestAlg(EVP_sha256()),
- // m_pRequestDigestAlg(EVP_sha256()),
- m_pCertIdDigestAlg(EVP_sha1()),
- m_pRequestDigestAlg(EVP_sha1()),
- m_bUseNonce(false),
- m_bUseDefResponder(false),
- m_bSignRequest(false),
- m_pSignKey(0)
-{
-}
-
-SoupWrapper::SoupMessageSendBase::RequestStatus OCSP::sendOcspRequest(
- OCSP_REQUEST* argRequest,
- const DPL::OptionalString& argUri)
-{
- using namespace SoupWrapper;
- // convert OCSP_REQUEST to memory buffer
- std::string url = DPL::ToUTF8String(*argUri);
- char* requestBuffer;
- int requestSizeInt;
- if (!convertToBuffer(argRequest, &requestBuffer, &requestSizeInt)) {
- ThrowMsg(OCSP::Exception::VerificationError,
- "OCSP: failed to convert OCSP_REQUEST to mem buffer");
- }
-
- Assert(requestSizeInt >= 0);
-
- SoupMessageSendBase::MessageBuffer buffer;
- buffer.resize(requestSizeInt);
- memcpy(&buffer[0], requestBuffer, requestSizeInt);
- free(requestBuffer);
-
- char *cport = 0,*chost = 0,*cpath = 0;
- int use_ssl = 0;
-
- if (!OCSP_parse_url(const_cast<char*>(url.c_str()),
- &chost,
- &cport,
- &cpath,
- &use_ssl))
- {
- LogWarning("Error in OCSP_parse_url");
- return SoupMessageSendBase::REQUEST_STATUS_CONNECTION_ERROR;
- }
-
- std::string host = chost;
-
- if (cport) {
- host += ":";
- host += cport;
- }
-
- free(cport);
- free(chost);
- free(cpath);
-
- m_soupMessage.setHost(url);
- m_soupMessage.setHeader("Host", host);
- m_soupMessage.setRequest(std::string("application/ocsp-request"),
- buffer);
-
- return m_soupMessage.sendSync();
-}
-
-ValidationCore::VerificationStatusSet OCSP::validateCertificateList(
- const CertificateList &certs)
-{
- VerificationStatusSet statusSet;
-
- if (certs.size() < 2) {
- // no certificates to verify, just return a error
- LogWarning("No validation will be proceed. OCSP require at"
- " least 2 certificates in chain. Found only " <<
- certs.size());
- statusSet.add(VERIFICATION_STATUS_ERROR);
- return statusSet;
- }
-
- CertificateList::const_iterator iter = certs.begin();
- CertificateList::const_iterator parent = iter;
-
- time_t minValidity = 0;
- for (++parent; parent != certs.end(); ++iter, ++parent) {
- LogDebug("Certificate validation (CN:" <<
- (*iter)->getCommonName() << ")");
- statusSet.add(validateCertificate(*iter, *parent));
- if ((0 == minValidity || minValidity > m_responseValidity) &&
- m_responseValidity > 0)
- {
- minValidity = m_responseValidity;
- }
- }
- m_responseValidity = minValidity;
-
- return statusSet;
-}
-
-VerificationStatus OCSP::checkEndEntity(
- const CertificateCollection &chain)
-{
- const char *defResponderURI = getenv(OCSP::DEFAULT_RESPONDER_URI_ENV);
-
- VerificationStatusSet verSet;
- if (defResponderURI) {
- setUseDefaultResponder(true);
- setDefaultResponder(defResponderURI);
- }
-
- // this is temporary fix. it must be rewriten
- CertificateList clst;
- if (chain.isChain() && chain.size() >= 2) {
- CertificateList::const_iterator icert = chain.begin();
- clst.push_back(*icert);
- ++icert;
- clst.push_back(*icert);
- }
- verSet += validateCertificateList(clst);
-
- return verSet.convertToStatus();
-}
-
-VerificationStatus OCSP::validateCertificate(CertificatePtr argCert,
- CertificatePtr argIssuer)
-{
- using namespace SoupWrapper;
-
- Assert(!!argCert);
- Assert(!!argIssuer);
-
- Try {
- DPL::OptionalString uri;
-
- if (!m_bUseDefResponder) {
- uri = argCert->getOCSPURL();
- if (!uri) {
- return VERIFICATION_STATUS_NOT_SUPPORT;
- }
- } else {
- if (m_strResponderURI.empty()) {
- ThrowMsg(Exception::VerificationError,
- "Default responder is not set");
- }
- LogWarning("Default responder will be used");
-
- uri = m_strResponderURI;
- }
-
- // creates a request
- CreateRequestResult newRequest = createRequest(argCert, argIssuer);
- if (!newRequest.success) {
- ThrowMsg(Exception::VerificationError, "Request creation failed");
- }
-
- // SSLSmartContainer <OCSP_CERTID> certIdCont(certId);
- // this smart ptr is commented out in purpose. request
- // manages certIdmemory (which was done in createRequest above)
- SSLSmartContainer <OCSP_REQUEST> requestCont(newRequest.ocspRequest);
-
- SoupMessageSendBase::RequestStatus requestStatus;
- requestStatus = sendOcspRequest(requestCont, uri);
-
- if (requestStatus != SoupMessageSendBase::REQUEST_STATUS_OK) {
- return VERIFICATION_STATUS_CONNECTION_FAILED;
- }
-
- // Response is m_soupMessage, convert it to OCSP_RESPONSE
- OcspResponse response = convertToResponse();
-
- if (!response.first) {
- ThrowMsg(OCSP::Exception::VerificationError,
- "OCSP: failed to convert mem buffer to OCSP_RESPONSE");
- }
-
- SSLSmartContainer <OCSP_RESPONSE> responseCont(response.second);
- // verify response eg. check response status,
- // validate responder certificate
- validateResponse(requestCont,
- responseCont,
- newRequest.ocspCertId);
- } Catch(Exception::ConnectionError) {
- LogWarning("OCSP: ConnectionError");
- return VERIFICATION_STATUS_CONNECTION_FAILED;
- } Catch(Exception::CertificateRevoked) {
- LogWarning("OCSP: Revoked");
- return VERIFICATION_STATUS_REVOKED;
- } Catch(Exception::CertificateUnknown) {
- LogWarning("OCSP: Unknown");
- return VERIFICATION_STATUS_UNKNOWN;
- } Catch(Exception::VerificationError) {
- LogWarning("OCSP: Verification error");
- return VERIFICATION_STATUS_VERIFICATION_ERROR;
- } Catch(Exception::Base) {
- LogWarning("OCSP: Error");
- return VERIFICATION_STATUS_ERROR;
- }
- LogWarning("OCSP: Good");
- return VERIFICATION_STATUS_GOOD;
-}
-
-OCSP::CreateRequestResult OCSP::createRequest(CertificatePtr argCert,
- CertificatePtr argIssuer)
-{
- OCSP_REQUEST* newRequest = OCSP_REQUEST_new();
-
- if (!newRequest) {
- LogWarning("OCSP: Failed to create a request");
- return CreateRequestResult();
- }
-
- SSLSmartContainer <OCSP_REQUEST> requestCont(newRequest);
-
- OCSP_CERTID* certId = addSerial(argCert, argIssuer);
-
- if (!certId) {
- LogWarning("OCSP: Unable to create a serial id");
- return CreateRequestResult();
- }
- SSLSmartContainer <OCSP_CERTID> certIdCont(certId);
-
- // Inserting certificate ID to request
- if (!OCSP_request_add0_id(requestCont, certIdCont)) {
- LogWarning("OCSP: Unable to create a certificate id");
- return CreateRequestResult();
- }
-
- if (m_bUseNonce) {
- OCSP_request_add1_nonce(requestCont, 0, -1);
- }
-
- if (m_bSignRequest) {
- if (!m_pSignCert || !m_pSignKey) {
- LogWarning("OCSP: Unable to sign request if "
- "SignCert or SignKey was not set");
- return CreateRequestResult();
- }
-
- if (!OCSP_request_sign(requestCont,
- m_pSignCert->getX509(),
- m_pSignKey,
- m_pRequestDigestAlg,
- 0,
- 0))
- {
- LogWarning("OCSP: Unable to sign request");
- return CreateRequestResult();
- }
- }
- return CreateRequestResult(true,
- requestCont.DetachPtr(),
- certIdCont.DetachPtr());
-}
-
-OCSP_CERTID* OCSP::addSerial(CertificatePtr argCert,
- CertificatePtr argIssuer)
-{
- X509_NAME* iname = X509_get_subject_name(argIssuer->getX509());
- ASN1_BIT_STRING* ikey = X509_get0_pubkey_bitstr(argIssuer->getX509());
- ASN1_INTEGER* serial = X509_get_serialNumber(argCert->getX509());
-
- return OCSP_cert_id_new(m_pCertIdDigestAlg, iname, ikey, serial);
-}
-
-void OCSP::setDigestAlgorithmForCertId(DigestAlgorithm alg)
-{
- DigestAlgorithmMap::const_iterator cit = m_sDigestAlgMap.find(alg);
-
- if (cit != m_sDigestAlgMap.end()) {
- m_pCertIdDigestAlg = cit->second;
- } else {
- LogDebug("Request for unsupported CertId digest algorithm"
- "ignored!");
- }
-}
-
-void OCSP::setDigestAlgorithmForRequest(DigestAlgorithm alg)
-{
- DigestAlgorithmMap::const_iterator cit = m_sDigestAlgMap.find(alg);
-
- if (cit != m_sDigestAlgMap.end()) {
- m_pRequestDigestAlg = cit->second;
- } else {
- LogDebug("Request for unsupported OCSP request digest algorithm"
- "ignored!");
- }
-}
-
-void OCSP::setTrustedStore(const CertificateList& certs)
-{
- X509_STORE *store = X509_STORE_new();
- m_pTrustedStore = store;
- // create a trusted store basing on certificate chain from a signature
- FOREACH(iter, certs) {
- X509_STORE_add_cert(store, (*iter)->getX509());
- }
-}
-
-void OCSP::validateResponse(OCSP_REQUEST* argRequest,
- OCSP_RESPONSE* argResponse,
- OCSP_CERTID* argCertId)
-{
- int result = OCSP_response_status(argResponse);
-
- if (result != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
- handleInvalidResponse(result);
- ThrowMsg(Exception::VerificationError, "OCSP_response_status failed");
- }
-
- // get response object
- OCSP_BASICRESP* basic = OCSP_response_get1_basic(argResponse);
- if (!basic) {
- ThrowMsg(Exception::VerificationError,
- "OCSP: Unable to get a BASICRESP object.");
- }
-
- SSLSmartContainer <OCSP_BASICRESP> basicRespCont(basic);
- if (m_bUseNonce && OCSP_check_nonce(argRequest, basicRespCont) <= 0) {
- ThrowMsg(Exception::VerificationError, "OCSP: Invalid nonce");
- }
-
- if (!verifyResponse(basic)) {
- ThrowMsg(Exception::VerificationError,
- "Unable to verify the OCSP responder's certificate");
- }
-
- checkRevocationStatus(basicRespCont, argCertId);
-}
-
-bool OCSP::verifyResponse(OCSP_BASICRESP* basic)
-{
- Assert(m_pTrustedStore);
- // verify ocsp response
- int response = OCSP_basic_verify(basic, NULL, m_pTrustedStore, 0);
- if (response <= 0) {
- LogWarning("OCSP verification failed");
- }
-
- return response > 0;
-}
-
-void OCSP::checkRevocationStatus(OCSP_BASICRESP* basic,
- OCSP_CERTID* id)
-{
- ASN1_GENERALIZEDTIME* producedAt;
- ASN1_GENERALIZEDTIME* thisUpdate;
- ASN1_GENERALIZEDTIME* nextUpdate;
- int reason;
- int status;
-
- m_responseValidity = 0;
-
- if (!OCSP_resp_find_status(basic,
- id,
- &status,
- &reason,
- &producedAt,
- &thisUpdate,
- &nextUpdate))
- {
- ThrowMsg(Exception::VerificationError,
- "OCSP: Failed to find certificate status.");
- }
-
- if (!OCSP_check_validity(thisUpdate,
- nextUpdate,
- MaxValidatyPeriodInSeconds,
- MaxAge))
- {
- ThrowMsg(Exception::VerificationError,
- "OCSP: Failed to check certificate validate.");
- }
-
- if (nextUpdate) {
- asn1GeneralizedTimeToTimeT(nextUpdate,&m_responseValidity);
- time_t now;
- time(&now);
- LogDebug("Time of next OCSP update got from server: " <<
- m_responseValidity);
- LogDebug("Expires in: " << (m_responseValidity - now));
- LogDebug("Original: " << nextUpdate->data);
- }
-
- switch (status) {
- case V_OCSP_CERTSTATUS_GOOD:
- return;
- case V_OCSP_CERTSTATUS_REVOKED:
- ThrowMsg(Exception::CertificateRevoked, "Certificate is Revoked");
- case V_OCSP_CERTSTATUS_UNKNOWN:
- ThrowMsg(Exception::CertificateUnknown, "Certificate is Unknown");
- default:
- Assert(false && "Invalid status");
- }
-}
-
-OCSP::OcspResponse OCSP::convertToResponse()
-{
- using namespace SoupWrapper;
-
- // convert memory buffer to ocsp response object
- BUF_MEM res_bmem;
- OCSP_RESPONSE* response;
-
- SoupMessageSendBase::MessageBuffer buffer = m_soupMessage.getResponse();
-
- res_bmem.length = buffer.size();
- res_bmem.data = &buffer[0];
- res_bmem.max = buffer.size();
-
- BIO* res_mem_bio = BIO_new(BIO_s_mem());
- BIO_set_mem_buf(res_mem_bio, &res_bmem, BIO_NOCLOSE);
-
- response = d2i_OCSP_RESPONSE_bio(res_mem_bio, NULL);
- BIO_free_all(res_mem_bio);
-
- if (!response) {
- LogWarning("OCSP: Failed to convert OCSP Response to DER format");
- return std::make_pair(false, static_cast<OCSP_RESPONSE*>(NULL));
- }
-
- return std::make_pair(true, response);
-}
-
-void OCSP::handleInvalidResponse(int result)
-{
- switch (result) {
- case OCSP_RESPONSE_STATUS_MALFORMEDREQUEST:
- LogWarning("OCSP: Server returns "
- "OCSP_RESPONSE_STATUS_MALFORMEDREQUEST status");
- break;
- case OCSP_RESPONSE_STATUS_INTERNALERROR:
- LogWarning("OCSP: Server returns "
- "OCSP_RESPONSE_STATUS_INTERNALERROR status");
- break;
- case OCSP_RESPONSE_STATUS_TRYLATER:
- LogWarning("OCSP: Server returns "
- "OCSP_RESPONSE_STATUS_TRYLATER status");
- break;
- case OCSP_RESPONSE_STATUS_SIGREQUIRED:
- LogWarning("OCSP: Server returns "
- "OCSP_RESPONSE_STATUS_SIGREQUIRED status");
- break;
- case OCSP_RESPONSE_STATUS_UNAUTHORIZED:
- LogWarning("OCSP: Server returns "
- "OCSP_RESPONSE_STATUS_UNAUTHORIZED status");
- break;
- default:
- Assert(false && "Invalid result value");
- }
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Tomasz Morawski(t.morawski@samsung.com)
- * @author Michal Ciepielski(m.ciepielski@samsung.com)
- * @author Piotr Marcinkiewicz(p.marcinkiew@samsung.com)
- * @version 0.4
- * @file OCPS.h
- * @brief Routines for certificate validation over OCSP
- */
-
-#ifndef WRT_ENGINE_SRC_VALIDATION_CORE_ENGINE_OCSP_H_
-#define WRT_ENGINE_SRC_VALIDATION_CORE_ENGINE_OCSP_H_
-
-#include <openssl/pem.h>
-#include <openssl/ocsp.h>
-#include <libsoup/soup.h>
-
-#include <string>
-#include <vector>
-#include <list>
-#include <utility>
-#include <map>
-
-#include <dpl/assert.h>
-#include <dpl/exception.h>
-#include <dpl/optional_typedefs.h>
-
-#include <vcore/scoped_gpointer.h>
-
-#include "OCSPCertMgrUtil.h"
-#include "CertificateCollection.h"
-#include "CertificateStorage.h"
-#include "VerificationStatus.h"
-#include "SSLContainers.h"
-
-#include "SoupMessageSendBase.h"
-#include "SoupMessageSendSync.h"
-/*
- * The WRT MUST NOT allow installation of widgets with revoked signatures.
- *
- * The WRT MUST NOT allow use of widgets with revoked signatures.
- *
- * The WRT MUST support checking for revocation of widget signatures via
- * OCSP [RFC 2560] at widget installation time, according to the following:
- *
- * At widget installation time, the WRT shall make several attempts
- * (5 attempts at 6 seconds apart recommended) to establish contact with
- * the OCSP server.
- *
- * If connectivity is successful and the application is validated, the
- * installation process shall continue.
- *
- * If connectivity is successful and if the widget signature is
- * determined to be revoked, the WRT shall issue a suitable error message
- * and cancel installation.
- *
- * If connectivity is successful and revocation status is unknown or if
- * connectivity is unsuccessful, the user must be notified that the
- * widget was unable to be installed as trusted - the certification of
- * the widget signature has not been validated -, and prompt the user to allow
- * the user to install the widget as an untrusted application, or reject
- * the installation.
- *
- * The WRT MUST support checking for revocation of widget signatures via OCSP
- * [RFC 2560] at widget runtime.
- *
- * The WRT MUST support OCSP access policy.
- */
-
-namespace ValidationCore {
-
-class OCSP
-// : public RevocationCheckerBase
-{
- public:
- static const char* DEFAULT_RESPONDER_URI_ENV;
-
- VerificationStatus checkEndEntity(const CertificateCollection &certList);
- OCSP();
-
- enum DigestAlgorithm
- {
- SHA1,
- SHA224,
- SHA256,
- SHA384,
- SHA512
- };
- typedef std::map <DigestAlgorithm, const EVP_MD*> DigestAlgorithmMap;
- /**
- * Sets digest algorithm for certid in ocsp request
- */
- void setDigestAlgorithmForCertId(DigestAlgorithm alg);
-
- /**
- * Sets digest algorithm for certid in ocsp request
- */
- void setDigestAlgorithmForRequest(DigestAlgorithm alg);
-
- void setTrustedStore(const CertificateList& certs);
-
- VerificationStatusSet validateCertificateList(const CertificateList &certs);
-
- VerificationStatus validateCertificate(CertificatePtr argCert,
- CertificatePtr argIssuer);
-
- void setDefaultResponder(const char* uri)
- {
- Assert(uri);
- m_strResponderURI = DPL::FromUTF8String(uri);
- }
-
- void setUseDefaultResponder(bool value)
- {
- m_bUseDefResponder = value;
- }
-
- /**
- * @return time when response will become invalid - for list of
- * certificates, this is the minimum of all validities; value is
- * valid only for not-revoked certificates (non error validation result)
- */
- time_t getResponseValidity()
- {
- return m_responseValidity;
- }
-
- private:
- typedef WRT::ScopedGPointer<SoupSession> ScopedSoupSession;
- typedef WRT::ScopedGPointer<SoupMessage> ScopedSoupMessage;
-
- void handleInvalidResponse(int result);
- void sendHTTPRequest(ScopedSoupSession& session,
- ScopedSoupMessage& msg,
- const char* host,
- const char* port,
- const char* path,
- char* requestBuffer,
- size_t reqestSize);
- void sendRequest(const std::string& uri,
- char* requestBuffer,
- size_t requestSize,
- char** responseBuffer,
- size_t* responseSize);
-
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, ConnectionError)
- DECLARE_EXCEPTION_TYPE(Base, CertificateRevoked)
- DECLARE_EXCEPTION_TYPE(Base, CertificateUnknown)
- DECLARE_EXCEPTION_TYPE(Base, VerificationError)
- DECLARE_EXCEPTION_TYPE(Base, RetrieveCertFromStoreError)
- DECLARE_EXCEPTION_TYPE(Base, VerificationNotSupport)
- };
-
- const EVP_MD* m_pCertIdDigestAlg;
- const EVP_MD* m_pRequestDigestAlg;
- static DigestAlgorithmMap m_sDigestAlgMap;
-
- typedef std::pair<char*, size_t> HttpResponseBuffer;
-
- SoupWrapper::SoupMessageSendBase::RequestStatus sendOcspRequest(
- OCSP_REQUEST* argRequest,
- const DPL::OptionalString& argUri);
-
- //! Validates a single certificate
- /*!
- * @param cert The certificate to check
- * @param issuer A certificate used to sign the certificate to check.
- */
-
- struct CreateRequestResult
- {
- bool success;
- OCSP_REQUEST* ocspRequest;
- OCSP_CERTID* ocspCertId;
- CreateRequestResult(bool argSuccess = false,
- OCSP_REQUEST* argOcspRequest = NULL,
- OCSP_CERTID* argOcspCertId = NULL) :
- success(argSuccess),
- ocspRequest(argOcspRequest),
- ocspCertId(argOcspCertId)
- {
- }
- };
-
- //! Creates a OCSP request
- /*!
- * @param request Returns created OCSP_REQUEST
- * @param id Returns CertId that is used to find proper OCSP result in
- * the OCSP response (@see checkRevocationStatus for more details).
- *
- */
- CreateRequestResult createRequest(CertificatePtr argCert,
- CertificatePtr argIssuer);
-
- OCSP_CERTID* addSerial(CertificatePtr argCert,
- CertificatePtr argIssuer);
-
- void validateResponse(OCSP_REQUEST* argRequest,
- OCSP_RESPONSE* argResponse,
- OCSP_CERTID* argCertId);
-
- //! Create a X509 store
- bool verifyResponse(OCSP_BASICRESP* argResponse);
-
- void checkRevocationStatus(OCSP_BASICRESP* argBasicResponse,
- OCSP_CERTID* argCertId);
-
- typedef std::pair<bool, OCSP_RESPONSE*> OcspResponse;
-
- OcspResponse convertToResponse();
-
- time_t m_responseValidity;
- bool m_bUseNonce;
- bool m_bUseDefResponder;
- DPL::String m_strResponderURI;
- bool m_bSignRequest;
- EVP_PKEY* m_pSignKey;
- CertificatePtr m_pSignCert;
- SSLSmartContainer <X509_STORE> m_pTrustedStore;
- SoupWrapper::SoupMessageSendSync m_soupMessage;
-};
-} // ValidationCore
-
-#endif //ifndef WRT_ENGINE_SRC_VALIDATION_CORE_ENGINE_OCSP_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @author Michal Ciepielski(m.ciepielski@samsung.com)
- * @version 0.3
- * @brief
- */
-
-#include "OCSPCertMgrUtil.h"
-#include "SSLContainers.h"
-
-#include <openssl/pem.h>
-#include <openssl/ocsp.h>
-#include <dpl/log/log.h>
-#include <dpl/scoped_resource.h>
-#include <string.h>
-#include <iostream>
-#include <string>
-
-#include <cert-service.h>
-
-namespace {
-const int MAX_BUF = 1024;
-
-struct ContextDeleter
-{
- typedef CERT_CONTEXT* Type;
- static Type NullValue()
- {
- return NULL;
- }
- static void Destroy(Type context)
- {
- if (context) {
- cert_svc_cert_context_final(context);
- }
- }
-};
-}
-
-namespace ValidationCore {
-namespace OCSPCertMgrUtil {
-/*
- * TODO This API function should be changed to:
- * CertifiatePtr getCertFromStore(const std::string &subject);
- *
- * All of cert_svc function could return error because input
- * data are corruped. That's why I dont want to throw exceptions
- * in this function.
- */
-void getCertFromStore(X509_NAME *subject,
- X509 **xcert)
-{
- if (!xcert || *xcert || !subject) {
- LogError("Invalid input!");
- return;
- }
-
- typedef DPL::ScopedResource<ContextDeleter> ScopedContext;
-
- int result;
- char buffer[MAX_BUF];
- const unsigned char* ptr = NULL;
- X509 *pCertificate = NULL;
- cert_svc_filename_list *fileList = NULL;
-
- X509_NAME_oneline(subject, buffer, MAX_BUF);
-
- ScopedContext ctx(cert_svc_cert_context_init());
- if (ctx.Get() == NULL) {
- LogWarning("Error in cert_svc_cert_context_init.");
- return;
- }
-
- LogDebug("Search certificate with subject: " << buffer);
- result = cert_svc_search_certificate(ctx.Get(), SUBJECT_STR, buffer);
- LogDebug("Search finished!");
-
- if (CERT_SVC_ERR_NO_ERROR != result) {
- LogWarning("Error during certificate search");
- return;
- }
-
- fileList = ctx.Get()->fileNames;
-
- if (fileList == NULL) {
- LogDebug("No certificate found");
- return;
- }
-
- if (fileList->filename == NULL) {
- LogWarning("Empty filename");
- return;
- }
-
- LogDebug("Found cert file: " << fileList->filename);
- ScopedContext ctx2(cert_svc_cert_context_init());
-
- if (ctx2.Get() == NULL) {
- LogWarning("Error in cert_svc_cert_context_init.");
- return;
- }
-
- // TODO add read_certifcate_from_file function to Certificate.h
- if (CERT_SVC_ERR_NO_ERROR !=
- cert_svc_load_file_to_context(ctx2.Get(), fileList->filename)) {
- LogWarning("Error in cert_svc_load_file_to_context");
- return;
- }
-
- ptr = ctx2.Get()->certBuf->data;
- // create a certificate from mem buff
- pCertificate = d2i_X509(NULL, &ptr, ctx2.Get()->certBuf->size);
-
- if (pCertificate == NULL) {
- LogWarning("Error during certificate conversion in d2i_X509");
- return;
- }
-
- *xcert = pCertificate;
- if (fileList->next != NULL) {
- LogError("There is more then one certificate with same subject :/");
- // TODO Implement me.
- for (fileList = fileList->next;
- fileList != NULL;
- fileList = fileList->next) {
- LogError(
- "Additional certificate with same subject: " <<
- fileList->filename);
- }
- }
-}
-
-CertificatePtr getParentFromStore(const CertificatePtr &certificate)
-{
- Assert(certificate.Get());
- X509* rawPtr = certificate->getX509();
-
- /* TODO Add getIssuerName function to Certificate.h */
- X509_NAME *name = X509_get_issuer_name(rawPtr);
-
- X509* rawTemp = NULL;
- getCertFromStore(name, &rawTemp);
-
- if (rawTemp == NULL) {
- return CertificatePtr();
- }
-
- SSLSmartContainer<X509> scope(rawTemp);
- return CertificatePtr(new Certificate(rawTemp));
-}
-
-CertificateList completeCertificateChain(const CertificateList &certificateList)
-{
- CertificateList result = certificateList;
- CertificatePtr last = result.back();
- if (last->isSignedBy(last)) {
- return result;
- }
- CertificatePtr parent = getParentFromStore(last);
- if (parent.Get()) {
- result.push_back(parent);
- }
- return result;
-}
-} // namespace OCSPCertMgrUtil
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @author Tomasz Morawski(t.morawski@samsung.com)
- * @author Michal Ciepielski(m.ciepielski@samsung.com)
- * @version 0.2
- * @brief
- */
-
-#ifndef _WRT_OCSP_CERT_MGR_UTIL_H_
-#define _WRT_OCSP_CERT_MGR_UTIL_H_
-
-#include <openssl/x509.h>
-
-#include "Certificate.h"
-
-namespace ValidationCore {
-namespace OCSPCertMgrUtil {
-void getCertFromStore(X509_NAME *subject,
- X509 **xcert);
-CertificatePtr getParentFromStore(const CertificatePtr &certificate);
-/*
- * Look for "parent" certificate from store.
- * It returns new certificate chain.
- */
-CertificateList completeCertificateChain(const CertificateList &certList);
-} // namespace OCSPCertMgrUtil
-} // namespace ValidationCore
-#endif
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @author Tomasz Morawski(t.morawski@samsung.com)
- * @version 0.1
- * @brief
- */
-
-#include <openssl/ocsp.h>
-
-/*
- * This function is needed to fix "Invalid conversion from void* to unsigned char*"
- * C++ compiler error during calling i2d_OCSP_REQUEST_bio macro
- */
-int convertToBuffer(OCSP_REQUEST *req, char **buf, int *size) {
- BIO *req_mem_bio;
- BUF_MEM req_bmem;
-
- /*
- * size and membuffer for request
- */
- *size = i2d_OCSP_REQUEST(req, NULL);
- *buf = (char*) malloc(*size);
-
- if (!*buf)
- return 0;
-
- /* copy request into buffer */
- req_bmem.length = 0;
- req_bmem.data = *buf;
- req_bmem.max = *size;
-
- /*
- * create a new buffer using openssl
- */
- req_mem_bio = BIO_new(BIO_s_mem());
-
- if (!req_mem_bio) {
- /*
- * creation failed, return
- */
- free(*buf);
- *buf = NULL;
- return 0;
- }
-
- BIO_set_mem_buf(req_mem_bio, &req_bmem, BIO_NOCLOSE);
-
- /*
- * prepare request
- */
- if (i2d_OCSP_REQUEST_bio(req_mem_bio, req) <= 0) {
- free(*buf);
- *buf = NULL;
- BIO_free_all(req_mem_bio);
- return 0;
- }
-
- /*
- * check consistency
- */
- if (*size != ((int)req_bmem.length) || req_bmem.length != req_bmem.max)
- {
- free(*buf);
- *buf = NULL;
- BIO_free_all(req_mem_bio);
- return 0;
- }
-
- /*
- * free all reserved memory
- */
- BIO_free_all(req_mem_bio);
-
- /*
- * and return success
- */
- return 1;
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file ParserSchema.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _PARSERSCHEMA_H_
-#define _PARSERSCHEMA_H_
-
-#include <map>
-#include <string>
-
-#include <dpl/log/log.h>
-
-#include "SaxReader.h"
-
-namespace ValidationCore {
-namespace ParserSchemaException {
-DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
-DECLARE_EXCEPTION_TYPE(Base, XmlReaderError)
-DECLARE_EXCEPTION_TYPE(Base, CertificateLoaderError)
-DECLARE_EXCEPTION_TYPE(Base, UnsupportedAlgorithm)
-DECLARE_EXCEPTION_TYPE(Base, UnsupportedValue)
-}
-
-template<typename ParserType, typename DataType>
-class ParserSchema
-{
- public:
- struct TagDescription
- {
- TagDescription(const std::string &tag,
- const std::string & xmlNamespace) :
- tagName(tag),
- namespaceUri(xmlNamespace)
- {
- }
-
- std::string tagName;
- std::string namespaceUri;
-
- bool operator<(const TagDescription &second) const
- {
- if (tagName < second.tagName) {
- return true;
- }
- if (tagName > second.tagName) {
- return false;
- }
- if (namespaceUri < second.namespaceUri) {
- return true;
- }
- return false;
- }
- };
-
- ParserSchema(ParserType * parser) :
- m_functions(parser)
- {
- }
-
- virtual ~ParserSchema()
- {
- }
-
- void initialize(const std::string &filename,
- bool defaultArgs,
- SaxReader::ValidationType valType,
- const std::string &xmlschema)
- {
- Try
- {
- m_reader.initialize(filename, defaultArgs, valType, xmlschema);
- }
- Catch(SaxReader::Exception::Base)
- {
- ReThrowMsg(ParserSchemaException::XmlReaderError, "XmlReaderError");
- }
- }
-
- void deinitialize()
- {
- m_reader.deinitialize();
- }
-
- void read(DataType &dataContainer)
- {
- Try {
- while (m_reader.next()) {
- switch (m_reader.type()) {
- case SaxReader::NODE_BEGIN:
- beginNode(dataContainer);
- break;
- case SaxReader::NODE_END:
- endNode(dataContainer);
- break;
- case SaxReader::NODE_TEXT:
- textNode(dataContainer);
- break;
- default:
- // LogInfo("Unknown Type Node");
- break;
- }
- }
- }
- Catch(SaxReader::Exception::Base)
- {
- ReThrowMsg(ParserSchemaException::XmlReaderError, "XmlReaderError");
- }
- }
-
- typedef void (ParserType::*FunctionPtr)(DataType &data);
- typedef std::map<TagDescription, FunctionPtr> FunctionMap;
-
- void addBeginTagCallback(const std::string &tag,
- const std::string &namespaceUri,
- FunctionPtr function)
- {
- TagDescription desc(tag, namespaceUri);
- m_beginFunctionMap[desc] = function;
- }
-
- void addEndTagCallback(const std::string &tag,
- const std::string &namespaceUri,
- FunctionPtr function)
- {
- TagDescription desc(tag, namespaceUri);
- m_endFunctionMap[desc] = function;
- }
-
- SaxReader& getReader(void)
- {
- return m_reader;
- }
-
- std::string& getText(void)
- {
- return m_textNode;
- }
-
- protected:
- void beginNode(DataType &dataContainer)
- {
- TagDescription desc(m_reader.name(), m_reader.namespaceURI());
- FunctionPtr fun = m_beginFunctionMap[desc];
-
- if (fun == 0) {
- LogDebug("No function found for xml tag: " << m_reader.name());
- return;
- }
-
- (m_functions->*fun)(dataContainer);
- }
-
- void endNode(DataType &dataContainer)
- {
- TagDescription desc(m_reader.name(), m_reader.namespaceURI());
- FunctionPtr fun = m_endFunctionMap[desc];
-
- if (fun == 0) {
- LogDebug("No function found for xml tag: " << m_reader.name());
- return;
- }
-
- (m_functions->*fun)(dataContainer);
- }
-
- void textNode(DataType &dataContainer)
- {
- (void)dataContainer;
- m_textNode = m_reader.value();
- }
-
- ParserType *m_functions;
-
- SaxReader m_reader;
- FunctionMap m_beginFunctionMap;
- FunctionMap m_endFunctionMap;
-
- // temporary values require due parsing textNode
- std::string m_textNode;
-};
-} // namespace ValidationCore
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <dirent.h>
-#include <errno.h>
-#include <fstream>
-#include <memory>
-
-#include <dpl/errno_string.h>
-#include <dpl/log/log.h>
-
-#include "Base64.h"
-#include "ReferenceValidator.h"
-
-namespace {
-const char *SPECIAL_SYMBOL_CURRENT_DIR = ".";
-const char *SPECIAL_SYMBOL_UPPER_DIR = "..";
-const char *SPECIAL_SYMBOL_AUTHOR_SIGNATURE_FILE = "author-signature.xml";
-const char *REGEXP_DISTRIBUTOR_SIGNATURE = "^signature[1-9][0-9]*\\.xml";
-} // namespace anonymous
-
-namespace ValidationCore {
-ReferenceValidator::ReferenceValidator(const std::string &dirpath) :
- m_dirpath(dirpath),
- m_signatureRegexp(REGEXP_DISTRIBUTOR_SIGNATURE)
-{
-}
-
-ReferenceValidator::Result ReferenceValidator::checkReferences(
- const SignatureData &signatureData)
-{
- return dfsCheckDirectories(signatureData, std::string());
-}
-
-ReferenceValidator::Result ReferenceValidator::dfsCheckDirectories(
- const SignatureData &signatureData,
- const std::string &directory)
-{
- DIR *dp;
- struct dirent *dirp;
- std::string currentDir = m_dirpath + directory;
-
- if ((dp = opendir(currentDir.c_str())) == NULL) {
- LogError("Error opening directory: " << currentDir.c_str());
- m_errorDescription = currentDir;
- return ERROR_OPENING_DIR;
- }
-
- for (errno = 0; (dirp = readdir(dp)) != NULL; errno = 0) {
- if (!strcmp(dirp->d_name, SPECIAL_SYMBOL_CURRENT_DIR)) {
- continue;
- }
-
- if (!strcmp(dirp->d_name, SPECIAL_SYMBOL_UPPER_DIR)) {
- continue;
- }
-
- if (currentDir == m_dirpath && dirp->d_type == DT_REG &&
- !strcmp(dirp->d_name,
- SPECIAL_SYMBOL_AUTHOR_SIGNATURE_FILE) &&
- signatureData.isAuthorSignature()) {
- continue;
- }
-
- if (currentDir == m_dirpath && dirp->d_type == DT_REG &&
- isDistributorSignature(dirp->d_name)) {
- continue;
- }
-
- if (dirp->d_type == DT_DIR) {
- LogDebug("Open directory: " << (directory + dirp->d_name));
- std::string tmp_directory = directory + dirp->d_name + "/";
- Result result = dfsCheckDirectories(signatureData, tmp_directory);
- if (result != NO_ERROR) {
- closedir(dp);
- return result;
- }
- } else if (dirp->d_type == DT_REG) {
- LogDebug("Found file: " << (directory + dirp->d_name));
- const ReferenceSet &referenceSet = signatureData.getReferenceSet();
- if (referenceSet.end() ==
- referenceSet.find(directory + dirp->d_name)) {
- closedir(dp);
- m_errorDescription = directory + dirp->d_name;
- return ERROR_REFERENCE_NOT_FOUND;
- }
- } else {
- LogError("Unknown file type.");
- closedir(dp);
- m_errorDescription = directory + dirp->d_name;
- return ERROR_UNSUPPORTED_FILE_TYPE;
- }
- }
-
- if (errno != 0) {
- m_errorDescription = DPL::GetErrnoString();
- LogError("readdir failed. Errno code: " << errno <<
- " Description: " << m_errorDescription);
- closedir(dp);
- return ERROR_READING_DIR;
- }
-
- closedir(dp);
-
- return NO_ERROR;
-}
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _REFERENCEVALIDATOR_H_
-#define _REFERENCEVALIDATOR_H_
-
-#include <pcrecpp.h>
-
-#include "SignatureData.h"
-
-namespace ValidationCore {
-class ReferenceValidator
-{
- public:
- enum Result
- {
- NO_ERROR = 0,
- ERROR_OPENING_DIR,
- ERROR_READING_DIR,
- ERROR_UNSUPPORTED_FILE_TYPE,
- ERROR_REFERENCE_NOT_FOUND
- };
-
- ReferenceValidator(const std::string &dirpath);
-
- virtual ~ReferenceValidator()
- {
- }
-
- Result checkReferences(const SignatureData &signatureData);
-
- private:
-
- Result dfsCheckDirectories(const SignatureData &signatureData,
- const std::string &directory);
-
- inline bool isDistributorSignature(const char *cstring) const
- {
- return m_signatureRegexp.FullMatch(cstring);
- }
-
- std::string m_dirpath;
- std::string m_errorDescription;
- pcrecpp::RE m_signatureRegexp;
-};
-}
-
-#endif // _REFERENCEVALIDATOR_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Piotr Marcinkiewicz(p.marcinkiew@samsung.com)
- * @version 0.4
- * @file CommonCertValidator.cpp
- * @brief Common routines for certificate validation over OCSP and CRL
- */
-
-#include "RevocationCheckerBase.h"
-
-#include <cstdlib>
-
-#include <openssl/pem.h>
-
-#include <dpl/scoped_fclose.h>
-
-#include "Certificate.h"
-#include "CertificateCollection.h"
-
-namespace {
-const char DefaultBundlePatch[] = "/opt/etc/ssl/certs/ca-certificates.crt";
-} //Anonymous name space
-
-namespace ValidationCore {
-CertificatePtr RevocationCheckerBase::loadPEMFile(const char* fileName)
-{
- DPL::ScopedFClose fd(fopen(fileName, "rb"));
-
- // no such file, return NULL
- if (!fd.Get()) {
- return CertificatePtr();
- }
-
- // create a new X509 certificate basing on file
- CertificatePtr cert(new Certificate(PEM_read_X509(fd.Get(),
- NULL,
- NULL,
- NULL)));
- return cert;
-}
-
-bool RevocationCheckerBase::sortCertList(CertificateList &lCertificates)
-{
- CertificateCollection collection;
- collection.load(lCertificates);
-
- if (collection.sort()) {
- lCertificates = collection.getChain();
- return true;
- }
- return false;
-}
-
-} // ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Piotr Marcinkiewicz(p.marcinkiew@samsung.com)
- * @version 0.4
- * @file CommonCertValidator.h
- * @brief Common routines for certificate validation over OCSP and CRL
- */
-
-#ifndef WRT_ENGINE_SRC_VALIDATION_CORE_REVOCATIONCHECKERBASE_H_
-#define WRT_ENGINE_SRC_VALIDATION_CORE_REVOCATIONCHECKERBASE_H_
-
-#include <string>
-
-#include "Certificate.h"
-
-namespace ValidationCore {
-class RevocationCheckerBase
-{
- public:
- //! Loads a PEM file and returns X509 certificate object.
- static CertificatePtr loadPEMFile(const char* path);
-
- //! Sorts a list of certficates and verifies them if they form
- //! a valid chain
- static bool sortCertList(CertificateList &cert) __attribute__((deprecated));
-};
-} // ValidationCore
-
-#endif //ifndef WRT_ENGINE_SRC_VALIDATION_CORE_REVOCATIONCHECKERBASE_H_
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _SSLCONTAINERS_H
-#define _SSLCONTAINERS_H
-
-#include <openssl/x509v3.h>
-#include <openssl/ocsp.h>
-
-/*
- * default deleter functor with no overloaded operator()
- */
-template <typename T>
-struct MySSLFree {};
-
-/*
- * macro for defining custom deleters for openssl structs
- * usage DECLARE_DELETER(OpenSSLType)
- */
-#define DECLARE_DELETER(Type) template<> \
- struct MySSLFree <Type> \
- { \
- void operator() (Type* p) \
- { \
- Type ## _free(p); \
- } \
- \
- };
-
-/*
- * declare custom deleter for X509 structs
- */
-DECLARE_DELETER(X509)
-/*
- * declare custom deleter for OCSP_REQUEST structs
- */
-DECLARE_DELETER(OCSP_REQUEST)
-/*
- * declare custom deleter for OCSP_RESPONSE structs
- */
-DECLARE_DELETER(OCSP_RESPONSE)
-/*
- * declare custom deleter for OCSP_CERTID structs
- */
-DECLARE_DELETER(OCSP_CERTID)
-/*
- * declare custom deleter for OCSP_BASICRESP structs
- */
-DECLARE_DELETER(OCSP_BASICRESP)
-/*
- * declare custom deleter for X509_STORE structs
- */
-DECLARE_DELETER(X509_STORE)
-
-/*
- * undef it, so anyone could use that macro name
- */
-#undef DECLARE_DELETER
-
-/*
- * OpenSSL smart container
- * usage SSLSmartContainer <OpenSSLType> smartptr = ptrToOpenSSLType
- * remember to add OpenSSLType to macro list few lines above
- */
-template <typename T, typename deleter = MySSLFree<T> >
-class SSLSmartContainer
-{
- public:
- SSLSmartContainer() : m_pData(NULL)
- {
- }
-
- /*
- * explicit constructor, we don't want any auto casting
- */
- explicit SSLSmartContainer(T* pData)
- {
- m_pData = pData;
- }
-
- /*
- * overloaded assignment operator
- */
- SSLSmartContainer & operator=(SSLSmartContainer& pContainer)
- {
- /*
- * check if no assignment was done before
- */
- if (this != &pContainer) {
- // if so, free internal data
- deleter ssl_free;
- ssl_free(m_pData);
-
- // and assign new
- m_pData = pContainer.m_pData;
-
- pContainer.m_pData = NULL;
- }
-
- return *this;
- }
-
- SSLSmartContainer & operator=(T* pData)
- {
- /*
- * check if no assignment was done before
- */
- if (m_pData != pData) {
- // if so, free internal data
- deleter ssl_free;
- ssl_free(m_pData);
-
- // and assign new
- m_pData = pData;
- }
-
- return *this;
- }
-
- ~SSLSmartContainer()
- {
- deleter ssl_free;
- ssl_free(m_pData);
- }
-
- /*
- * overloaded operators for standardptr - like usage
- */
- SSLSmartContainer & operator*()
- {
- return *m_pData;
- }
- SSLSmartContainer* operator->()
- {
- return m_pData;
- }
-
- /*
- * auto cast to T operator
- */
- operator T *() const { return m_pData;
- }
-
- /*
- * detachs internal pointer from smart pointer
- */
- T* DetachPtr()
- {
- T* pData = m_pData;
- m_pData = NULL;
- return pData;
- }
-
- private:
- /*
- * blocked assignment from another types operator
- */
- template <typename S>
- T & operator = (S& pContainer)
- {
- return *this;
- }
-
- /*
- * internal data
- */
- T* m_pData;
-};
-
-#endif /* _SSLCONTAINERS_H */
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file SaxReader.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Simple c++ interface for libxml2.
- */
-#include <dpl/assert.h>
-#include <dpl/exception.h>
-#include <dpl/log/log.h>
-
-#include "SaxReader.h"
-
-namespace ValidationCore {
-SaxReader::SaxReader() :
- m_reader(0)
-{
-}
-
-SaxReader::~SaxReader()
-{
- if (m_reader) {
- deinitialize();
- }
-}
-
-void SaxReader::initialize(const std::string &filename,
- bool defaultArgs,
- ValidationType validate,
- const std::string &schema)
-{
- Assert(m_reader == 0 && "Double initialization of SaxReader");
-
- LogDebug("SaxReader opening file: " << filename);
-
- /*
- * create a new xml text reader
- */
- m_reader = xmlNewTextReaderFilename(filename.c_str());
-
- if (m_reader == NULL) {
- /*
- * no such file, return
- */
- LogWarning("Error during opening file " << filename);
- Throw(Exception::FileOpeningError);
- }
- if (validate == VALIDATION_XMLSCHEME &&
- xmlTextReaderSchemaValidate(m_reader, schema.c_str())) {
- /*
- * unable to turn on schema validation
- */
- LogError("Turn on Schema validation failed.");
- ThrowMsg(Exception::ParserInternalError,
- "Turn on Scheme validation failed!");
- }
- // Path to DTD schema is taken from xml file.
- if (validate == VALIDATION_DTD &&
- xmlTextReaderSetParserProp(m_reader, XML_PARSER_VALIDATE, 1)) {
- /*
- * unable to turn on DTD validation
- */
- LogError("Turn on DTD validation failed!");
- ThrowMsg(Exception::ParserInternalError,
- "Turn on DTD validation failed!");
- }
- if (defaultArgs &&
- xmlTextReaderSetParserProp(m_reader, XML_PARSER_DEFAULTATTRS, 1)) {
- /*
- * unable to turn on default arguments
- */
- LogError("Turn on default arguments failed");
- ThrowMsg(Exception::ParserInternalError,
- "Turn on Default Arguments failed!");
- }
-}
-
-void SaxReader::deinitialize()
-{
- xmlFreeTextReader(m_reader);
- m_reader = 0;
-}
-
-bool SaxReader::next()
-{
- int res = xmlTextReaderRead(m_reader);
-
- if (0 == xmlTextReaderIsValid(m_reader)) {
- LogWarning("Throw exception file not valid!");
- Throw(Exception::FileNotValid);
- }
-
- if (res == 1) {
- return true;
- }
-
- if (res == 0) {
- return false;
- }
- LogError("ParserInternalError");
- Throw(Exception::ParserInternalError);
-}
-
-void SaxReader::next(const std::string &token)
-{
- xmlTextReaderRead(m_reader);
- if (0 == xmlTextReaderIsValid(m_reader)) {
- /*
- * invalid file
- */
- LogWarning("Throw exception file not valid!");
- Throw(Exception::FileNotValid);
- }
-
- xmlChar *name = xmlTextReaderName(m_reader);
-
- if (name == NULL) {
- /*
- * invalid file
- */
- LogWarning("File not Valid");
- Throw(Exception::FileNotValid);
- }
-
- if (token == reinterpret_cast<const char*>(name)) {
- xmlFree(name);
- } else {
- /*
- * we encountered wrong token
- */
- xmlFree(name);
- LogWarning("Wrong Token");
- Throw(Exception::WrongToken);
- }
-}
-
-bool SaxReader::isEmpty(void)
-{
- int ret = xmlTextReaderIsEmptyElement(m_reader);
- if (-1 == ret) {
- LogError("Parser Internal Error");
- Throw(Exception::ParserInternalErrorInEmptyQuery);
- }
- return ret;
-}
-
-std::string SaxReader::attribute(const std::string &token,
- ThrowType throwStatus)
-{
- std::string value;
- xmlChar *attr = xmlTextReaderGetAttribute(m_reader, BAD_CAST(token.c_str()));
- if ((NULL == attr) && (throwStatus == THROW_DISABLE)) {
- /*
- * return empty string
- */
- //TODO why not DPL::Optional?
- return std::string();
- }
- if (NULL == attr) {
- /*
- * error during read attribute
- */
- LogError("Error in reading attribute.");
- Throw(Exception::ParserInternalErrorInReadingAttribute);
- }
-
- /*
- * cast it to val and return it
- */
- value = reinterpret_cast<const char *>(attr);
- xmlFree(attr);
- return value;
-}
-
-// KW std::string SaxReader::fullName(){
-// KW std::string value;
-// KW xmlChar *name = xmlTextReaderName(m_reader);
-// KW if(NULL == name) {
-// KW LogError("Error in reading name.");
-// KW Throw(Exception::ErrorReadingName);
-// KW }
-// KW value = reinterpret_cast<const char *>(name);
-// KW xmlFree(name);
-// KW return value;
-// KW }
-
-std::string SaxReader::name()
-{
- std::string value;
- xmlChar *name = xmlTextReaderName(m_reader);
- if (NULL == name) {
- LogError("Error in reading name.");
- Throw(Exception::ErrorReadingName);
- }
- value = reinterpret_cast<const char *>(name);
- xmlFree(name);
- size_t pos = value.find_last_of(":");
- if (pos != std::string::npos) {
- value.erase(0, pos + 1);
- }
- return value;
-}
-
-std::string SaxReader::namespaceURI()
-{
- std::string value;
- xmlChar *name = xmlTextReaderNamespaceUri(m_reader);
- if (NULL != name) {
- value = reinterpret_cast<const char *>(name);
- xmlFree(name);
- }
- return value;
-}
-
-std::string SaxReader::value()
-{
- std::string value;
- /*
- * get value of node
- */
- xmlChar *text = xmlTextReaderValue(m_reader);
- if (NULL == text) {
- LogError("Error in reading value");
- Throw(Exception::ErrorReadingValue);
- }
- value = reinterpret_cast<const char*>(text);
- /*
- * free text and return the val
- */
- xmlFree(text);
- return value;
-}
-
-SaxReader::NodeType SaxReader::type()
-{
- xmlReaderTypes type =
- static_cast<xmlReaderTypes>(xmlTextReaderNodeType(m_reader));
- switch (type) {
- case XML_READER_TYPE_ELEMENT:
- return NODE_BEGIN;
- case XML_READER_TYPE_END_ELEMENT:
- return NODE_END;
- case XML_READER_TYPE_TEXT:
- return NODE_TEXT;
- case XML_READER_TYPE_NONE:
- case XML_READER_TYPE_ATTRIBUTE:
- case XML_READER_TYPE_CDATA:
- case XML_READER_TYPE_ENTITY_REFERENCE:
- case XML_READER_TYPE_ENTITY:
- case XML_READER_TYPE_PROCESSING_INSTRUCTION:
- case XML_READER_TYPE_COMMENT:
- case XML_READER_TYPE_DOCUMENT:
- case XML_READER_TYPE_DOCUMENT_TYPE:
- case XML_READER_TYPE_DOCUMENT_FRAGMENT:
- case XML_READER_TYPE_NOTATION:
- case XML_READER_TYPE_WHITESPACE:
- case XML_READER_TYPE_SIGNIFICANT_WHITESPACE:
- case XML_READER_TYPE_END_ENTITY:
- case XML_READER_TYPE_XML_DECLARATION:
- default:
- return NODE_UNSUPPORTED;
- }
-}
-
-void SaxReader::dumpNode(std::string &buffer)
-{
- /*
- * size of buffer
- */
- int size;
- /*
- * pointer to buffer
- */
- xmlBufferPtr buff = xmlBufferCreate();
-
- xmlNodePtr node = xmlTextReaderExpand(m_reader);
-
- if (node == NULL) {
- /*
- * internal parser error
- */
- xmlBufferFree(buff);
- LogError("Parser Internal Error");
- Throw(Exception::ParserInternalError);
- }
-
- /*
- * get a size and fill in a buffer
- */
- size = xmlNodeDump(buff, node->doc, node, 0, 0);
- buffer.insert(0, reinterpret_cast<char*>(buff->content), size);
- xmlBufferFree(buff);
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file SaxReader.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Simple c++ interface for libxml2.
- */
-#ifndef _SAXREADER_H_
-#define _SAXREADER_H_
-
-#include <string>
-#include <libxml/xmlreader.h>
-#include <dpl/exception.h>
-
-namespace ValidationCore {
-class SaxReader
-{
- public:
- SaxReader();
- ~SaxReader();
-
- /*
- * custom exceptions
- */
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, FileOpeningError)
- DECLARE_EXCEPTION_TYPE(Base, FileNotValid)
- DECLARE_EXCEPTION_TYPE(Base, ParserInternalError)
- DECLARE_EXCEPTION_TYPE(Base, WrongToken)
- DECLARE_EXCEPTION_TYPE(Base, ParserInternalErrorInReadingAttribute)
- DECLARE_EXCEPTION_TYPE(Base, ParserInternalErrorInEmptyQuery)
- DECLARE_EXCEPTION_TYPE(Base, ErrorReadingValue)
- DECLARE_EXCEPTION_TYPE(Base, ErrorReadingName)
- DECLARE_EXCEPTION_TYPE(Base, UnsupportedType)
- };
-
- enum NodeType
- {
- NODE_UNSUPPORTED,
- NODE_BEGIN,
- NODE_END,
- NODE_TEXT
- };
-
- enum ThrowType
- {
- THROW_ENABLE = 0,
- THROW_DISABLE
- };
-
- /*
- * xml validation modes
- */
- enum ValidationType
- {
- VALIDATION_DISABLE,
- VALIDATION_XMLSCHEME,
- VALIDATION_DTD
- };
-
- /*
- * initializes parser
- */
- void initialize(const std::string &filename,
- bool defaultArgs = false,
- ValidationType validation = VALIDATION_DISABLE,
- const std::string &schema = std::string());
- /*
- * deinitializes parser
- */
- void deinitialize();
-
- /**
- * Move to next xml node.
- */
- bool next();
-
- /**
- * Move to next xml node. If next node name is differ from token the exception will
- * be thrown.
- */
- void next(const std::string &token);
-
- /**
- * Check if xml tag is empty.
- */
- bool isEmpty(void);
-
- /**
- * Read attribute tag.
- */
- std::string attribute(const std::string &token,
- ThrowType throwStatus = THROW_ENABLE);
-
- /**
- * Read xml tag name with namespace.
- */
- // KW std::string fullName();
-
- /**
- * Read xml tag name without namespace.
- */
- std::string name();
-
- /**
- * Read xml tag namespace URI
- */
- std::string namespaceURI();
-
- /**
- * Read xml tag value.
- */
- std::string value();
-
- /**
- * Return information about node type.
- */
- NodeType type();
-
- /**
- * Save all contonet of xml file which is between current tag and
- * it's close tag into buffer.
- */
- void dumpNode(std::string &buffer);
-
- private:
- /*
- * internal libxml text reader
- */
- xmlTextReaderPtr m_reader;
-};
-}
-
-#endif // _SAXREADER_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file SignatureData.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief SignatureData is used to storage data parsed from digsig file.
- */
-#ifndef _SIGNATUREDATA_H_
-#define _SIGNATUREDATA_H_
-
-#include <list>
-#include <set>
-#include <string>
-
-#include <dpl/log/log.h>
-#include <dpl/noncopyable.h>
-#include <dpl/string.h>
-
-#include "Certificate.h"
-#include "CertStoreType.h"
-#include "ValidatorCommon.h"
-
-/* TODO this class should not depend from OCSP headers */
-#include "OCSPCertMgrUtil.h"
-
-namespace ValidationCore {
-class SignatureData
-{
- public:
-
- SignatureData() :
- m_signatureNumber(-1),
- m_certificateSorted(false)
- {
- }
-
- SignatureData(std::string fileName,
- int fileNumber) :
- m_signatureNumber(fileNumber),
- m_fileName(fileName),
- m_certificateSorted(false)
- {
- }
-
- virtual ~SignatureData()
- {
- }
- typedef std::list<std::string> IMEIList;
- typedef std::list<std::string> MEIDList;
-
- const ReferenceSet& getReferenceSet() const
- {
- return m_referenceSet;
- }
-
- void setReference(const ReferenceSet &referenceSet)
- {
- m_referenceSet = referenceSet;
- }
-
- CertificateList getCertList(void) const
- {
- return m_certList;
- }
-
- void setSortedCertificateList(const CertificateList &list)
- {
- m_certList = list;
- m_certificateSorted = true;
- }
-
- bool isAuthorSignature(void) const
- {
- return m_signatureNumber == -1;
- }
-
- std::string getSignatureFileName(void) const
- {
- return m_fileName;
- }
-
- int getSignatureNumber() const
- {
- return m_signatureNumber;
- }
-
- std::string getRoleURI() const
- {
- return m_roleURI;
- }
-
- std::string getProfileURI() const
- {
- return m_profileURI;
- }
-
- bool containObjectReference(const std::string &ref) const
- {
- std::string rName = "#";
- rName += ref;
- return m_referenceSet.end() != m_referenceSet.find(rName);
- }
-
- ObjectList getObjectList() const
- {
- return m_objectList;
- }
-
- void setStorageType(const CertStoreId::Set &storeIdSet)
- {
- m_storeIdSet = storeIdSet;
- }
-
- const CertStoreId::Set& getStorageType(void) const
- {
- return m_storeIdSet;
- }
-
- const IMEIList& getIMEIList() const
- {
- return m_imeiList;
- }
-
- const MEIDList& getMEIDList() const
- {
- return m_meidList;
- }
-
- CertificatePtr getEndEntityCertificatePtr() const
- {
- if (m_certificateSorted) {
- return m_certList.front();
- }
- return CertificatePtr();
- }
-
- CertificatePtr getRootCaCertificatePtr() const
- {
- if (m_certificateSorted) {
- return m_certList.back();
- }
- return CertificatePtr();
- }
-
- friend class SignatureReader;
- private:
- ReferenceSet m_referenceSet;
- CertificateList m_certList;
-
- //TargetRestriction
- IMEIList m_imeiList;
- MEIDList m_meidList;
-
- /*
- * This number is taken from distributor signature file name.
- * Author signature do not contain any number on the file name.
- * Author signature should have signature number equal to -1.
- */
- int m_signatureNumber;
- std::string m_fileName;
- std::string m_roleURI;
- std::string m_profileURI;
- std::string m_identifier;
- ObjectList m_objectList;
- CertStoreId::Set m_storeIdSet;
- bool m_certificateSorted;
-};
-
-typedef std::set<SignatureData> SignatureDataSet;
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file SignatureFinder.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Search for author-signature.xml and signatureN.xml files.
- */
-#include <dirent.h>
-#include <errno.h>
-#include <istream>
-
-#include <dpl/log/log.h>
-
-#include "SignatureFinder.h"
-
-namespace ValidationCore {
-static const char *SIGNATURE_AUTHOR = "author-signature.xml";
-static const char *REGEXP_DISTRIBUTOR_SIGNATURE =
- "^(signature)([1-9][0-9]*)(\\.xml)";
-
-SignatureFinder::SignatureFinder(const std::string& dir) :
- m_dir(dir),
- m_signatureRegexp(REGEXP_DISTRIBUTOR_SIGNATURE)
-{
-}
-
-SignatureFinder::Result SignatureFinder::find(SignatureFileInfoSet &set)
-{
- DIR *dp;
- struct dirent *dirp;
-
- /*
- * find a dir
- */
- if ((dp = opendir(m_dir.c_str())) == NULL) {
- LogError("Error opening directory:" << m_dir);
- return ERROR_OPENING_DIR;
- }
-
- for (errno = 0; (dirp = readdir(dp)) != NULL; errno = 0) {
- /**
- * check if it's author signature
- */
- if (!strcmp(dirp->d_name, SIGNATURE_AUTHOR)) {
- set.insert(SignatureFileInfo(std::string(dirp->d_name), -1));
- continue;
- }
-
- std::string sig, num, xml;
- if (m_signatureRegexp.FullMatch(dirp->d_name, &sig, &num, &xml)) {
- std::istringstream stream(num);
- int number;
- stream >> number;
-
- if (stream.fail()) {
- closedir(dp);
- return ERROR_ISTREAM;
- }
-
- set.insert(SignatureFileInfo(std::string(dirp->d_name), number));
- }
- }
-
- if (errno != 0) {
- LogError("Error in readdir");
- closedir(dp);
- return ERROR_READING_DIR;
- }
-
- closedir(dp);
- return NO_ERROR;
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file SignatureFinder.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Search for author-signature.xml and signatureN.xml files.
- */
-#ifndef _SIGNATUREFINDER_H_
-#define _SIGNATUREFINDER_H_
-
-#include <set>
-#include <string>
-
-#include <pcrecpp.h>
-
-#include "SignatureData.h"
-
-namespace ValidationCore {
-class SignatureFileInfo
-{
- public:
- SignatureFileInfo(const std::string &fileName,
- int num) :
- m_fileName(fileName),
- m_fileNumber(num)
- {
- }
-
- std::string getFileName() const
- {
- return m_fileName;
- }
-
- int getFileNumber() const
- {
- return m_fileNumber;
- }
-
- bool operator<(const SignatureFileInfo &second) const
- {
- return m_fileNumber < second.m_fileNumber;
- }
- private:
- std::string m_fileName;
- int m_fileNumber;
-};
-
-typedef std::set<SignatureFileInfo> SignatureFileInfoSet;
-
-class SignatureFinder
-{
- public:
- enum Result
- {
- NO_ERROR,
- ERROR_OPENING_DIR,
- ERROR_READING_DIR,
- ERROR_ISTREAM
- };
-
- SignatureFinder(const std::string& dir);
-
- Result find(SignatureFileInfoSet &set);
-
- private:
- std::string m_dir;
- pcrecpp::RE m_signatureRegexp;
-};
-} // namespace ValidationCore
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file SignatureReader.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief SignatureReader is used to parse widget digital signature.
- */
-#include "SignatureReader.h"
-
-#include "CertificateLoader.h"
-
-namespace ValidationCore {
-static const std::string XML_NAMESPACE =
- "http://www.w3.org/2000/09/xmldsig#";
-static const std::string XML_NAMESPACE_DIGITALSIG =
- "http://wacapps.net/ns/digsig";
-static const std::string XML_OBJ_NS =
- "http://www.w3.org/2009/xmldsig-properties";
-
-// TAG TOKENS
-static const std::string TOKEN_SIGNATURE = "Signature";
-static const std::string TOKEN_SIGNED_INFO = "SignedInfo";
-static const std::string TOKEN_CANONICALIZATION_METHOD =
- "CanonicalizationMethod";
-static const std::string TOKEN_SIGNATURE_METHOD = "SignatureMethod";
-static const std::string TOKEN_REFERENCE = "Reference";
-static const std::string TOKEN_TRANSFORMS = "Transforms";
-static const std::string TOKEN_TRANSFORM = "Transform";
-static const std::string TOKEN_DIGEST_METHOD = "DigestMethod";
-static const std::string TOKEN_DIGEST_VALUE = "DigestValue";
-static const std::string TOKEN_SIGNATURE_VALUE = "SignatureValue";
-static const std::string TOKEN_KEY_INFO = "KeyInfo";
-static const std::string TOKEN_X509DATA = "X509Data";
-static const std::string TOKEN_X509CERTIFICATE = "X509Certificate";
-static const std::string TOKEN_KEY_VALUE = "KeyValue";
-static const std::string TOKEN_RSA_KEY_VALUE = "RSAKeyValue";
-static const std::string TOKEN_MODULUS_COMPONENT = "Modulus";
-static const std::string TOKEN_EXPONENT_COMPONENT = "Exponent";
-static const std::string TOKEN_ECKEY_VALUE = "ECKeyValue";
-static const std::string TOKEN_NAMED_CURVE = "NamedCurve";
-static const std::string TOKEN_PUBLIC_KEY = "PublicKey";
-static const std::string TOKEN_OBJECT = "Object";
-static const std::string TOKEN_SIGNATURE_PROPERTIES = "SignatureProperties";
-static const std::string TOKEN_SIGNATURE_PROPERTY = "SignatureProperty";
-static const std::string TOKEN_PROFILE = "Profile";
-static const std::string TOKEN_ROLE = "Role";
-static const std::string TOKEN_IDENTIFIER = "Identifier";
-static const std::string TOKEN_DSAKEYVALUE = "DSAKeyValue";
-static const std::string TOKEN_DSA_P_COMPONENT = "P";
-static const std::string TOKEN_DSA_Q_COMPONENT = "Q";
-static const std::string TOKEN_DSA_G_COMPONENT = "G";
-static const std::string TOKEN_DSA_Y_COMPONENT = "Y";
-static const std::string TOKEN_DSA_J_COMPONENT = "J";
-static const std::string TOKEN_DSA_SEED_COMPONENT = "Seed";
-static const std::string TOKEN_DSA_PGENCOUNTER_COMPONENT = "PgenCounter";
-static const std::string TOKEN_TARGET_RESTRICTION = "TargetRestriction";
-
-// ATTRIBUTTE TOKENS
-
-static const std::string TOKEN_ALGORITHM = "Algorithm";
-static const std::string TOKEN_URI = "URI";
-static const std::string TOKEN_ID = "Id";
-static const std::string TOKEN_TARGET = "Target";
-static const std::string TOKEN_IMEI = "IMEI";
-static const std::string TOKEN_MEID = "MEID";
-
-// ATTIRUBTE VALUES
-
-static const std::string TOKEN_ATTR_PROFILE = "profile";
-static const std::string TOKEN_ATTR_ROLE = "role";
-static const std::string TOKEN_ATTR_IDENTIFIER = "identifier";
-
-// ALGORITHMS
-
-//static const std::string TOKEN_ALGORITHM_XML_EXC_CAN =
-// "http://www.w3.org/2001/10/xml-exc-c14n#";
-//static const std::string TOKEN_ALGORITHM_RSA_SHA256 =
-// "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
-//static const std::string TOKEN_ALGORITHM_DSA_SHA1 =
-// "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
-//static const std::string TOKEN_ALGORITHM_ECDSA_SHA256 =
-// "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256";
-//static const std::string TOKEN_ALGORITHM_SHA1 =
-// "http://www.w3.org/2000/09/xmldsig#sha1";
-//static const std::string TOKEN_ALGORITHM_SHA256 =
-// "http://www.w3.org/2001/04/xmlenc#sha256";
-//static const std::string TOKEN_ALGORITHM_SHA384 =
-// "http://www.w3.org/2001/04/xmldsig-more#sha384";
-//static const std::string TOKEN_ALGORITHM_SHA512 =
-// "http://www.w3.org/2001/04/xmlenc#sha512";
-
-SignatureReader::SignatureReader() :
- m_signaturePropertiesCounter(0),
- m_targetRestrictionObjectFound(false),
- m_parserSchema(this)
-{
- /**
- * member func pointers map
- */
- m_parserSchema.addBeginTagCallback(TOKEN_SIGNATURE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_SIGNED_INFO,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_CANONICALIZATION_METHOD,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_SIGNATURE_METHOD,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_REFERENCE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_TRANSFORMS,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_TRANSFORM,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DIGEST_METHOD,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DIGEST_VALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_SIGNATURE_VALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_KEY_INFO,
- XML_NAMESPACE,
- &SignatureReader::tokenKeyInfo);
- m_parserSchema.addBeginTagCallback(TOKEN_X509DATA,
- XML_NAMESPACE,
- &SignatureReader::tokenX509Data);
- m_parserSchema.addBeginTagCallback(TOKEN_X509CERTIFICATE,
- XML_NAMESPACE,
- &SignatureReader::tokenX509Certificate);
- m_parserSchema.addBeginTagCallback(TOKEN_ECKEY_VALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_NAMED_CURVE,
- XML_NAMESPACE,
- &SignatureReader::tokenNamedCurve);
- m_parserSchema.addBeginTagCallback(TOKEN_PUBLIC_KEY,
- XML_NAMESPACE,
- &SignatureReader::tokenPublicKey);
- m_parserSchema.addBeginTagCallback(TOKEN_OBJECT,
- XML_NAMESPACE,
- &SignatureReader::tokenObject);
- m_parserSchema.addBeginTagCallback(
- TOKEN_SIGNATURE_PROPERTIES,
- XML_NAMESPACE,
- &SignatureReader::
- tokenSignatureProperties);
- m_parserSchema.addBeginTagCallback(TOKEN_SIGNATURE_PROPERTY,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_PROFILE,
- XML_OBJ_NS,
- &SignatureReader::tokenProfile);
- m_parserSchema.addBeginTagCallback(TOKEN_ROLE,
- XML_OBJ_NS,
- &SignatureReader::tokenRole);
- m_parserSchema.addBeginTagCallback(TOKEN_IDENTIFIER,
- XML_OBJ_NS,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_KEY_VALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DSAKEYVALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DSA_P_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DSA_Q_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DSA_G_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DSA_Y_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DSA_J_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DSA_SEED_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_DSA_PGENCOUNTER_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_RSA_KEY_VALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_MODULUS_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_EXPONENT_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addBeginTagCallback(TOKEN_TARGET_RESTRICTION,
- XML_NAMESPACE_DIGITALSIG,
- &SignatureReader::tokenTargetRestriction);
-
- m_parserSchema.addEndTagCallback(TOKEN_SIGNATURE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_SIGNED_INFO,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_CANONICALIZATION_METHOD,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_SIGNATURE_METHOD,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_REFERENCE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_TRANSFORMS,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_TRANSFORM,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_DIGEST_METHOD,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_DIGEST_VALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_SIGNATURE_VALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_KEY_INFO,
- XML_NAMESPACE,
- &SignatureReader::tokenEndKeyInfo);
- m_parserSchema.addEndTagCallback(TOKEN_X509DATA,
- XML_NAMESPACE,
- &SignatureReader::tokenEndX509Data);
- m_parserSchema.addEndTagCallback(TOKEN_X509CERTIFICATE,
- XML_NAMESPACE,
- &SignatureReader::tokenEndX509Certificate);
- m_parserSchema.addEndTagCallback(TOKEN_ECKEY_VALUE,
- XML_NAMESPACE,
- &SignatureReader::tokenEndECKeyValue);
- m_parserSchema.addEndTagCallback(TOKEN_PUBLIC_KEY,
- XML_NAMESPACE,
- &SignatureReader::tokenEndPublicKey);
- m_parserSchema.addEndTagCallback(TOKEN_OBJECT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndObject);
- m_parserSchema.addEndTagCallback(TOKEN_SIGNATURE_PROPERTIES,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_SIGNATURE_PROPERTY,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_PROFILE,
- XML_OBJ_NS,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_ROLE,
- XML_OBJ_NS,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_IDENTIFIER,
- XML_OBJ_NS,
- &SignatureReader::tokenEndIdentifier);
- m_parserSchema.addEndTagCallback(TOKEN_KEY_VALUE,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
- m_parserSchema.addEndTagCallback(TOKEN_DSAKEYVALUE,
- XML_NAMESPACE,
- &SignatureReader::tokenEndDSAKeyValue);
- m_parserSchema.addEndTagCallback(TOKEN_DSA_P_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndDSAPComponent);
- m_parserSchema.addEndTagCallback(TOKEN_DSA_Q_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndDSAQComponent);
- m_parserSchema.addEndTagCallback(TOKEN_DSA_G_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndDSAGComponent);
- m_parserSchema.addEndTagCallback(TOKEN_DSA_Y_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndDSAYComponent);
- m_parserSchema.addEndTagCallback(TOKEN_DSA_J_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndDSAJComponent);
- m_parserSchema.addEndTagCallback(TOKEN_DSA_SEED_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndDSASeedComponent);
- m_parserSchema.addEndTagCallback(
- TOKEN_DSA_PGENCOUNTER_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::
- tokenEndDSAPGenCounterComponent);
- m_parserSchema.addEndTagCallback(TOKEN_RSA_KEY_VALUE,
- XML_NAMESPACE,
- &SignatureReader::tokenEndRSAKeyValue);
- m_parserSchema.addEndTagCallback(TOKEN_MODULUS_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndKeyModulus);
- m_parserSchema.addEndTagCallback(TOKEN_EXPONENT_COMPONENT,
- XML_NAMESPACE,
- &SignatureReader::tokenEndKeyExponent);
- m_parserSchema.addEndTagCallback(TOKEN_TARGET_RESTRICTION,
- XML_NAMESPACE,
- &SignatureReader::blankFunction);
-}
-
-void SignatureReader::tokenKeyInfo(SignatureData &signatureData)
-{
- (void)signatureData;
-}
-void SignatureReader::tokenX509Data(SignatureData &signatureData)
-{
- (void)signatureData;
-}
-void SignatureReader::tokenX509Certificate(SignatureData &signatureData)
-{
- (void)signatureData;
-}
-void SignatureReader::tokenPublicKey(SignatureData &signatureData)
-{
- (void)signatureData;
-}
-
-void SignatureReader::tokenNamedCurve(SignatureData &signatureData)
-{
- (void)signatureData;
- m_nameCurveURI = m_parserSchema.getReader().attribute(TOKEN_URI);
-}
-
-void SignatureReader::tokenTargetRestriction(SignatureData &signatureData)
-{
- std::string IMEI = m_parserSchema.getReader().attribute(
- TOKEN_IMEI,
- SaxReader::
- THROW_DISABLE);
- std::string MEID = m_parserSchema.getReader().attribute(
- TOKEN_MEID,
- SaxReader::
- THROW_DISABLE);
-
- //less verbose way to say (IMEI && MEID) || (!IMEI && !MEID)
- if (IMEI.empty() == MEID.empty()) {
- //WAC 2.0 WR-4650 point 4
- ThrowMsg(Exception::TargetRestrictionException,
- "TargetRestriction should contain exactly one attribute.");
- return;
- }
-
- if (!IMEI.empty()) {
- signatureData.m_imeiList.push_back(IMEI);
- }
- if (!MEID.empty()) {
- signatureData.m_meidList.push_back(MEID);
- }
-}
-
-void SignatureReader::tokenEndKeyInfo(SignatureData &signatureData)
-{
- (void)signatureData;
-}
-
-void SignatureReader::tokenEndX509Data(SignatureData &signatureData)
-{
- (void)signatureData;
-}
-
-void SignatureReader::tokenEndX509Certificate(SignatureData &signatureData)
-{
- CertificateLoader loader;
- if (CertificateLoader::NO_ERROR !=
- loader.loadCertificateFromRawData(m_parserSchema.getText())) {
- LogWarning("Certificate could not be loaded!");
- ThrowMsg(ParserSchemaException::CertificateLoaderError,
- "Certificate could not be loaded.");
- }
- signatureData.m_certList.push_back(loader.getCertificatePtr());
-}
-// KW void SignatureReader::tokenEndKeyName(SignatureData &signatureData){
-// KW CertificateLoader loader;
-// KW if(CertificateLoader::NO_ERROR != loader.loadCertificateBasedOnSubjectName(m_parserSchema.getText())){
-// KW LogError("Certificate could not be loaded!");
-// KW ThrowMsg(ParserSchemaException::CertificateLoaderError, "Certificate could not be loaded.");
-// KW }
-// KW signatureData.m_certList.push_back(loader);
-// KW }
-
-void SignatureReader::tokenEndRSAKeyValue(SignatureData &signatureData)
-{
- CertificateLoader loader;
- if (CertificateLoader::NO_ERROR !=
- loader.loadCertificateBasedOnExponentAndModulus(m_modulus,
- m_exponent)) {
- LogWarning("Certificate could not be loaded!");
- ThrowMsg(ParserSchemaException::CertificateLoaderError,
- "Certificate could not be loaded.");
- }
- signatureData.m_certList.push_back(loader.getCertificatePtr());
-}
-
-void SignatureReader::tokenEndKeyModulus(SignatureData &signatureData)
-{
- (void)signatureData;
- m_modulus = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndKeyExponent(SignatureData &signatureData)
-{
- (void)signatureData;
- m_exponent = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndPublicKey(SignatureData &signatureData)
-{
- (void)signatureData;
- m_publicKey = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndECKeyValue(SignatureData &signatureData)
-{
- CertificateLoader loader;
- if (CertificateLoader::NO_ERROR !=
- loader.loadCertificateWithECKEY(m_nameCurveURI, m_publicKey)) {
- ThrowMsg(ParserSchemaException::CertificateLoaderError,
- "Certificate could not be loaded.");
- }
- signatureData.m_certList.push_back(loader.getCertificatePtr());
-}
-
-void SignatureReader::tokenEndObject(SignatureData &signatureData)
-{
- m_signaturePropertiesCounter = 0;
-
- if (((!signatureData.m_imeiList.empty()) ||
- (!signatureData.m_meidList.empty())) &&
- m_targetRestrictionObjectFound) {
- //WAC 2.0 WR-4650 point 1
- ThrowMsg(
- Exception::TargetRestrictionException,
- "TargetRestriction should contain exactly one ds:Object containing zero or more wac:TargetRestriction children.");
- return;
- }
- if ((!signatureData.m_imeiList.empty()) ||
- (!signatureData.m_meidList.empty())) {
- m_targetRestrictionObjectFound = true;
- }
-}
-void SignatureReader::tokenEndDSAPComponent(SignatureData& signatureData)
-{
- (void)signatureData;
- m_dsaKeyPComponent = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndDSAQComponent(SignatureData& signatureData)
-{
- (void)signatureData;
- m_dsaKeyQComponent = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndDSAGComponent(SignatureData& signatureData)
-{
- (void)signatureData;
- m_dsaKeyGComponent = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndDSAYComponent(SignatureData& signatureData)
-{
- (void)signatureData;
- m_dsaKeyYComponent = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndDSAJComponent(SignatureData& signatureData)
-{
- (void)signatureData;
- m_dsaKeyJComponent = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndDSASeedComponent(SignatureData& signatureData)
-{
- (void)signatureData;
- m_dsaKeySeedComponent = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndDSAPGenCounterComponent(
- SignatureData& signatureData)
-{
- (void)signatureData;
- m_dsaKeyPGenCounter = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenEndDSAKeyValue(SignatureData& signatureData)
-{
- CertificateLoader loader;
-
- if (CertificateLoader::NO_ERROR !=
- loader.loadCertificateBasedOnDSAComponents(m_dsaKeyPComponent,
- m_dsaKeyQComponent,
- m_dsaKeyGComponent,
- m_dsaKeyYComponent,
- m_dsaKeyJComponent,
- m_dsaKeySeedComponent,
- m_dsaKeyPGenCounter)) {
- LogWarning("Certificate could not be loaded.");
- ThrowMsg(ParserSchemaException::CertificateLoaderError,
- "Certificate could not be loaded.");
- }
- signatureData.m_certList.push_back(loader.getCertificatePtr());
-}
-
-void SignatureReader::tokenRole(SignatureData &signatureData)
-{
- if (!signatureData.m_roleURI.empty()) {
- LogWarning("Multiple definition of Role is not allowed.");
- ThrowMsg(ParserSchemaException::UnsupportedValue,
- "Multiple definition of Role is not allowed.");
- }
- signatureData.m_roleURI = m_parserSchema.getReader().attribute(TOKEN_URI);
-}
-
-void SignatureReader::tokenProfile(SignatureData &signatureData)
-{
- if (!signatureData.m_profileURI.empty()) {
- LogWarning("Multiple definition of Profile is not allowed.");
- ThrowMsg(ParserSchemaException::UnsupportedValue,
- "Multiple definition of Profile is not allowed.");
- }
- signatureData.m_profileURI = m_parserSchema.getReader().attribute(TOKEN_URI);
-}
-
-void SignatureReader::tokenEndIdentifier(SignatureData &signatureData)
-{
- if (!signatureData.m_identifier.empty()) {
- LogWarning("Multiple definition of Identifier is not allowed.");
- ThrowMsg(ParserSchemaException::UnsupportedValue,
- "Multiple definition of Identifier is not allowed.");
- }
- signatureData.m_identifier = m_parserSchema.getText();
-}
-
-void SignatureReader::tokenObject(SignatureData &signatureData)
-{
- std::string id = m_parserSchema.getReader().attribute(TOKEN_ID);
-
- if (id.empty()) {
- LogWarning("Unsupported value of Attribute Id in Object tag.");
- ThrowMsg(ParserSchemaException::UnsupportedValue,
- "Unsupported value of Attribute Id in Object tag.");
- }
-
- signatureData.m_objectList.push_back(id);
-}
-
-void SignatureReader::tokenSignatureProperties(SignatureData &signatureData)
-{
- (void)signatureData;
- if (++m_signaturePropertiesCounter > 1) {
- LogWarning("Only one SignatureProperties tag is allowed in Object");
- ThrowMsg(ParserSchemaException::UnsupportedValue,
- "Only one SignatureProperties tag is allowed in Object");
- }
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file SignatureReader.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief SignatureReader is used to parse widget digital signature.
- */
-#ifndef _SIGNATUREREADER_H_
-#define _SIGNATUREREADER_H_
-
-#include <map>
-#include <dpl/log/log.h>
-
-#include "SignatureData.h"
-#include "ParserSchema.h"
-
-namespace ValidationCore {
-class SignatureReader
-{
- public:
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, TargetRestrictionException)
- };
-
- SignatureReader();
-
- void initialize(SignatureData &data,
- const std::string &xmlscheme)
- {
- m_parserSchema.initialize(
- data.getSignatureFileName(), true, SaxReader::VALIDATION_XMLSCHEME,
- xmlscheme);
- }
-
- void read(SignatureData &data)
- {
- m_parserSchema.read(data);
- }
-
- private:
- void blankFunction(SignatureData &)
- {
- }
-
- void tokenKeyInfo(SignatureData &signatureData);
- void tokenKeyModulus(SignatureData &signatureData);
- void tokenKeyExponent(SignatureData &signatureData);
- void tokenX509Data(SignatureData &signatureData);
- void tokenX509Certificate(SignatureData &signatureData);
- void tokenPublicKey(SignatureData &signatureData);
- void tokenNamedCurve(SignatureData &signatureData);
- void tokenRole(SignatureData &signatureData);
- void tokenProfile(SignatureData &signatureData);
- void tokenObject(SignatureData &signatureData);
- void tokenSignatureProperties(SignatureData &signatureData);
- void tokenTargetRestriction(SignatureData &signatureData);
-
- void tokenEndKeyInfo(SignatureData &signatureData);
- // KW void tokenEndKeyName(SignatureData &signatureData);
- void tokenEndRSAKeyValue(SignatureData &signatureData);
- void tokenEndKeyModulus(SignatureData &signatureData);
- void tokenEndKeyExponent(SignatureData &signatureData);
- void tokenEndX509Data(SignatureData &signatureData);
- void tokenEndX509Certificate(SignatureData &signatureData);
- void tokenEndPublicKey(SignatureData &signatureData);
- void tokenEndECKeyValue(SignatureData &signatureData);
- void tokenEndIdentifier(SignatureData &signatureData);
- void tokenEndObject(SignatureData &signatureData);
-
- // DSA key components
- void tokenEndDSAPComponent(SignatureData& signatureData);
- void tokenEndDSAQComponent(SignatureData& signatureData);
- void tokenEndDSAGComponent(SignatureData& signatureData);
- void tokenEndDSAYComponent(SignatureData& signatureData);
- void tokenEndDSAJComponent(SignatureData& signatureData);
-
- void tokenEndDSAKeyValue(SignatureData& signatureData);
-
- void tokenEndDSASeedComponent(SignatureData& signatureData);
- void tokenEndDSAPGenCounterComponent(SignatureData& signatureData);
-
- // temporary values required due reference parsing process
- // optional parameters for dsa
- std::string m_dsaKeyPComponent;
- std::string m_dsaKeyQComponent;
- std::string m_dsaKeyGComponent;
- std::string m_dsaKeyYComponent;
- std::string m_dsaKeyJComponent;
- std::string m_dsaKeySeedComponent;
- std::string m_dsaKeyPGenCounter;
- // temporary values of ecdsa key
- std::string m_publicKey;
- std::string m_nameCurveURI;
- std::string m_modulus;
- std::string m_exponent;
-
- // temporary values required due Object parsing
- int m_signaturePropertiesCounter;
- bool m_targetRestrictionObjectFound;
-
- ParserSchema<SignatureReader, SignatureData> m_parserSchema;
-};
-}
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <libxml/parser.h>
-#include <libxml/c14n.h>
-#include <openssl/asn1.h>
-
-#include <dpl/log/log.h>
-
-#include "CertificateVerifier.h"
-#include "OCSPCertMgrUtil.h"
-#include "Certificate.h"
-#include "ReferenceValidator.h"
-#include "SignatureValidator.h"
-#include "SSLContainers.h"
-#include "ValidatorCommon.h"
-#include "ValidatorFactories.h"
-#include "XmlsecAdapter.h"
-
-namespace {
-const time_t TIMET_DAY = 60 * 60 * 24;
-
-const std::string TOKEN_ROLE_AUTHOR_URI =
- "http://www.w3.org/ns/widgets-digsig#role-author";
-const std::string TOKEN_ROLE_DISTRIBUTOR_URI =
- "http://www.w3.org/ns/widgets-digsig#role-distributor";
-const std::string TOKEN_PROFILE_URI =
- "http://www.w3.org/ns/widgets-digsig#profile";
-} // namespace anonymouse
-
-namespace ValidationCore {
-
-SignatureValidator::SignatureValidator(bool ocspEnable,
- bool crlEnable,
- bool complianceMode) :
- m_ocspEnable(ocspEnable),
- m_crlEnable(crlEnable),
- m_complianceModeEnabled(complianceMode)
-{
-}
-
-SignatureValidator::~SignatureValidator()
-{
-}
-
-bool SignatureValidator::checkRoleURI(const SignatureData &data)
-{
- std::string roleURI = data.getRoleURI();
-
- if (roleURI.empty()) {
- LogWarning("URI attribute in Role tag couldn't be empty.");
- return false;
- }
-
- if (roleURI != TOKEN_ROLE_AUTHOR_URI && data.isAuthorSignature()) {
- LogWarning("URI attribute in Role tag does not "
- "match with signature filename.");
- return false;
- }
-
- if (roleURI != TOKEN_ROLE_DISTRIBUTOR_URI && !data.isAuthorSignature()) {
- LogWarning("URI attribute in Role tag does not "
- "match with signature filename.");
- return false;
- }
- return true;
-}
-
-bool SignatureValidator::checkProfileURI(const SignatureData &data)
-{
- if (TOKEN_PROFILE_URI != data.getProfileURI()) {
- LogWarning(
- "Profile tag contains unsupported value in URI attribute(" <<
- data.getProfileURI() << ").");
- return false;
- }
- return true;
-}
-
-bool SignatureValidator::checkObjectReferences(const SignatureData &data)
-{
- ObjectList objectList = data.getObjectList();
- ObjectList::const_iterator iter;
- for (iter = objectList.begin(); iter != objectList.end(); ++iter) {
- if (!data.containObjectReference(*iter)) {
- LogWarning("Signature does not contain reference for object " <<
- *iter);
- return false;
- }
- }
- return true;
-}
-
-SignatureValidator::Result SignatureValidator::check(
- SignatureData &data,
- const std::string &widgetContentPath)
-{
- bool disregard = false;
-
- if (!checkRoleURI(data)) {
- return SIGNATURE_INVALID;
- }
-
- if (!checkProfileURI(data)) {
- return SIGNATURE_INVALID;
- }
-
- // CertificateList sortedCertificateList = data.getCertList();
-
- CertificateCollection collection;
- collection.load(data.getCertList());
-
- // First step - sort certificate
- if (!collection.sort()) {
- LogWarning("Certificates do not form valid chain.");
- return SIGNATURE_INVALID;
- }
-
- // Check for error
- if (collection.empty()) {
- LogWarning("Certificate list in signature is empty.");
- return SIGNATURE_INVALID;
- }
-
- CertificateList sortedCertificateList = collection.getChain();
-
- // TODO move it to CertificateCollection
- // Add root CA and CA certificates (if chain is incomplete)
- sortedCertificateList =
- OCSPCertMgrUtil::completeCertificateChain(sortedCertificateList);
-
- CertificatePtr root = sortedCertificateList.back();
-
- // Is Root CA certificate trusted?
- CertStoreId::Set storeIdSet = createCertificateIdentifier().find(root);
-
- // WAC chapter 3.2.1 - verified definition
- if (data.isAuthorSignature()) {
- if (!storeIdSet.contains(CertStoreId::WAC_PUBLISHER)) {
- LogWarning("Author signature has got unrecognized Root CA "
- "certificate. Signature will be disregarded.");
- disregard = true;
- }
- LogDebug("Root CA for author signature is correct.");
- } else {
- if (!storeIdSet.contains(CertStoreId::DEVELOPER) &&
- !storeIdSet.contains(CertStoreId::WAC_ROOT) &&
- !storeIdSet.contains(CertStoreId::WAC_MEMBER))
- {
- LogWarning("Distiributor signature has got unrecognized Root CA "
- "certificate. Signature will be disregarded.");
- disregard = true;
- }
- LogDebug("Root CA for distributor signature is correct.");
- }
-
- data.setStorageType(storeIdSet);
- data.setSortedCertificateList(sortedCertificateList);
-
- // We add only Root CA certificate because WAC ensure that the rest
- // of certificates are present in signature files ;-)
- XmlSec::XmlSecContext context;
- context.signatureFile = data.getSignatureFileName();
- context.certificatePtr = root;
-
- // Now we should have full certificate chain.
- // If the end certificate is not ROOT CA we should disregard signature
- // but still signature must be valid... Aaaaaa it's so stupid...
- if (!(root->isSignedBy(root))) {
- LogWarning("Root CA certificate not found. Chain is incomplete.");
- context.allowBrokenChain = true;
- }
-
- // WAC 2.0 SP-2066 The wrt must not block widget installation
- // due to expiration of the author certificate.
- time_t notAfter = data.getEndEntityCertificatePtr()->getNotAfter();
- bool expired = notAfter < time(NULL);
- if (data.isAuthorSignature() && expired) {
- context.validationTime = notAfter - TIMET_DAY;
- }
- // end
-
- if (XmlSec::NO_ERROR != XmlSecSingleton::Instance().validate(&context)) {
- LogWarning("Installation break - invalid package!");
- return SIGNATURE_INVALID;
- }
-
- data.setReference(context.referenceSet);
-
- if (!checkObjectReferences(data)) {
- return SIGNATURE_INVALID;
- }
-
- ReferenceValidator fileValidator(widgetContentPath);
- if (ReferenceValidator::NO_ERROR != fileValidator.checkReferences(data)) {
- LogWarning("Invalid package - file references broken");
- return SIGNATURE_INVALID;
- }
-
- // It is good time to do OCSP check
- // ocspCheck will throw an exception on any error.
- // TODO Probably we should catch this exception and add
- // some information to SignatureData.
- if (!m_complianceModeEnabled && !data.isAuthorSignature()) {
- CertificateCollection coll;
- coll.load(sortedCertificateList);
-
- if (!coll.sort()) {
- LogDebug("Collection does not contain chain!");
- return SIGNATURE_INVALID;
- }
-
- CertificateVerifier verificator(m_ocspEnable, m_crlEnable);
- VerificationStatus result = verificator.check(coll);
-
- if (result == VERIFICATION_STATUS_REVOKED) {
- return SIGNATURE_REVOKED;
- }
-
- if (result == VERIFICATION_STATUS_UNKNOWN ||
- result == VERIFICATION_STATUS_ERROR)
- {
- disregard = true;
- }
- }
-
- if (disregard) {
- LogWarning("Signature is disregard.");
- return SIGNATURE_DISREGARD;
- }
- return SIGNATURE_VERIFIED;
-}
-
-std::string SignatureValidator::FingerprintToColonHex(
- const Certificate::Fingerprint &fingerprint)
-{
- std::string outString;
-
- char buff[8];
-
- for (size_t i = 0; i < fingerprint.size(); ++i) {
- snprintf(buff,
- sizeof(buff),
- "%02X:",
- static_cast<unsigned int>(fingerprint[i]));
- outString += buff;
- }
-
- // remove trailing ":"
- outString.erase(outString.end() - 1);
- return outString;
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _SIGNATUREVALIDATOR_H_
-#define _SIGNATUREVALIDATOR_H_
-
-#include <dpl/singleton.h>
-
-#include "Certificate.h"
-#include "OCSPCertMgrUtil.h"
-#include "SignatureData.h"
-
-#include "ValidatorCommon.h"
-#include "VerificationStatus.h"
-
-namespace ValidationCore {
-// Todo nocopyable
-class SignatureValidator
-{
- public:
- enum Result
- {
- SIGNATURE_VALID,
- SIGNATURE_INVALID,
- SIGNATURE_VERIFIED,
- SIGNATURE_DISREGARD, // no ocsp response or ocsp return unknown status
- SIGNATURE_REVOKED
- };
-
- /**
- * Validation of the signature.
- * If falidation succeed SignatureData will contains:
- * list of validated references
- * set selfSigned value
- * root ca certificate
- * end entity certificate
- */
- Result check(SignatureData &data,
- const std::string &widgetContentPath);
-
- static std::string FingerprintToColonHex(
- const Certificate::Fingerprint &fingerprint);
-
- explicit SignatureValidator(bool ocspEnable,
- bool crlEnable,
- bool complianceMode);
- virtual ~SignatureValidator();
-
- private:
- bool checkRoleURI(const SignatureData &data);
- bool checkProfileURI(const SignatureData &data);
- bool checkObjectReferences(const SignatureData &data);
-
- bool m_ocspEnable;
- bool m_crlEnable;
- bool m_complianceModeEnabled;
-};
-
-} // namespace ValidationCore
-
-#endif // _SIGNATUREVALIDATOR_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 0.1
- * @file SoupMessageSendAsync.h
- * @brief Routines for certificate validation over OCSP
- */
-#ifndef _SRC_VALIDATION_CORE_SOUP_MESSAGE_SEND_ASYNC_H_
-#define _SRC_VALIDATION_CORE_SOUP_MESSAGE_SEND_ASYNC_H_
-
-#include <map>
-#include <vector>
-
-#include <dpl/assert.h>
-
-#include <dpl/event/inter_context_delegate.h>
-
-#include "SoupMessageSendBase.h"
-
-namespace SoupWrapper {
-
-class SoupMessageSendAsync
- : public SoupMessageSendBase
- , public DPL::Event::ICDelegateSupport<SoupMessageSendAsync>
-{
- typedef DPL::Event::ICDelegate<SoupSession*, SoupMessage*, void*> SoupDelegate;
- public:
- void sendAsync() {
- Assert(m_status == STATUS_IDLE);
- Assert(!m_soupSession);
- Assert(!m_soupMessage);
-
- m_status = STATUS_SEND_ASYNC;
- m_tryLeft = m_tryCount;
- m_mainContext = g_main_context_new();
-
- if (!m_mainContext){
- m_status = STATUS_IDLE;
-
- // call the delegate to outside with error!
- return;
- }
-
- m_soupSession = soup_session_async_new_with_options(
- SOUP_SESSION_ASYNC_CONTEXT,
- m_mainContext,
- SOUP_SESSION_TIMEOUT,
- m_timeout,
- NULL);
-
- if (!m_soupSession){
- m_status = STATUS_IDLE;
- g_object_unref(m_mainContext);
- m_mainContext = 0;
-
- // call the deletage to outside with error!
- return;
- }
-
- m_soupMessage = createRequest();
-
- if (!m_soupMessage){
- m_status = STATUS_IDLE;
- g_object_unref(m_soupSession);
- m_soupSession = 0;
- g_object_unref(m_mainContext);
- m_mainContext = 0;
-
- // call the delegate to outsize with error!
- return;
- }
-
- sendAsyncIterationStart();
- }
-
- protected:
-
- struct SoupDelegateOpaque {
- SoupDelegate dlg;
- };
-
- void sendAsyncIterationStart(){
- // ICDelegate could be called only once.
- // We can set user data only once.
- // We need nasty hack because we will call ICDelegate m_tryCount times.
- SoupDelegateOpaque *opaq = new SoupDelegateOpaque;
- opaq->dlg = makeICDelegate(&SoupMessageSendAsync::requestReceiver);
-
- soup_session_queue_message(m_soupSession,
- m_soupMessage,
- soupSessionCallback,
- reinterpret_cast<gpointer>(opaq));
- }
-
- void sendAsyncIteration(SoupDelegateOpaque *opaq){
- // Replace used ICDelegate with new one without changing
- // userdata ;-)
- opaq->dlg = makeICDelegate(&SoupMessageSendAsync::requestReceiver);
- soup_session_requeue_message(m_soupSession,
- m_soupMessage);
- }
-
- void requestReceiver(SoupSession *session, SoupMessage *msg, void *opaque){
- // We are in thread which called sendAsync function.
- Assert(session == m_soupSession);
- Assert(msg == m_soupMessage);
- Assert(opaque != 0);
- Assert(m_status == STATUS_SEND_ASYNC);
-
- m_tryLeft--;
-
- if (msg->status_code == SOUP_STATUS_OK) {
- m_responseBuffer.resize(msg->response_body->length);
- memcpy(&m_responseBuffer[0],
- msg->response_body->data,
- msg->response_body->length);
- // We are done.
- m_status = STATUS_IDLE;
- delete static_cast<SoupDelegateOpaque*>(opaque);
-
- // call the delegate to outside!
- return;
- }
-
- // Error protocol //
- if (m_tryLeft <= 0) {
- m_status = STATUS_IDLE;
- delete static_cast<SoupDelegateOpaque*>(opaque);
-
- // call the delegate to outside with error!
- return;
- }
-
- // create delegate and send the request once again.
- sendAsyncIteration(reinterpret_cast<SoupDelegateOpaque*>(opaque));
- }
-
- static void soupSessionCallback(SoupSession *session,
- SoupMessage *msg,
- gpointer userdata)
- {
- // We are in main thread. We need to switch context.
- // This delegate can switch context to dpl thread or main thread.
- SoupDelegateOpaque *opaque;
- opaque = reinterpret_cast<SoupDelegateOpaque*>(userdata);
- opaque->dlg(session, msg, userdata);
- }
-
- int m_tryLeft;
-
- GMainContext *m_mainContext;
- SoupSession *m_soupSession;
- SoupMessage *m_soupMessage;
-};
-
-} // namespace ValidationCore
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 0.1
- * @file SoupMessageSendBase.cpp
- * @brief Simple wrapper for soup.
- */
-#include "SoupMessageSendBase.h"
-
-#include <dpl/assert.h>
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-
-namespace SoupWrapper {
-
-SoupMessageSendBase::SoupMessageSendBase()
- : m_status(STATUS_IDLE)
- , m_timeout(30)
- , m_tryCount(5)
-{}
-
-SoupMessageSendBase::~SoupMessageSendBase(){
- Assert(m_status == STATUS_IDLE);
-}
-
-void SoupMessageSendBase::setHeader(const std::string &property, const std::string &value){
- Assert(m_status == STATUS_IDLE);
- m_headerMap[property] = value;
-}
-
-void SoupMessageSendBase::setHost(const std::string &host){
- Assert(m_status == STATUS_IDLE);
- m_host = host;
-}
-
-void SoupMessageSendBase::setRequest(const std::string &contentType, const MessageBuffer &message){
- Assert(m_status == STATUS_IDLE);
- m_requestType = contentType;
- m_requestBuffer = message;
-}
-
-SoupMessageSendBase::MessageBuffer SoupMessageSendBase::getResponse() const {
- Assert(m_status == STATUS_IDLE);
- return m_responseBuffer;
-}
-
-void SoupMessageSendBase::setTimeout(int seconds) {
- Assert(m_status == STATUS_IDLE);
- Assert(seconds >= 0);
- m_timeout = seconds;
-}
-
-void SoupMessageSendBase::setRetry(int retry) {
- Assert(m_status == STATUS_IDLE);
- Assert(retry >= 0);
- m_tryCount = retry + 1;
-}
-
-
-SoupMessage* SoupMessageSendBase::createRequest(){
- SoupMessage *message;
-
- LogInfo("Soup message will be send to: " << m_host.c_str());
-
- if (!m_requestBuffer.empty()) {
- message = soup_message_new("POST", m_host.c_str());
- } else {
- message = soup_message_new("GET", m_host.c_str());
- }
-
- if (!message) {
- LogError("Error creating request!");
- return 0;
- }
-
- FOREACH(it, m_headerMap){
- soup_message_headers_append(message->request_headers,
- it->first.c_str(),
- it->second.c_str());
- }
-
- if (!m_requestBuffer.empty()) {
- soup_message_set_http_version(message, SOUP_HTTP_1_0);
- soup_message_set_request(message,
- m_requestType.c_str(),
- SOUP_MEMORY_COPY,
- &m_requestBuffer[0],
- m_requestBuffer.size());
- }
- soup_message_set_flags(message, SOUP_MESSAGE_NO_REDIRECT);
- return message;
-}
-
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 0.1
- * @file SoupMessageSendBase.h
- * @brief Simple wrapper for soup.
- */
-#ifndef _SRC_VALIDATION_CORE_SOUP_MESSAGE_SEND_BASE_H_
-#define _SRC_VALIDATION_CORE_SOUP_MESSAGE_SEND_BASE_H_
-
-#include <map>
-#include <vector>
-#include <string>
-
-#include <libsoup/soup.h>
-
-namespace SoupWrapper {
-
-class SoupMessageSendBase {
- public:
-
- typedef std::vector<char> MessageBuffer;
- typedef std::map<std::string,std::string> HeaderMap;
-
- enum RequestStatus {
- REQUEST_STATUS_OK,
- REQUEST_STATUS_CONNECTION_ERROR
- };
-
- SoupMessageSendBase();
-
- virtual ~SoupMessageSendBase();
-
- /**
- * Add specific information to request header.
- *
- * @param[in] property property name (for example "Host")
- * @param[in] value property value (for example "onet.pl:80")
- */
- void setHeader(const std::string &property,
- const std::string &value);
-
- /**
- * Set request destination.
- *
- * @param[in] host - full path to source (http://onet.pl/index.html)
- */
- void setHost(const std::string &host);
-
- /**
- * Set body of request.
- *
- * @param[in] contentType (for example: "application/ocsp-request")
- * @param[in] message body of reqeust
- */
- void setRequest(const std::string &contentType,
- const MessageBuffer &message);
-
- /**
- * Set network timeout. Default is 30 seconds.
- *
- * @param[in] seconds timeout in seconds
- */
- void setTimeout(int seconds);
-
- /**
- * How many erros soup will accept before he will terminate connection.
- * Default is 5.
- *
- * @param[in] retry number
- */
- void setRetry(int retry);
-
- /**
- * Get response from serwer.
- */
- MessageBuffer getResponse() const;
-
- protected:
-
- SoupMessage* createRequest();
-
- enum Status {
- STATUS_IDLE,
- STATUS_SEND_SYNC,
- STATUS_SEND_ASYNC
- };
-
- Status m_status;
-
- int m_timeout;
- int m_tryCount;
-
- std::string m_host;
- std::string m_requestType;
- MessageBuffer m_requestBuffer;
- MessageBuffer m_responseBuffer;
- HeaderMap m_headerMap;
-};
-
-} // namespace ValidationCore
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 0.1
- * @file SoupMessageSendSync.cpp
- * @brief Implementation of soup synchronous interface.
- */
-#include "SoupMessageSendSync.h"
-
-#include <memory>
-#include <functional>
-
-#include <vconf.h>
-
-#include <dpl/log/log.h>
-
-namespace SoupWrapper {
-
-SoupMessageSendBase::RequestStatus SoupMessageSendSync::sendSync()
-{
- Assert(m_status == STATUS_IDLE);
- m_status = STATUS_SEND_SYNC;
-
- ScopedGMainContext context(g_main_context_new());
-
- std::unique_ptr<char,std::function<void(void*)> >
- proxy(vconf_get_str(VCONFKEY_NETWORK_PROXY), free);
-
- std::unique_ptr <SoupURI, std::function<void(SoupURI*)> >
- proxyURI(soup_uri_new (proxy.get()), soup_uri_free);
-
- LogDebug("Proxy ptr:" << (void*)proxy.get() <<
- " Proxy addr: " << proxy.get());
-
- for(int tryCount = 0; tryCount < m_tryCount; ++ tryCount){
- LogDebug("Try(" << tryCount << ") to download " << m_host);
-
- ScopedSoupSession session(soup_session_async_new_with_options(
- SOUP_SESSION_ASYNC_CONTEXT,
- &*context,
- SOUP_SESSION_TIMEOUT,
- m_timeout,
- SOUP_SESSION_PROXY_URI,
- proxyURI.get(),
- NULL));
-
- ScopedSoupMessage msg;
-
- msg.Reset(createRequest());
-
- if (!msg) {
- LogError("Unable to send HTTP request.");
- m_status = STATUS_IDLE;
- return REQUEST_STATUS_CONNECTION_ERROR;
- }
- soup_session_send_message(&*session, &*msg);
-
- // if (SOUP_STATUS_IS_SUCCESSFUL(msg->status_code))
-
- if (msg->status_code == SOUP_STATUS_OK) {
- m_responseBuffer.resize(msg->response_body->length);
- memcpy(&m_responseBuffer[0],
- msg->response_body->data,
- msg->response_body->length);
- // We are done.
- m_status = STATUS_IDLE;
- return REQUEST_STATUS_OK;
- } else {
- LogWarning("Soup failed with code " << msg->status_code
- << " message \n------------\n"
- << msg->response_body->data
- << "\n--------------\n");
- }
- }
-
- m_status = STATUS_IDLE;
- return REQUEST_STATUS_CONNECTION_ERROR;
-}
-
-} // namespave ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 0.1
- * @file SoupMessageSendSync.h
- * @brief Wrapper for soup synchronous interface.
- */
-#ifndef _SRC_VALIDATION_CORE_SOUP_MESSAGE_SEND_SYNC_H_
-#define _SRC_VALIDATION_CORE_SOUP_MESSAGE_SEND_SYNC_H_
-
-#include "SoupMessageSendBase.h"
-
-#include <vcore/scoped_gpointer.h>
-
-namespace SoupWrapper {
-
-class SoupMessageSendSync : public SoupMessageSendBase {
- public:
- RequestStatus sendSync();
- protected:
- typedef WRT::ScopedGPointer<SoupMessage> ScopedSoupMessage;
- typedef WRT::ScopedGPointer<SoupSession> ScopedSoupSession;
- typedef WRT::ScopedGPointer<GMainContext> ScopedGMainContext;
-};
-
-} // namespace ValidationCore
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file VCore.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @brief
- */
-
-#include <vcore/VCorePrivate.h>
-#include <vcore/Config.h>
-#include <vcore/Database.h>
-#include <openssl/ssl.h>
-#include <database_checksum_vcore.h>
-#include <glib.h>
-#include <glib-object.h>
-
-namespace {
-DPL::DB::ThreadDatabaseSupport threadInterface(
- VCoreDatabaseConnectionTraits::Address(),
- VCoreDatabaseConnectionTraits::Flags());
-} // namespace anonymous
-
-namespace ValidationCore {
-
-void AttachToThread(void){
- threadInterface.AttachToThread();
-}
-
-void DetachFromThread(void){
- threadInterface.DetachFromThread();
-}
-
-DPL::DB::ThreadDatabaseSupport& ThreadInterface(void) {
- return threadInterface;
-}
-
-bool VCoreInit(const std::string& configFilePath,
- const std::string& configSchemaPath,
- const std::string& databasePath)
-{
- SSL_library_init();
- g_thread_init(NULL);
- g_type_init();
-
- LogDebug("Initializing VCore");
- Config &globalConfig = ConfigSingleton::Instance();
- bool returnValue = globalConfig.setXMLConfigPath(configFilePath) &&
- globalConfig.setXMLSchemaPath(configSchemaPath) &&
- globalConfig.setDatabasePath(databasePath);
-
- Assert(ThreadInterface().CheckTableExist(DB_CHECKSUM_STR) &&
- "Not a valid vcore database version");
-
- return returnValue;
-}
-
-} // namespace ValidationCore
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file VCore.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _VCORE_SRC_VCORE_VCORE_H_
-#define _VCORE_SRC_VCORE_VCORE_H_
-
-#include <string>
-
-namespace ValidationCore {
-/*
- * configFilePath - path to XML config file with certificates configuration
- *
- * configSchemaPath - XMLschema of config file
- *
- * databasePath - path to database with OCSP/CRL cache.
- *
- * This function could be run only once. If you call it twice it will
- * return false and non data will be set.
- *
- */
-bool VCoreInit(const std::string& configFilePath,
- const std::string& configSchemaPath,
- const std::string& databasePath);
-
-/*
- * All thread with are using OCSP/CRL must call AttachToThread function before
- * it can call OCSP/CRL. More than one thread could be Attach with OCPS/CRL.
- *
- * You mast attach thread to OCSP/CRL because OCSP/CRL is using database
- * CertificateCachedDAO. For each thread that will be using this database
- * vcore must create internal structure (with connection info).
- *
- */
-void AttachToThread(void);
-void DetachFromThread(void);
-
-} // namespace ValidationCore
-
-#endif // _VCORE_SRC_VCORE_VCORE_H_
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file VCore.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _VCORE_SRC_VCORE_VCOREPRIVATE_H_
-#define _VCORE_SRC_VCORE_VCOREPRIVATE_H_
-
-#include <string>
-#include <VCore.h>
-#include <database_checksum_vcore.h>
-#include <dpl/db/thread_database_support.h>
-
-namespace ValidationCore {
-DPL::DB::ThreadDatabaseSupport& ThreadInterface(void);
-} // namespace ValidationCore
-
-#endif // _VCORE_SRC_VCORE_VCORE_H_
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#include <vcore/ValidatorFactories.h>
-
-#include <string>
-
-#include <vcore/Certificate.h>
-#include <vcore/CertificateConfigReader.h>
-#include <vcore/Config.h>
-
-namespace ValidationCore {
-
-const CertificateIdentifier& createCertificateIdentifier()
-{
- static CertificateIdentifier certificateIdentifier;
- static bool initialized = false;
- if (!initialized) {
- CertificateConfigReader reader;
- std::string file =
- ConfigSingleton::Instance().getXMLConfigPath();
- std::string schema =
- ConfigSingleton::Instance().getXMLSchemaPath();
- reader.initialize(file, schema);
- reader.read(certificateIdentifier);
- initialized = true;
- }
- return certificateIdentifier;
-}
-
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_VALIDATORFACTORY_H_
-#define _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_VALIDATORFACTORY_H_
-
-#include <CertificateIdentifier.h>
-
-namespace ValidationCore {
-// First use of CertificateIdentificator should initialized it.
-// We do not want to create cyclic dependencies between
-// CertificateConfigReader and CertificateIdentificator so
-// we are using factory method to create CertificateIdentificator.
-
-const CertificateIdentifier& createCertificateIdentifier();
-} // namespace ValidationCore
-
-#endif // _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_VALIDATORFACTORY_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include "VerificationStatus.h"
-
-namespace ValidationCore {
-VerificationStatus VerificationStatusSet::convertToStatus() const
-{
- if (m_verdictMap & VERIFICATION_STATUS_REVOKED) {
- return VERIFICATION_STATUS_REVOKED;
- }
-
- if (m_verdictMap & VERIFICATION_STATUS_VERIFICATION_ERROR) {
- return VERIFICATION_STATUS_VERIFICATION_ERROR;
- }
-
- if (m_verdictMap & VERIFICATION_STATUS_ERROR) {
- return VERIFICATION_STATUS_ERROR;
- }
-
- if (m_verdictMap & VERIFICATION_STATUS_UNKNOWN) {
- return VERIFICATION_STATUS_UNKNOWN;
- }
-
- if (m_verdictMap & VERIFICATION_STATUS_CONNECTION_FAILED) {
- return VERIFICATION_STATUS_CONNECTION_FAILED;
- }
-
- if (m_verdictMap & VERIFICATION_STATUS_NOT_SUPPORT) {
- return VERIFICATION_STATUS_NOT_SUPPORT;
- }
-
- if (m_verdictMap & VERIFICATION_STATUS_GOOD) {
- return VERIFICATION_STATUS_GOOD;
- }
-
- return VERIFICATION_STATUS_ERROR;
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _SRC_VALIDATION_CORE_VERIFICATION_STATUS_H_
-#define _SRC_VALIDATION_CORE_VERIFICATION_STATUS_H_
-
-namespace ValidationCore {
-enum VerificationStatus
-{
- //! The certificate has not been revoked.
- /*! Connection to OCSP responder was successful and the certificate
- * has not been revoked.
- */
- VERIFICATION_STATUS_GOOD = 1,
-
- //! The certificate has been revoked.
- /*! Connection to OCSP responder was successful and the certificate
- * has been revoked.
- * RFC2560: "The "revoked" state indicates that the certificate has
- * been revoked (either permanantly or temporarily
- * (on hold))."
- */
- VERIFICATION_STATUS_REVOKED = 1 << 1,
-
- //! The certificate status is unknown.
- /*! Connection to OCSP responder was successful and the certificate
- * has unknown status.
- *
- * RFC2560: "The "unknown" state indicates that the responder
- * doesn't know about the certificate being requested."
- */
- VERIFICATION_STATUS_UNKNOWN = 1 << 2,
-
- //! The certificate status was not figure out.
- /*! The response from ocsp/crl server contains broken signature. */
- VERIFICATION_STATUS_VERIFICATION_ERROR = 1 << 3,
-
- //! The certificate status was not figure out.
- /*! The certificate does not contain ocsp/crl extension. */
- VERIFICATION_STATUS_NOT_SUPPORT = 1 << 4,
-
- //! The certificate status was not figure out.
- /*! The CertMgr could not connect to OCSP responder. */
- VERIFICATION_STATUS_CONNECTION_FAILED = 1 << 5,
-
- //! The certificate status is unknown due to internal error inside OCSP
- VERIFICATION_STATUS_ERROR = 1 << 6
-};
-
-class VerificationStatusSet
-{
- public:
- VerificationStatusSet() : m_verdictMap(0)
- {
- }
-
- inline void add(VerificationStatus status)
- {
- m_verdictMap |= status;
- }
-
- inline bool contains(VerificationStatus status) const
- {
- return m_verdictMap & status;
- }
-
- inline bool isEmpty() const
- {
- return 0 == m_verdictMap;
- }
-
- inline void operator+=(const VerificationStatusSet &second)
- {
- m_verdictMap |= second.m_verdictMap;
- }
-
- inline void reset()
- {
- m_verdictMap = 0;
- }
-
- VerificationStatus convertToStatus() const;
-
- private:
- unsigned int m_verdictMap;
-};
-
-/* TODO this status should be defined in wrt-engine sources */
-enum WidgetVerificationStatus
-{
- // All certificate has been veficated and all certificates are good.
- // Widget is able to be installed.
- WIDGET_VERIFICATION_STATUS_GOOD,
- // Some certificate has been revoked. Widget is not able to be installed.
- WIDGET_VERIFICATION_STATUS_REVOKED,
-};
-} // namespace ValidationCore
-
-#endif // _SRC_VALIDATION_CORE_VERIFICATION_STATUS_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#include "WacOrigin.h"
-
-#include <algorithm>
-#include <ctype.h>
-#include <idna.h>
-
-#include <<dpl/log/log.h>>
-
-#include <iri.h>
-#include "ValidatorCommon.h"
-
-namespace {
-const std::string SCHEME_HTTP = "http";
-const std::string SCHEME_HTTPS = "https";
-const int PORT_HTTP = 80;
-const int PORT_HTTPS = 443;
-}
-
-namespace ValidationCore {
-VC_DECLARE_DELETER(iri_struct, iri_destroy)
-
-WacOrigin::WacOrigin(const std::string &url) :
- m_port(0),
- m_parseFailed(false)
-{
- parse(url.c_str());
-}
-
-WacOrigin::WacOrigin(const char *url) :
- m_port(0),
- m_parseFailed(false)
-{
- parse(url);
-}
-
-bool WacOrigin::operator==(const WacOrigin &second) const
-{
- if (m_parseFailed || second.m_parseFailed) {
- return false;
- }
-
- return (m_scheme == second.m_scheme) &&
- (m_host == second.m_host) &&
- (m_port == second.m_port);
-}
-
-void WacOrigin::parse(const char *url)
-{
- // Step are taken from algorihtm:
- // http://www.w3.org/TR/html5/origin-0.html#origin-0
-
- // Step 1
- // Step 2
- AutoPtr<iri_struct> iri(iri_parse(url));
- if (!iri.get()) {
- m_parseFailed = true;
- return;
- }
-
- if (iri->scheme) {
- m_scheme = iri->scheme;
- } else {
- m_parseFailed = true;
- return;
- }
-
- // Step 3 - Skip this point.
- // WAC 2.0 PRV - we are suport only "http" and "https" schemas.
-
- // Step 4 - Todo
-
- // Step 5
- std::transform(m_scheme.begin(), m_scheme.end(), m_scheme.begin(), tolower);
-
- // Step 6 - we only support "http" and "https" schemas
- if ((m_scheme != SCHEME_HTTP) && (m_scheme != SCHEME_HTTPS)) {
- m_parseFailed = true;
- return;
- }
-
- // Step 7 - Skip. We do not support "file" schema.
-
- // Step 8
- if (iri->host) {
- m_host = iri->host;
- } else {
- m_parseFailed = true;
- return;
- }
-
- // Step 9
- char *output = NULL;
- if (IDNA_SUCCESS !=
- idna_to_ascii_lz(m_host.c_str(), &output, IDNA_USE_STD3_ASCII_RULES)) {
- LogError("libidn error");
- m_parseFailed = true;
- free(output);
- return;
- }
- m_host = output;
- free(output);
-
- // Step 10
- std::transform(m_host.begin(), m_host.end(), m_host.begin(), ::tolower);
-
- // Step 11
- if (iri->port) {
- m_port = iri->port;
- } else {
- setPort();
- }
-
- // Step 12 - Skip it. We do not return anything.
- // User should create geters if he need access to schema/host/port.
-}
-
-void WacOrigin::setPort()
-{
- if (SCHEME_HTTP == m_scheme) {
- m_port = PORT_HTTP;
- return;
- } else if (SCHEME_HTTPS == m_scheme) {
- m_port = PORT_HTTPS;
- return;
- } else {
- LogDebug("Scheme " << m_scheme << " is not support by WAC2.0");
- m_parseFailed = true;
- }
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief This is stub for HTML5Origin implementation.
- * This implementation is compatible with WAC 2.0 PRV requirements
- * and is _not_ full compatible with ORIGIN algorithm requirements
- * defined in http://www.w3.org/TR/html5/origin-0.html#origin-0
- */
-#ifndef _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_HTML5ORIGIN_H_
-#define _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_HTML5ORIGIN_H_
-
-#include <string>
-
-namespace ValidationCore {
-class WacOrigin
-{
- public:
-
- WacOrigin(const std::string &url);
- WacOrigin(const char *url);
-
- bool operator!=(const WacOrigin &second) const
- {
- return !(operator==(second));
- }
-
- bool operator==(const WacOrigin &second) const;
-
- private:
- void parse(const char *url);
- void setPort();
-
- std::string m_scheme;
- std::string m_host;
- int m_port;
- bool m_parseFailed; // if parsing failed we should return unique identifier
-};
-} //namespace ValidationCore
-
-#endif // _WRT_ENGINE_SRC_INSTALLER_CORE_VALIDATION_CORE_HTML5ORIGIN_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file XmlsecAdapter.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-
-/*
- * Copyright (C) 2002-2003 Aleksey Sanin. All Rights Reserved.
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use,
- * copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the
- * Software is furnished to do so, subject to the following conditions:
-
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
-
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
- * OTHER DEALINGS IN THE SOFTWARE.
- */
-
-
-#include <cstdlib>
-#include <cstring>
-
-#include <libxml/tree.h>
-#include <libxml/xmlmemory.h>
-#include <libxml/parser.h>
-
-#ifndef XMLSEC_NO_XSLT
-#include <libxslt/xslt.h>
-#endif /* XMLSEC_NO_XSLT */
-
-#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
-#include <xmlsec/xmldsig.h>
-#include <xmlsec/crypto.h>
-#include <xmlsec/io.h>
-#include <xmlsec/keyinfo.h>
-
-#include <dpl/assert.h>
-#include <dpl/log/log.h>
-
-#include "XmlsecAdapter.h"
-#include <dpl/singleton_impl.h>
-IMPLEMENT_SINGLETON(ValidationCore::XmlSec)
-
-namespace ValidationCore {
-VC_DECLARE_DELETER(xmlSecKeysMngr, xmlSecKeysMngrDestroy)
-
-static const char* DIGEST_MD5 = "md5";
-
-std::string XmlSec::s_prefixPath;
-
-int XmlSec::fileMatchCallback(const char *filename)
-{
- std::string path = s_prefixPath + filename;
- return xmlFileMatch(path.c_str());
-}
-
-void* XmlSec::fileOpenCallback(const char *filename)
-{
- std::string path = s_prefixPath + filename;
- LogDebug("Xmlsec opening: " << path);
- return xmlFileOpen(path.c_str());
-}
-
-int XmlSec::fileReadCallback(void *context,
- char *buffer,
- int len)
-{
- return xmlFileRead(context, buffer, len);
-}
-
-int XmlSec::fileCloseCallback(void *context)
-{
- return xmlFileClose(context);
-}
-
-void XmlSec::fileExtractPrefix(XmlSecContext *context)
-{
- if (!(context->workingDirectory.empty())) {
- s_prefixPath = context->workingDirectory;
- return;
- }
-
- s_prefixPath = context->signatureFile;
- size_t pos = s_prefixPath.rfind('/');
- if (pos == std::string::npos) {
- s_prefixPath.clear();
- } else {
- s_prefixPath.erase(pos + 1, std::string::npos);
- }
-}
-
-XmlSec::XmlSec() :
- m_initialized(false)
-{
- LIBXML_TEST_VERSION
- xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
- xmlSubstituteEntitiesDefault(1);
-#ifndef XMLSEC_NO_XSLT
- xmlIndentTreeOutput = 1;
-#endif
-
- if (xmlSecInit() < 0) {
- LogError("Xmlsec initialization failed.");
- ThrowMsg(Exception::InternalError, "Xmlsec initialization failed.");
- }
-
- if (xmlSecCheckVersion() != 1) {
- xmlSecShutdown();
- LogError("Loaded xmlsec library version is not compatible.");
- ThrowMsg(Exception::InternalError,
- "Loaded xmlsec library version is not compatible.");
- }
-
-#ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
- if (xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
- xmlSecShutdown();
- LogError(
- "Error: unable to load default xmlsec-crypto library. Make sure "
- "that you have it installed and check shared libraries path "
- "(LD_LIBRARY_PATH) envornment variable.");
- ThrowMsg(Exception::InternalError,
- "Unable to load default xmlsec-crypto library.");
- }
-#endif
-
- if (xmlSecCryptoAppInit(NULL) < 0) {
- xmlSecShutdown();
- LogError("Crypto initialization failed.");
- ThrowMsg(Exception::InternalError, "Crypto initialization failed.");
- }
-
- if (xmlSecCryptoInit() < 0) {
- xmlSecCryptoAppShutdown();
- xmlSecShutdown();
- LogError("Xmlsec-crypto initialization failed.");
- ThrowMsg(Exception::InternalError,
- "Xmlsec-crypto initialization failed.");
- }
-
- m_initialized = true;
-}
-
-void XmlSec::deinitialize(void)
-{
- Assert(m_initialized);
-
- /* Shutdown xmlsec-crypto library */
- xmlSecCryptoShutdown();
-
- /* Shutdown crypto library */
- xmlSecCryptoAppShutdown();
-
- /* Shutdown xmlsec library */
- xmlSecShutdown();
-
- /* Shutdown libxslt/libxml */
-#ifndef XMLSEC_NO_XSLT
- xsltCleanupGlobals();
-#endif /* XMLSEC_NO_XSLT */
-
- s_prefixPath.clear();
- m_initialized = false;
-}
-
-XmlSec::~XmlSec()
-{
- if (m_initialized) {
- deinitialize();
- }
-}
-
-XmlSec::Result XmlSec::validateFile(XmlSecContext *context,
- xmlSecKeysMngrPtr mngr)
-{
- xmlDocPtr doc = NULL;
- xmlNodePtr node = NULL;
- xmlSecDSigCtxPtr dsigCtx = NULL;
- int size, res = -1;
-
- fileExtractPrefix(context);
- LogDebug("Prefix path: " << s_prefixPath);
-
- xmlSecIOCleanupCallbacks();
-
- xmlSecIORegisterCallbacks(
- fileMatchCallback,
- fileOpenCallback,
- fileReadCallback,
- fileCloseCallback);
-
- /* load file */
- doc = xmlParseFile(context->signatureFile.c_str());
- if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)) {
- LogWarning("Unable to parse file " << context->signatureFile);
- goto done;
- }
-
- /* find start node */
- node = xmlSecFindNode(xmlDocGetRootElement(
- doc), xmlSecNodeSignature, xmlSecDSigNs);
- if (node == NULL) {
- LogWarning("Start node not found in " << context->signatureFile);
- goto done;
- }
-
- /* create signature context */
- dsigCtx = xmlSecDSigCtxCreate(mngr);
- if (dsigCtx == NULL) {
- LogError("Failed to create signature context.");
- goto done;
- }
-
- if (context->allowBrokenChain) {
- dsigCtx->keyInfoReadCtx.flags |=
- XMLSEC_KEYINFO_FLAGS_ALLOW_BROKEN_CHAIN;
- }
-
- if (context->validationTime) {
- LogDebug("Setting validation time.");
- dsigCtx->keyInfoReadCtx.certsVerificationTime = context->validationTime;
- }
-
- /* Verify signature */
- if (xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
- LogWarning("Signature verify error.");
- goto done;
- }
-
- if (dsigCtx->keyInfoReadCtx.flags2 &
- XMLSEC_KEYINFO_ERROR_FLAGS_BROKEN_CHAIN) {
- LogWarning("XMLSEC_KEYINFO_FLAGS_ALLOW_BROKEN_CHAIN was set to true!");
- LogWarning("Signature contains broken chain!");
- context->errorBrokenChain = true;
- }
-
- /* print verification result to stdout */
- if (dsigCtx->status == xmlSecDSigStatusSucceeded) {
- LogDebug("Signature is OK");
- res = 0;
- } else {
- LogDebug("Signature is INVALID");
- goto done;
- }
-
- if (dsigCtx->c14nMethod && dsigCtx->c14nMethod->id &&
- dsigCtx->c14nMethod->id->name) {
- LogInfo("Canonicalization method: " <<
- reinterpret_cast<const char *>(dsigCtx->c14nMethod->id->name));
- }
-
- size = xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences));
- for (int i = 0; i < size; ++i) {
- xmlSecDSigReferenceCtxPtr dsigRefCtx =
- (xmlSecDSigReferenceCtxPtr)xmlSecPtrListGetItem(&(dsigCtx->
- signedInfoReferences),
- i);
- if (dsigRefCtx && dsigRefCtx->uri) {
- if (dsigRefCtx->digestMethod && dsigRefCtx->digestMethod->id &&
- dsigRefCtx->digestMethod->id->name) {
- const char* pDigest =
- reinterpret_cast<const char *>(dsigRefCtx->digestMethod->id
- ->name);
- std::string strDigest(pDigest);
- LogInfo("reference digest method: " <<
- reinterpret_cast<const char *>(dsigRefCtx->digestMethod
- ->id
- ->name));
- if (strDigest == DIGEST_MD5) {
- LogWarning("MD5 digest method used! Please use sha");
- res = -1;
- break;
- }
- }
- context->referenceSet.insert(std::string(reinterpret_cast<char *>(
- dsigRefCtx->uri)));
- }
- }
-
-done:
- /* cleanup */
- if (dsigCtx != NULL) {
- xmlSecDSigCtxDestroy(dsigCtx);
- }
-
- if (doc != NULL) {
- xmlFreeDoc(doc);
- }
-
- if (res) {
- return ERROR_INVALID_SIGNATURE;
- }
- return NO_ERROR;
-}
-
-void XmlSec::loadDERCertificateMemory(XmlSecContext *context,
- xmlSecKeysMngrPtr mngr)
-{
- unsigned char *derCertificate = NULL;
- int size = i2d_X509(context->certificatePtr->getX509(), &derCertificate);
-
- if (!derCertificate) {
- LogError("Failed during x509 conversion to der format.");
- ThrowMsg(Exception::InternalError,
- "Failed during x509 conversion to der format.");
- }
-
- if (xmlSecCryptoAppKeysMngrCertLoadMemory(mngr,
- derCertificate,
- size,
- xmlSecKeyDataFormatDer,
- xmlSecKeyDataTypeTrusted) < 0) {
- OPENSSL_free(derCertificate);
- LogError("Failed to load der certificate from memory.");
- ThrowMsg(Exception::InternalError,
- "Failed to load der certificate from memory.");
- }
-
- OPENSSL_free(derCertificate);
-}
-
-void XmlSec::loadPEMCertificateFile(XmlSecContext *context,
- xmlSecKeysMngrPtr mngr)
-{
- if (xmlSecCryptoAppKeysMngrCertLoad(mngr,
- context->certificatePath.c_str(),
- xmlSecKeyDataFormatPem,
- xmlSecKeyDataTypeTrusted) < 0) {
- LogError("Failed to load PEM certificate from file.");
- ThrowMsg(Exception::InternalError,
- "Failed to load PEM certificate from file.");
- }
-}
-
-XmlSec::Result XmlSec::validate(XmlSecContext *context)
-{
- Assert(context);
- Assert(!(context->signatureFile.empty()));
- Assert(context->certificatePtr.Get() || !(context->certificatePath.empty()));
-
- if (!m_initialized) {
- LogError("XmlSec is not initialized.");
- ThrowMsg(Exception::InternalError, "XmlSec is not initialized");
- }
-
- AutoPtr<xmlSecKeysMngr> mngr(xmlSecKeysMngrCreate());
-
- if (!mngr.get()) {
- LogError("Failed to create keys manager.");
- ThrowMsg(Exception::InternalError, "Failed to create keys manager.");
- }
-
- if (xmlSecCryptoAppDefaultKeysMngrInit(mngr.get()) < 0) {
- LogError("Failed to initialize keys manager.");
- ThrowMsg(Exception::InternalError, "Failed to initialize keys manager.");
- }
- context->referenceSet.clear();
-
- if (context->certificatePtr.Get()) {
- loadDERCertificateMemory(context, mngr.get());
- }
-
- if (!context->certificatePath.empty()) {
- loadPEMCertificateFile(context, mngr.get());
- }
-
- return validateFile(context, mngr.get());
-}
-} // namespace ValidationCore
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file XmlSecAdapter.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief
- */
-#ifndef _XMLSECADAPTER_H_
-#define _XMLSECADAPTER_H_
-
-#include <xmlsec/keysmngr.h>
-
-#include <dpl/exception.h>
-#include <dpl/noncopyable.h>
-#include <dpl/singleton.h>
-
-#include "Certificate.h"
-#include "ValidatorCommon.h"
-
-namespace ValidationCore {
-class XmlSec : public DPL::Noncopyable
-{
- public:
-
- struct XmlSecContext
- {
- /* You _must_ set one of the value: certificatePath or certificate. */
- XmlSecContext() :
- validationTime(0),
- allowBrokenChain(false),
- errorBrokenChain(false)
- {
- }
-
- /*
- * Absolute path to signature file.
- */
- std::string signatureFile;
- /*
- * Direcotory with signed data.
- * If you leave it empty xmlsec will use directory extracted
- * from signatureFile.
- */
- std::string workingDirectory;
- /*
- * Path to trusted certificate.
- */
- std::string certificatePath;
- /*
- * Trusted certificate. In most cases it should be Root CA certificate.
- */
- CertificatePtr certificatePtr;
- /*
- * Validation date.
- * 0 - uses current time.
- */
- time_t validationTime;
- /*
- * Input parameter.
- * If true, signature validation will not be interrupted by chain error.
- * If true and chain is broken then the value errorBrokenChain will be
- * set to true.
- */
- bool allowBrokenChain;
- /*
- * Output parameter.
- * This will be set if chain is incomplete or broken.
- */
- bool errorBrokenChain;
- /*
- * Output parameter.
- * Reference checked by xmlsec
- */
- ReferenceSet referenceSet;
- };
-
- enum Result
- {
- NO_ERROR,
- ERROR_INVALID_SIGNATURE
- };
-
- class Exception
- {
- public:
- DECLARE_EXCEPTION_TYPE(DPL::Exception, Base)
- DECLARE_EXCEPTION_TYPE(Base, InternalError)
- };
-
- /*
- * Context - input/output param.
- */
- Result validate(XmlSecContext *context);
- protected:
- XmlSec();
- ~XmlSec();
- private:
- void deinitialize(void);
-
- void loadDERCertificateMemory(XmlSecContext *context,
- xmlSecKeysMngrPtr mngr);
- void loadPEMCertificateFile(XmlSecContext *context,
- xmlSecKeysMngrPtr mngr);
- Result validateFile(XmlSecContext *context,
- xmlSecKeysMngrPtr mngr);
-
- bool m_initialized;
-
- static std::string s_prefixPath;
- static int fileMatchCallback(const char *filename);
- static void* fileOpenCallback(const char *filename);
- static int fileReadCallback(void *context,
- char *buffer,
- int len);
- static int fileCloseCallback(void *context);
- static void fileExtractPrefix(XmlSecContext *context);
-};
-
-typedef DPL::Singleton<XmlSec> XmlSecSingleton;
-} // namespace ValidationCore
-#endif // _XMLSECVERIFICATOR_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*!
- * @file scoped_fclose.h
- * @author Piotr Marcinkiewicz (p.marcinkiew@samsung.com)
- * @version 1.0
- * @brief This file is the implementation file of scoped fclose RAII
- */
-#ifndef WRT_ENGINE_SRC_COMMON_SCOPED_GPOINTER_H
-#define WRT_ENGINE_SRC_COMMON_SCOPED_GPOINTER_H
-
-#include <cstddef>
-#include <glib-object.h>
-
-#include <dpl/scoped_resource.h>
-#include <dpl/assert.h>
-
-namespace WRT {
-struct ScopedGPointerPolicy
-{
- typedef gpointer Type;
- static Type NullValue()
- {
- return NULL;
- }
- static void Destroy(Type pointer)
- {
- if (pointer != NULL) {
- g_object_unref(pointer);
- }
- }
-};
-
-template <typename Class>
-class ScopedGPointer : public DPL::ScopedResource<ScopedGPointerPolicy>
-{
- typedef ScopedGPointerPolicy Policy;
- typedef DPL::ScopedResource<Policy> BaseType;
-
- public:
- explicit ScopedGPointer(typename Policy::Type pointer =
- Policy::NullValue()) :
- BaseType(pointer)
- {
- }
-
- Class *operator->() const throw()
- {
- Assert(this->m_value != Policy::NullValue() &&
- "Dereference of scoped NULL pointer!");
- return static_cast<Class *>(this->m_value);
- }
-
- Class & operator *() const throw()
- {
- Assert(this->m_value != Policy::NullValue() &&
- "Dereference of scoped NULL pointer!");
- return *static_cast<Class *>(this->m_value);
- }
-};
-} // namespace WRT
-
-#endif // WRT_ENGINE_SRC_COMMON_SCOPED_GPOINTER_H
${WRT_DAO_RO_SOURCES}
)
SET_TARGET_PROPERTIES(${TARGET_WRT_DAO_RO_LIB} PROPERTIES
- SOVERSION ${VERSION})
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION})
SET_TARGET_PROPERTIES(${TARGET_WRT_DAO_RO_LIB} PROPERTIES
COMPILE_FLAGS -fPIC)
ADD_LIBRARY(${TARGET_WRT_DAO_RW_LIB} SHARED ${WRT_DAO_RW_SOURCES})
SET_TARGET_PROPERTIES(${TARGET_WRT_DAO_RW_LIB} PROPERTIES
- SOVERSION ${VERSION})
+ SOVERSION ${API_VERSION}
+ VERSION ${VERSION})
SET_TARGET_PROPERTIES(${TARGET_WRT_DAO_RW_LIB} PROPERTIES COMPILE_FLAGS -fPIC)
${TARGET_WRT_DAO_RO_LIB})
INSTALL(TARGETS ${TARGET_WRT_DAO_RO_LIB}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
- )
+ DESTINATION lib)
INSTALL(TARGETS ${TARGET_WRT_DAO_RW_LIB}
- DESTINATION lib
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
- )
+ DESTINATION lib)
INSTALL(FILES
include/dpl/wrt-dao-ro/config_parser_data.h
include/dpl/wrt-dao-ro/property_dao_read_only.h
include/dpl/wrt-dao-ro/widget_config.h
include/dpl/wrt-dao-ro/widget_dao_read_only.h
+ include/dpl/wrt-dao-ro/wrt_db_types.h
include/dpl/wrt-dao-ro/WrtDatabase.h
DESTINATION include/dpl-efl/dpl/wrt-dao-ro
)
WrtDatabase::Address(),
WrtDatabase::Flags());
-void WrtDatabase::attachToThread()
+void WrtDatabase::attachToThreadRO()
{
- m_interface.AttachToThread();
+ m_interface.AttachToThread(DPL::DB::SqlConnection::Flag::RO);
+}
+
+void WrtDatabase::attachToThreadRW()
+{
+ m_interface.AttachToThread(DPL::DB::SqlConnection::Flag::RW);
}
void WrtDatabase::detachFromThread()
* @brief This file contains the implementation of common data types for wrtdb
*/
-#include <dpl/wrt-dao-ro/common_dao_types.h>
-
-#include <dpl/log/log.h>
-
namespace WrtDB {
-namespace Powder {
-
-Description::LevelEntry::LevelEntry(LevelEnum level) :
- level(level)
-{
-}
-
-bool Description::LevelEntry::isContextValid(LevelEnum level,
- const DPL::OptionalString& aContext) const
-{
- if (!aContext) {
- return level < level;
- } else {
- Context::const_iterator iter = context.find(*aContext);
- if (iter != context.end()) {
- return level < level;
- } else {
- return true;
- }
- }
-}
-
-bool Description::CategoryEntry::isCategoryValid(LevelEntry& aReason,
- LevelEnum aLevel,
- const DPL::OptionalString& aContext) const
-{
- for (LevelsContainer::const_iterator iter = levels.begin();
- iter != levels.end(); ++iter) {
- if (!iter->isContextValid(aLevel, aContext)) {
- aReason = *iter;
- return false;
- }
- }
- return true;
-}
-}
-
-namespace ChildProtection
-{
-
-PowderRules::CategoryRule::CategoryRule(const DPL::String& aCategory,
- Powder::Description::LevelEnum aLevel,
- const DPL::OptionalString& aContext) :
- category(aCategory),
- level(aLevel),
- context(aContext)
-{
-}
-
-PowderRules::PowderResult::PowderResult(InvalidReason aReason,
- const Powder::Description::LevelEntry& anInvalidDescription,
- const CategoryRule& anInvalidRule) :
- invalidDescription(anInvalidDescription),
- invalidRule(anInvalidRule),
- reason(aReason)
-{
-}
-
-//! Function checks if rule is fulfilled by description
-//! \param[in] rule checked rule
-//! \param[in] description
-//! \retval true rule is valid
-//! \retval false rule is invalid
-PowderRules::ResultPair PowderRules::isRuleValidForDescription(
- const CategoryRule& aRule,
- const Powder::Description& aDescription) const
-{
- Powder::Description::CategoryEntries::const_iterator
- iter = aDescription.categories.find(aRule.category);
- if (iter != aDescription.categories.end()) {
- Powder::Description::LevelEntry invalidDescription;
- if (!iter->second.isCategoryValid(invalidDescription, aRule.level,
- aRule.context)) {
- LogWarning("Widget forbidden for children detected");
- return std::make_pair(false,
- PowderResult(PowderResult::InvalidRule,
- invalidDescription,
- aRule));
- } else {
- return std::make_pair(true, PowderResult());
- }
- } else {
- return std::make_pair(true, PowderResult());
- }
-}
-
-//! Function checks if age limit is fulfilled by description
-//! \param[in] description
-//! \retval true age is valid
-//! \retval false age is invalid
-PowderRules::ResultPair PowderRules::isAgeValidForDescription(
- const Powder::Description& aDescription) const
-{
- if (!ageLimit) {
- return std::make_pair(true, PowderResult());
- } else {
- if (!!aDescription.ageRating) {
- if (*aDescription.ageRating <= *ageLimit) {
- return std::make_pair(true, PowderResult());
- } else {
- return std::make_pair(false,
- PowderResult(PowderResult::InvalidAge));
- }
- } else {
- if (!isAgeRatingRequired) {
- return std::make_pair(true, PowderResult());
- } else {
- return std::make_pair(
- false,
- PowderResult(PowderResult::AgeRatingNotSet));
- }
- }
- }
-}
-
-//! Function check if Widget description is valid for ChildProtection
-//! configuration
-//! \param description widget description
-//! \retval true widget is valid
-//! \retval false widget is invalid
-PowderRules::ResultPair PowderRules::isDescriptionValid(
- const Powder::Description& aDescription) const
-{
- ResultPair powderResult;
- for (RulesContainer::const_iterator iter = rules.begin();
- iter != rules.end(); ++iter) {
- powderResult = isRuleValidForDescription(*iter, aDescription);
- if (!powderResult.first) {
- return powderResult;
- }
- }
- return isAgeValidForDescription(aDescription);
-}
-
-}
} // namespace WrtDB
#include <dpl/wrt-dao-ro/WrtDatabase.h>
namespace WrtDB {
-
-void GlobalDAO::AddAdultBlackListElement(const DPL::String &url)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
-
- ScopedTransaction transaction(&WrtDatabase::interface());
- if (IsElementOnAdultBlackList(url)) {
- transaction.Commit();
- return;
- }
-
- WRT_DB_INSERT(insert, ChildProtectionBlacklist, &WrtDatabase::interface())
- ChildProtectionBlacklist::Row row;
- row.Set_url(url);
-
- insert->Values(row);
- insert->Execute();
- transaction.Commit();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to add element to AdultBlackList");
- }
-}
-
-void GlobalDAO::RemoveAdultBlackListElement(const DPL::String &url)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- WRT_DB_DELETE(deleteFrom, ChildProtectionBlacklist, &WrtDatabase::interface())
-
- deleteFrom->Where(Equals<ChildProtectionBlacklist::url>(url));
- deleteFrom->Execute();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to removed element from AdultBlackList");
- }
-}
-
-void GlobalDAO::UpdateAdultBlackList(const DPL::String &oldUrl,
- const DPL::String &newUrl)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
-
- ScopedTransaction transaction(&WrtDatabase::interface());
- if (IsElementOnAdultBlackList(newUrl)) {
- transaction.Commit();
- return;
- }
- WRT_DB_UPDATE(update, ChildProtectionBlacklist, &WrtDatabase::interface())
- ChildProtectionBlacklist::Row row;
- row.Set_url(newUrl);
-
- update->Where(Equals<ChildProtectionBlacklist::url>(oldUrl));
- update->Values(row);
- update->Execute();
- transaction.Commit();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to update an element in AdultBlackList");
- }
-}
-
-void GlobalDAO::SetDeveloperMode(bool mode)
-{
- LogDebug("updating Developer mode to:" << mode);
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- GlobalProperties::Row row;
- row.Set_developer_mode(mode);
-
- WRT_DB_UPDATE(update, GlobalProperties, &WrtDatabase::interface())
- update->Values(row);
- update->Execute();
- }
- Catch(DPL::DB::SqlConnection::Exception::Base){
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to update Developer Mode");
- }
-}
-
void GlobalDAO::AddDefferedWidgetPackageInstallation(const DPL::String &path)
{
LogDebug("Adding widget package as defered. Path: " << path);
}
}
-void GlobalDAO::SetParentalMode(bool parental_status)
+void GlobalDAO::SetDeveloperMode(bool mode)
{
+ LogDebug("updating Developer mode to:" << mode);
Try {
using namespace DPL::DB::ORM;
using namespace DPL::DB::ORM::wrt;
GlobalProperties::Row row;
- row.Set_parental_mode(parental_status);
- WRT_DB_UPDATE(update, GlobalProperties, &WrtDatabase::interface())
-
- update->Values(row);
- update->Execute();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to update Parental Mode");
- }
-}
-
-void GlobalDAO::SetParentalAllowedAge(const DPL::OptionalInt& age)
-{
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- Try {
- typedef wrt::GlobalProperties::Row ParentalAllowedAgeRow;
+ row.Set_developer_mode(mode);
- ParentalAllowedAgeRow row;
- row.Set_parental_allowed_age(age);
WRT_DB_UPDATE(update, GlobalProperties, &WrtDatabase::interface())
update->Values(row);
update->Execute();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
+ }
+ Catch(DPL::DB::SqlConnection::Exception::Base){
ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to update Parental Mode");
+ "Failed to update Developer Mode");
}
}
}
}
-void GlobalDAO::AddCategoryRule(const ChildProtection::PowderRules::
- CategoryRule& powder)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- PowderRules::Row row;
- row.Set_category(powder.category);
- row.Set_level(powder.level);
- row.Set_context(powder.context);
-
- wrt::ScopedTransaction transaction(&WrtDatabase::interface());
- if (IsPowderRulePresent(powder)) {
- transaction.Commit();
- return;
- }
- WRT_DB_INSERT(insert, PowderRules, &WrtDatabase::interface())
-
- insert->Values(row);
- insert->Execute();
- transaction.Commit();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to add POWDER rules");
- }
-}
-
-void GlobalDAO::RemoveCategoryRule(const ChildProtection::PowderRules::
- CategoryRule& powder)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
-
- if (!powder.context.IsNull()) {
- WRT_DB_DELETE(delWithContext, PowderRules, &WrtDatabase::interface())
-
- delWithContext->Where(
- And(Equals<PowderRules::category>(powder.category),
- And(Equals<PowderRules::level>(powder.level),
- Equals<PowderRules::context>(powder.context))));
- delWithContext->Execute();
- } else {
- WRT_DB_DELETE(delWithoutContext, PowderRules, &WrtDatabase::interface())
- delWithoutContext->Where(
- And(Equals<PowderRules::category>(powder.category),
- And(Equals<PowderRules::level>(powder.level),
- Is<PowderRules::context>(powder.context))));
- delWithoutContext->Execute();
- }
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to remove POWDER rules");
- }
-}
-
-void GlobalDAO::UpdateCategoryRule(
- const ChildProtection::PowderRules::CategoryRule& oldRule,
- const ChildProtection::PowderRules::CategoryRule& newRule)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- PowderRules::Row row;
- row.Set_category(newRule.category);
- row.Set_level(newRule.level);
- row.Set_context(newRule.context);
-
- wrt::ScopedTransaction transaction(&WrtDatabase::interface());
-
- if (IsPowderRulePresent(newRule)) {
- transaction.Commit();
- return;
- }
-
- if (!oldRule.context.IsNull()) {
- WRT_DB_UPDATE(updateWithContext, PowderRules, &WrtDatabase::interface())
- updateWithContext->Where(
- And(Equals<PowderRules::category>(oldRule.category),
- And(Equals<PowderRules::level>(oldRule.level),
- Equals<PowderRules::context>(oldRule.context))));
- updateWithContext->Values(row);
- updateWithContext->Execute();
- } else {
- WRT_DB_UPDATE(updateWithoutContext, PowderRules, &WrtDatabase::interface())
- updateWithoutContext->Where(
- And(Equals<PowderRules::category>(oldRule.category),
- And(Equals<PowderRules::level>(oldRule.level),
- Is<PowderRules::context>(oldRule.context))));
- updateWithoutContext->Values(row);
- updateWithoutContext->Execute();
- }
- transaction.Commit();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Failed to update POWDER rules");
- }
-}
-
void GlobalDAO::SetHomeNetworkDataUsage(GlobalDAO::NetworkAccessMode newMode)
{
LogDebug("updating home network data usage to:" << newMode);
}
}
-void GlobalDAO::SetAutoSaveIdPasswd(const DPL::String &url,
- const AutoSaveData &saveData)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- ScopedTransaction transaction(&WrtDatabase::interface());
- AutoSaveIdPasswd::Row row;
-
- row.Set_address(url);
- row.Set_userId(saveData.userId);
- row.Set_passwd(saveData.passwd);
-
- DPL::Optional<GlobalDAO::AutoSaveData> savedData =
- GetAutoSaveIdPasswd(url);
-
- if (!savedData.IsNull()) {
- WRT_DB_UPDATE(update, AutoSaveIdPasswd, &WrtDatabase::interface())
-
- update->Where(Equals<AutoSaveIdPasswd::address>(url));
- update->Values(row);
- update->Execute();
- } else {
- WRT_DB_INSERT(insert, AutoSaveIdPasswd, &WrtDatabase::interface());
- insert->Values(row);
- insert->Execute();
- }
-
- transaction.Commit();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAO::Exception::DatabaseError,
- "Fail to register id, passwd for autosave");
- }
-}
-
void GlobalDAO::AddWhiteURI(const std::string &uri, bool subDomain)
{
LogDebug("Add White URI : " << uri);
namespace WrtDB {
-ChildProtection::BlackList GlobalDAOReadOnly::GetAdultBlackList()
-{
- LogDebug("Getting AdultBlackList");
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- WRT_DB_SELECT(select, ChildProtectionBlacklist, &WrtDatabase::interface())
- std::list<DPL::String> list =
- select->GetValueList<ChildProtectionBlacklist::url>();
- ChildProtection::BlackList blacklist(list.begin(), list.end());
- return blacklist;
- }
- Catch(DPL::DB::SqlConnection::Exception::Base){
- ReThrowMsg(GlobalDAOReadOnly::Exception::DatabaseError,
- "Failed to get AdultBalckList");
- }
-}
-
-bool GlobalDAOReadOnly::IsElementOnAdultBlackList(const DPL::String &url)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- WRT_DB_SELECT(select, ChildProtectionBlacklist, &WrtDatabase::interface())
- select->Where(Equals<ChildProtectionBlacklist::url>(url));
-
- return !select->GetRowList().empty();
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAOReadOnly::Exception::DatabaseError,
- "Failure during checking if url is on pwoder black list");
- }
-}
-
bool GlobalDAOReadOnly::GetDeveloperMode()
{
LogDebug("Getting Developer mode");
}
}
-bool GlobalDAOReadOnly::GetParentalMode()
-{
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- WRT_DB_SELECT(select, GlobalProperties, &WrtDatabase::interface())
- return select->GetSingleValue<GlobalProperties::parental_mode>();
-}
-
-DPL::OptionalInt GlobalDAOReadOnly::GetParentalAllowedAge()
-{
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- WRT_DB_SELECT(select, GlobalProperties, &WrtDatabase::interface())
- return select->GetSingleValue<GlobalProperties::parental_allowed_age>();
-}
-
bool GlobalDAOReadOnly::GetSecureByDefault()
{
using namespace DPL::DB::ORM;
}
}
-
-bool GlobalDAOReadOnly::IsPowderRulePresent(
- const ChildProtection::PowderRules::CategoryRule& powder)
-{
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
-
- if (!powder.context.IsNull()) {
- WRT_DB_SELECT(selWithContext, PowderRules, &WrtDatabase::interface())
-
- selWithContext->Where(
- And(Equals<PowderRules::category>(powder.category),
- And(Equals<PowderRules::level>(powder.level),
- Equals<PowderRules::context>(powder.context))));
- return !selWithContext->GetRowList().empty();
- } else {
- WRT_DB_SELECT(selWithoutContext, PowderRules, &WrtDatabase::interface())
- selWithoutContext->Where(
- And(Equals<PowderRules::category>(powder.category),
- And(Equals<PowderRules::level>(powder.level),
- Is<PowderRules::context>(powder.context))));
- return !selWithoutContext->GetRowList().empty();
- }
- }
- Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAOReadOnly::Exception::DatabaseError,
- "Failure during checking if rule is present");
- }
-}
-
-ChildProtection::PowderRules GlobalDAOReadOnly::GetPowderRules()
-{
- ChildProtection::PowderRules powder;
- powder.ageLimit = GetParentalAllowedAge();
-
- Try {
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- typedef std::list<PowderRules::Row> PowderRulesList;
- WRT_DB_SELECT(select, PowderRules, &WrtDatabase::interface())
-
- PowderRulesList list = select->GetRowList();
- FOREACH(it, list) {
- using namespace Powder;
- powder.rules.push_back(
- ChildProtection::PowderRules::CategoryRule(
- it->Get_category(),
- static_cast<Description::LevelEnum>(it->Get_level()),
- it->Get_context()));
- }
- return powder;
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAOReadOnly::Exception::DatabaseError,
- "Failed to get POWDER rules");
- }
-}
-
GlobalDAOReadOnly::NetworkAccessMode
GlobalDAOReadOnly::GetHomeNetworkDataUsage()
{
}
}
-DPL::Optional<GlobalDAOReadOnly::AutoSaveData>
- GlobalDAOReadOnly::GetAutoSaveIdPasswd(const DPL::String &url)
-{
- Try{
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- WRT_DB_SELECT(select, AutoSaveIdPasswd, &WrtDatabase::interface());
- select->Where(Equals<AutoSaveIdPasswd::address>(url));
- AutoSaveIdPasswd::Select::RowList rows = select->GetRowList();
-
- if (rows.empty()) {
- return DPL::Optional<GlobalDAOReadOnly::AutoSaveData>::Null;
- }
-
- GlobalDAOReadOnly::AutoSaveData saveData;
- saveData.userId = rows.front().Get_userId();
- saveData.passwd = rows.front().Get_passwd();
- return saveData;
- } Catch(DPL::DB::SqlConnection::Exception::Base) {
- ReThrowMsg(GlobalDAOReadOnly::Exception::DatabaseError,
- "Failed to get autosave data string");
- }
-}
-
WidgetAccessInfoList GlobalDAOReadOnly::GetWhiteURIList()
{
LogDebug("Getting WhiteURIList.");
wacSecurity.getCertificateChainList(list);
registerLaunchCertificates(widgetHandle,list);
- registerWidgetPowderData(widgetHandle, widgetRegInfo);
-
registerWidgetSettings(widgetHandle, widgetRegInfo);
registerAppService(widgetHandle, widgetRegInfo);
row.Set_author_href(widgetConfigurationInfo.authorHref);
row.Set_base_folder(DPL::FromUTF8String(regInfo.baseFolder));
row.Set_webkit_plugins_required(widgetConfigurationInfo.flashNeeded);
- row.Set_child_protection(1);
row.Set_recognized(wacSecurity.isRecognized());
row.Set_wac_signed(wacSecurity.isWacSigned());
row.Set_distributor_signed(wacSecurity.isDistributorSigned());
widgetFeature.Set_app_id(widgetHandle);
widgetFeature.Set_name(pWidgetFeature->name);
widgetFeature.Set_required(pWidgetFeature->required);
+ widgetFeature.Set_rejected(false);
wrt::WidgetFeature::widget_feature_id::ColumnType widgetFeatureID;
{
}
}
+void WidgetDAO::updateFeatureRejectStatus(const DbWidgetFeature &widgetFeature){
+ // This function could be merged with registerWidgetFeature but it requires desing change:
+ // 1. Check "ace step" in installer must be done before "update database step"
+ // And:
+ // ConfigurationParserData shouldn't be called "ParserData" any more.
+ using namespace DPL::DB::ORM;
+
+ wrt::ScopedTransaction transaction(&WrtDatabase::interface());
+ WRT_DB_SELECT(select, wrt::WidgetFeature, &WrtDatabase::interface())
+ select->Where(And(Equals<wrt::WidgetFeature::app_id>(m_widgetHandle),
+ Equals<wrt::WidgetFeature::name>(widgetFeature.name)));
+
+ auto row = select->GetSingleRow();
+ row.Set_rejected(widgetFeature.rejected);
+
+ WRT_DB_UPDATE(update, wrt::WidgetFeature, &WrtDatabase::interface())
+ update->Where(And(Equals<wrt::WidgetFeature::app_id>(m_widgetHandle),
+ Equals<wrt::WidgetFeature::name>(widgetFeature.name)));
+ update->Values(row);
+ update->Execute();
+ transaction.Commit();
+}
+
void WidgetDAO::registerWidgetWindowModes(DbWidgetHandle widgetHandle,
const WidgetRegisterInfo ®Info)
{
}
}
-void WidgetDAO::registerWidgetPowderData(DbWidgetHandle widgetHandle,
- const WidgetRegisterInfo ®Info)
-{
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
-
- using namespace Powder;
-
- FOREACH(i, regInfo.powderDescription.categories)
- {
- const DPL::String& categoryName(i->first);
- const Description::CategoryEntry& categoryEntry(i->second);
- FOREACH(l, categoryEntry.levels)
- {
- PowderLevels::id::ColumnType powderID;
- {
- PowderLevels::Row row;
- row.Set_app_id(widgetHandle);
- row.Set_category(categoryName);
- row.Set_level(l->level);
-
- WRT_DB_INSERT(insert, PowderLevels, &WrtDatabase::interface())
- insert->Values(row);
- powderID = insert->Execute();
- }
-
- FOREACH(c, l->context)
- {
- PowderLevelContexts::Row row;
- row.Set_levelId(powderID);
- row.Set_context(*c);
-
- DO_INSERT(row, PowderLevelContexts)
- }
- }
- }
-}
-
void WidgetDAO::registerLaunchCertificates(DbWidgetHandle widgetHandle,
const CertificateChainList &certificateChainList)
{
DbWidgetFeature feature;
feature.name = i->Get_name();
feature.required = i->Get_required();
+ feature.rejected = i->Get_rejected();
feature.params = getFeatureParams(i->Get_widget_feature_id());
FeatureDAOReadOnly featureDao(DPL::ToUTF8String(i->Get_name()));
feature.pluginId = featureDao.GetPluginHandle();
return path.str();
}
-ChildProtection::Record WidgetDAOReadOnly::getChildProtection() const
-{
- WidgetInfoRow row = getWidgetInfoRow(m_widgetHandle);
- return ChildProtection::Record(row.Get_child_protection());
-}
-
-Powder::Description WidgetDAOReadOnly::getPowderDescription() const
-{
- //TODO check widget existance
- SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN
- {
- using namespace Powder;
- Description description;
-
- using namespace DPL::DB::ORM;
- using namespace DPL::DB::ORM::wrt;
- WRT_DB_SELECT(select, PowderLevels, &WrtDatabase::interface())
- select->Where(Equals<PowderLevels::app_id>(m_widgetHandle));
- typedef std::list<PowderLevels::Row> RowList;
- RowList list = select->GetRowList();
-
- FOREACH(it, list)
- {
- Description::CategoryEntry& categoryEntry =
- description.categories[it->Get_category()];
- Description::LevelEntry levelEntry(
- (Description::LevelEnum)it->Get_level());
-
- WRT_DB_SELECT(selectContexts, PowderLevelContexts, &WrtDatabase::interface())
- selectContexts->Where(Equals<PowderLevelContexts::levelId>(
- it->Get_id()));
- typedef std::list<PowderLevelContexts::Row> ContextsRowList;
- ContextsRowList contextsList = selectContexts->GetRowList();
-
- FOREACH(c, contextsList)
- levelEntry.context.insert(c->Get_context());
-
- categoryEntry.levels.push_back(levelEntry);
- }
- return description;
- }
- SQL_CONNECTION_EXCEPTION_HANDLER_END("Failed to get powder description")
-}
-
void WidgetDAOReadOnly::getWidgetSettings(
WidgetSettings& outWidgetSettings) const
{
public:
static const char *Address();
static DPL::DB::SqlConnection::Flag::Type Flags();
- static void attachToThread();
+ static void attachToThreadRO();
+ static void attachToThreadRW();
static void detachFromThread();
static DPL::DB::ThreadDatabaseSupport& interface();
static bool CheckTableExist(const char *name);
* @brief This file contains the declaration of common data types for wrtdb
*/
-#ifndef WRT_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_
-#define WRT_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_
+#ifndef WRT_WIDGET_DAO_COMMON_DAO_TYPES_H_
+#define WRT_WIDGET_DAO_COMMON_DAO_TYPES_H_
#include <set>
#include <string>
#include <dpl/shared_ptr.h>
namespace WrtDB {
-namespace Powder {
-
-typedef std::set<DPL::String> StringSet;
-//! Widget description
-struct Description
-{
- //!Content level
- typedef enum
- {
- Level0 = 0,
- Level1,
- Level2,
- Level3,
- Level4,
- Level5,
- LevelUnknown
- } LevelEnum;
- struct LevelEntry
- {
- LevelEnum level; //!< content level
-
- typedef StringSet Context;
-
- //! POWDER context
- //! xa This material appears in an artistic context
- //! xb This material appears in an educational context
- //! xc This material appears in a medical context
- //! xd This material appears in a sports context
- //! xe This material appears in a violent context
- Context context;
- explicit LevelEntry(LevelEnum level = LevelUnknown);
- //! Function checks if context is valid
- //! \param[in] level POWDER content level
- //! \param[in] context POWDER context
- bool isContextValid(LevelEnum level,
- const DPL::OptionalString& context) const;
- };
-
- struct CategoryEntry
- {
- //! Levels entries for POWDER description
- typedef std::vector <LevelEntry> LevelsContainer;
- LevelsContainer levels;
- //! Function checks if context is valid
- //! \param[out] reason set if context invalid
- //! \param[in] level POWDER content level
- //! \param[in] context POWDER context
- bool isCategoryValid(LevelEntry& reason,
- LevelEnum level,
- const DPL::OptionalString& context) const;
- };
-
- //! POWDER Category -> Category entry map for Widget
- //!
- //! nu Nudity
- //! se Sex
- //! vi Violence
- //! la Potentially offensive language
- //! dr Drug use
- //! ga Gambling
- //! ha Hate or harmful activities
- //! ug Use of user-generated content
- typedef std::map<DPL::String, CategoryEntry> CategoryEntries;
-
- CategoryEntries categories;
-
- //! Age rating for widget
- //! If Null not set
- DPL::OptionalInt ageRating;
-};
-} // namespace Powder
-
-namespace ChildProtection {
-
-//! Blacklist with forbidden URLs
-//! It should be stored in WidgetDAO
-typedef std::vector<DPL::String> BlackList;
-
-//! Widget Child protection record
-//! Record should be stored in WingetDAO
-struct Record
-{
- //! Child protection enabled
- bool enabled;
- explicit Record(bool enabled) :
- enabled(enabled)
- {
- }
-};
-
-//! Powder processing
-struct PowderRules
-{
- //! Rule set by parent about forbidden category
- //! Powder category
- //! nu Nudity
- //! se Sex
- //! vi Violence
- //! la Potentially offensive language
- //! dr Drug use
- //! ga Gambling
- //! ha Hate or harmful activities
- //! ug Use of user-generated content
- //! Powder context
- //! xa This material appears in an artistic conteaxt
- //! xb This material appears in an educational context
- //! xc This material appears in a medical context
- //! xd This material appears in a sports context
- //! xe This material appears in a violent context
- struct CategoryRule
- {
- DPL::String category;
- Powder::Description::LevelEnum level;
- DPL::OptionalString context;
- explicit CategoryRule(const DPL::String& category = DPL::String(),
- Powder::Description::LevelEnum level =
- Powder::Description::LevelUnknown,
- const DPL::OptionalString& context = DPL::OptionalString());
- };
-
- struct PowderResult
- {
- //! Reasoning outcome: part of POWDER description used to invalidate
- Powder::Description::LevelEntry invalidDescription;
- //! Reasoning outcome: rule set by parent not full filed by description
- CategoryRule invalidRule;
-
- //! Reasoning outcome: type of invalidity
- enum InvalidReason
- {
- InvalidRule, //!< One of rules was not fulfilled
- InvalidAge, //!< Age is invalid
- AgeRatingNotSet, //!< Age rating for widget is not set
- Valid //!< Description valid
- };
- InvalidReason reason;
- explicit PowderResult(InvalidReason reason = Valid,
- const Powder::Description::LevelEntry& invalidDescription =
- Powder::Description::LevelEntry(),
- const CategoryRule& invalidRule = CategoryRule());
- };
-
- typedef std::pair<bool, PowderResult> ResultPair;
-
- //! Function checks if rule is fulfilled by description
- //! \param[in] rule checked rule
- //! \param[in] description
- //! \retval true rule is valid
- //! \retval false rule is invalid
- ResultPair isRuleValidForDescription(const CategoryRule& rule,
- const Powder::Description& description) const;
- //! Function checks if age limit is fulfilled by description
- //! \param[in] description
- //! \retval true age is valid
- //! \retval false age is invalid
- ResultPair isAgeValidForDescription(
- const Powder::Description& description) const;
-
- //! It is the maximum age rating valid for child
- //! Uniform age is stored in WidgetDAO
- DPL::OptionalInt ageLimit;
-
- //! Set to true if age rating is required
- //! If ageLimit is not set value is ignored
- bool isAgeRatingRequired;
-
- //! Set of rules configured by parent
- //! Rules are stored in WidgetDAO and are uniform for all widgets
- typedef std::vector<CategoryRule> RulesContainer;
- RulesContainer rules;
-
- //! Function check if Widget description is valid for ChildProtection
- //! configuration
- //! \param description widget description
- //! \retval true widget is valid
- //! \retval false widget is invalid
- ResultPair isDescriptionValid(const Powder::Description& description)
- const;
-
- PowderRules() :
- isAgeRatingRequired(false)
- {
- }
-};
-} // namespace ChildProtection
-
class PluginMetafileData
{
public:
{
DPL::String name; /// Feature name
bool required; /// Whether feature is required
- DbPluginHandle pluginId; /// Plugin id that implement this feature
+ bool rejected; /// Api feature was rejected by ace
+ DbPluginHandle pluginId; /// Plugin id that implement this feature
WidgetParamMap params; /// Widget's params
DbWidgetFeature() :
};
typedef std::list<WidgetApplicationService> WidgetApplicationServiceList;
-#endif /* WRT_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_ */
+
+#endif /* WRT_WIDGET_DAO_COMMON_DAO_TYPES_H_ */
bool flashNeeded;
- DPL::OptionalFloat minVersionRequired;
- DPL::OptionalInt minVersionRequiredFound;
+ DPL::OptionalString minVersionRequired;
StringsList powderDescriptionLinks;
bool backSupported;
ConfigParserData() :
flashNeeded(false),
- minVersionRequired(1.0),
- minVersionRequiredFound(),
+ minVersionRequired(),
backSupported(false),
accessNetwork(false),
startFileEncountered(false)
{
return "/tmp";
}
+
+inline const char* GetWACVersion()
+{
+ return "2.0";
+}
} // namespace GlobalConfig
} // namespace WrtDB
};
public:
- /**
- * Retrieve Parental mode status
- *
- * @return true for Parental Mode on, false for Parental Mode off
- */
- static bool GetParentalMode();
-
- /**
- * Retrieve Parental mode maximal allowed age
- *
- * @return NULL if allowed age not set, else pointer value is allowed age
- */
- static DPL::OptionalInt GetParentalAllowedAge();
- /**
- * Retrieve Parental mode maximal allowed age
- *
- * @return NULL if allowed age not set, else pointer value is allowed age
- */
static bool IsValidSubTag(const DPL::String& tag, int type);
- static bool IsPowderRulePresent(
- const ChildProtection::PowderRules::CategoryRule& rule);
-
- static ChildProtection::PowderRules GetPowderRules();
-
- static ChildProtection::BlackList GetAdultBlackList();
-
- static bool IsElementOnAdultBlackList(const DPL::String &url);
-
/**
* Retrieve list of deffered widget packages to be installed
*
static DeviceCapabilitySet GetDeviceCapability(
const DPL::String &apifeature);
-
- /**
- * This method gets Autofill for Webkit
- */
- struct AutoSaveData
- {
- DPL::String userId;
- DPL::String passwd;
- };
-
- static DPL::Optional<AutoSaveData> GetAutoSaveIdPasswd(
- const DPL::String &url);
-
protected:
GlobalDAOReadOnly()
{
WidgetType type;
DPL::OptionalString guid;
DPL::OptionalString version;
+ DPL::OptionalString minVersion;
std::string shareHref;
std::string baseFolder;
WidgetSignatureType signatureType;
int isFactoryWidget;
int isTestWidget;
ConfigParserData configInfo;
- Powder::Description powderDescription;
LocalizationData localizationData;
DPL::OptionalString pkgname;
time_t installedTime;
// Local storage
std::string getPrivateLocalStoragePath() const;
- ChildProtection::Record getChildProtection() const;
-
- Powder::Description getPowderDescription() const;
-
bool getBackSupported() const;
static bool isWidgetInstalled(DbWidgetHandle handle);
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/*
- * wrt_db_types.h
+/**
*
- * Created on: Nov 21, 2011
- * Author: Krzysztof Jackiewicz(k.jackiewicz@samsung.com)
+ * @file wrt_db_types.h
+ * @author Krzysztof Jackiewicz
+ * @version 1.0
+ * @brief This file contains the declaration of common data types for wrtdb
*/
+#ifndef _WRT_DB_TYPES_H_
+#define _WRT_DB_TYPES_H_
-#ifndef WRT_DB_TYPES_H_
-#define WRT_DB_TYPES_H_
-
-#include <dpl/ace-dao-ro/common_dao_types.h>
+#include <dpl/wrt-dao-ro/common_dao_types.h>
typedef WrtDB::DbWidgetHandle WidgetHandle;
typedef WrtDB::DbWidgetHandleList WidgetHandleList;
typedef WrtDB::DbWidgetFeatureSet WidgetFeatureSet;
typedef WrtDB::DbWidgetSize WidgetSize;
-
typedef WrtDB::DbPluginHandle PluginHandle;
-#endif /* WRT_DB_TYPES_H_ */
+#endif
{
public:
/**
- * Set new Parental mode status
- */
- static void SetParentalMode(bool parental_status);
-
- /**
- * Retrieve Parental mode maximal allowed age
- *
- * @return NULL if allowed age not set, else pointer value is allowed age
- */
- static void SetParentalAllowedAge(const DPL::OptionalInt& age);
-
- static void AddCategoryRule(
- const ChildProtection::PowderRules::CategoryRule& powder);
-
- static void RemoveCategoryRule(
- const ChildProtection::PowderRules::CategoryRule& powder);
-
- static void UpdateCategoryRule(
- const ChildProtection::PowderRules::CategoryRule& oldRule,
- const ChildProtection::PowderRules::CategoryRule& newRule);
-
- static void AddAdultBlackListElement(const DPL::String &url);
-
- static void RemoveAdultBlackListElement(const DPL::String &url);
-
- static void UpdateAdultBlackList(const DPL::String &oldUrl,
- const DPL::String &newUrl);
-
- /**
* Add deffered widget packages to be installed
*/
static void AddDefferedWidgetPackageInstallation(const DPL::String &path);
*/
static void SetRoamingDataUsage(NetworkAccessMode newMode);
- /**
- * This method sets Autofill for Webkit
- */
- static void SetAutoSaveIdPasswd(
- const DPL::String &url, const AutoSaveData &saveData);
-
-
private:
GlobalDAO()
{
*/
void setPkgName(const DPL::OptionalString& pkgName);
+ /* This function will update of api-feature status.
+ * If status is true (feature rejected) plugin connected with this
+ * api feature mustn't be loaded durign widget launch.
+ */
+ void updateFeatureRejectStatus(const DbWidgetFeature &widgetFeature);
+
private:
//Methods used during widget registering
static DbWidgetHandle registerWidgetInfo(
static void registerWidgetCertificates(
DbWidgetHandle widgetHandle,
const IWacSecurity &wacSecurity);
- static void registerWidgetPowderData(
- DbWidgetHandle widgetHandle,
- const WidgetRegisterInfo ®Info);
static void registerLaunchCertificates(
DbWidgetHandle widgetHandle,
const CertificateChainList &list);
/*TODO: secure_by_default should be 0 by default*/
CREATE_TABLE(GlobalProperties)
COLUMN_NOT_NULL(developer_mode, INT, DEFAULT 0)
- COLUMN_NOT_NULL(parental_mode, INT, DEFAULT 0)
- COLUMN(parental_allowed_age, INT, DEFAULT NULL)
COLUMN_NOT_NULL(secure_by_default, INT, DEFAULT 1)
COLUMN_NOT_NULL(home_network_data_usage, TINYINT, DEFAULT 1)
COLUMN_NOT_NULL(roaming_data_usage, TINYINT, DEFAULT 1)
COLUMN(base_folder, VARCHAR(256), DEFAULT '')
COLUMN(webkit_plugins_required, TINYINT, DEFAULT 0)
COLUMN(security_domain, INT, DEFAULT 0)
- COLUMN_NOT_NULL(child_protection,INT, DEFAULT 0)
COLUMN(recognized, INT, DEFAULT 0)
COLUMN(wac_signed, INT, DEFAULT 0)
COLUMN(distributor_signed, INT, DEFAULT 0)
COLUMN_NOT_NULL(app_id, INT,)
COLUMN_NOT_NULL(name, VARCHAR(256),)
COLUMN_NOT_NULL(required, INT,)
+ COLUMN_NOT_NULL(rejected, INT,)
TABLE_CONSTRAINTS(
FOREIGN KEY (app_id) REFERENCES WidgetInfo (app_id) ON DELETE CASCADE
)
TABLE_CONSTRAINTS(PRIMARY KEY(FeatureUUID,DeviceCapID))
CREATE_TABLE_END()
-CREATE_TABLE(PowderLevels)
- COLUMN_NOT_NULL(app_id, INT, )
- COLUMN_NOT_NULL(id, INTEGER, primary key autoincrement)
- COLUMN_NOT_NULL(category, TEXT, )
- COLUMN_NOT_NULL(level, INTEGER, )
- TABLE_CONSTRAINTS(
- FOREIGN KEY (app_id) REFERENCES WidgetInfo (app_id) ON DELETE CASCADE
- )
-CREATE_TABLE_END()
-
-CREATE_TABLE(PowderLevelContexts)
- COLUMN_NOT_NULL(levelId, INTEGER, )
- COLUMN_NOT_NULL(context, TEXT, )
-
- TABLE_CONSTRAINTS(
- FOREIGN KEY (levelId) REFERENCES PowderLevels (id) ON DELETE CASCADE
- )
-CREATE_TABLE_END()
-
-CREATE_TABLE(ChildProtectionBlacklist)
- COLUMN_NOT_NULL(url, TEXT, unique)
-CREATE_TABLE_END()
-
-CREATE_TABLE(PowderRules)
- COLUMN_NOT_NULL(id, INTEGER, primary key autoincrement)
- COLUMN_NOT_NULL(category, TEXT, )
- COLUMN_NOT_NULL(level, INTEGER, )
- COLUMN(context, TEXT, )
- TABLE_CONSTRAINTS(unique(category,context))
-CREATE_TABLE_END()
-
CREATE_TABLE(DefferedWidgetPackageInstallation)
COLUMN_NOT_NULL(path, TEXT, unique)
CREATE_TABLE_END()
COLUMN(next_update_time, BIGINT,)
CREATE_TABLE_END()
-CREATE_TABLE(AutoSaveIdPasswd)
- COLUMN_NOT_NULL(address, VARCHAR(256), unique)
- COLUMN_NOT_NULL(userId, VARCHAR(128),)
- COLUMN_NOT_NULL(passwd, VARCHAR(128),)
-CREATE_TABLE_END()
-
CREATE_TABLE(SettginsList)
COLUMN_NOT_NULL(appId, INT,)
COLUMN_NOT_NULL(settingName, TEXT, )
SQL(
INSERT INTO UserAgents VALUES("Tizen", "Mozilla/5.0 (Linux; U; Tizen 1.0; en-us) AppleWebKit/534.46 (KHTML, like Gecko) Mobile Tizen Browser/1.0");
- INSERT INTO UserAgents VALUES("Chrome 16", "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20110706 Firefox/5.0");
)
SQL(
+++ /dev/null
-Name: dpl
-Summary: Design patterns library
-Version: 0.1.57
-Release: 1
-Group: System/Libraries
-License: TBD
-Source0: %{name}-%{version}.tar.bz2
-Requires(post): /sbin/ldconfig
-Requires(postun): /sbin/ldconfig
-BuildRequires: cmake
-BuildRequires: pkgconfig(ecore)
-BuildRequires: pkgconfig(vconf)
-BuildRequires: pkgconfig(heynoti)
-BuildRequires: pkgconfig(appcore-efl)
-BuildRequires: pkgconfig(libssl)
-BuildRequires: pkgconfig(sqlite3)
-BuildRequires: pkgconfig(db-util)
-BuildRequires: pkgconfig(glib-2.0)
-BuildRequires: pkgconfig(dlog)
-BuildRequires: pkgconfig(zlib)
-BuildRequires: pkgconfig(libpcrecpp)
-BuildRequires: pkgconfig(icu-uc)
-
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
-
-%description
-Design patterns library is a collection of useful C++ utilities to easily develop window applications.
-
-%package efl
-Summary: Design patterns library - EFL based
-Group: System/Libraries
-
-%description efl
-Design patterns library is a collection of useful C++ utilities to easily develop window applications.
-
-%package efl-devel
-Summary: Design patterns library - EFL based developer files
-Group: Development/Libraries
-Requires: %{name}-efl = %{version}-%{release}
-
-%description efl-devel
-Design patterns library is a collection of useful C++ utilities to easily develop window applications. The most important part of library is full MVC support. It also supports event-based architecture, adds wrappers for many packages and provides many basic C++ utilities as RAII objects, singletons, and many other.
-
-%prep
-%setup -q -n %{name}-%{version}
-
-%build
-
-cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \
- -DDPL_LOG=ON \
- -DDISABLE_GTK=ON
-
-# Call make instruction with smp support
-make %{?jobs:-j%jobs}
-
-# >> build post
-# << build post
-%install
-rm -rf %{buildroot}
-%make_install
-
-%clean
-rm -rf %{buildroot}
-
-%post -p /sbin/ldconfig
-
-%postun -p /sbin/ldconfig
-
-
-%files efl
-%defattr(-,root,root,-)
-%{_libdir}/lib*-efl.so*
-# << files
-
-%files efl-devel
-%defattr(-,root,root,-)
-%{_includedir}/dpl-efl/*
-%{_libdir}/pkgconfig/*-efl.pc
-
--- /dev/null
+#sbs-git:public/pkgs/w/wrt-commons wrt-commons 0.2.25
+Name: wrt-commons
+Summary: Wrt common library
+Version: 0.2.25
+Release: 1
+Group: Development/Libraries
+License: Apache License, Version 2.0
+URL: N/A
+Source0: %{name}-%{version}.tar.gz
+BuildRequires: cmake
+BuildRequires: pkgconfig(ecore)
+BuildRequires: pkgconfig(appcore-efl)
+BuildRequires: pkgconfig(libssl)
+BuildRequires: pkgconfig(sqlite3)
+BuildRequires: pkgconfig(dlog)
+BuildRequires: pkgconfig(glib-2.0)
+BuildRequires: pkgconfig(db-util)
+BuildRequires: pkgconfig(zlib)
+BuildRequires: pkgconfig(libpcrecpp)
+BuildRequires: pkgconfig(icu-i18n)
+BuildRequires: pkgconfig(libxml-2.0)
+BuildRequires: pkgconfig(openssl)
+BuildRequires: pkgconfig(cert-svc)
+BuildRequires: pkgconfig(libiri)
+BuildRequires: pkgconfig(libidn)
+
+%description
+Wrt common library
+
+%package devel
+Summary: Wrt common library development headers
+Group: Development/Libraries
+Requires: %{name} = %{version}
+
+%description devel
+Wrt common library development headers
+
+%prep
+%setup -q
+
+%build
+export LDFLAGS+="-Wl,--rpath=%{_libdir} -Wl,--hash-style=both -Wl,--as-needed"
+cmake . -DVERSION=%{version} \
+ -DDPL_LOG="OFF" \
+ -DCMAKE_INSTALL_PREFIX=%{_prefix}
+make %{?jobs:-j%jobs}
+
+%install
+%make_install
+
+%clean
+rm -rf %{buildroot}
+
+%post
+if [ -z ${2} ]; then
+ echo "This is new install of wrt-commons"
+ echo "Calling /usr/bin/wrt_commons_reset_db.sh"
+ /usr/bin/wrt_commons_reset_db.sh
+else
+ # Find out old and new version of databases
+ WRT_OLD_DB_VERSION=`sqlite3 /opt/dbspace/.wrt.db ".tables" | grep "DB_VERSION_"`
+ WRT_NEW_DB_VERSION=`cat /usr/share/wrt-engine/wrt_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_`
+ echo "OLD wrt database version ${WRT_OLD_DB_VERSION}"
+ echo "NEW wrt database version ${WRT_NEW_DB_VERSION}"
+
+ if [ ${WRT_OLD_DB_VERSION} -a ${WRT_NEW_DB_VERSION} ]
+ then
+ if [ ${WRT_NEW_DB_VERSION} = ${WRT_OLD_DB_VERSION} ]
+ then
+ echo "Equal database detected so db installation ignored"
+ else
+ echo "Calling /usr/bin/wrt_commons_reset_db.sh"
+ /usr/bin/wrt_commons_reset_db.sh
+ fi
+ else
+ echo "Calling /usr/bin/wrt_commons_reset_db.sh"
+ /usr/bin/wrt_commons_reset_db.sh
+ fi
+fi
+
+mkdir -p /usr/etc/ace
+mkdir -p /usr/apps/org.tizen.policy
+
+# DBUS services fix
+# WARNING: THIS IS TEMPORARY SOLUTION, AS THIS SHOULD NOT BE OUR
+# RESPONSIBILITY!!! WE HAVE TO CONTACT TO DBUS MAINAINERS
+
+if [ -f /var/lib/dbus/machine-id ]; then
+ echo "machine-id exists"
+else
+ if [ -f /usr/var/lib/dbus/machine-id ]; then
+ echo "machine-id exists"
+ else
+ echo "Creating machine-id"
+ mkdir -p /usr/var/lib/dbus/
+ dbus-uuidgen > /usr/var/lib/dbus/machine-id
+ dbus-uuidgen --ensure=/usr/var/lib/dbus/machine-id
+ fi
+ mkdir -p /var/lib/dbus/
+ cp /usr/var/lib/dbus/machine-id /var/lib/dbus/
+fi
+
+echo "[WRT] wrt-commons postinst done ..."
+
+%files
+%{_libdir}/*.so
+%{_libdir}/*.so.*
+/usr/share/wrt-engine/*
+%attr(775,root,root) %{_bindir}/wrt_commons_reset_db.sh
+%attr(775,root,root) %{_bindir}/wrt_commons_create_clean_db.sh
+
+%files devel
+%{_includedir}/dpl-efl/*
+%{_libdir}/pkgconfig/*.pc
ADD_SUBDIRECTORY(dbus)
ADD_SUBDIRECTORY(db)
ADD_SUBDIRECTORY(event)
-ADD_SUBDIRECTORY(ace)
-ADD_SUBDIRECTORY(vcore)
ADD_SUBDIRECTORY(localization)
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include "AttributeSetter.h"
-
-#include <dpl/singleton_impl.h>
-IMPLEMENT_SINGLETON(AttributeSetter)
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file AttributeSetter.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 0.1
- * @brief Stub for attribute_facade.h
- */
-#ifndef _TEST_ACE_TESTS_ATTRIBUTE_SETTER_
-#define _TEST_ACE_TESTS_ATTRIBUTE_SETTER_
-
-#include <list>
-#include <map>
-#include <string>
-
-#include <dpl/singleton.h>
-#include <dpl/foreach.h>
-#include <dpl/log/log.h>
-
-#include <dpl/ace/Request.h>
-#include <dpl/ace/WRT_INTERFACE.h>
-
-class AttributeSetter {
-public:
- typedef std::list<std::string> ValueList;
- typedef std::map<std::string, ValueList> AttributeMap;
- typedef std::map<int, AttributeMap> CollectionHandlerMap;
-
- typedef std::list<ATTRIBUTE> Evil;
-
- void get(const Request &request,
- const Evil* evil)
- {
- int handle = request.getWidgetHandle();
-
- CollectionHandlerMap::iterator widgetContextIt =
- m_collectionMap.find(handle);
-
- if (widgetContextIt == m_collectionMap.end()) {
- LogError("WidgetContext is empty");
- return;
- }
-
- FOREACH(it, *evil)
- {
- std::string attrName = *(it->first);
-
- if (attrName == "device-cap") {
- Request::DeviceCapabilitySet devCapSet =
- request.getDeviceCapabilitySet();
- std::copy(devCapSet.begin(),
- devCapSet.end(),
- std::back_inserter(*(it->second)));
- continue;
- }
-
- AttributeMap::iterator attrIt =
- widgetContextIt->second.find(attrName);
-
- if (attrIt == widgetContextIt->second.end()) {
- LogError("No attribute: " << attrName <<
- " in context nr: " << handle);
- const ATTRIBUTE &a = *it;
- const_cast<ATTRIBUTE&>(a).second = NULL;
- continue;
- }
-
- ValueList valueList = attrIt->second;
-
- std::copy(valueList.begin(),
- valueList.end(),
- std::back_inserter(*(it->second)));
- }
- }
-
- void addValue(int handler,
- const std::string &attributeName,
- const std::string &attributeValue)
- {
- m_collectionMap[handler][attributeName].push_back(attributeValue);
- }
-
- std::string getValue(int handler, const std::string &attributeName)
- {
- std::list<std::string> lst = m_collectionMap[handler][attributeName];
- if (lst.empty())
- return "fake-device-name-that-should-not-match-with-anything";
- return lst.front();
- }
-
- void addValue(int handler,
- const char *attributeName,
- const char *attributeValue)
- {
- std::string aN = attributeName;
- std::string aV = attributeValue;
- addValue(handler, aN, aV);
- }
-
- void clear() {
- m_collectionMap.clear();
- }
-protected:
- AttributeSetter(){}
- ~AttributeSetter(){}
-private:
- CollectionHandlerMap m_collectionMap;
-};
-
-typedef DPL::Singleton<AttributeSetter> AttributeSetterSingleton;
-
-#endif // _TEST_ACE_TESTS_ATTRIBUTE_SETTER_
+++ /dev/null
-#
-#Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# @file CMakeLists.txt
-# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
-# @version 0.1
-# @brief
-#
-INCLUDE(FindPkgConfig)
-SET(TARGET_ACE_TEST "dpl-tests-ace")
-
-PKG_CHECK_MODULES(ACE_TEST_DEP
- libxml-2.0
- gobject-2.0
- REQUIRED
- )
-
-# Set DPL tests sources
-SET(ACE_TESTS_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/ace/ace_tests.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/loop_control.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/TestSuite01.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/TestSuite02.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/TestSuite03.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/TestSuite04.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/TestSuite05.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/TestSuite06.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/TestSuite07.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/Interfaces.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/PEPSingleton.cpp
- ${PROJECT_SOURCE_DIR}/tests/ace/AttributeSetter.cpp
- )
-
-INCLUDE_DIRECTORIES(
- ${SYS_EFL_INCLUDE_DIRS}
- ${DPL_TEST_INCLUDE_DIR}
- ${PROJECT_SOURCE_DIR}/modules/ace/include
- ${PROJECT_SOURCE_DIR}/tests/ace
- ${ACE_TEST_DEP_INCLUDE_DIRS}
- )
-
-ADD_EXECUTABLE(${TARGET_ACE_TEST} ${ACE_TESTS_SOURCES})
-
-TARGET_LINK_LIBRARIES(${TARGET_ACE_TEST}
- ${SYS_EFL_LIBRARIES}
- ${TARGET_DPL_EFL}
- ${TARGET_DPL_TEST_ENGINE_EFL}
- ${TARGET_ACE_LIB}
- ${ACE_TEST_DEP_LIBRARIES}
- )
-
-INSTALL(TARGETS ${TARGET_ACE_TEST}
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
- )
-
-ADD_SUBDIRECTORY(test-configuration)
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file Interfaces.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Stubs used by PolicyInformationPoint.h
- */
-#include "Interfaces.h"
-
-#include <dpl/log/log.h>
-
-#include "AttributeSetter.h"
-
-int WebRuntimeImp::getAttributesValues(
- const Request &request,
- std::list<ATTRIBUTE> *attribute)
-{
- LogError("Running stub");
- AttributeSetterSingleton::Instance().get(request, attribute);
- return 0;
-}
-
-int ResourceInformationImp::getAttributesValues(
- const Request &request,
- std::list<ATTRIBUTE> *attribute)
-{
- LogError("Running stub");
- AttributeSetterSingleton::Instance().get(request, attribute);
- return 0;
-}
-
-int OperationSystemImp::getAttributesValues(
- const Request &request,
- std::list<ATTRIBUTE> *attribute)
-{
- LogError("Running stub");
- AttributeSetterSingleton::Instance().get(request, attribute);
- return 0;
-}
-
-int FunctionParamImpl::getAttributesValues(const Request & /* request*/,
- std::list<ATTRIBUTE> *attributes)
-{
- LogError("Running stub");
- FOREACH(iter, *attributes)
- {
- std::string attributeName = *(iter->first);
-
- ParamMap::const_iterator i;
- std::pair<ParamMap::const_iterator, ParamMap::const_iterator> jj =
- paramMap.equal_range(attributeName);
-
- for (i = jj.first; i != jj.second; ++i) {
- iter->second->push_back(i->second);
- LogDebug("Attribute: " << attributeName << " Value: " <<
- i->second);
- }
- }
- return 0;
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file Interfaces.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Stubs used by PolicyInformationPoint.h
- */
-#ifndef _TEST_ACE_TESTS_INTERFACE_H_
-#define _TEST_ACE_TESTS_INTERFACE_H_
-
-#include <string>
-#include <dpl/ace/WRT_INTERFACE.h>
-#include <map>
-#include <vector>
-
-class Request;
-
-class WebRuntimeImp : public IWebRuntime {
-public:
- int getAttributesValues(
- const Request &request,
- std::list<ATTRIBUTE> *attribute);
- std::string getSessionId(const Request &) { return std::string(); }
-};
-
-class ResourceInformationImp : public IResourceInformation {
-public:
- int getAttributesValues(
- const Request &request,
- std::list<ATTRIBUTE> *attribute);
-};
-
-class OperationSystemImp : public IOperationSystem {
-public:
- int getAttributesValues(
- const Request &request,
- std::list<ATTRIBUTE> *attribute);
-};
-
-class FunctionParamImpl : public IFunctionParam
-{
-public:
- virtual int getAttributesValues(const Request & /* request*/,
- std::list<ATTRIBUTE> *attributes);
- void addAttribute(const std::string &key,
- const std::string &value)
- {
- paramMap.insert(make_pair(key, value));
- }
- virtual ~FunctionParamImpl() {}
-private:
- typedef std::multimap<std::string, std::string> ParamMap;
- ParamMap paramMap;
-};
-
-#endif // _TEST_ACE_TESTS_INTERFACE_H_
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file Interfaces.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Instance of PEP used in tests.
- */
-#include "PEPSingleton.h"
-
-#include <dpl/singleton_impl.h>
-IMPLEMENT_SINGLETON(PolicyEnforcementPoint)
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file Interfaces.h
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief Instantion of PEP used in tests.
- */
-#ifndef _TEST_ACE_TEST_PEPSINGLETON_H_
-#define _TEST_ACE_TEST_PEPSINGLETON_H_
-
-#include <dpl/singleton.h>
-#include <dpl/ace/PolicyEnforcementPoint.h>
-
-typedef DPL::Singleton<PolicyEnforcementPoint> PEPSingleton;
-
-#endif // _TEST_ACE_TEST_PEPSINGLETON_H_
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file TestSuite01.cpp
- * @author unknown
- * @version 1.0
- * @brief Test cases for PolicyEvaluator class.
- */
-#include <string>
-
-#include <dpl/log/log.h>
-#include <dpl/test/test_runner.h>
-
-#include <dpl/ace-dao-rw/AceDAO.h>
-#include <dpl/ace/Preference.h>
-#include <dpl/ace/SettingsLogic.h>
-#include <dpl/ace/PolicyEvaluator.h>
-
-#include "AttributeSetter.h"
-#include "Interfaces.h"
-#include "PEPSingleton.h"
-
-#define GENERAL_TEST_POLICY "/usr/etc/ace/general-test.xml"
-#define GENERAL_TEST_POLICY_UNDETERMIND "/usr/etc/ace/undefined-test.xml"
-#define GENERAL_TEST_POLICY_GSETTINGS "/usr/etc/ace/policy-test-gsettings.xml"
-#define GENERAL_TEST_POLICY_TEST "/usr/etc/ace/policy-test.xml"
-
-#define CLEANENV(d) \
- do{ \
- if (PEPSingleton::Instance().getPdp()->getCurrentPolicy() != (d)) { \
- PEPSingleton::Instance().getPdp()->updatePolicy(d); \
- } \
- AttributeSetterSingleton::Instance().clear(); \
- AceDB::AceDAO::clearWidgetDevCapSettings(); \
- AceDB::AceDAO::clearDevCapSettings(); \
- }while(0)
-
-#define QU(nr, subid, resid) \
- do{ \
- AttributeSetterSingleton::Instance().addValue((nr), "id", (subid)); \
- AttributeSetterSingleton::Instance().addValue((nr), "resource-id", (resid));\
- }while(0)
-
-#define QA(nr, attrname, attrvalue) \
- AttributeSetterSingleton::Instance().addValue((nr), (attrname), (attrvalue))
-
-#define QC(nr, expect) \
- do{ \
- Request request((nr), WidgetExecutionPhase_Unknown); \
- std::string a = \
- AttributeSetterSingleton::Instance().getValue((nr),"resource-id"); \
- request.addDeviceCapability(a); \
- PolicyResult result = PEPSingleton::Instance().check(request); \
- RUNNER_ASSERT(result == (expect)); \
- }while(0)
-
-#define QCP(nr, param, expect) \
- do{ \
- Request request((nr), WidgetExecutionPhase_Unknown, (param)); \
- std::string a = \
- AttributeSetterSingleton::Instance().getValue((nr),"resource-id"); \
- request.addDeviceCapability(a); \
- PolicyResult result = PEPSingleton::Instance().check(request); \
- RUNNER_ASSERT(result == (expect)); \
- }while(0)
-
-#define TESTSUITE01(n) \
-RUNNER_TEST(ts01_general_tests_ ## n)
-
-TESTSUITE01(01){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "subject", "resource");
- QA(1, "version", "3");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(02){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(2, "subject2", "resource");
- QA(2, "version", "1");
- QC(2, PolicyEffect::DENY);
-}
-
-TESTSUITE01(03){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(3, "subject3", "resource2");
- QC(3, PolicyEffect::DENY);
-}
-
-TESTSUITE01(04){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(4, "subject4", "resource4");
- QA(4, "version", "4");
- QC(4, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(05){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(5, "subject5", "resource5");
- QA(5, "version", "5");
- QC(5, PolicyEffect::PERMIT);
-
- QU(6, "subject5", "resource5");
- QA(6, "version", "1");
- QC(6, PolicyDecision::NOT_APPLICABLE);
-
- QU(7, "subject6", "resource6");
- QA(7, "version", "1");
- QC(7, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(06){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(6, "subject7", "resource7");
- QA(6, "version", "7");
- QA(6, "author", "author");
- QC(6, PolicyDecision::NOT_APPLICABLE);
-
- QU(7, "subject7", "resource7");
- QA(7, "version", "7");
- QA(7, "author", "author2");
- QC(7, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(07){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(3, "subject7", "resource7");
- QA(3, "version", "1");
- QA(3, "author", "author3");
- QC(3, PolicyEffect::DENY);
-}
-
-TESTSUITE01(08){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(8, "s8a", "r8");
- QA(8, "r8v1", "1");
- QA(8, "r8v2", "2");
- QC(8, PolicyEffect::PERMIT);
-
- QU(9, "s8b", "r8");
- QA(9, "r8v1", "1");
- QA(9, "r8v2", "2");
- QC(9, PolicyEffect::DENY);
-
- QU(19, "s8c", "r8");
- QA(19, "r8v1", "1");
- QA(19, "r8v2", "2");
- QC(19, PolicyDecision::NOT_APPLICABLE);
-}
-
-TESTSUITE01(09){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s9a", "r9");
- QA(1, "r9a", "http://onet.pl:90/test.html");
- QA(1, "r9b", "http://onet.pl:80/test.html");
- QA(1, "r9c", "http://onet.pl:80");
- QA(1, "r9d", "http://onet.pl:80");
- QA(1, "r9e", "http://onet.pl:80/test.html");
- QA(1, "r9g", "http://onet.pl:80/test.html");
- QC(1, PolicyEffect::PERMIT);
-
- QU(2, "s9b", "r9");
- QA(2, "r9a", "http://onet.pl:90/test.html");
- QA(2, "r9b", "http://onet.pl:80/test.html");
- QA(2, "r9c", "http://onet.pl:80");
- QA(2, "r9d", "http://onet.pl:80");
- QA(2, "r9e", "http://onet.pl:80/test.html");
- QA(2, "r9g", "http://onet.pl:80/test.html");
- QC(2, PolicyEffect::DENY);
-
- QU(3, "s9c", "r9");
- QA(3, "r9a", "http://onet.pl:90/test.html");
- QA(3, "r9b", "http://onet.pl:80/test.html");
- QA(3, "r9c", "http://onet.pl:80");
- QA(3, "r9d", "http://onet.pl:80");
- QA(3, "r9e", "http://onet.pl:80/test.html");
- QA(3, "r9g", "http://onet.pl:80/test.html");
- QC(3, PolicyEffect::PERMIT);
-
- QU(4, "s9d", "r9");
- QA(4, "r9a", "http://onet.pl:90/test.html");
- QA(4, "r9b", "http://onet.pl:80/test.html");
- QA(4, "r9c", "http://onet.pl:80");
- QA(4, "r9d", "http://onet.pl:80");
- QA(4, "r9e", "http://onet.pl:80/test.html");
- QA(4, "r9g", "http://onet.pl:80/test.html");
- QC(4, PolicyEffect::DENY);
-
- QU(5, "s9e", "r9");
- QA(5, "r9a", "http://onet.pl:90/test.html");
- QA(5, "r9b", "http://onet.pl:80/test.html");
- QA(5, "r9c", "http://onet.pl:80");
- QA(5, "r9d", "http://onet.pl:80");
- QA(5, "r9e", "http://onet.pl:80/test.html");
- QA(5, "r9g", "http://onet.pl:80/test.html");
- QC(5, PolicyEffect::DENY);
-
- QU(6, "s9f", "r9");
- QA(6, "r9a", "http://onet.pl:90/test.html");
- QA(6, "r9b", "http://onet.pl:80/test.html");
- QA(6, "r9c", "http://onet.pl:80");
- QA(6, "r9d", "http://onet.pl:80");
- QA(6, "r9e", "http://onet.pl:80/test.html");
- QA(6, "r9g", "http://onet.pl:80/test.html");
- QC(6, PolicyEffect::PERMIT);
-
- QU(7, "s9g", "r9");
- QA(7, "r9a", "http://onet.pl:90/test.html");
- QA(7, "r9b", "http://onet.pl:80/test.html");
- QA(7, "r9c", "http://onet.pl:80");
- QA(7, "r9d", "http://onet.pl:80");
- QA(7, "r9e", "http://onet.pl:80/test.html");
- QA(7, "r9g", "http://onet.pl:80/test.html");
- QC(7, PolicyEffect::DENY);
-
- QU(8, "s9h", "r9");
- QA(8, "r9a", "http://onet.pl:90/test.html");
- QA(8, "r9b", "http://onet.pl:80/test.html");
- QA(8, "r9c", "http://onet.pl:80");
- QA(8, "r9d", "http://onet.pl:80");
- QA(8, "r9e", "http://onet.pl:80/test.html");
- QA(8, "r9g", "http://onet.pl:80/test.html");
- QC(8, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(10){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s10a", "r10");
- QA(1, "r10a", "15ba");
- QA(1, "r10c", "15a1");
- QC(1, PolicyEffect::PERMIT);
-
- QU(2, "s10b", "r10");
- QA(2, "r10a", "15ba");
- QA(2, "r10c", "15a1");
- QC(2, PolicyEffect::DENY);
-
- QU(3, "s10c", "r10");
- QA(3, "r10a", "15ba");
- QA(3, "r10c", "15a1");
- QC(3, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(11){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s15", "device:pim.contacts");
- QA(1, "uri", "//buu.com.pl");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(12){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s16", "device:pim.contacts");
- QA(1, "uri", "//v.com.pl");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(13){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s17a", "resource4");
- QA(1, "version", "4");
- QC(1, PolicyEffect::PERMIT);
-
- QU(2, "s17b", "resource4");
- QA(2, "version", "4");
- QC(2, PolicyEffect::DENY);
-}
-
-TESTSUITE01(14){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s18a", "device:pim.contacts");
- QA(1, "uri", "buu.com.pl");
- QC(1, PolicyEffect::PERMIT);
-
- QU(2, "s18b", "device:pim.contacts");
- QA(2, "uri", "buu.com.pl");
- QC(2, PolicyEffect::PERMIT);
-
- QU(3, "s18c", "device:pim.contacts");
- QA(3, "uri", "buu.com.pl");
- QC(3, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(15){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s19.1", "resource4");
- QA(1, "key-root-trust", "voperator");
- QC(1, PolicyEffect::DENY);
-
- QU(2, "s19.2", "resource4");
- QA(2, "key-root-trust", "voperator");
- QC(2, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(16){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s20.1", "resource4");
- QA(1, "signer-id", "v7zha89%49x£$");
- QC(1, PolicyEffect::DENY);
-
- QU(2, "s20.2", "resource4");
- QA(2, "signer-id", "v7zha89%49x£$");
- QC(2, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(17){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s21", "undetermined");
- QC(1, PolicyDecision::NOT_APPLICABLE);
-
-
- QU(2, "s21a", "undetermined");
- QC(2, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(18){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s23", "device:pim.contacts");
- QA(1, "version", "undetermined");
- QC(1, PolicyDecision::NOT_APPLICABLE);
-}
-
-TESTSUITE01(19){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s24", "device:pim");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(20){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s25.1", "device:pim.contacts");
- QA(1, "version", "5");
- QA(1, "roaming", "off");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(21){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s25.2", "device:pim.contacts");
- QA(1, "version", "undetermined");
- QC(1, PolicyDecision::NOT_APPLICABLE);
-}
-
-TESTSUITE01(22){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- QU(1, "s25.3", "device:pim.contacts");
-// undetermined QA(1, "version", "");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(23){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- QU(1, "s25.4", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "", true);
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(24){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- QU(1, "s26.1", "device:pim.contacts");
- QA(1, "version", "5");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(25){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- QU(1, "s26.2", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "", true);
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(26){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- QU(1, "s26.3", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "", true);
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(27){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- QU(1, "s26.4", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(28){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- QU(1, "s27.1", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(29){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s27.2", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(30){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s27.3", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyDecision::NOT_APPLICABLE);
-}
-
-TESTSUITE01(31){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s27.4", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(32){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s28", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(33){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s29", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(34){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s30.1", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(35){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s30.2", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(36){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s30.3", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(37){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s30.4", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(38){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- QU(1, "s31.1", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(39){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s31.2.1", "device:pim.contacts");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(40){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s31.2.2", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(41){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s31.3", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(42){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s32.1", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(43){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s32.2.1", "device:pim.contacts");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(44){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s32.2.2", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(45){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s32.3", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(46){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s33.1", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(47){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s33.2", "device:pim.contacts");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(48){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s33.3", "device:pim.contacts");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(49){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //Test undetermined, we have to refine this tests to test something
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s34.1", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(50){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s34.2", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(51){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s35.1", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(52){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- //undetermined
- //QA(1, "version", "undetermined", true);
- QU(1, "s35.2", "device:pim.contacts");
- QC(1, PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE01(53){
- CLEANENV(GENERAL_TEST_POLICY_UNDETERMIND);
- QU(1, "s36", "device:pim.contacts");
- //undetermined
- //QA(1, "version", "undetermined", true);
- QC(1, PolicyDecision::NOT_APPLICABLE);
-}
-
-TESTSUITE01(54){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s37", "device:pim.contacts.read");
- QC(1, PolicyEffect::PROMPT_ONESHOT);
-}
-
-TESTSUITE01(55){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s38", "device:pim.contacts.read");
- QC(1, PolicyEffect::PROMPT_SESSION);
-
- QU(2, "s38.4", "device:pim.contacts.read");
- QC(2, PolicyEffect::PROMPT_SESSION);
-}
-
-TESTSUITE01(56){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s39", "device:pim.contacts.read");
- QC(1, PolicyEffect::PROMPT_BLANKET);
-
- QU(2, "s39.4", "device:pim.contacts.read");
- QC(2, PolicyEffect::PROMPT_BLANKET);
-}
-
-TESTSUITE01(57){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s40", "r40");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(58){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s41", "r41");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(59){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s42.1", "r42.1");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(60){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s42.2", "r42.2");
- QC(1, PolicyEffect::DENY);
-
-}
-
-TESTSUITE01(61){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s43.1", "r43.1");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(62){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s43.2", "r43.2");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(63){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s44.1", "r44.1");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(64){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s44.2", "r44.2");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(65){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s45.1", "r45.1");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(66){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s45.2", "r45.2");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(67){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s46.1", "r46.1");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(68){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s46.2", "r46.2");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(69){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s47.1", "r47.1");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(70){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s47.2", "r47.2");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(71){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "s48", "device:pim.contacts");
- QA(1, "uri", "http://www.test.pl:80");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(72){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "BF00", "BFR00");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(73){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "BF01", "BFR01");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(74){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "BF02", "BFR02");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(75){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "BF03", "BFR03");
- QC(1, PolicyEffect::DENY);
-}
-
-TESTSUITE01(76){
- CLEANENV(GENERAL_TEST_POLICY);
- QU(1, "BF04", "BFR04");
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(77){
- CLEANENV(GENERAL_TEST_POLICY);
- FunctionParamImpl functionParam;
- functionParam.addAttribute("param:recipients","+44091234");
- QU(1, "paramTestSubject", "resource");
- QA(1, "dev-cap","messaging");
- QCP(1, &functionParam, PolicyEffect::DENY);
-}
-
-TESTSUITE01(78){
- CLEANENV(GENERAL_TEST_POLICY);
- FunctionParamImpl functionParam;
- functionParam.addAttribute("param:recipients","+44081234");
- QU(1, "paramTestSubject", "resource");
- QA(1, "dev-cap","messaging");
- QCP(1, &functionParam, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(79){
- CLEANENV(GENERAL_TEST_POLICY);
- FunctionParamImpl functionParam;
- functionParam.addAttribute("param:recipients","+4812345656");
- QU(1, "paramTestSubject", "resource");
- QA(1, "dev-cap","messaging");
- QCP(1, &functionParam, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(80){
- CLEANENV(GENERAL_TEST_POLICY);
- FunctionParamImpl functionParam;
- functionParam.addAttribute("param:quality","low");
- QU(1, "paramTestSubject", "resource");
- QA(1, "dev-cap","messaging");
- QCP(1, &functionParam, PolicyDecision::NOT_APPLICABLE);
-}
-
-TESTSUITE01(81){
- CLEANENV(GENERAL_TEST_POLICY);
- FunctionParamImpl functionParam;
- functionParam.addAttribute("param:quality", "high");
- QU(1, "paramTestSubject", "resource");
- QA(1, "dev-cap","camera");
- QCP(1, &functionParam, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(82){
- CLEANENV(GENERAL_TEST_POLICY);
-
- QU(1, "s61a", "r61a");
- QC(1, PolicyEffect::DENY);
-
- FunctionParamImpl functionParam;
- functionParam.addAttribute("param:name", "type");
- QU(2, "s61b", "r61b");
- QCP(2, &functionParam, PolicyEffect::PERMIT);
-
- QU(3, "s61c", "r61c");
- QC(3, PolicyEffect::DENY);
-
- FunctionParamImpl functionParam4;
- functionParam4.addAttribute("param:name", "type");
- functionParam4.addAttribute("param:name", "port");
- QU(4, "s61d", "r61d");
- QCP(4, &functionParam4, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(83){
- CLEANENV(GENERAL_TEST_POLICY_TEST);
-
- PermissionList sList;
- sList.push_back(PermissionTriple(1, "b1", Preference::PREFERENCE_PERMIT));
- sList.push_back(PermissionTriple(2, "bb2", Preference::PREFERENCE_DENY));
- sList.push_back(PermissionTriple(3, "d3", Preference::PREFERENCE_DEFAULT));
- SettingsLogic::setWidgetDevCapSettings(sList);
-
- QU(1, "a1", "b1");
- QC(1, PolicyEffect::DENY);
-
- QU(2, "aa2", "bb2");
- QC(2, PolicyEffect::DENY);
-
- QU(3, "c3", "d3");
- QC(3, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(84){
- CLEANENV(GENERAL_TEST_POLICY_TEST);
- PermissionList sList;
- sList.push_back(PermissionTriple(3, "d3", Preference::PREFERENCE_ONE_SHOT_PROMPT));
- SettingsLogic::setWidgetDevCapSettings(sList);
- QU(3, "c3", "d3");
- QC(3, PolicyEffect::PROMPT_ONESHOT);
-}
-
-TESTSUITE01(85){
- CLEANENV(GENERAL_TEST_POLICY_TEST);
-
- PermissionList sList;
- sList.push_back(PermissionTriple(1, "bnp", Preference::PREFERENCE_DEFAULT));
- sList.push_back(PermissionTriple(2, "bbnp", Preference::PREFERENCE_DENY));
- sList.push_back(PermissionTriple(3, "dnp", Preference::PREFERENCE_PERMIT));
-
- SettingsLogic::setWidgetDevCapSettings(sList);
-
- QU(1, "anp", "bnp");
- QC(1, PolicyDecision::NOT_APPLICABLE);
-
- QU(2, "aanp", "bbnp");
- QC(2, PolicyEffect::DENY);
-
- QU(3, "cnp", "dnp");
- QC(3, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(86){
- CLEANENV(GENERAL_TEST_POLICY_TEST);
-
- PermissionList sList;
- sList.push_back(PermissionTriple(1, "b1", Preference::PREFERENCE_DEFAULT));
- sList.push_back(PermissionTriple(2, "bb", Preference::PREFERENCE_DENY));
- sList.push_back(PermissionTriple(3, "d3", Preference::PREFERENCE_PERMIT));
- sList.push_back(PermissionTriple(4, "b1", Preference::PREFERENCE_PERMIT));
- sList.push_back(PermissionTriple(5, "bb2", Preference::PREFERENCE_DENY));
- sList.push_back(PermissionTriple(6, "d3", Preference::PREFERENCE_DEFAULT));
-
- SettingsLogic::setWidgetDevCapSettings(sList);
-
- QU(1, "a1", "b1");
- QC(1, PolicyEffect::DENY);
-
- QU(2, "aa", "bb");
- QC(2, PolicyEffect::DENY);
-
- QU(3, "c3", "d3");
- QC(3, PolicyEffect::PERMIT);
-
- QU(5, "aa2", "bb2");
- QC(5, PolicyEffect::DENY);
-}
-
-TESTSUITE01(87){
- CLEANENV(GENERAL_TEST_POLICY_TEST);
-
- QU(1, "c3", "d3");
- QC(1, PolicyEffect::PERMIT);
-
- QU(2, "aa2", "bb2");
- QC(2, PolicyEffect::PERMIT);
-
- SettingsLogic::updateDevCapSetting("d3", Preference::PREFERENCE_DENY);
- SettingsLogic::updateDevCapSetting("bb2", Preference::PREFERENCE_DEFAULT);
-
- QC(1, PolicyEffect::DENY);
-
- QC(2, PolicyEffect::PERMIT);
-
- SettingsLogic::updateDevCapSetting("d3", Preference::PREFERENCE_PERMIT);
-
- QC(1, PolicyEffect::PERMIT);
-}
-
-TESTSUITE01(88){
- CLEANENV(GENERAL_TEST_POLICY_GSETTINGS);
- std::string d3("d3");
-
- QU(1, "c3", "d3");
- QC(1, PolicyEffect::PERMIT);
-
- QU(2, "aa2", "bb2");
- QC(2, PolicyEffect::PERMIT);
-
- QU(3, "a1", "d3");
- QC(3, PolicyEffect::DENY);
-
- SettingsLogic::updateDevCapSetting(d3, Preference::PREFERENCE_DEFAULT);
-
- QC(1, PolicyEffect::PERMIT);
-
- QC(2, PolicyEffect::PERMIT);
-
- QC(3, PolicyEffect::DENY);
-
- SettingsLogic::updateDevCapSetting(d3, Preference::PREFERENCE_DENY);
-
- QC(1, PolicyEffect::DENY);
-
- QC(3, PolicyEffect::DENY);
-
- SettingsLogic::updateDevCapSetting(d3, Preference::PREFERENCE_PERMIT);
-
- QC(1, PolicyEffect::PERMIT);
-
- QC(3, PolicyEffect::DENY);
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file TestSuite02.cpp
- * @author unknown
- * @version 1.0
- * @brief Test cases for Attribute class.
- */
-#include <string>
-
-#include <dpl/log/log.h>
-#include <dpl/test/test_runner.h>
-
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-
-#include <dpl/ace/PolicyEvaluator.h>
-
-#include "PEPSingleton.h"
-
-#define POLICY_ATTR_EXAMPLE "/usr/etc/ace/attr_policy-example.xml"
-#define POLICY_ATTR_EXAMPLE1 "/usr/etc/ace/attr_policy-example1.xml"
-#define POLICY_ATTR_EXAMPLE2 "/usr/etc/ace/attr_policy-example2.xml"
-#define POLICY_ATTR_EXAMPLE3 "/usr/etc/ace/attr_policy-example3.xml"
-#define POLICY_ATTR_EXAMPLE4 "/usr/etc/ace/attr_policy-example4.xml"
-#define POLICY_ATTR_EXAMPLE5 "/usr/etc/ace/attr_policy-example5.xml"
-#define POLICY_ATTR_EXAMPLE6 "/usr/etc/ace/attr_policy-example6.xml"
-#define POLICY_ATTR_EXAMPLE7 "/usr/etc/ace/attr_policy-example7.xml"
-#define POLICY_ATTR_EXAMPLE8 "/usr/etc/ace/attr_policy-example8.xml"
-
-#define CLEANENV(d) \
- do{ \
- if (PEPSingleton::Instance().getPdp()->getCurrentPolicy() != (d)) { \
- PEPSingleton::Instance().getPdp()->updatePolicy(d); \
- } \
- }while(0)
-
-#define PEPTR PEPSingleton::Instance().getPdp()
-
-#define TESTSUITE02(n) \
-RUNNER_TEST(ts02_extract_attributes_tests_ ## n)
-
-using namespace AceDB;
-
-bool AttrEqual(const AttributeSet &actual, AttributeSet * expected)
-{
- bool match = false;
- for (AttributeSet::const_iterator ita = actual.begin();
- ita != actual.end();
- ++ita)
- {
- match = false;
- for (AttributeSet::const_iterator ite = expected->begin();
- ite != expected->end();
- ++ite)
- {
- if ((*(*ita)->getName() == *(*ite)->getName()) &&
- ((*ita)->getType() == (*ite)->getType()))
- {
- match = true;
- }
- }
- if (!match)
- {
- LogError("Not found " <<
- *(*ita)->getName() <<
- " " << static_cast<int>((*ita)->getType()));
- return false;
- }
- }
- return true;
-}
-
-TESTSUITE02(01){
- CLEANENV(POLICY_ATTR_EXAMPLE);
-
- AttributeSet attrSet;
- std::string n1("name");
- BaseAttributePtr a1(new Attribute(&n1,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a1);
-
-
- std::string n2("resource-id");
- BaseAttributePtr a2(new Attribute(&n2,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a2);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(02){
- CLEANENV(POLICY_ATTR_EXAMPLE1);
-
- AttributeSet attrSet;
-
- std::string n3("uri.host");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
- std::string n4("key-root-trust");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a4);
-
- std::string n5("id");
- BaseAttributePtr a5(new Attribute(&n5,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a5);
-
- std::string n6("signer-id");
- BaseAttributePtr a6(new Attribute(&n6,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a6);
-
- std::string n7("version");
- BaseAttributePtr a7(new Attribute(&n7,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a7);
-
- std::string n8("r8v2");
- BaseAttributePtr a8(new Attribute(&n8,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a8);
-
- std::string n9("author");
- BaseAttributePtr a9(new Attribute(&n9,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a9);
-
- std::string n10("r9a.scheme");
- BaseAttributePtr a10(new Attribute(&n10,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a10);
-
- std::string n11("r9b.authority");
- BaseAttributePtr a11(new Attribute(&n11,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a11);
-
- std::string n12("r9c.scheme-authority");
- BaseAttributePtr a12(new Attribute(&n12,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a12);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(03){
- CLEANENV(POLICY_ATTR_EXAMPLE2);
-
- AttributeSet attrSet;
-
- std::string n1("id");
- BaseAttributePtr a1(new Attribute(&n1,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a1);
-
- std::string n3("version");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
- std::string n2("resource-id");
- BaseAttributePtr a2(new Attribute(&n2,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a2);
-
- std::string n4("author");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a4);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(04){
- CLEANENV(POLICY_ATTR_EXAMPLE3);
-
- AttributeSet attrSet;
-
- std::string n1("id");
- BaseAttributePtr a1(new Attribute(&n1,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a1);
-
- std::string n3("version");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
- std::string n2("resource-id");
- BaseAttributePtr a2(new Attribute(&n2,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a2);
-
- std::string n4("author");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a4);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(05){
- CLEANENV(POLICY_ATTR_EXAMPLE4);
-
- AttributeSet attrSet;
-
- std::string n1("id");
- BaseAttributePtr a1(new Attribute(&n1,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a1);
-
- std::string n3("version");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
-
- std::string n2("resource-id");
- BaseAttributePtr a2(new Attribute(&n2,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a2);
-
- std::string n4("author");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a4);
-
- std::string n5("author");
- BaseAttributePtr a5(new Attribute(&n5,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a5);
-
- std::string n6("version");
- BaseAttributePtr a6(new Attribute(&n6,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a6);
-
- std::string n7("ver");
- BaseAttributePtr a7(new Attribute(&n7,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a7);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(06){
- CLEANENV(POLICY_ATTR_EXAMPLE5);
-
- AttributeSet attrSet;
-
- std::string n3("uri.host");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
- std::string n4("key-root-trust");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a4);
-
- std::string n5("id");
- BaseAttributePtr a5(new Attribute(&n5,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a5);
-
- std::string n6("signer-id");
- BaseAttributePtr a6(new Attribute(&n6,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a6);
-
- std::string n7("version");
- BaseAttributePtr a7(new Attribute(&n7,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a7);
-
- std::string n13("name");
- BaseAttributePtr a13(new Attribute(&n13,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a13);
-
- std::string n14("resource-id");
- BaseAttributePtr a14(new Attribute(&n14,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a14);
-
- std::string n15("r8v2");
- BaseAttributePtr a15(new Attribute(&n15,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a15);
-
- std::string n16("author");
- BaseAttributePtr a16(new Attribute(&n16,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a16);
-
- std::string n17("r9a.scheme");
- BaseAttributePtr a17(new Attribute(&n17,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a17);
-
- std::string n18("r9b.authority");
- BaseAttributePtr a18(new Attribute(&n18,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a18);
-
- std::string n19("r9c.scheme-authority");
- BaseAttributePtr a19(new Attribute(&n19,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a19);
-
- std::string n20("resource-id");
- BaseAttributePtr a20(new Attribute(&n20,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a20);
-
- std::string n8("r8v2");
- BaseAttributePtr a8(new Attribute(&n8,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a8);
-
- std::string n9("author");
- BaseAttributePtr a9(new Attribute(&n9,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a9);
-
- std::string n10("r9a.scheme");
- BaseAttributePtr a10(new Attribute(&n10,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a10);
-
- std::string n11("r9b.authority");
- BaseAttributePtr a11(new Attribute(&n11,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a11);
-
- std::string n12("r9c.scheme-authority");
- BaseAttributePtr a12(new Attribute(&n12,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a12);
-
- std::string n21("resource-id");
- BaseAttributePtr a21(new Attribute(&n21,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a21);
-
- std::string n22("r8v2");
- BaseAttributePtr a22(new Attribute(&n22,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a22);
-
- std::string n23("author");
- BaseAttributePtr a23(new Attribute(&n23,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a23);
-
- std::string n24("r9a.scheme");
- BaseAttributePtr a24(new Attribute(&n24,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a24);
-
- std::string n25("r9b.authority");
- BaseAttributePtr a25(new Attribute(&n25,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a25);
-
- std::string n26("r9c.scheme-authority");
- BaseAttributePtr a26(new Attribute(&n26,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a26);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(07){
- CLEANENV(POLICY_ATTR_EXAMPLE6);
-
- AttributeSet attrSet;
-
- std::string n3("s-uri.host");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
- std::string n4("s-key-root-trust");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a4);
-
- std::string n5("s-id");
- BaseAttributePtr a5(new Attribute(&n5,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a5);
-
- std::string n6("s-signer-id");
- BaseAttributePtr a6(new Attribute(&n6,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a6);
-
- std::string n7("s-version");
- BaseAttributePtr a7(new Attribute(&n7,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a7);
-
- std::string n13("s-name");
- BaseAttributePtr a13(new Attribute(&n13,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a13);
-
- std::string n14("s-resource-id");
- BaseAttributePtr a14(new Attribute(&n14,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a14);
-
- std::string n15("s-r8v2");
- BaseAttributePtr a15(new Attribute(&n15,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a15);
-
- std::string n16("s-author");
- BaseAttributePtr a16(new Attribute(&n16,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a16);
-
- std::string n17("s-r9a.scheme");
- BaseAttributePtr a17(new Attribute(&n17,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a17);
-
- std::string n18("s-r9b.authority");
- BaseAttributePtr a18(new Attribute(&n18,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a18);
-
- std::string n19("s-r9c.scheme-authority");
- BaseAttributePtr a19(new Attribute(&n19,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a19);
-
- std::string n20("r-resource-id");
- BaseAttributePtr a20(new Attribute(&n20,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a20);
-
- std::string n8("r-r8v2");
- BaseAttributePtr a8(new Attribute(&n8,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a8);
-
- std::string n9("r-author");
- BaseAttributePtr a9(new Attribute(&n9,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a9);
-
- std::string n10("r-r9a.scheme");
- BaseAttributePtr a10(new Attribute(&n10,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a10);
-
- std::string n11("r-r9b.authority");
- BaseAttributePtr a11(new Attribute(&n11,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a11);
-
- std::string n12("r-r9c.scheme-authority");
- BaseAttributePtr a12(new Attribute(&n12,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a12);
-
- std::string n21("e-resource-id");
- BaseAttributePtr a21(new Attribute(&n21,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a21);
-
- std::string n22("e-r8v2");
- BaseAttributePtr a22(new Attribute(&n22,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a22);
-
- std::string n23("e-author");
- BaseAttributePtr a23(new Attribute(&n23,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a23);
-
- std::string n24("e-r9a.scheme");
- BaseAttributePtr a24(new Attribute(&n24,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a24);
-
- std::string n25("e-r9b.authority");
- BaseAttributePtr a25(new Attribute(&n25,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a25);
-
- std::string n26("e-r9c.scheme-authority");
- BaseAttributePtr a26(new Attribute(&n26,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a26);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(08){
- CLEANENV(POLICY_ATTR_EXAMPLE2);
-
- AttributeSet attrSet;
-
- std::string n1("id");
- BaseAttributePtr a1(new Attribute(&n1,
- Attribute::Match::Glob,
- Attribute::Type::Subject));
- attrSet.insert(a1);
-
- std::string n3("version");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Glob,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
-
- std::string n2("resource-id");
- BaseAttributePtr a2(new Attribute(&n2,
- Attribute::Match::Glob,
- Attribute::Type::Resource));
- attrSet.insert(a2);
-
- std::string n4("author");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Glob,
- Attribute::Type::Resource));
- attrSet.insert(a4);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(09){
- CLEANENV(POLICY_ATTR_EXAMPLE2);
-
- AttributeSet attrSet;
-
- std::string n1("id");
- BaseAttributePtr a1(new Attribute(&n1,
- Attribute::Match::Regexp,
- Attribute::Type::Subject));
- attrSet.insert(a1);
-
- std::string n3("version");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Regexp,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
-
- std::string n2("resource-id");
- BaseAttributePtr a2(new Attribute(&n2,
- Attribute::Match::Regexp,
- Attribute::Type::Resource));
- attrSet.insert(a2);
-
- std::string n4("author");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Regexp,
- Attribute::Type::Resource));
- attrSet.insert(a4);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(10){
- CLEANENV(POLICY_ATTR_EXAMPLE2);
-
- AttributeSet attrSet;
-
- std::string n1("id");
- BaseAttributePtr a1(new Attribute(&n1,
- Attribute::Match::Regexp,
- Attribute::Type::Subject));
- attrSet.insert(a1);
-
- std::string n3("version");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
-
- std::string n2("resource-id");
- BaseAttributePtr a2(new Attribute(&n2,
- Attribute::Match::Glob,
- Attribute::Type::Resource));
- attrSet.insert(a2);
-
- std::string n4("author");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Regexp,
- Attribute::Type::Resource));
- attrSet.insert(a4);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(11){
- CLEANENV(POLICY_ATTR_EXAMPLE7);
-
- AttributeSet attrSet;
-
- std::string n3("uri.host");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
- std::string n4("key-root-trust");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a4);
-
- std::string n5("id");
- BaseAttributePtr a5(new Attribute(&n5,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a5);
-
- std::string n6("signer-id");
- BaseAttributePtr a6(new Attribute(&n6,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a6);
-
- std::string n7("version");
- BaseAttributePtr a7(new Attribute(&n7,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a7);
-
- std::string n13("name");
- BaseAttributePtr a13(new Attribute(&n13,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a13);
-
- std::string n14("resource-id");
- BaseAttributePtr a14(new Attribute(&n14,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a14);
-
- std::string n15("r8v2");
- BaseAttributePtr a15(new Attribute(&n15,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a15);
-
- std::string n16("author");
- BaseAttributePtr a16(new Attribute(&n16,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a16);
-
- std::string n17("r9a.scheme");
- BaseAttributePtr a17(new Attribute(&n17,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a17);
-
- std::string n18("r9b.authority");
- BaseAttributePtr a18(new Attribute(&n18,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a18);
-
- std::string n19("r9c.scheme-authority");
- BaseAttributePtr a19(new Attribute(&n19,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a19);
-
- std::string n20("resource-id");
- BaseAttributePtr a20(new Attribute(&n20,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a20);
-
- std::string n8("r8v2");
- BaseAttributePtr a8(new Attribute(&n8,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a8);
-
- std::string n9("author");
- BaseAttributePtr a9(new Attribute(&n9,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a9);
-
- std::string n10("r9a.scheme");
- BaseAttributePtr a10(new Attribute(&n10,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a10);
-
- std::string n11("r9b.authority");
- BaseAttributePtr a11(new Attribute(&n11,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a11);
-
- std::string n12("r9c.scheme-authority");
- BaseAttributePtr a12(new Attribute(&n12,
- Attribute::Match::Equal,
- Attribute::Type::Resource));
- attrSet.insert(a12);
-
- std::string n21("resource-id");
- BaseAttributePtr a21(new Attribute(&n21,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a21);
-
- std::string n22("r8v2");
- BaseAttributePtr a22(new Attribute(&n22,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a22);
-
- std::string n23("author");
- BaseAttributePtr a23(new Attribute(&n23,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a23);
-
- std::string n24("r9a.scheme");
- BaseAttributePtr a24(new Attribute(&n24,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a24);
-
- std::string n25("r9b.authority");
- BaseAttributePtr a25(new Attribute(&n25,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a25);
-
- std::string n26("r9c.scheme-authority");
- BaseAttributePtr a26(new Attribute(&n26,
- Attribute::Match::Equal,
- Attribute::Type::Environment));
- attrSet.insert(a26);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
-TESTSUITE02(12){
- CLEANENV(POLICY_ATTR_EXAMPLE8);
-
- AttributeSet attrSet;
-
- std::string n1("id");
- BaseAttributePtr a1(new Attribute(&n1,
- Attribute::Match::Regexp,
- Attribute::Type::Subject));
- attrSet.insert(a1);
-
- std::string n3("version");
- BaseAttributePtr a3(new Attribute(&n3,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- attrSet.insert(a3);
-
-
- std::string n2("resource-id");
- BaseAttributePtr a2(new Attribute(&n2,
- Attribute::Match::Glob,
- Attribute::Type::Resource));
- attrSet.insert(a2);
-
- std::string n4("author");
- BaseAttributePtr a4(new Attribute(&n4,
- Attribute::Match::Regexp,
- Attribute::Type::Resource));
- attrSet.insert(a4);
-
- PEPTR->extractAttributesTest();
-
- bool result = AttrEqual(attrSet, PEPTR->getAttributeSet());
- RUNNER_ASSERT(result);
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file TestSuite03.cpp
- * @author Piotr Fatyga (p.fatyga@samsung.com)
- * @version 0.1
- * @brief Test cases for Condition class.
- */
-
-#include <string>
-
-#include <dpl/log/log.h>
-#include <dpl/test/test_runner.h>
-
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-#include <dpl/ace/Condition.h>
-
-#define TESTSUITE03(n) \
-RUNNER_TEST(ts03_condtitions_tests_ ## n)
-
-using namespace AceDB;
-
-BaseAttributePtr createAttribute(
- const char *name,
- const char * value,
- const Attribute::Type type = Attribute::Type::Subject)
-{
- std::string aName(name);
- BaseAttributePtr attr(new Attribute(&aName, Attribute::Match::Equal, type));
- if(value != NULL){
- std::string aValue(value);
- DPL::StaticPointerCast<Attribute>(attr)->addValue(&aValue);
- }
- return attr;
-}
-
-BaseAttributePtr createAttribute(
- const char *name,
- const char *value,
- const char *value2,
- const Attribute::Type type = Attribute::Type::Subject)
-{
- std::string aName(name);
- BaseAttributePtr attr(new Attribute(&aName, Attribute::Match::Equal, type));
- if(value != NULL && value2 != NULL ){
- std::string aValue(value), aValue2(value2);
- DPL::StaticPointerCast<Attribute>(attr)->addValue(&aValue);
- DPL::StaticPointerCast<Attribute>(attr)->addValue(&aValue2);
- }
- return attr;
-}
-
-
-bool MatchResultEqual(
- Attribute::MatchResult actual,
- Attribute::MatchResult expected)
-{
- return actual == expected;
-}
-
-bool evaluateResult(
- Condition con,
- AttributeSet & attrs,
- Attribute::MatchResult expectedResult)
-{
- Attribute::MatchResult matchResult = con.evaluateCondition(&attrs);
- return MatchResultEqual(matchResult ,expectedResult);
-}
-
-TESTSUITE03(01){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a1);
- attrSet.insert(a2);
- attrSet.insert(a3);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(02){
- Condition con(Condition::AND);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a1);
- attrSet.insert(a2);
- attrSet.insert(a3);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(03){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
- BaseAttributePtr a4 = createAttribute("version","wrongValue");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a2);
- attrSet.insert(a3);
- attrSet.insert(a4);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(04){
- Condition con(Condition::AND);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
- BaseAttributePtr a4 = createAttribute("version","bad");
- BaseAttributePtr a5 = createAttribute("version","var1", Attribute::Type::Resource);
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a2);
- attrSet.insert(a3);
- attrSet.insert(a4);
- attrSet.insert(a5);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRFalse));
-}
-
-TESTSUITE03(05){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
-
- BaseAttributePtr a4 = createAttribute("version","var1");
- BaseAttributePtr a5 = createAttribute("r8v2","var2");
- BaseAttributePtr a6 = createAttribute("author","va3");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a4);
- attrSet.insert(a5);
- attrSet.insert(a6);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(06){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
-
- BaseAttributePtr a4 = createAttribute("version","var2");
- BaseAttributePtr a5 = createAttribute("r8v2","var3");
- BaseAttributePtr a6 = createAttribute("author","va4");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a4);
- attrSet.insert(a5);
- attrSet.insert(a6);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRFalse));
-}
-
-TESTSUITE03(07){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
-
- BaseAttributePtr a4 = createAttribute("version","var1", Attribute::Type::Resource );
- BaseAttributePtr a5 = createAttribute("r8v2","var2", Attribute::Type::Resource);
- BaseAttributePtr a6 = createAttribute("author","va3", Attribute::Type::Resource);
-
- BaseAttributePtr a7 = createAttribute("version","var2" );
- BaseAttributePtr a8 = createAttribute("r8v2","var3");
- BaseAttributePtr a9 = createAttribute("author","va4");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a4);
- attrSet.insert(a5);
- attrSet.insert(a6);
- attrSet.insert(a7);
- attrSet.insert(a8);
- attrSet.insert(a9);
-
- //Despite that there are attribute a4,a5,a6 that matches the value of attributes
- //a1,a2,a3 the type of the attributes is different
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRFalse));
-}
-
-//Test if the same attributes (but other instances) passes the test
-
-TESTSUITE03(08){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
-
- BaseAttributePtr a4 = createAttribute("version","var1");
- BaseAttributePtr a5 = createAttribute("r8v2","var2", Attribute::Type::Resource);
- BaseAttributePtr a6 = createAttribute("author","va3", Attribute::Type::Resource);
- BaseAttributePtr a7 = createAttribute("r8v2","aaa");
- BaseAttributePtr a8 = createAttribute("author","aaa");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a4);
- attrSet.insert(a5);
- attrSet.insert(a6);
- attrSet.insert(a7);
- attrSet.insert(a8);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(09){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version", NULL); //empty bag
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- attrSet.insert(a1);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRFalse));
-}
-
-TESTSUITE03(10){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1","var2");
-
- BaseAttributePtr a4 = createAttribute("version","var1");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- attrSet.insert(a4);
- //It's enough that one value from string bag matches
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(11){
- Condition con(Condition::AND);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1","var2");
- BaseAttributePtr a2 = createAttribute("version","var3","var1");
-
- BaseAttributePtr a4 = createAttribute("version","var1");
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- attrSet.insert(a4);
- //It's enough that one value from string bag matches
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-
-TESTSUITE03(12){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("r8v2","var2");
- BaseAttributePtr a3 = createAttribute("author","va3");
-
- BaseAttributePtr a4 = createAttribute("version","var1");
- BaseAttributePtr a5 = createAttribute("r8v2","var2", Attribute::Type::Resource);
- BaseAttributePtr a6 = createAttribute("author","va3", Attribute::Type::Resource);
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
-
- attrSet.insert(a4);
- attrSet.insert(a5);
- attrSet.insert(a6);
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(13){
- Condition con(Condition::AND);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version",NULL);
- a1->setUndetermind(true);
- BaseAttributePtr a4 = createAttribute("version","var1");
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
- attrSet.insert(a1);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRUndetermined));
-}
-
-TESTSUITE03(14){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version",NULL);
- a1->setUndetermind(true);
- BaseAttributePtr a2 = createAttribute("author","good");
- BaseAttributePtr a4 = createAttribute("version","var1");
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- attrSet.insert(a1);
- attrSet.insert(a2);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(15){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version",NULL,NULL);
- a1->setUndetermind(true);
- BaseAttributePtr a4 = createAttribute("version","var1");
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
- attrSet.insert(a1);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRUndetermined));
-}
-
-TESTSUITE03(16){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1","aaa");
- a1->setUndetermind(true);
- BaseAttributePtr a4 = createAttribute("version","var1");
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
- attrSet.insert(a1);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRUndetermined));
-}
-
-TESTSUITE03(17){
- Condition con(Condition::AND);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("version1","var1");
- BaseAttributePtr a3 = createAttribute("version2","var1");
- BaseAttributePtr a4 = createAttribute("version3","var1");
- BaseAttributePtr a5 = createAttribute("version1","var2");
-
- Condition con2(Condition::AND);
- con2.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- Condition con3(Condition::OR);
- con3.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
- con3.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
-
- con.addCondition(con2);
- con.addCondition(con3);
-
- con.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
- attrSet.insert(a1);
- attrSet.insert(a3);
- attrSet.insert(a4);
- attrSet.insert(a5);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRFalse));
-}
-
-TESTSUITE03(18){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("version1","var1");
- BaseAttributePtr a3 = createAttribute("version2","var1");
- BaseAttributePtr a4 = createAttribute("version3","var1");
- BaseAttributePtr a5 = createAttribute("version1","var2");
-
- Condition con2(Condition::AND);
- con2.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con2.addAttribute(*DPL::StaticPointerCast<Attribute>(a5));
- Condition con3(Condition::AND);
- con3.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
- con3.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
- Condition con4(Condition::AND);
- con4.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
-
- con3.addCondition(con4);
- con.addCondition(con2);
- con.addCondition(con3);
-
- attrSet.insert(a1);
- attrSet.insert(a3);
- attrSet.insert(a4);
- attrSet.insert(a5);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRFalse));
-}
-
-TESTSUITE03(19){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("version1","var1");
- BaseAttributePtr a3 = createAttribute("version2","var1");
- BaseAttributePtr a4 = createAttribute("version3","var1");
- BaseAttributePtr a5 = createAttribute("version1","var2");
-
- Condition con2(Condition::AND);
- con2.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con2.addAttribute(*DPL::StaticPointerCast<Attribute>(a5));
- Condition con3(Condition::OR);
- con3.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
- con3.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
-
- con.addCondition(con2);
- con.addCondition(con3);
-
- attrSet.insert(a1);
- attrSet.insert(a3);
- attrSet.insert(a4);
- attrSet.insert(a5);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
-
-TESTSUITE03(20){
- Condition con(Condition::OR);
- AttributeSet attrSet;
-
- BaseAttributePtr a1 = createAttribute("version","var1");
- BaseAttributePtr a2 = createAttribute("version1","var1");
- BaseAttributePtr a3 = createAttribute("version2","var1");
- BaseAttributePtr a4 = createAttribute("version3","var1");
-
- BaseAttributePtr a5 = createAttribute("version1","var2");
- BaseAttributePtr a6 = createAttribute("version2","var2");
- BaseAttributePtr a7 = createAttribute("version3","var2");
- BaseAttributePtr a8 = createAttribute("version4","var2");
-
- Condition con2(Condition::OR);
- Condition con3(Condition::OR);
- Condition con4(Condition::OR);
- Condition con5(Condition::OR);
-
- con2.addAttribute(*DPL::StaticPointerCast<Attribute>(a2));
- con3.addAttribute(*DPL::StaticPointerCast<Attribute>(a3));
- con4.addAttribute(*DPL::StaticPointerCast<Attribute>(a4));
- con5.addAttribute(*DPL::StaticPointerCast<Attribute>(a1));
-
- con2.addCondition(con4);
- con3.addCondition(con5);
- con.addCondition(con2);
- con.addCondition(con3);
-
- attrSet.insert(a1);
- attrSet.insert(a5);
- attrSet.insert(a6);
- attrSet.insert(a7);
- attrSet.insert(a8);
-
- RUNNER_ASSERT(
- evaluateResult(con,attrSet,Attribute::MatchResult::MRTrue));
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file TestSuite04.cpp
- * @author unknown
- * @version 1.0
- * @brief Test cases for Combiner.
- */
-
-#include <list>
-#include <string>
-
-#include <dpl/log/log.h>
-#include <dpl/test/test_runner.h>
-
-#include <dpl/ace/CombinerImpl.h>
-#include <dpl/ace/PolicySet.h>
-#include <dpl/ace/Effect.h>
-
-#define TESTSUITE04(n) \
-RUNNER_TEST(ts04_combiner_tests_ ## n)
-
-bool assertEffectEqual(Effect actual, Effect expected){
- return (actual == expected);
-}
-
-class WTF : public CombinerImpl{
-public:
- // the evaluation functions should be static and public
- // but they are protected methods!
- Effect denyOverrides(std::list<Effect> &lst){
- return CombinerImpl::denyOverrides(lst);
- }
- Effect permitOverrides(std::list<Effect> &lst){
- return CombinerImpl::permitOverrides(lst);
- }
- Effect firstApplicable(std::list<Effect> &lst){
- return CombinerImpl::firstApplicable(lst);
- }
- Effect firstMatchingTarget(std::list<Effect> &lst){
- return CombinerImpl::firstMatchingTarget(lst);
- }
-};
-
-Effect denyOverridesTest(std::list<Effect> &lst) {
- WTF impl;
- return impl.denyOverrides(lst);
-}
-
-Effect permitOverridesTest(std::list<Effect> &lst) {
- WTF impl;
- return impl.permitOverrides(lst);
-}
-
-Effect firstApplicableTest(std::list<Effect> &lst) {
- WTF impl;
- return impl.firstApplicable(lst);
-}
-
-Effect firstMatchingTargetTest(std::list<Effect> &lst) {
- WTF impl;
- return impl.firstMatchingTarget(lst);
-}
-
-TESTSUITE04(00_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Undetermined);
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Deny));
-}
-
-TESTSUITE04(01_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Undetermined);
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Deny);
- effectList->push_back(Permit);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Deny));
-}
-
-TESTSUITE04(02_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Undetermined);
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Undetermined));
-}
-
-TESTSUITE04(03_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
-
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
- effectList->push_back(Undetermined);
- effectList->push_back(PromptSession);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Undetermined));
-}
-
-TESTSUITE04(04_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, PromptOneShot));
-}
-
-TESTSUITE04(05_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, PromptSession));
-}
-
-TESTSUITE04(06_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
-
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
- effectList->push_back(PromptBlanket);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, PromptBlanket));
-}
-
-TESTSUITE04(07_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Permit));
-}
-
-TESTSUITE04(08_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(09_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(10_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Undetermined);
- effectList->push_back(Permit);
- effectList->push_back(Error);
- effectList->push_back(Inapplicable);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(11_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Error);
- effectList->push_back(Undetermined);
- effectList->push_back(Error);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(12_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
- effectList->push_back(Error);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
-
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(13_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
- effectList->push_back(Error);
- effectList->push_back(PromptBlanket);
- effectList->push_back(PromptSession);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(14_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Error);
- effectList->push_back(Inapplicable);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(15_denyOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
- effectList->push_back(Error);
-
- Effect eff = denyOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(16_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Undetermined);
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Permit));
-}
-
-TESTSUITE04(17_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
- effectList->push_back(Undetermined);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Undetermined));
-}
-
-TESTSUITE04(18_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
-
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, PromptBlanket));
-}
-
-TESTSUITE04(19_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(Inapplicable);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, PromptSession));
-}
-
-TESTSUITE04(20_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, PromptOneShot));
-}
-
-TESTSUITE04(21_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Deny));
-}
-
-TESTSUITE04(22_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(23_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(24_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Undetermined);
- effectList->push_back(Permit);
- effectList->push_back(Inapplicable);
- effectList->push_back(Error);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptBlanket);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(25_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
- effectList->push_back(Undetermined);
- effectList->push_back(Error);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(26_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Error);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
-
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(27_permitOverrides){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Error);
- Effect eff = permitOverridesTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(28_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
- effectList->push_back(Undetermined);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Deny));
-}
-
-TESTSUITE04(29_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Undetermined);
- effectList->push_back(Deny);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
- effectList->push_back(Undetermined);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Undetermined));
-}
-
-TESTSUITE04(30_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
- effectList->push_back(Deny);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
- effectList->push_back(Undetermined);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Deny));
-}
-
-TESTSUITE04(31_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
- effectList->push_back(Undetermined);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
- effectList->push_back(Undetermined);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Undetermined));
-}
-
-TESTSUITE04(32_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
- effectList->push_back(Inapplicable);
- effectList->push_back(Inapplicable);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(33_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
- effectList->push_back(Inapplicable);
- effectList->push_back(Inapplicable);
- effectList->push_back(Permit);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Permit));
-}
-
-TESTSUITE04(34_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(35_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Error);
- effectList->push_back(PromptSession);
- effectList->push_back(PromptBlanket);
- effectList->push_back(Undetermined);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(36_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
- effectList->push_back(Inapplicable);
- effectList->push_back(Inapplicable);
- effectList->push_back(Error);
- effectList->push_back(Permit);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(37_firstApplicable){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Error);
-
- Effect eff = firstApplicableTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(38_firstMatching){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
- effectList->push_back(Deny);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Inapplicable);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(39_firstMatching){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Undetermined);
- effectList->push_back(Deny);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Inapplicable);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Undetermined));
-}
-
-TESTSUITE04(39a_firstMatching){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Deny));
-}
-
-TESTSUITE04(39b_firstMatching){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Permit);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Permit));
-}
-
-TESTSUITE04(40_firstMatching){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Undetermined);
- effectList->push_back(Undetermined);
- effectList->push_back(Undetermined);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Undetermined));
-}
-
-TESTSUITE04(41_firstMatching){
- std::list<Effect> * effectList = new std::list<Effect > ();
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(42_firstMatching){
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Inapplicable));
-}
-
-TESTSUITE04(43_firstMatching){
-
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Undetermined);
- effectList->push_back(Undetermined);
- effectList->push_back(Undetermined);
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
- effectList->push_back(Undetermined);
- effectList->push_back(Deny);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Inapplicable);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Undetermined));
-}
-
-TESTSUITE04(44_firstMatching){
-
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Inapplicable);
- effectList->push_back(Deny);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Error);
- effectList->push_back(Inapplicable);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(45_firstMatching){
-
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Undetermined);
- effectList->push_back(Undetermined);
- effectList->push_back(Error);
- effectList->push_back(Undetermined);
- effectList->push_back(Deny);
- effectList->push_back(Inapplicable);
- effectList->push_back(Undetermined);
- effectList->push_back(Deny);
- effectList->push_back(PromptOneShot);
- effectList->push_back(Inapplicable);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
-
-TESTSUITE04(46_firstMatching){
-
- std::list<Effect> * effectList = new std::list<Effect > ();
- effectList->push_back(Error);
-
- Effect eff = firstMatchingTargetTest(*effectList);
- RUNNER_ASSERT(assertEffectEqual(eff, Error));
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file TestSuite05.cpp
- * @author unknown
- * @version 1.0
- * @brief Test cases for Attribute class.
- */
-
-#include <iostream>
-#include <list>
-#include <set>
-#include <string>
-
-#include <dpl/test/test_runner.h>
-
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace-dao-ro/BaseAttribute.h>
-
-#define TESTSUITE05(n) \
-RUNNER_TEST(ts05_attr_tests_ ## n)
-
-class AT : public Attribute {
-public:
- AT(std::string nm)
- : Attribute(nm)
- {}
-
- static std::string* uriAuthorityStatic(const std::string *input) {
- AT at("Micky");
- return at.uriAuthority(input);
- }
-
- static std::string* uriHostStatic(const std::string *input) {
- AT at("Pluto");
- return at.uriHost(input);
- }
-
- static std::string* uriSchemeStatic(const std::string *input) {
- AT at("Donald");
- return at.uriScheme(input);
- }
-
- static std::string* uriSchemeAuthorityStatic(const std::string *input) {
- AT at("Winnie the Pooh");
- return at.uriSchemeAuthority(input);
- }
-
- static std::string* uriPathStatic(const std::string *input) {
- AT at("Hannibal");
- return at.uriPath(input);
- }
-
- static bool markTest(){
- bool result = true;
- for(int i =0; i<128; ++i){
- if( i == '-' || i == '_' || i == '.'|| i == '!'|| i == '~' || i == '*' || i == '\'' || i == ')' || i == '(' ){
- if (!mark[i]){
- result = false;
- break;
- }
- }
- else{
- if(mark[i]){
- result =false;
- break;
- }
- }
- }
- return result;
- }
-
- static bool digitTest(){
- bool result = true;
- for(int i =0; i<128; ++i){
- if( i > 47 && i < 58 ){
- if (!digit[i]){
- result = false;
- break;
- }
- }
- else{
- if(digit[i]){
- result =false;
- break;
- }
- }
- }
- return result;
- }
-
- static bool alphaTest(){
- bool result = true;
- for(int i =0; i<128; ++i){
- if( ( i>64 && i<91 ) || ( i>96 && i<123 ) ) {
- if (!alpha[i]){
- result = false;
- break;
- }
- }
- else{
- if(alpha[i]){
- result =false;
- break;
- }
- }
- }
- return result;
- }
-
- static bool isEscapedStatic(const char esc[3]) {
- AT at("Swinka");
- return at.isEscaped(esc);
- }
-};
-
-bool assertEqual(const std::string * actual, const char * intended) {
- if (actual == NULL || intended == NULL) {
- if (intended == NULL && actual == NULL) {
- return true;
- }
- else {
- return false;
- }
- }
-
- std::string temp(intended);
-
- if (temp == *actual) {
- return true;
- }
- else {
- return false;
- }
-}
-
-bool assertTrue(bool condition){
- return condition;
-}
-
-bool assertFalse(bool condition){
- return !condition;
-}
-
-TESTSUITE05(01_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://www.wp.pl");
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "www.wp.pl"));
- delete outcome;
-}
-
-TESTSUITE05(02_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://authority?path/asdf");
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "authority"));
- delete outcome;
-}
-
-TESTSUITE05(03_uriAuthority){
- std::string * outcome = NULL;
- std::string query("abcd"); //This should be interpreted as schema
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(04_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://authority/asdf");
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "authority"));
- delete outcome;
-}
-
-TESTSUITE05(05_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://user@host:20?ds");
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "user@host:20"));
- delete outcome;
-}
-
-TESTSUITE05(06_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://hostname:23");
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "hostname:23"));
- delete outcome;
-}
-
-TESTSUITE05(07_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://user@host:port");
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "user@host:port"));
- delete outcome;
-}
-
-TESTSUITE05(08_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://1user@host:port"); //This is a VALID URI
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "1user@host:port"));
- delete outcome;
-}
-
-TESTSUITE05(09_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://abc%30"); //This is not a valid uri
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "abc%30"));
- delete outcome;
-}
-
-TESTSUITE05(10_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http:///asd"); //This is not a valid uri
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(11_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://?asd"); //This is not a valid uri
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(12_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://%34%56%67%ab");
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "%34%56%67%ab"));
- delete outcome;
-}
-
-TESTSUITE05(13_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://<>"); //This is not a valid uri
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(14_uriAuthority){
- std::string * outcome = NULL;
- std::string query("http://\\/"); //This is not a valid uri
- outcome = AT::uriAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(15_uriHost){
- std::string * outcome = NULL;
- std::string query("http://user@host:23");
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "host"));
- delete outcome;
-}
-
-TESTSUITE05(16_uriHost){
- std::string * outcome = NULL;
- std::string query("http://user@host:name"); //This is not a valid uri
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(17_uriHost){
- std::string * outcome = NULL;
- std::string query("http::::"); //This is a valid uri
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(18_uriHost){
- std::string * outcome = NULL;
- std::string query("..%%%."); //This is not a valid uri
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(19_uriHost){
- std::string * outcome = NULL;
- std::string query("ftp://abds.eu/fda");
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "abds.eu"));
- delete outcome;
-}
-
-TESTSUITE05(20_uriHost){
- std::string * outcome = NULL;
- std::string query("abs%14ccc");
- //This is a valid uri because it's interpreted as a path not a host
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(21_uriHost){
- std::string * outcome = NULL;
- std::string query("http://abc@123.2.23.213:982");
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "123.2.23.213"));
- delete outcome;
-}
-
-TESTSUITE05(22_uriHost){
- std::string * outcome = NULL;
- std::string query("http://abc@1233.2.23.213:982");
- //Hostname is invalid, but uri is valid
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(23_uriHost){
- std::string * outcome = NULL;
- std::string query("http://ab%23c@host"); //Valid escaped characters
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "host"));
- delete outcome;
-}
-
-TESTSUITE05(24_uriHost){
- std::string * outcome = NULL;
- std::string query("http://ab%23c@host%34"); //Invalid escaped characters in hostname
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(25_uriHost){
- std::string * outcome = NULL;
- std::string query("http://ab%GGc@host"); //Wrong character %
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(26_uriHost){
- std::string * outcome = NULL;
- std::string query("http://www.example.pl");
- outcome = AT::uriHostStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "www.example.pl"));
- delete outcome;
-}
-
-TESTSUITE05(27_uriScheme){
- std::string * outcome = NULL;
- std::string query("http://host");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "http"));
- delete outcome;
-}
-
-TESTSUITE05(28_uriScheme){
- std::string * outcome = NULL;
- //Wrong character '1' in scheme , it's not an URI because two slashes are not acceptable
- //in any other place than in separation between scheme and pat
- std::string query("1http://host");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(29_uriScheme){
- std::string * outcome = NULL;
- std::string query("ftp+a-fdf.ads://host");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "ftp+a-fdf.ads"));
- delete outcome;
-}
-
-TESTSUITE05(30_uriScheme){
- std::string * outcome = NULL;
- //Scheme cannot start with plus, it's not an URI because two slashes are not acceptable
- //in any other place than in separation between scheme and path
- std::string query("+++://host");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(31_uriScheme){
- std::string * outcome = NULL;
- std::string query("aaaac"); //It's a path not a scheme'a
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(32_uriScheme){
- std::string * outcome = NULL;
- //no escaped characters in schema, it's not an URI because two slashes are not acceptable
- //in any other place than in separation between scheme and path
- std::string query("ftpa%34fdfads://host");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(33_uriScheme){
- std::string * outcome = NULL;
- //no escaped characters in schema, it's not an URI because two slashes are not acceptable
- //in any other place than in separation between scheme and path
- std::string query("meaninglessstring://host%34");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "meaninglessstring"));
- delete outcome;
-}
-
-TESTSUITE05(34_uriScheme){
- std::string * outcome = NULL;
- std::string query("meaninglessstring2://");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "meaninglessstring2"));
- delete outcome;
-}
-
-TESTSUITE05(35_uriScheme){
- std::string * outcome = NULL;
- std::string query("http://www.samsung.com/ace/bondi#5");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "http"));
- delete outcome;
-}
-
-TESTSUITE05(36_uriScheme){
- std::string * outcome = NULL;
- std::string query("www.samsung.com");
- outcome = AT::uriSchemeStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ""));
- delete outcome;
-}
-
-TESTSUITE05(37_uriSchemeAuthority){
- std::string * outcome = NULL;
- std::string query("http://www.samsung.com");
- outcome = AT::uriSchemeAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "http://www.samsung.com"));
- delete outcome;
-}
-
-TESTSUITE05(38_uriSchemeAuthority){
- std::string * outcome = NULL;
- std::string query("ftp23://www.samsung.com/avc%23");
- outcome = AT::uriSchemeAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "ftp23://www.samsung.com"));
- delete outcome;
-}
-
-TESTSUITE05(39_uriSchemeAuthority){
- std::string * outcome = NULL;
- std::string query("ftp++://anonymous@hostname:12/avc%23");
- outcome = AT::uriSchemeAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "ftp++://anonymous@hostname:12"));
- delete outcome;
-}
-
-TESTSUITE05(40_uriSchemeAuthority){
- std::string * outcome = NULL;
- std::string query("32ftp://anonymous@hostname:12/avc%23");
- outcome = AT::uriSchemeAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(41_uriSchemeAuthority){
- std::string * outcome = NULL;
- std::string query("http://aaabbb?acd");
- outcome = AT::uriSchemeAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "http://aaabbb"));
- delete outcome;
-}
-
-TESTSUITE05(42_uriSchemeAuthority){
- std::string * outcome = NULL;
- std::string query("http://aaabbb/acd;sdf;sdf");
- outcome = AT::uriSchemeAuthorityStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "http://aaabbb"));
- delete outcome;
-}
-
-TESTSUITE05(43_uriPath){
- std::string * outcome = NULL;
- std::string query("ftp://authority//invalidpath");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, NULL));
- delete outcome;
-}
-
-TESTSUITE05(44_uriPath){
- std::string * outcome = NULL;
- std::string query("ftp://authority/validpath");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "validpath"));
- delete outcome;
-}
-
-TESTSUITE05(45_uriPath){
- std::string * outcome = NULL;
- std::string query("ftp://authority/validpath;param;param");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "validpath;param;param"));
- delete outcome;
-}
-
-TESTSUITE05(46_uriPath){
- std::string * outcome = NULL;
- std::string query("ftp://authority/validpath;param;param?query");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "validpath;param;param"));
- delete outcome;
-}
-
-TESTSUITE05(47_uriPath){
- std::string * outcome = NULL;
- std::string query("ftp://authority/validpath;?param;param?query");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "validpath;"));
- delete outcome;
-}
-
-TESTSUITE05(48_uriPath){
- std::string * outcome = NULL;
- std::string query("ftp://authority/validpath;param?;param?query");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "validpath;param"));
- delete outcome;
-}
-
-TESTSUITE05(49_uriPath){
- std::string * outcome = NULL;
- std::string query("ftp://authority/valid:path?query");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "valid:path"));
- delete outcome;
-}
-
-TESTSUITE05(50_uriPath){
- std::string * outcome = NULL;
- std::string query("ftp://authority/:::");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, ":::"));
- delete outcome;
-}
-
-TESTSUITE05(51_uriPath){
- std::string * outcome = NULL;
- std::string query("/path1/path2?abc#fragment");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "path1/path2"));
- delete outcome;
-}
-
-TESTSUITE05(52_uriPath){
- std::string * outcome = NULL;
- std::string query("http://www.samsung.com/normalpath/path2?query");
- outcome = AT::uriPathStatic(&query);
- RUNNER_ASSERT(assertEqual(outcome, "normalpath/path2"));
- delete outcome;
-}
-
-TESTSUITE05(53_markTest){
- RUNNER_ASSERT(AT::markTest());
-}
-
-TESTSUITE05(54_digitTest){
- RUNNER_ASSERT(AT::digitTest());
-}
-
-TESTSUITE05(55_alphaTest){
- RUNNER_ASSERT(AT::alphaTest());
-}
-
-TESTSUITE05(56_escapedTest){
- const char * query = "%23";
- RUNNER_ASSERT(assertTrue(AT::isEscapedStatic(query)));
- query = "%ab";
- RUNNER_ASSERT(assertTrue(AT::isEscapedStatic(query)));
-
- query = "%a";
- RUNNER_ASSERT(assertFalse(AT::isEscapedStatic(query)));
-
- query = "%rw";
- RUNNER_ASSERT(assertFalse(AT::isEscapedStatic(query)));
-
- query = NULL;
- RUNNER_ASSERT(assertFalse(AT::isEscapedStatic(query)));
-
- query = "abc";
- RUNNER_ASSERT(assertFalse(AT::isEscapedStatic(query)));
-
- query = "%bc";
- RUNNER_ASSERT(assertTrue(AT::isEscapedStatic(query)));
-
- query = "%DF";
- RUNNER_ASSERT(assertTrue(AT::isEscapedStatic(query)));
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file TestSuite06.cpp
- * @author unknown
- * @version 1.0
- * @brief Test cases for AceDAO implementation.
- */
-#include <iostream>
-#include <string>
-
-#include <dpl/foreach.h>
-#include <dpl/test/test_runner.h>
-
-#include <dpl/ace-dao-rw/AceDAO.h>
-#include <dpl/ace/Attribute.h>
-#include <dpl/ace/Preference.h>
-#include <dpl/ace/SettingsLogic.h>
-
-#define TESTSUITE06(n) \
-RUNNER_TEST(ts06_ace_dao_ ## n)
-
-#define CLEANENV \
- do{ \
- AceDB::AceDAO::clearWidgetDevCapSettings(); \
- AceDB::AceDAO::clearDevCapSettings(); \
- }while(0)
-
-using namespace AceDB;
-
-int operator==(const Attribute& left, const Attribute& right)
-{
- return ( (*left.getName() == *right.getName()));
-}
-
-bool UserSettingsAgreed(std::list<PermissionTriple>* expected,
- std::list<PermissionTriple>* allRules)
-{
- if (allRules->empty() && expected->empty())
- {
- return true;
- }
-
- std::list<PermissionTriple>::iterator itA;
- FOREACH(itE, *expected)
- {
- if (itE->devCap.empty()){
- return false; //some error occur
- }
-
- for (itA = allRules->begin(); itA != allRules->end(); ++itA){
- if (itA->appId == itE->appId &&
- itA->devCap == itE->devCap)
- {
- if (itA->access == itE->access){
- break;
- }
- else{
- return false; //optimization
- }
- }
- }
-
- if (itA == allRules->end())
- {
- if (itE->access == Preference::PREFERENCE_DEFAULT)
- { // this value is not set in DB
- continue;
- }
- //if we are here -it means that expected values doesnt exist in DB
- return false;
- }
- else
- {
- continue; //go to next expected attr
- }
- }
-
- //it means that all required values exist in DB
- return true;
-}
-
-
-bool UserSettingNotStored(std::list<PermissionTriple>* userSettings,
- std::string res,
- WidgetHandle handler,
- Preference pref)
-{
- if (userSettings->empty())
- {
- return true;
- }
-
- FOREACH(iter, *userSettings)
- {
- if (iter->appId == handler && iter->devCap == res){
- if (iter->access == pref){
- return false; //this value has been saved
- }
- else{
- continue; //value has been saved
- }
- }
- }
-
- return true;
-}
-
-
-
-bool ResourceSettingsAgreed(
- std::list< std::pair<const std::string*,Preference> > *expected,
- std::map<std::string, Preference>* allRules)
-{
- std::list< std::pair<const std::string*,Preference> >::iterator itE;
- std::map<std::string, Preference>::iterator itA;
-
- FOREACH(itE, *expected)
- {
- itA = allRules->find(*(itE->first));
- if (itA != allRules->end() && itA->second == itE->second)
- {
- continue;
- }
- else
- {
- return false;
- }
- }
-
- return true;
-}
-
-bool ResourceSettingsEqual(
- std::list< std::pair<const std::string*,Preference> > * actual,
- std::map<std::string, Preference>* expected)
-{
- bool flag = false;
- FOREACH(iterA, *actual)
- {
- FOREACH(iterE, *expected)
- {
- if (*(iterA->first) == iterE->first &&
- iterA->second == iterE->second)
- {
- flag = true;
- }
- }
- if (!flag)
- {
- return false;
- }
- flag = false;
- }
-
- return true;
-}
-
-//bool VSPAssertEqual(Verdict actual, Verdict expected){
-// return (actual == expected);
-//}
-
-
-bool AttributeEqual(AttributeSet actual, AttributeSet expected){
- return (actual == expected);
-}
-
-bool ResourceSettingEqual(std::map<std::string, Preference>* rSettings,
- std::string res,
- Preference pref)
-{
- std::map<std::string, Preference>::iterator iter = rSettings->find(res);
-
- if (iter != rSettings->end() && iter->second ==pref)
- {
- return true;
- }
-
- return false;
-}
-
-
-bool UserSettingEqual(std::list<PermissionTriple>* userSettings,
- std::string res,
- WidgetHandle handler,
- Preference pref)
-{
- if (userSettings->empty() && pref == Preference::PREFERENCE_DEFAULT)
- {
- return true;
- }
- FOREACH(iter, *userSettings)
- {
- if (iter->devCap.empty())
- {
- return false; //some error occurred
- }
- if (iter->appId == handler && iter->devCap == res){
- if (iter->access == pref)
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- }
-
- return false;
-}
-
-//Test does verdict PERMIT is saved when validity is once
-TESTSUITE06(01){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS");
- std::string tmpValue("Buu");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- AceDAO::setPolicyResult(attributeSet, PolicyEffect::PERMIT);
- OptionalPolicyResult opt = AceDAO::getPolicyResult(attributeSet);
-
- PolicyResult effect(PolicyEffect::DENY);
- if (!opt.IsNull()) {
- effect = *opt;
- }
-
- RUNNER_ASSERT(effect == PolicyEffect::PERMIT);
-}
-
-TESTSUITE06(02){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS");
- std::string tmpValue("Buu");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- AceDAO::setPolicyResult(attributeSet, PolicyEffect::DENY);
- OptionalPolicyResult opt = AceDAO::getPolicyResult(attributeSet);
-
- PolicyResult effect(PolicyEffect::PERMIT);
- if (!opt.IsNull()) {
- effect = *opt;
- }
-
- RUNNER_ASSERT(effect == PolicyEffect::DENY);
-}
-
-TESTSUITE06(03){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS");
- std::string tmpValue("Buu");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- AceDAO::setPolicyResult(attributeSet, PolicyEffect::PROMPT_ONESHOT);
- OptionalPolicyResult opt = AceDAO::getPolicyResult(attributeSet);
-
- PolicyResult effect(PolicyEffect::DENY);
- if (!opt.IsNull()) {
- effect = *opt;
- }
-
- RUNNER_ASSERT(effect == PolicyEffect::PROMPT_ONESHOT);
-}
-
-TESTSUITE06(04){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS");
- std::string tmpValue("Buu");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- AceDAO::setPolicyResult(attributeSet, PolicyEffect::PROMPT_SESSION);
- OptionalPolicyResult opt = AceDAO::getPolicyResult(attributeSet);
-
- PolicyResult effect(PolicyEffect::DENY);
- if (!opt.IsNull()) {
- effect = *opt;
- }
-
- RUNNER_ASSERT(effect == PolicyEffect::PROMPT_SESSION);
-}
-
-TESTSUITE06(05){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS");
- std::string tmpValue("Buu");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- AceDAO::setPolicyResult(attributeSet, PolicyEffect::PROMPT_BLANKET);
- OptionalPolicyResult opt = AceDAO::getPolicyResult(attributeSet);
-
- PolicyResult effect(PolicyEffect::DENY);
- if (!opt.IsNull()) {
- effect = *opt;
- }
-
- RUNNER_ASSERT(effect == PolicyEffect::PROMPT_BLANKET);
-}
-
-TESTSUITE06(06){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS");
- std::string tmpValue("Buu");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- AceDAO::setPolicyResult(attributeSet, PolicyDecision::NOT_APPLICABLE);
- OptionalPolicyResult opt = AceDAO::getPolicyResult(attributeSet);
-
- PolicyResult effect(PolicyEffect::DENY);
- if (!opt.IsNull()) {
- effect = *opt;
- }
-
- RUNNER_ASSERT(effect == PolicyDecision::NOT_APPLICABLE);
-}
-
-TESTSUITE06(07){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS");
- std::string tmpValue("Buu");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- AceDAO::setPolicyResult(attributeSet, PolicyResult::UNDETERMINED);
- OptionalPolicyResult opt = AceDAO::getPolicyResult(attributeSet);
-
- PolicyResult effect(PolicyEffect::DENY);
- if (!opt.IsNull()) {
- effect = *opt;
- }
-
- RUNNER_ASSERT(effect == PolicyResult::UNDETERMINED);
-}
-
-TESTSUITE06(08){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS2");
- std::string tmpValue("Buu2");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- std::string session = "jlakjhqrwebn234324987";
- std::string param = "xxx";
-
- AceDAO::setPromptDecision(attributeSet,
- DPL::FromUTF8String(param),
- DPL::FromUTF8String(session),
- PromptDecision::ALLOW_ALWAYS);
-
- OptionalCachedPromptDecision decision =
- AceDAO::getPromptDecision(attributeSet, param);
-
- DPL::String session1;
- PromptDecision dec = PromptDecision::DENY_FOR_SESSION;
- if (!decision.IsNull()){
- dec = (*decision).decision;
- if (!decision.IsNull()) {
- session1 = *((*decision).session);
- }
- }
- RUNNER_ASSERT(dec == PromptDecision::ALLOW_ALWAYS);
- RUNNER_ASSERT(DPL::ToUTF8String(session1) == session);
-}
-
-TESTSUITE06(09){
- CLEANENV;
- AttributeSet attributeSet;
- std::string tmp("atrS2");
- std::string tmpValue("Buu2");
- BaseAttributePtr atr(new Attribute(&tmp,
- Attribute::Match::Equal,
- Attribute::Type::Subject));
- DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
- attributeSet.insert(atr);
-
- std::string param = "xxx";
-
- AceDAO::setPromptDecision(attributeSet,
- DPL::FromUTF8String(param),
- DPL::OptionalString(),
- PromptDecision::ALLOW_FOR_SESSION);
-
- OptionalCachedPromptDecision decision =
- AceDAO::getPromptDecision(attributeSet, param);
-
- std::string session1;
- PromptDecision dec = PromptDecision::DENY_FOR_SESSION;
- if (!decision.IsNull()){
- dec = (*decision).decision;
- RUNNER_ASSERT((*decision).session.IsNull());
- }
- RUNNER_ASSERT(dec == PromptDecision::ALLOW_FOR_SESSION);
-}
-
-///*findVerdict*/
-//
-//void AceDAOTester::test3()
-//{
-//// Tests does verdict is stored for validity always
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS3");
-// std::string tmpValue("Buu3");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_PERMIT);
-// handleResult(result, "find Verdict test 3");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test4()
-//{
-////tests does verdict is propertly stored (NOT saved)when session is Validity::ONCE
-////and verdict is DENY
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS4");
-// std::string tmpValue("Buu4");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_DENY;
-// Validity val = Validity::ONCE;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 4");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test5()
-//{
-////tests does verdict is properly set when validity is session
-////and verdict is deny
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS5");
-// std::string tmpValue("Buu5");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_DENY;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("5");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// pip.setSessionId("5");
-// session = getSession();
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_DENY);
-// handleResult(result, "find Verdict test 5");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test6()
-//{
-////tests does verdict is properly stored for DENY Validity::ALWAYS
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS6");
-// std::string tmpValue("Buu6");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_DENY;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_DENY);
-// handleResult(result, "find Verdict test 6");
-//}
-//
-//
-//void AceDAOTester::test7()
-//{
-////tests stored version fo INAPPLICABLE Validity::ONCE
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// attributeSet.insert(constructAttribute("atrS7","Buu7"));
-// Verdict ver = Verdict::VERDICT_INAPPLICABLE;
-// Validity val = Validity::ONCE;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// //Verdict with 'Once' validity should not be stored, therefore
-// //the outcome should be UNKNOWN
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 7");
-//}
-//
-//
-//void AceDAOTester::test8()
-//{
-////tests storing data for verdict INAPLICABLE and Validity::SESSION
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// attributeSet.insert(constructAttribute("atrS8","Buuu8"));
-// Verdict ver = Verdict::VERDICT_INAPPLICABLE;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("8");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// pip.setSessionId("9");
-// session = getSession();
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 8");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test9()
-//{
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS9");
-// std::string tmpValue("Buu9");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_INAPPLICABLE;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_INAPPLICABLE);
-// handleResult(result, "find Verdict test 9");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test10()
-//{
-////tests does verdict is properly stored for verdict undetermined
-////and validity Validity::ONCE - thats why verdict is UNKNOWN
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS10");
-// std::string tmpValue("Buu10");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_UNDETERMINED;
-// Validity val = Validity::ONCE;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 10");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test11()
-//{
-////tests does verdict is properly stored for verdict undetermined
-////and validity Validity::SESSION - TODO Verdicts for undetermined are not stored??
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS11");
-// std::string tmpValue("Buu11");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_UNDETERMINED;
-// pip.setSessionId("8");
-// Validity val = Validity::SESSION;
-// pip.setSessionId("8");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 11");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test12()
-//{
-////tests does verdict is properly stored for verdict undetermined
-////and validity Validity::ALWAYS - TODO Verdicts for undetermined are not stored??
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS12");
-// std::string tmpValue("Buu12");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_UNDETERMINED;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 12");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test13()
-//{
-////tests does verdict is properly stored for verdict unknown
-////and validity Validity::ONCE-thats why verdict is not stored
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS13");
-// std::string tmpValue("Buu13");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_UNKNOWN;
-// Validity val = Validity::ONCE;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 13");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test14()
-//{
-////tests does verdict is properly stored for verdict unknown
-////and validity session- TODO why is the verdict not stored?
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS14");
-// std::string tmpValue("Buu14");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_UNKNOWN;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("8");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// pip.setSessionId("8");
-// session = getSession();
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 14");
-//}
-///*findVerdict*/
-//
-//void AceDAOTester::test15()
-//{
-////tests does verdict is properly stored for verdict unknown and
-////validity Validity::ALWAYS - TODO should we save Unknown verdict?
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS15");
-// std::string tmpValue("Buu15");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_UNKNOWN;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 15");
-//}
-//
-///*removeVerdict*/ //tests does verdict is properly removed
-//void AceDAOTester::test16()
-//{
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS15");
-// std::string tmpValue("Buu15");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-// Verdict ver = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-// //add verdict
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// //check has verdict been stored?
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_PERMIT);
-// handleResult(result, "find Verdict test 16: partA");
-//
-// //remove verdict
-// VerdictLogic::removeVerdict(request, attributeSet);
-// //verified removed
-// verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 16: partB");
-//}
-//
-///*findVerdict*/
-//void AceDAOTester::test18()
-//{
-////verdict for 3 elements on the set of attributes
-// Request request("subject18","resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS60");
-// std::string tmpValue("Buu60");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-// std::string tmp1("atrS61");
-// std::string tmpValue1("Buu61");
-// BaseAttributePtr atr1(
-// new Attribute(&tmp1,Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr1)->addValue(&tmpValue1);
-// attributeSet.insert(atr1);
-//
-// std::string tmp2("atrS62");
-// std::string tmpValue2("Buu62");
-// BaseAttributePtr atr2(
-// new Attribute(&tmp2,Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr2)->addValue(&tmpValue2);
-// attributeSet.insert(atr2);
-//
-// Verdict ver = Verdict::VERDICT_DENY;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_DENY);
-// handleResult(result, "find Verdict test 18");
-//}
-//
-///*resetDatabase*/
-//void AceDAOTester::test19()
-//{
-// //tests reset DB
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS15");
-// std::string tmpValue("Buu15");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-// Verdict ver = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-// //add verdict
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// //check has verdict been stored?
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_PERMIT);
-// handleResult(result, "reset database test 19: partA");
-//
-// AceDAO::resetDatabase();
-//
-// verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "reset database test 19: partB");
-//}
-
-
-/*setWidgetDevCapSetting*/
-
-TESTSUITE06(26){
- CLEANENV;
- std::string res("res20");
- WidgetHandle sub = 20;
-
- SettingsLogic::setWidgetDevCapSetting(res, sub, Preference::PREFERENCE_PERMIT);
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(
- UserSettingEqual(
- &userSettings, res, sub, Preference::PREFERENCE_PERMIT));
-}
-
-/*setWidgetDevCapSetting*/
-
-TESTSUITE06(27){
- CLEANENV;
- std::string res("res21");
- WidgetHandle sub = 21;
-
- SettingsLogic::setWidgetDevCapSetting(res, sub, Preference::PREFERENCE_DENY);
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(
- UserSettingEqual(
- &userSettings, res, sub, Preference::PREFERENCE_DENY));
-}
-
-/*setWidgetDevCapSetting*/
-
-TESTSUITE06(28){
- CLEANENV;
- std::string res("res22");
- WidgetHandle sub = 22;
- AceDAO::clearAllSettings();
- SettingsLogic::setWidgetDevCapSetting(res, sub, Preference::PREFERENCE_DEFAULT);
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(
- UserSettingEqual(
- &userSettings, res, sub, Preference::PREFERENCE_DEFAULT));
-}
-
-TESTSUITE06(29){
- CLEANENV;
- std::string res("res23");
- WidgetHandle sub = 23;
-
- SettingsLogic::setWidgetDevCapSetting(res, sub, Preference::PREFERENCE_DEFAULT);
- SettingsLogic::setWidgetDevCapSetting(res, sub, Preference::PREFERENCE_DENY);
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(
- UserSettingEqual(
- &userSettings, res, sub, Preference::PREFERENCE_DENY));
-}
-
-/*setWidgetDevCapSettings*/
-
-TESTSUITE06(30){
- CLEANENV;
- std::string resa("res24a");
- WidgetHandle suba = 241;
- std::string resb("res24b");
- WidgetHandle subb = 242;
-
- std::list<PermissionTriple> permissionsL;
-
- permissionsL.push_back(
- PermissionTriple(suba, resa, Preference::PREFERENCE_DENY));
- permissionsL.push_back(
- PermissionTriple(subb, resb, Preference::PREFERENCE_PERMIT));
-
- SettingsLogic::setWidgetDevCapSettings(permissionsL);
-
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(
- UserSettingsAgreed(&permissionsL, &userSettings));
-}
-
-
-
-TESTSUITE06(31){
- CLEANENV;
-//multi set - if value is not set in DB or has DEFAUL value it is not
-//send by getWidgetDevCapSettings - optimization
-
- std::string resa("res25a");
- WidgetHandle suba = 251;
- std::string resb("res25b");
- WidgetHandle subb = 252;
- std::string resc("res25c");
- WidgetHandle subc = 253;
-
- std::list<PermissionTriple> permissionsL;
-
- permissionsL.push_back(
- PermissionTriple(suba, resa, Preference::PREFERENCE_DENY));
- permissionsL.push_back(
- PermissionTriple(subb, resb, Preference::PREFERENCE_PERMIT));
- permissionsL.push_back(
- PermissionTriple(subc, resc, Preference::PREFERENCE_DEFAULT));
-
-
- SettingsLogic::setWidgetDevCapSettings(permissionsL);
-
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(UserSettingsAgreed(&permissionsL, &userSettings));
-}
-
-TESTSUITE06(32){
- CLEANENV;
- //empty list -- TODO what is it testing?
- std::list<PermissionTriple> permissionsL;
-
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(UserSettingsAgreed(&permissionsL, &userSettings));
-}
-
-TESTSUITE06(33){
- CLEANENV;
- //test resource setting PERMIT
- std::string res("res27");
- SettingsLogic::setDevCapSetting(res, Preference::PREFERENCE_PERMIT);
- std::map<std::string, Preference> resourceSettings;
- SettingsLogic::getDevCapSettings(&resourceSettings);
-
- RUNNER_ASSERT(
- ResourceSettingEqual(&resourceSettings,
- res,
- Preference::PREFERENCE_PERMIT));
-}
-
-TESTSUITE06(34){
- CLEANENV;
- //test resource setting DENY
- std::string res("res28");
- SettingsLogic::setDevCapSetting(res, Preference::PREFERENCE_DENY);
- std::map<std::string, Preference> resourceSettings;
- SettingsLogic::getDevCapSettings(&resourceSettings);
-
- RUNNER_ASSERT(
- ResourceSettingEqual(&resourceSettings,
- res,
- Preference::PREFERENCE_DENY));
-}
-
-TESTSUITE06(35){
- CLEANENV;
- //test resource setting Preference::PREFERENCE_DEFAULT
-
- std::string res("res29");
- SettingsLogic::setDevCapSetting(res, Preference::PREFERENCE_DEFAULT);
- std::map<std::string, Preference> resourceSettings;
- SettingsLogic::getDevCapSettings(&resourceSettings);
-
- RUNNER_ASSERT(
- ResourceSettingEqual(
- &resourceSettings,
- res,
- Preference::PREFERENCE_DEFAULT));
-}
-
-TESTSUITE06(36){
- CLEANENV;
- //multi set for Resource settings
-
- std::string resa("res30a");
- std::string resb("res30b");
-
- std::list< std::pair<const std::string*,Preference> >* resourcesL =
- new std::list< std::pair<const std::string*, Preference> >();
-
- resourcesL->push_back(make_pair(&resa, Preference::PREFERENCE_DENY));
- resourcesL->push_back(make_pair(&resb, Preference::PREFERENCE_PERMIT));
-
- SettingsLogic::setAllDevCapSettings (*resourcesL);
-
- std::map<std::string, Preference> resourceSettings;
- SettingsLogic::getDevCapSettings(&resourceSettings);
- RUNNER_ASSERT(ResourceSettingsAgreed(resourcesL, &resourceSettings));
- delete resourcesL;
-}
-
-
-//void AceDAOTester::test31()
-//{
-// // session has changed (PERMIT).
-// //What is the verdict now?
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS31");
-// std::string tmpValue("Buu31");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("aaa");
-//
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdictA =
-// VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultA = VSPAssertEqual(verdictA, Verdict::VERDICT_PERMIT);
-// handleResult(resultA, "Verdict session test 31 session a");
-//
-// pip.setSessionId("bbb");
-// session = getSession();
-// Verdict verdictB =
-// VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultB = VSPAssertEqual(verdictB, Verdict::VERDICT_UNKNOWN);
-// handleResult(resultB, "Verdict session test 31 session b");
-//}
-
-
-//void AceDAOTester::test32()
-//{
-// //session has changed (DENY).
-// //what is the verdict?
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS32");
-// std::string tmpValue("Buu32");
-// BaseAttributePtr atr(
-// new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_DENY;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("aaa");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdictA =
-// VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultA = VSPAssertEqual(verdictA, Verdict::VERDICT_DENY);
-// handleResult(resultA, "Verdict session test 32 session a");
-//
-// pip.setSessionId("ccc");
-//
-// session = getSession();
-// Verdict verdictB =
-// VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultB = VSPAssertEqual(verdictB, Verdict::VERDICT_UNKNOWN);
-// handleResult(resultB, "Verdict session test 32 session b");
-//}
-
-//void AceDAOTester::test33(){
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS33");
-// std::string tmpValue("Buu33");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_INAPPLICABLE;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("aaa");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdictA = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultA = VSPAssertEqual(verdictA, Verdict::VERDICT_INAPPLICABLE);
-// handleResult(resultA, "Verdict session test 33 session a");
-//
-// pip.setSessionId("bbb");
-//
-// session = getSession();
-// Verdict verdictB = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultB = VSPAssertEqual(verdictB, Verdict::VERDICT_UNKNOWN);
-// handleResult(resultB, "Verdict session test 33 session b");
-//}
-
-//void AceDAOTester::test34(){ //session has changed (UNDETERMINED).
-////what is the verdict?
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS34");
-// std::string tmpValue("Buu34");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_UNDETERMINED;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("aaa");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdictA = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultA = VSPAssertEqual(verdictA, Verdict::VERDICT_UNKNOWN);
-// handleResult(resultA, "Verdict session test 34 session a");
-//
-// pip.setSessionId("bbb");
-//
-// session = getSession();
-// Verdict verdictB = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultB = VSPAssertEqual(verdictB, Verdict::VERDICT_UNKNOWN);
-// handleResult(resultB, "Verdict session test 34 session b");
-//}
-
-//void AceDAOTester::test35(){ //session has changed(UNKNOWN),
-////what is the verdict?
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS35");
-// std::string tmpValue("Buu35");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_UNKNOWN;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("aaa");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdictA = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultA = VSPAssertEqual(verdictA, Verdict::VERDICT_UNKNOWN);
-// handleResult(resultA, "Verdict session test 35 session a");
-// pip.setSessionId("bbb");
-//
-// session = getSession();
-// Verdict verdictB = VerdictLogic::findVerdict(request, session,attributeSet);
-// bool resultB = VSPAssertEqual(verdictB, Verdict::VERDICT_UNKNOWN);
-// handleResult(resultB, "Verdict session test 35 session b");
-//}
-
-//void AceDAOTester::test36(){ //changed verdict in the same session
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-// std::string tmp("atrS36");
-// std::string tmpValue("Buu36");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-// Verdict ver = Verdict::VERDICT_DENY;
-// Validity val = Validity::SESSION;
-// pip.setSessionId("aaa");
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdictA = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultA = VSPAssertEqual(verdictA ,Verdict::VERDICT_DENY);
-// handleResult(resultA, "Verdict session test 36 session a");
-//
-// ver = Verdict::VERDICT_PERMIT;
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdictB = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultB = VSPAssertEqual(verdictB ,Verdict::VERDICT_PERMIT);
-// handleResult(resultB, "Verdict session test 36 session b");
-//}
-//
-///* User settings crash tests */
-//
-//
-//void AceDAOTester::test37(){ //empty attribute and verdict permit always
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-//
-// Verdict ver = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-//
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict,Verdict::VERDICT_PERMIT);
-// handleResult(result, "find Verdict empty attribute set test 37 ");
-//}
-//
-//void AceDAOTester::test38(){ //empty attribute and verdict deny always
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-//
-// Verdict ver = Verdict::VERDICT_DENY;
-// Validity val = Validity::ALWAYS;
-//
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict,Verdict::VERDICT_DENY);
-// handleResult(result, "find Verdict empty attribute set test 38 ");
-//}
-//
-//void AceDAOTester::test39(){
-//
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-//
-// Verdict ver = Verdict::VERDICT_INAPPLICABLE;
-// Validity val = Validity::ALWAYS;
-//
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict,Verdict::VERDICT_INAPPLICABLE);
-// handleResult(result, "find Verdict empty attribute set test 39 ");
-//}
-//
-//void AceDAOTester::test40(){ //empty attribute and verdict unknown
-// Request request("subject", "resource");
-// AttributeSet attributeSet;
-//
-// Verdict ver = Verdict::VERDICT_UNKNOWN;
-// Validity val = Validity::ALWAYS;
-//
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict,Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict empty attribute set test 40 ");
-//}
-//
-//void AceDAOTester::test41()
-//{
-// //empty string as subject and resource,
-// //without attributes and verdit DENY Validity::ALWAYS
-// Request request("", "");
-// //TODO is it OK to store Verdict::VERDICT for empty request?
-// AttributeSet attributeSet;
-//
-// Verdict ver = Verdict::VERDICT_DENY;
-// Validity val = Validity::ALWAYS;
-//
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict,Verdict::VERDICT_DENY);
-// //bool result = VSPAssertEqual(verdict,Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict empty request empty "
-// "attribute set test 41 ");
-//}
-//
-//void AceDAOTester::test42(){
-// //empty string as subject and resource, without attributes
-// //and verdict is PERMIT Validity::ALWAYS
-// Request request("", "");
-//
-// AttributeSet attributeSet;
-// std::string tmp("atrS42");
-// std::string tmpValue("Buu342");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-// Verdict ver = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-//
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict,Verdict::VERDICT_PERMIT);
-// handleResult(result, "find Verdict empty request test 42 ");
-//}
-//
-//void AceDAOTester::test43(){
-// //TODO I have changed it! verdict
-// //has changed and stored in DB. does current verdict is the last one?
-//
-// Request request("ac", "ca");
-// AttributeSet attributeSet;
-//
-// Verdict ver = Verdict::VERDICT_DENY;
-// Verdict verp = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-//
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-// VerdictLogic::addVerdict(request, session, attributeSet, verp, val);
-//
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict,Verdict::VERDICT_PERMIT);
-// handleResult(result, "find Verdict empty request empty "
-// "attribute set test 43 ");
-//}
-//
-//void AceDAOTester::test44(){
-// //empty subject and resource name - get Atributes list
-// Request request("","");
-//
-// AttributeSet attributeSet;
-// std::string tmp("atrS44");
-// std::string tmpValue("Buu44");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-// Verdict ver = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// AttributeSet attributeS;
-// AceDAO::getAttributes(&attributeS);
-//
-// bool result = false;
-//
-// result = AttributeEqual(attributeSet,attributeS);
-//
-// handleResult(!result,"find Attributes empty request test 44");
-//}
-//
-//void AceDAOTester::test45(){
-// //empty subject and resource name - what is the verdict? - is it OK??
-// Request request("", "");
-// AttributeSet attributeSet;
-// std::string tmp("atrS15");
-// std::string tmpValue("Buu15");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-// Verdict ver = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(request, session, attributeSet, ver, val);
-//
-// VerdictLogic::removeVerdict(request, attributeSet);
-//
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict,Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 45");
-//}
-//
-//void AceDAOTester::test46(){
-// // TODO is it ok that for empty subject and resource name
-// // the verdict is not stored
-// Request requestemp("", "");
-// Request request("aa","bb");
-//
-// AttributeSet attributeSet;
-// std::string tmp("atrS46");
-// std::string tmpValue("Buu146");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-// Verdict verAdd = Verdict::VERDICT_PERMIT;
-// Validity val = Validity::ALWAYS;
-// std::string session = getSession();
-// VerdictLogic::addVerdict(requestemp, session, attributeSet, verAdd, val);
-// VerdictLogic::addVerdict(request, session, attributeSet, verAdd, val);
-//
-// VerdictLogic::removeVerdict(requestemp, attributeSet);
-//
-// Verdict verdictA = VerdictLogic::findVerdict(requestemp, session, attributeSet);
-// bool resultA = VSPAssertEqual(verdictA,Verdict::VERDICT_UNKNOWN);
-// handleResult(resultA,"find Verdict test 46 A ");
-//
-// Verdict verdictB = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool resultB = VSPAssertEqual(verdictB, Verdict::VERDICT_PERMIT);
-// handleResult(resultB,"find Verdict test 46 B ");
-//
-//}
-
-TESTSUITE06(53){
- CLEANENV;
- //Empty resource name
- std::string res("");
- SettingsLogic::setDevCapSetting(res, Preference::PREFERENCE_PERMIT);
- std::map<std::string, Preference> resourceSettings;
- SettingsLogic::getDevCapSettings(&resourceSettings);
-
- RUNNER_ASSERT(
- ResourceSettingEqual(
- &resourceSettings,
- res,
- Preference::PREFERENCE_PERMIT));
-}
-
-//void AceDAOTester::test48(){
-// SettingsLogic::setResourceSetting(NULL, PERMIT);
-// std::map<std::string, Preference>* resourceSettings =
-// SettingsLogic::getResourceSettings();
-//
-// bool result = ResourceSettingEqual(resourceSettings, NULL,PERMIT );
-// handleResult(result, "get Resource Settings empty resource test 48");
-// printf("get Resource Settings empty resource test 48 -----> "
-// "Segmentation fault\n");
-//}
-
-TESTSUITE06(55){
- CLEANENV;
- //resource settings list with empty elemen
-
- std::string resb("");
-
- std::list< std::pair<const std::string*,Preference> > *resourcesL = new
- std::list< std::pair<const std::string*, Preference> >();
-
- resourcesL->push_back(make_pair(&resb, Preference::PREFERENCE_PERMIT));
-
- SettingsLogic::setAllDevCapSettings (*resourcesL);
-
- std::map<std::string, Preference> resourceSettings;
- SettingsLogic::getDevCapSettings(&resourceSettings);
- RUNNER_ASSERT(ResourceSettingsEqual(resourcesL, &resourceSettings));
- delete resourcesL;
-}
-
-TESTSUITE06(56){
- CLEANENV;
- //user settings with empty subject and resource
- //if resource or subject name is empty, values are not saved in DB
- std::string resb("fake-resource");
- WidgetHandle subb = 0;
-
- std::list<PermissionTriple> permissionsL;
-
- permissionsL.push_back(PermissionTriple(subb, resb, Preference::PREFERENCE_PERMIT));
-
- SettingsLogic::setWidgetDevCapSettings(permissionsL);
-
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(UserSettingsAgreed(&permissionsL, &userSettings));
-}
-
-TESTSUITE06(57){
- CLEANENV;
- //user setting equal
- // settings with at least one empty value is not set
- std::string res("");
- WidgetHandle sub = 0;
-
- SettingsLogic::setWidgetDevCapSetting(res, sub, Preference::PREFERENCE_PERMIT);
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(
- UserSettingNotStored(
- &userSettings,
- res,
- sub,
- Preference::PREFERENCE_PERMIT));
-}
-
-TESTSUITE06(58){
- CLEANENV;
- //user settings empty values and Default access
-
- std::string res("");
- WidgetHandle sub = 0;
-
- SettingsLogic::setWidgetDevCapSetting(res, sub, Preference::PREFERENCE_DEFAULT);
- std::list<PermissionTriple> userSettings;
- SettingsLogic::getWidgetDevCapSettings(&userSettings);
- RUNNER_ASSERT(
- UserSettingNotStored(
- &userSettings,
- res,
- sub,
- Preference::PREFERENCE_DEFAULT));
-}
-
-//void AceDAOTester::test53(){
-// Request request("1 OR sv.verdict=1 --", "r53");
-// AttributeSet attributeSet;
-// std::string tmp("atrS53");
-// std::string tmpValue("Buu15");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-//// Verdict ver = Verdict::VERDICT_PERMIT;
-//// Validity val = Validity::ALWAYS;
-//
-// std::string session = getSession();
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 53 sql injection");
-//}
-
-//void AceDAOTester::test54()
-//{
-// Request request("1' OR sv.verdict=1 --", "r53");
-// AttributeSet attributeSet;
-// std::string tmp("atrS54");
-// std::string tmpValue("Buu15");
-// BaseAttributePtr atr(new Attribute(&tmp, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&tmpValue);
-// attributeSet.insert(atr);
-//
-// std::string session = getSession();
-// Verdict verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "find Verdict test 54 sql injection");
-//}
-//
-//void AceDAOTester::test55()
-//{
-// Request request("s55","r55");
-// AttributeSet attributeSet;
-// std::string session = getSession();
-// Verdict verdict = Verdict::VERDICT_PERMIT;
-// Validity validity = Validity::ALWAYS;
-//
-// VerdictLogic::addVerdict(request, session, attributeSet, verdict, validity);
-//
-// verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_PERMIT);
-// handleResult(result, "Test 55a - clean database");
-//
-// SettingsLogic::setWidgetDevCapSetting(request.getResourceId(),
-// request.getSubjectId(),
-// Preference::PREFERENCE_DENY);
-//
-// Preference preference = SettingsLogic::findGlobalUserSettings(request);
-// handleResult(preference == Preference::PREFERENCE_DENY, "Test 55b - clean database");
-//
-// AceDAO::resetDatabase();
-//
-// verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "Test 55c - clean database");
-//
-// preference = SettingsLogic::findGlobalUserSettings(request);
-// handleResult(preference == Preference::PREFERENCE_DEFAULT,
-// "Test 55d - clean database");
-//}
-//
-//void AceDAOTester::test56(){
-// Request request("s56","r56");
-// AttributeSet attributeSet;
-// std::string session = getSession();
-// Verdict verdict = Verdict::VERDICT_PERMIT;
-// Validity validity = Validity::ALWAYS;
-//
-// std::string aName("atrS15");
-// std::string aValue1("a;");
-// std::string aValue2("b");
-// BaseAttributePtr atr(new Attribute(&aName, Attribute::Match::Equal, Attribute::Type::Subject));
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&aValue1);
-// DPL::StaticPointerCast<Attribute>(atr)->addValue(&aValue2);
-// attributeSet.insert(atr);
-//
-// VerdictLogic::addVerdict(request, session, attributeSet, verdict, validity);
-//
-// attributeSet.clear();
-// BaseAttributePtr atr1(new Attribute(&aName, Attribute::Match::Equal, Attribute::Type::Subject));
-// aValue1 = "a";
-// aValue2 = ";b";
-// DPL::StaticPointerCast<Attribute>(atr1)->addValue(&aValue1);
-// DPL::StaticPointerCast<Attribute>(atr1)->addValue(&aValue2);
-// attributeSet.insert(atr1);
-//
-// verdict = VerdictLogic::findVerdict(request, session, attributeSet);
-// bool result = VSPAssertEqual(verdict, Verdict::VERDICT_UNKNOWN);
-// handleResult(result, "Test 56 - attribute hash calculation check");
-//}
-
-
-//BaseAttributePtr AceDAOTester::constructAttribute(
-// const char * name,
-// const char * value,
-// Attribute::Match match,
-// Attribute::Type type)
-//{
-// std::string tmp(name);
-// std::string tmpValue(value);
-// BaseAttributePtr attr(new Attribute(&tmp, match, type));
-// DPL::StaticPointerCast<Attribute>(attr)->addValue(&tmpValue);
-// return attr;
-//}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file TestSuite07.cpp
- * @author unknown
- * @version 1.0
- * @brief Test cases for ConfigurationManager
- */
-
-
-#include <dirent.h>
-#include <sys/types.h>
-
-#include <list>
-#include <string>
-
-#include <dpl/log/log.h>
-#include <dpl/test/test_runner.h>
-
-#include <dpl/ace/ConfigurationManager.h>
-
-#define TESTSUITE07(n,path) \
-RUNNER_TEST(ts07_configuration_mng_ ## n){ \
- ConfigurationManagerTester cm; \
- cm.setUp(); \
- cm.parseTest(path);
-
-#define TESTSUITEEND \
- cm.cleanUp(); \
-}
-
-class ConfigurationManagerTester : public ConfigurationManager {
-public:
- int parseTest(const std::string &file) {
- return parse(file);
- }
-
- const std::string& getConfigFileTest() const {
- return getConfigFile();
- }
-
- void prepareDir(std::string & path);
- void cleanUp();
- void setUp();
- bool assertPolicyNOTinAList(const char *) const;
- bool assertIsCurrentPolicy(const char * policy);
- bool assertEqual(const std::string& original, const std::string & intended);
- bool assertFileExists(const char * policyFile) const;
- bool assertFileDoesntExist(const char * policyFile) const;
- bool assertEqual(const int original,const int intended) const;
- bool assertPolicyInAList(const char *)const;
-
- ConfigurationManagerTester() { }
-};
-
-TESTSUITE07(01,CONFIGURATION_MGR_TEST_CONFIG)
- RUNNER_ASSERT(cm.assertIsCurrentPolicy("pms_general-test.xml") && cm.assertPolicyInAList("pms_general-test.xml"));
-TESTSUITEEND
-
-TESTSUITE07(02,CONFIGURATION_MGR_TEST_CONFIG)
- RUNNER_ASSERT(cm.assertEqual(cm.getStoragePath(),
- std::string(CONFIGURATION_MGR_TEST_POLICY_STORAGE)));
-TESTSUITEEND
-
-TESTSUITE07(03,CONFIGURATION_MGR_TEST_CONFIG)
- LogInfo("Full path "<<cm.getFullPathToCurrentPolicyFile());
- RUNNER_ASSERT(cm.assertEqual(cm.getFullPathToCurrentPolicyFile(),
- std::string(CONFIGURATION_MGR_TEST_POLICY)));
-TESTSUITEEND
-
-TESTSUITE07(04,CONFIGURATION_MGR_TEST_CONFIG)
- int ret = cm.addPolicyFile(std::string(CONFIGURATION_MGR_TEST_PATH"policyTest1.xml"));
- RUNNER_ASSERT(cm.assertFileExists(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/policyTest1.xml"));
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_OPERATION_SUCCESS));
- RUNNER_ASSERT(cm.assertPolicyInAList("policyTest1.xml"));
-TESTSUITEEND
-
-TESTSUITE07(05,CONFIGURATION_MGR_TEST_CONFIG)
- int ret = cm.addPolicyFile(std::string(CONFIGURATION_MGR_TEST_PATH"policyTest1.xml"));
- RUNNER_ASSERT(cm.assertFileExists(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/policyTest1.xml"));
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_OPERATION_SUCCESS));
- ret = cm.removePolicyFile(std::string("policyTest1.xml"));
- RUNNER_ASSERT(cm.assertFileDoesntExist(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/policyTest1.xml"));
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_OPERATION_SUCCESS));
- RUNNER_ASSERT(cm.assertPolicyNOTinAList("policyTest1.xml"));
-TESTSUITEEND
-
-//Try to upload the file once again
-TESTSUITE07(06,CONFIGURATION_MGR_TEST_CONFIG)
- int ret = cm.addPolicyFile(std::string(CONFIGURATION_MGR_TEST_PATH"policyTest1.xml"));
- RUNNER_ASSERT(cm.assertFileExists(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/policyTest1.xml"));
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_OPERATION_SUCCESS));
- RUNNER_ASSERT(cm.assertPolicyInAList("policyTest1.xml"));
-TESTSUITEEND
-
-TESTSUITE07(07,CONFIGURATION_MGR_TEST_CONFIG)
- int ret = cm.addPolicyFile(std::string(CONFIGURATION_MGR_TEST_PATH"policyTest2.xml"));
- RUNNER_ASSERT(cm.assertFileExists(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/policyTest2.xml"));
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_OPERATION_SUCCESS));
- RUNNER_ASSERT(cm.assertPolicyInAList("policyTest2.xml"));
-TESTSUITEEND
-
-TESTSUITE07(08,CONFIGURATION_MGR_TEST_CONFIG)
- int ret = cm.addPolicyFile(std::string(CONFIGURATION_MGR_TEST_PATH"notExitingPolicy.xml"));
- RUNNER_ASSERT(cm.assertFileDoesntExist(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/notExitingPolicy.xml"));
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_GENERAL_ERROR));
- RUNNER_ASSERT(cm.assertPolicyNOTinAList("notExitingPolicy.xml"));
-TESTSUITEEND
-
-TESTSUITE07(09,CONFIGURATION_MGR_TEST_CONFIG)
- int ret = cm.addPolicyFile(CONFIGURATION_MGR_TEST_PATH"policyTest1.xml");
- RUNNER_ASSERT(cm.assertFileExists(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/policyTest1.xml"));
- RUNNER_ASSERT(cm.assertPolicyInAList("policyTest1.xml"));
- ret = cm.addPolicyFile(CONFIGURATION_MGR_TEST_PATH"policyTest1.xml");
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_FILE_EXISTS));
-TESTSUITEEND
-
-TESTSUITE07(10,CONFIGURATION_MGR_TEST_CONFIG)
- int ret = cm.removePolicyFile("policyTest12.xml");
- RUNNER_ASSERT(cm.assertFileDoesntExist(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/policyTest12.xml"));
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_REMOVE_NOT_EXISTING));
- RUNNER_ASSERT(cm.assertPolicyNOTinAList("policyTest12.xml"));
-TESTSUITEEND
-
-TESTSUITE07(11,CONFIGURATION_MGR_TEST_CONFIG)
- int ret = cm.removePolicyFile(cm.getCurrentPolicyFile());
- RUNNER_ASSERT(cm.assertFileExists(cm.getFullPathToCurrentPolicyFile().c_str()));
- RUNNER_ASSERT(cm.assertEqual(ret, ConfigurationManager::CM_REMOVE_CURRENT));
- RUNNER_ASSERT(cm.assertPolicyInAList(cm.getCurrentPolicyFile().c_str()));
-TESTSUITEEND
-
-TESTSUITE07(12,CONFIGURATION_MGR_TEST_CONFIG)
- std::string fullPathToCurrentPolicy(CONFIGURATION_MGR_TEST_PATH);
- fullPathToCurrentPolicy+="active/";
- fullPathToCurrentPolicy+= cm.getCurrentPolicyFile();
- RUNNER_ASSERT(cm.assertEqual(cm.getFullPathToCurrentPolicyFile(), fullPathToCurrentPolicy));
-TESTSUITEEND
-
-TESTSUITE07(13,CONFIGURATION_MGR_TEST_CONFIG)
- system("mv "CONFIGURATION_MGR_TEST_POLICY_STORAGE" "CONFIGURATION_MGR_TEST_POLICY_STORAGE_MOVED);
- int ret = cm.addPolicyFile(CONFIGURATION_MGR_TEST_PATH"policyTest3.xml");
- bool result = cm.assertEqual(ret, ConfigurationManager::CM_GENERAL_ERROR)
- && cm.assertPolicyNOTinAList("policyTest3.xml");
- system("mv "CONFIGURATION_MGR_TEST_POLICY_STORAGE_MOVED" "CONFIGURATION_MGR_TEST_POLICY_STORAGE);
- RUNNER_ASSERT(result);
-TESTSUITEEND
-
-TESTSUITE07(14,CONFIGURATION_MGR_TEST_CONFIG)
- cm.addPolicyFile(CONFIGURATION_MGR_TEST_PATH"policyTest3.xml");
-
- system("mv "CONFIGURATION_MGR_TEST_POLICY_STORAGE" "CONFIGURATION_MGR_TEST_POLICY_STORAGE_MOVED);
- int ret = cm.removePolicyFile("policyTest3.xml");
- bool result = cm.assertEqual(ret, ConfigurationManager::CM_REMOVE_NOT_EXISTING)
- && cm.assertPolicyNOTinAList("policyTest3.xml");
- system("mv "CONFIGURATION_MGR_TEST_POLICY_STORAGE_MOVED" "CONFIGURATION_MGR_TEST_POLICY_STORAGE);
- RUNNER_ASSERT(result);
-TESTSUITEEND
-
-/*
- *
- * Changing configuration
- *
- */
-TESTSUITE07(15,CONFIGURATION_MGR_TEST_CONFIG)
- //Just make sure that policyTest1.xml has been added to the storage
- cm.removePolicyFile("policyTest1.xml");
- int ret = cm.addPolicyFile(CONFIGURATION_MGR_TEST_PATH"policyTest1.xml");
- bool result = cm.assertEqual(ret,ConfigurationManager::CM_OPERATION_SUCCESS);
-
- ret = cm.changeCurrentPolicyFile("policyTest1.xml");
- result &= cm.assertEqual(ret, ConfigurationManager::CM_OPERATION_SUCCESS);
- RUNNER_ASSERT(result);
-
- cm.parseTest(cm.getConfigFileTest());
- result = cm.assertEqual(cm.getCurrentPolicyFile(),"policyTest1.xml");
- RUNNER_ASSERT(result);
-
- ret = cm.changeCurrentPolicyFile("pms_general-test.xml");
- result = cm.assertEqual(ret, ConfigurationManager::CM_OPERATION_SUCCESS);
- RUNNER_ASSERT(result);
-
- cm.parseTest(cm.getConfigFileTest());
- result = cm.assertEqual(cm.getCurrentPolicyFile(),"pms_general-test.xml");
- RUNNER_ASSERT(result);
-TESTSUITEEND
-
-/*
- *===============
- *
- *END OF TESTS
- *
- *===============
- */
-
-bool ConfigurationManagerTester::assertIsCurrentPolicy(const char * policy){
-
- return getCurrentPolicyFile() == std::string(policy);
-
-}
-
-bool ConfigurationManagerTester::assertEqual(const std::string & actual,const std::string & intended){
- LogDebug("Comparing "<<actual<<" with "<<intended);
- return actual == intended;
-}
-
-bool ConfigurationManagerTester::assertEqual(const int original,const int intended) const{
-
- bool tmp = original == intended;
- LogInfo("Results comparing with outcome "<<tmp);
- return tmp;
-}
-
-bool ConfigurationManagerTester::assertFileExists(const char * policyFile) const {
- bool tmp = checkIfFileExistst(std::string(policyFile));
- LogDebug("Assert File exists with result: "<<tmp);
- return tmp;
-}
-
-bool ConfigurationManagerTester::assertFileDoesntExist(const char * policyFile) const {
-
- bool temp = !checkIfFileExistst(std::string(policyFile));
- LogDebug("Assert file doesn't exists result: "<<temp);
- return temp;
-
-}
-
-bool ConfigurationManagerTester::assertPolicyInAList(const char * name)const{
- bool found = false;
- std::string expected(name);
- for(std::list<std::string>::const_iterator it = getPolicyFiles().begin(); it!=getPolicyFiles().end(); ++it){
- if( *it == expected ){
- found = true;
- break;
- }
- }
-
- LogDebug("assert Policy in a list result: "<<found);
- return found;
-}
-
-
-bool ConfigurationManagerTester::assertPolicyNOTinAList(const char * name) const{
- return !assertPolicyInAList(name);
-}
-
-void ConfigurationManagerTester::cleanUp(){
- DIR *dp;
- struct dirent *dirp;
- if( (dp = opendir(CONFIGURATION_MGR_TEST_POLICY_STORAGE) )== NULL ){
- LogError("Error while cleaning up");
- return;
- }
-
- while( (dirp = readdir(dp)) != NULL ) {
- std::string fileName(dirp->d_name);
- if( fileName == "pms_general-test.xml" || fileName == "bondixml.dtd" ||
- fileName == "." || fileName ==".." ){
- continue;
- }
- std::string fullPath(CONFIGURATION_MGR_TEST_POLICY_STORAGE"/");
- fullPath.append(dirp->d_name);
- if (removePolicyFile(fullPath) == CM_REMOVE_ERROR){
- LogError("Cannot clean up. Exiting");
- break;
- };
- }
- //Restore the backup of config file
- system("cp "CONFIGURATION_MGR_TEST_PATH"backup.xml "CONFIGURATION_MGR_TEST_CONFIG);
-}
-
-void ConfigurationManagerTester::setUp(){
- //Create backup of config file
- system("cp "CONFIGURATION_MGR_TEST_CONFIG" "CONFIGURATION_MGR_TEST_PATH"backup.xml");
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file main.cpp
- * @author Bartlomiej Grzelewski <b.grzelewski@samsung.com>
- * @version 1.0
- * @brief This file is the implementation file of main
- */
-#include <string>
-
-#include <dpl/test/test_runner.h>
-#include <dpl/log/log.h>
-
-#include <loop_control.h>
-
-#include <dpl/ace-dao-rw/AceDAO.h>
-
-#include "Interfaces.h"
-#include "PEPSingleton.h"
-
-
-using namespace LoopControl;
-
-class UnitTestThread
-{
-public:
- UnitTestThread()
- {
- // Attach databases
- AceDB::AceDAO::attachToThread();
- }
-
- ~UnitTestThread()
- {
- // Detach databases
- AceDB::AceDAO::detachFromThread();
- }
-};
-
-int main (int argc, char *argv[])
-{
- init_loop(argc, argv);
-
- LogInfo("Initializing PEPSingleton.");
-
- UnitTestThread attacher;
-
- PEPSingleton::Instance().initialize(
- new WebRuntimeImp(),
- new ResourceInformationImp(),
- new OperationSystemImp());
-
- LogInfo("Starting tests.");
-
- int status = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
-
- PEPSingleton::Instance().terminate();
-
- quit_loop();
- return status;
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file loop_control.cpp
- * @author Jaroslaw Osmanski (j.osmanski@samsung.com)
- * @version 1.0
- * @brief This is implementation of EFL version of loop control
- */
-
-#include <dpl/log/log.h>
-
-#include <dpl/framework_efl.h>
-
-#include <glib.h>
-#include <glib-object.h>
-
-#include <loop_control.h>
-
-namespace LoopControl
-{
-void init_loop(int argc, char *argv[])
-{
- (void)argc;
- (void)argv;
- g_type_init();
- g_thread_init(NULL);
-
- LogInfo("Starting");
- elm_init(argc, argv);
-}
-
-void wait_for_wrt_init()
-{
- ecore_main_loop_begin();
-}
-
-void finish_wait_for_wrt_init()
-{
- ecore_main_loop_quit();
-}
-
-void quit_loop()
-{
- elm_shutdown();
-}
-
-void wrt_start_loop()
-{
- ecore_main_loop_begin();
-}
-
-void wrt_end_loop()
-{
- ecore_main_loop_quit();
-}
-
-void *abstract_window()
-{
- return elm_win_add(NULL, "hello", ELM_WIN_BASIC);
-}
-
-}//end of LoopControl namespace
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file loop_control.cpp
- * @author Jaroslaw Osmanski (j.osmanski@samsung.com)
- * @version 1.0
- * @brief This file is the definitions of loop controlling utilities
- */
-
-
-#ifndef LOOP_CONTROL_H_
-#define LOOP_CONTROL_H_
-
-namespace LoopControl
-{
-
-void init_loop(int argc, char *argv[]);
-void wait_for_wrt_init();
-void finish_wait_for_wrt_init();
-void quit_loop();
-
-void wrt_start_loop();
-void wrt_end_loop();
-
-void *abstract_window();
-
-}
-
-#endif /* LOOP_CONTROL_H_ */
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/CMTest/pms_config.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/CMTest/pms_general-test.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/CMTest/policyTest1.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/CMTest/policyTest2.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/CMTest/policyTest3.xml
- DESTINATION /usr/etc/ace/CMTest
- PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ GROUP_WRITE
- )
-
-ADD_SUBDIRECTORY(active)
-
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/CMTest/active/pms_general-test.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/CMTest/active/bondixml.dtd
- DESTINATION /usr/etc/ace/CMTest/active
- PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ GROUP_WRITE
- )
-
+++ /dev/null
-<!ENTITY % Object.ANY ''>
-<!ENTITY % Method.ANY ''>
-<!ENTITY % Transform.ANY ''>
-<!ENTITY % SignatureProperty.ANY ''>
-<!ENTITY % KeyInfo.ANY ''>
-<!ENTITY % KeyValue.ANY ''> <!-- TODO ECDSA IS NOT HANDLED YET -->
-<!ENTITY % PGPData.ANY ''>
-<!ENTITY % X509Data.ANY ''>
-<!ENTITY % SPKIData.ANY ''>
-
-
-<!ELEMENT signed-policy (Signature, ( policy-set | policy )* ) >
-<!-- Start Core Signature declarations, these should NOT be altered -->
-
-<!ELEMENT Signature (SignedInfo, SignatureValue, KeyInfo?, Object*) >
-<!ATTLIST Signature
- xmlns CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'
- Id ID #IMPLIED >
-
-<!ELEMENT SignatureValue (#PCDATA) >
-<!ATTLIST SignatureValue
- Id ID #IMPLIED>
-
-<!ELEMENT SignedInfo (CanonicalizationMethod,
- SignatureMethod, Reference+) >
-<!ATTLIST SignedInfo
- Id ID #IMPLIED
->
-
-<!ELEMENT CanonicalizationMethod (#PCDATA %Method.ANY;)* >
-<!ATTLIST CanonicalizationMethod
- Algorithm CDATA #REQUIRED >
-
-<!ELEMENT SignatureMethod (#PCDATA|HMACOutputLength %Method.ANY;)* >
-<!ATTLIST SignatureMethod
- Algorithm CDATA #REQUIRED >
-
-<!ELEMENT Reference (DigestMethod, DigestValue) >
-<!ATTLIST Reference
- Id ID #IMPLIED
- URI CDATA #IMPLIED
- Type CDATA #IMPLIED>
-
-
-<!ELEMENT XPath (#PCDATA) >
-
-<!ELEMENT DigestMethod (#PCDATA %Method.ANY;)* >
-<!ATTLIST DigestMethod
- Algorithm CDATA #REQUIRED >
-
-<!ELEMENT DigestValue (#PCDATA) >
-
-<!ELEMENT KeyInfo (#PCDATA|KeyName|KeyValue|RetrievalMethod|
- X509Data|PGPData|SPKIData|MgmtData %KeyInfo.ANY;)* >
-<!ATTLIST KeyInfo
- Id ID #IMPLIED >
-
-<!-- Key Information -->
-
-<!ELEMENT KeyName (#PCDATA) >
-<!ELEMENT KeyValue (#PCDATA|DSAKeyValue|RSAKeyValue %KeyValue.ANY;)* >
-<!ELEMENT MgmtData (#PCDATA) >
-
-<!ELEMENT RetrievalMethod EMPTY>
-<!ATTLIST RetrievalMethod
- URI CDATA #REQUIRED
- Type CDATA #IMPLIED >
-
-<!-- X.509 Data -->
-
-<!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
- X509Certificate | X509CRL )+ %X509Data.ANY;)>
-<!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
-<!ELEMENT X509IssuerName (#PCDATA) >
-<!ELEMENT X509SubjectName (#PCDATA) >
-<!ELEMENT X509SerialNumber (#PCDATA) >
-<!ELEMENT X509SKI (#PCDATA) >
-<!ELEMENT X509Certificate (#PCDATA) >
-<!ELEMENT X509CRL (#PCDATA) >
-
-<!-- PGPData -->
-
-<!ELEMENT PGPData ((PGPKeyID, PGPKeyPacket?) | (PGPKeyPacket) %PGPData.ANY;) >
-<!ELEMENT PGPKeyPacket (#PCDATA) >
-<!ELEMENT PGPKeyID (#PCDATA) >
-
-<!-- SPKI Data -->
-
-<!ELEMENT SPKIData (SPKISexp %SPKIData.ANY;) >
-<!ELEMENT SPKISexp (#PCDATA) >
-
-<!-- Extensible Content -->
-
-<!ELEMENT Object (#PCDATA|Signature|SignatureProperties|Manifest %Object.ANY;)* >
-<!ATTLIST Object
- Id ID #IMPLIED
- MimeType CDATA #IMPLIED
- Encoding CDATA #IMPLIED >
-
-<!ELEMENT Manifest (Reference+) >
-<!ATTLIST Manifest
- Id ID #IMPLIED >
-
-<!ELEMENT SignatureProperties (SignatureProperty+) >
-<!ATTLIST SignatureProperties
- Id ID #IMPLIED >
-
-<!ELEMENT SignatureProperty (#PCDATA %SignatureProperty.ANY;)* >
-<!ATTLIST SignatureProperty
- Target CDATA #REQUIRED
- Id ID #IMPLIED >
-
-<!-- Algorithm Parameters -->
-
-<!ELEMENT HMACOutputLength (#PCDATA) >
-
-<!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) >
-<!ELEMENT P (#PCDATA) >
-<!ELEMENT Q (#PCDATA) >
-<!ELEMENT G (#PCDATA) >
-<!ELEMENT Y (#PCDATA) >
-<!ELEMENT J (#PCDATA) >
-<!ELEMENT Seed (#PCDATA) >
-<!ELEMENT PgenCounter (#PCDATA) >
-
-<!ELEMENT RSAKeyValue (Modulus, Exponent) >
-<!ELEMENT Modulus (#PCDATA) >
-<!ELEMENT Exponent (#PCDATA) >
-
-
-
-
-
-
-
-
-<!ELEMENT policy-set (target?, assert*, (policy-set | policy)*) >
-<!ATTLIST policy-set
- combine (deny-overrides|permit-overrides|first-matching-target) "deny-overrides"
- id ID #IMPLIED
->
-
-<!ELEMENT policy (target?, assert*, rule*) >
-<!ATTLIST policy
- combine (deny-overrides|permit-overrides|first-applicable) "deny-overrides"
- description CDATA #IMPLIED
- id ID #IMPLIED
->
-
-<!ELEMENT assert (condition?, set*) >
-
-<!ELEMENT set EMPTY >
-<!ATTLIST set attr CDATA #REQUIRED >
-<!ATTLIST set value CDATA #REQUIRED >
-
-<!ELEMENT rule (condition?) >
-<!ATTLIST rule
- effect (permit|prompt-blanket|prompt-session|prompt-oneshot|deny) "permit"
->
-
-<!ELEMENT target (subject+) >
-
-<!ELEMENT subject (subject-match+) >
-
-<!ELEMENT condition ((condition | subject-match | resource-match | environment-match)+) >
-<!ATTLIST condition
- combine (and|or) "and"
->
-
-<!ENTITY % match-attrs '
- attr CDATA #REQUIRED
- match CDATA #IMPLIED
- func (equal|glob|regexp) "glob"
-'>
-
-<!ELEMENT subject-match (#PCDATA)>
-<!ATTLIST subject-match %match-attrs; >
-
-<!ENTITY % match-model '
- (#PCDATA | subject-attr | resource-attr | environment-attr)*
-'>
-
-<!ELEMENT resource-match %match-model;>
-<!ATTLIST resource-match %match-attrs;>
-
-<!ELEMENT environment-match %match-model;>
-<!ATTLIST environment-match %match-attrs;>
-
-<!ENTITY % attr-attrs 'attr CDATA #REQUIRED'>
-
-<!ELEMENT subject-attr EMPTY>
-<!ATTLIST subject-attr %attr-attrs;>
-
-<!ELEMENT resource-attr EMPTY>
-<!ATTLIST resource-attr %attr-attrs;>
-
-<!ELEMENT environment-attr EMPTY>
-<!ATTLIST environment-attr %attr-attrs;>
-
+++ /dev/null
-<!DOCTYPE signed-policy SYSTEM "bondixml.dtd">
-
-<signed-policy>
-
- <Signature Id="SignatureExample" xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w2.org/2006/12/xml-c14n11"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <Reference URI="Policy-1">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-2">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-3">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-4">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-5">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-6">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-7">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-8">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-9">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-10">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-11">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-12">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-13">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-14">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-15">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-16">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-17">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>asdfkjlhxvczxnbcvnjahfjhsdfklahfdas</SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P> PValue </P><Q> QValue </Q><G> Gvalue </G><Y> laj?</Y>
- </DSAKeyValue>
- <RSAKeyValue>
- <Modulus>
- modulus
- </Modulus>
- <Exponent>
- exponent
- </Exponent>
- </RSAKeyValue>
- </KeyValue>
- <X509Data>
- <X509SubjectName> Subject name </X509SubjectName>
- <X509SKI> SKI </X509SKI>
- </X509Data>
- </KeyInfo>
- </Signature>
-
-
-
-<policy-set id="Policy-1">
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">
- subject
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- <subject-match attr="version" match="3" />
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set >
- <target>
- <subject>
- <subject-match attr="id">
- subject3
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject4" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject4
- </subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set id="Policy-2" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="subject5" />
- </subject>
- <subject>
- <subject-match attr="id" match="subject6" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject5
- </subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource5
- </resource-match>
- <subject-match attr="version" match="5" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id">
- resource6
- </resource-match>
- <subject-match attr="version" match="6" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-<policy-set id="Policy-4" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-5" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-6" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- <resource-match attr="r8v2" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny" />
- </policy>
-</policy-set>
-
-<policy-set id="Policy-7" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-8" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b" match="777" func="equal" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-9" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme" match="http" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.authority" match="onet.pl" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-10" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9d</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme-authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-11" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9e</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-12" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9f</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-13" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9g</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-14" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9h</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-15" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-16" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-17" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- justyna -->
-
-<!--- test 13 (old name: test 100)-->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s13</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 14 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s14</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 15 (old name: test 102) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri.host" match="//buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 16 (old name: test 103) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s16</subject-match>
- <subject-match attr="uri.host" match="v.com.pl"/>
-
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 17 (old name: test 104)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject4</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject5</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 18 (old name: test 105)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri" match="buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18b"/>
- <subject-match attr="uri" match="buu.s18b.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18c"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="uri" match="buu.s18c.pl"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 19 (old name: test 106)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.1</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.2</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 20 (old name: test 107)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.1</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.2</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!-- justyna -->
-
-
-<!--- test 21 (old name: test 103 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s21</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 23 (old name: test 105 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s23</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 24 (old name: test 106 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s24</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <subject-match attr="version" match="5"/>
- <resource-match attr="resource-id" match="device:pim"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.1 (old name: test 107 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.2 (old name: test 107 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.3 (old name: test 107 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 25.4 (old name: test 107 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 26.1 (old name: test 108 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.2 (old name: test 108 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.3 (old name: test 108 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 26.4 (old name: test 108 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.1 (old name: test 109 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.2 (old name: test 109a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.3 (old name: test 109b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.4 (old name: test 109c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 28 (old name: test 110 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s28</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 29 (old name: test 111 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s29</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.1 (old name: test 112 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.2 (old name: test 112a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.3 (old name: test 112b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.4 (old name: test 112c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-
-
-<!--- test 31.1 (old name: test 113 U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 31.2.1 (old name: test 113a U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.2.2 (old name: test 113aa U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.3 (old name: test 113b U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.3</subject-match>
- </subject>
- </target>
-
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-<!--- test 32.1 (old name: test 114 U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 32.2.1 (old name: test 114a U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.2.2 (old name: test 114aa U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.3 (old name: test 114b U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.1 (old name: test 115 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.2 (old name: test 115a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.3 (old name: test 115b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.3</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 34.1 (old name: test 116 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 34.2 (old name: test 116 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 35.1 (old name: test 117 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 35.2 (old name: test 117 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set>
- <target>
- <subject>
- <subject-match attr="id">org.tizen.widget.analogclock</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="http://helloheloo/"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 36 (old name: test 102 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s36</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-
-<!--- test 37 (old name: test 108 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s37</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-oneshot">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 38 (old name: test 109 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 39 (old name: test 110 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- Maria -->
-<!-- testing different methods of policies and rules combining-->
-<!--- test 40 (old name: test 200 -->
-
-<!--- two opposite rules put into different policies in one policy set -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s40</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 41 (old name: test 201 -->
-
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s41</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r41</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r41.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.1 (old name: test 202 -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.2 (old name: test 202b -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 43.1 (old name: test 203 -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 43.2 (old name: test 203b -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.1 (old name: test 204 -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.2 (old name: test 204b -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 45.1 (old name: test 205 -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of permit in contradiction to test 202 -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 45.2 (old name: test 205b -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of deny-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 46.1 (old name: test 206 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 46.2 (old name: test 206b -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 47.1 (old name: test 207 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 47.2 (old name: test 207b -->
-<!--- two opposite rules put into one policy -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 48 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
-<target>
-<subject>
-<subject-match attr="id">s48</subject-match>
-<subject-match attr="uri.host" match="www.test.pl"/>
-
-</subject>
-</target>
-<policy>
-<rule effect="permit">
-<condition combine="and">
-<resource-match attr="resource-id" match="device:pim.contacts"/>
-<!--<subject-match attr="uri" match="http://www.test.pl:80"/>-->
-</condition>
-</rule>
-</policy>
-</policy-set>
-
-</policy-set>
-
-</signed-policy>
+++ /dev/null
-<?xml version="1.0" ?>
-<!DOCTYPE manager-settings SYSTEM "../config.dtd">
-<manager-settings>
- <storage-path>/usr/etc/ace/CMTest/active</storage-path>
- <policy-files>
- <file active="true">pms_general-test.xml</file>
- </policy-files>
-</manager-settings>
-
-
+++ /dev/null
-<!DOCTYPE signed-policy SYSTEM "bondixml.dtd">
-
-<signed-policy>
-
- <Signature Id="SignatureExample" xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w2.org/2006/12/xml-c14n11"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <Reference URI="Policy-1">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-2">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-3">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-4">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-5">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-6">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-7">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-8">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-9">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-10">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-11">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-12">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-13">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-14">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-15">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-16">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-17">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>asdfkjlhxvczxnbcvnjahfjhsdfklahfdas</SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P> PValue </P><Q> QValue </Q><G> Gvalue </G><Y> laj?</Y>
- </DSAKeyValue>
- <RSAKeyValue>
- <Modulus>
- modulus
- </Modulus>
- <Exponent>
- exponent
- </Exponent>
- </RSAKeyValue>
- </KeyValue>
- <X509Data>
- <X509SubjectName> Subject name </X509SubjectName>
- <X509SKI> SKI </X509SKI>
- </X509Data>
- </KeyInfo>
- </Signature>
-
-
-
-<policy-set id="Policy-1">
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">
- subject
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- <subject-match attr="version" match="3" />
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set >
- <target>
- <subject>
- <subject-match attr="id">
- subject3
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject4" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject4
- </subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set id="Policy-2" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="subject5" />
- </subject>
- <subject>
- <subject-match attr="id" match="subject6" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject5
- </subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource5
- </resource-match>
- <subject-match attr="version" match="5" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id">
- resource6
- </resource-match>
- <subject-match attr="version" match="6" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-<policy-set id="Policy-4" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-5" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-6" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- <resource-match attr="r8v2" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny" />
- </policy>
-</policy-set>
-
-<policy-set id="Policy-7" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-8" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b" match="777" func="equal" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-9" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme" match="http" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.authority" match="onet.pl" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-10" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9d</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme-authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-11" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9e</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-12" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9f</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-13" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9g</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-14" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9h</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-15" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-16" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-17" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- justyna -->
-
-<!--- test 13 (old name: test 100)-->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s13</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 14 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s14</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 15 (old name: test 102) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri.host" match="//buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 16 (old name: test 103) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s16</subject-match>
- <subject-match attr="uri.host" match="v.com.pl"/>
-
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 17 (old name: test 104)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject4</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject5</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 18 (old name: test 105)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri" match="buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18b"/>
- <subject-match attr="uri" match="buu.s18b.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18c"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="uri" match="buu.s18c.pl"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 19 (old name: test 106)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.1</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.2</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 20 (old name: test 107)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.1</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.2</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!-- justyna -->
-
-
-<!--- test 21 (old name: test 103 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s21</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 23 (old name: test 105 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s23</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 24 (old name: test 106 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s24</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <subject-match attr="version" match="5"/>
- <resource-match attr="resource-id" match="device:pim"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.1 (old name: test 107 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.2 (old name: test 107 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.3 (old name: test 107 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 25.4 (old name: test 107 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 26.1 (old name: test 108 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.2 (old name: test 108 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.3 (old name: test 108 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 26.4 (old name: test 108 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.1 (old name: test 109 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.2 (old name: test 109a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.3 (old name: test 109b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.4 (old name: test 109c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 28 (old name: test 110 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s28</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 29 (old name: test 111 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s29</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.1 (old name: test 112 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.2 (old name: test 112a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.3 (old name: test 112b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.4 (old name: test 112c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-
-
-<!--- test 31.1 (old name: test 113 U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 31.2.1 (old name: test 113a U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.2.2 (old name: test 113aa U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.3 (old name: test 113b U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.3</subject-match>
- </subject>
- </target>
-
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-<!--- test 32.1 (old name: test 114 U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 32.2.1 (old name: test 114a U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.2.2 (old name: test 114aa U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.3 (old name: test 114b U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.1 (old name: test 115 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.2 (old name: test 115a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.3 (old name: test 115b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.3</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 34.1 (old name: test 116 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 34.2 (old name: test 116 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 35.1 (old name: test 117 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 35.2 (old name: test 117 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set>
- <target>
- <subject>
- <subject-match attr="id">org.tizen.widget.analogclock</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="http://helloheloo/"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 36 (old name: test 102 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s36</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-
-<!--- test 37 (old name: test 108 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s37</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-oneshot">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 38 (old name: test 109 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 39 (old name: test 110 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- Maria -->
-<!-- testing different methods of policies and rules combining-->
-<!--- test 40 (old name: test 200 -->
-
-<!--- two opposite rules put into different policies in one policy set -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s40</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 41 (old name: test 201 -->
-
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s41</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r41</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r41.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.1 (old name: test 202 -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.2 (old name: test 202b -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 43.1 (old name: test 203 -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 43.2 (old name: test 203b -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.1 (old name: test 204 -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.2 (old name: test 204b -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 45.1 (old name: test 205 -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of permit in contradiction to test 202 -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 45.2 (old name: test 205b -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of deny-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 46.1 (old name: test 206 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 46.2 (old name: test 206b -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 47.1 (old name: test 207 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 47.2 (old name: test 207b -->
-<!--- two opposite rules put into one policy -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 48 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
-<target>
-<subject>
-<subject-match attr="id">s48</subject-match>
-<subject-match attr="uri.host" match="www.test.pl"/>
-
-</subject>
-</target>
-<policy>
-<rule effect="permit">
-<condition combine="and">
-<resource-match attr="resource-id" match="device:pim.contacts"/>
-<!--<subject-match attr="uri" match="http://www.test.pl:80"/>-->
-</condition>
-</rule>
-</policy>
-</policy-set>
-
-</policy-set>
-
-</signed-policy>
+++ /dev/null
-<!DOCTYPE signed-policy SYSTEM "bondixml.dtd">
-
-<signed-policy>
-
- <Signature Id="SignatureExample" xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w2.org/2006/12/xml-c14n11"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <Reference URI="Policy-1">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-2">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-3">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-4">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-5">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-6">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-7">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-8">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-9">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-10">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-11">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-12">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-13">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-14">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-15">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-16">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-17">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>asdfkjlhxvczxnbcvnjahfjhsdfklahfdas</SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P> PValue </P><Q> QValue </Q><G> Gvalue </G><Y> laj?</Y>
- </DSAKeyValue>
- <RSAKeyValue>
- <Modulus>
- modulus
- </Modulus>
- <Exponent>
- exponent
- </Exponent>
- </RSAKeyValue>
- </KeyValue>
- <X509Data>
- <X509SubjectName> Subject name </X509SubjectName>
- <X509SKI> SKI </X509SKI>
- </X509Data>
- </KeyInfo>
- </Signature>
-
-
-
-<policy-set id="Policy-1">
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">
- subject
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- <subject-match attr="version" match="3" />
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set >
- <target>
- <subject>
- <subject-match attr="id">
- subject3
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject4" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject4
- </subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set id="Policy-2" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="subject5" />
- </subject>
- <subject>
- <subject-match attr="id" match="subject6" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject5
- </subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource5
- </resource-match>
- <subject-match attr="version" match="5" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id">
- resource6
- </resource-match>
- <subject-match attr="version" match="6" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-<policy-set id="Policy-4" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-5" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-6" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- <resource-match attr="r8v2" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny" />
- </policy>
-</policy-set>
-
-<policy-set id="Policy-7" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-8" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b" match="777" func="equal" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-9" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme" match="http" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.authority" match="onet.pl" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-10" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9d</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme-authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-11" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9e</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-12" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9f</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-13" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9g</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-14" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9h</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-15" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-16" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-17" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- justyna -->
-
-<!--- test 13 (old name: test 100)-->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s13</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 14 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s14</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 15 (old name: test 102) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri.host" match="//buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 16 (old name: test 103) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s16</subject-match>
- <subject-match attr="uri.host" match="v.com.pl"/>
-
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 17 (old name: test 104)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject4</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject5</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 18 (old name: test 105)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri" match="buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18b"/>
- <subject-match attr="uri" match="buu.s18b.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18c"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="uri" match="buu.s18c.pl"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 19 (old name: test 106)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.1</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.2</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 20 (old name: test 107)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.1</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.2</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!-- justyna -->
-
-
-<!--- test 21 (old name: test 103 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s21</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 23 (old name: test 105 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s23</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 24 (old name: test 106 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s24</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <subject-match attr="version" match="5"/>
- <resource-match attr="resource-id" match="device:pim"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.1 (old name: test 107 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.2 (old name: test 107 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.3 (old name: test 107 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 25.4 (old name: test 107 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 26.1 (old name: test 108 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.2 (old name: test 108 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.3 (old name: test 108 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 26.4 (old name: test 108 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.1 (old name: test 109 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.2 (old name: test 109a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.3 (old name: test 109b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.4 (old name: test 109c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 28 (old name: test 110 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s28</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 29 (old name: test 111 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s29</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.1 (old name: test 112 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.2 (old name: test 112a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.3 (old name: test 112b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.4 (old name: test 112c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-
-
-<!--- test 31.1 (old name: test 113 U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 31.2.1 (old name: test 113a U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.2.2 (old name: test 113aa U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.3 (old name: test 113b U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.3</subject-match>
- </subject>
- </target>
-
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-<!--- test 32.1 (old name: test 114 U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 32.2.1 (old name: test 114a U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.2.2 (old name: test 114aa U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.3 (old name: test 114b U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.1 (old name: test 115 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.2 (old name: test 115a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.3 (old name: test 115b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.3</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 34.1 (old name: test 116 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 34.2 (old name: test 116 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 35.1 (old name: test 117 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 35.2 (old name: test 117 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set>
- <target>
- <subject>
- <subject-match attr="id">org.tizen.widget.analogclock</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="http://helloheloo/"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 36 (old name: test 102 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s36</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-
-<!--- test 37 (old name: test 108 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s37</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-oneshot">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 38 (old name: test 109 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 39 (old name: test 110 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- Maria -->
-<!-- testing different methods of policies and rules combining-->
-<!--- test 40 (old name: test 200 -->
-
-<!--- two opposite rules put into different policies in one policy set -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s40</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 41 (old name: test 201 -->
-
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s41</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r41</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r41.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.1 (old name: test 202 -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.2 (old name: test 202b -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 43.1 (old name: test 203 -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 43.2 (old name: test 203b -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.1 (old name: test 204 -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.2 (old name: test 204b -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 45.1 (old name: test 205 -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of permit in contradiction to test 202 -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 45.2 (old name: test 205b -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of deny-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 46.1 (old name: test 206 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 46.2 (old name: test 206b -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 47.1 (old name: test 207 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 47.2 (old name: test 207b -->
-<!--- two opposite rules put into one policy -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 48 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
-<target>
-<subject>
-<subject-match attr="id">s48</subject-match>
-<subject-match attr="uri.host" match="www.test.pl"/>
-
-</subject>
-</target>
-<policy>
-<rule effect="permit">
-<condition combine="and">
-<resource-match attr="resource-id" match="device:pim.contacts"/>
-<!--<subject-match attr="uri" match="http://www.test.pl:80"/>-->
-</condition>
-</rule>
-</policy>
-</policy-set>
-
-</policy-set>
-
-</signed-policy>
+++ /dev/null
-<!DOCTYPE signed-policy SYSTEM "bondixml.dtd">
-
-<signed-policy>
-
- <Signature Id="SignatureExample" xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w2.org/2006/12/xml-c14n11"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <Reference URI="Policy-1">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-2">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-3">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-4">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-5">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-6">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-7">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-8">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-9">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-10">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-11">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-12">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-13">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-14">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-15">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-16">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-17">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>asdfkjlhxvczxnbcvnjahfjhsdfklahfdas</SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P> PValue </P><Q> QValue </Q><G> Gvalue </G><Y> laj?</Y>
- </DSAKeyValue>
- <RSAKeyValue>
- <Modulus>
- modulus
- </Modulus>
- <Exponent>
- exponent
- </Exponent>
- </RSAKeyValue>
- </KeyValue>
- <X509Data>
- <X509SubjectName> Subject name </X509SubjectName>
- <X509SKI> SKI </X509SKI>
- </X509Data>
- </KeyInfo>
- </Signature>
-
-
-
-<policy-set id="Policy-1">
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">
- subject
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- <subject-match attr="version" match="3" />
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set >
- <target>
- <subject>
- <subject-match attr="id">
- subject3
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject4" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject4
- </subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set id="Policy-2" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="subject5" />
- </subject>
- <subject>
- <subject-match attr="id" match="subject6" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject5
- </subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource5
- </resource-match>
- <subject-match attr="version" match="5" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id">
- resource6
- </resource-match>
- <subject-match attr="version" match="6" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-<policy-set id="Policy-4" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-5" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-6" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- <resource-match attr="r8v2" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny" />
- </policy>
-</policy-set>
-
-<policy-set id="Policy-7" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-8" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b" match="777" func="equal" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-9" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme" match="http" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.authority" match="onet.pl" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-10" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9d</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme-authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-11" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9e</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-12" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9f</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-13" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9g</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-14" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9h</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-15" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-16" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-17" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- justyna -->
-
-<!--- test 13 (old name: test 100)-->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s13</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 14 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s14</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 15 (old name: test 102) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri.host" match="//buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 16 (old name: test 103) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s16</subject-match>
- <subject-match attr="uri.host" match="v.com.pl"/>
-
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 17 (old name: test 104)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject4</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject5</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 18 (old name: test 105)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri" match="buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18b"/>
- <subject-match attr="uri" match="buu.s18b.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18c"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="uri" match="buu.s18c.pl"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 19 (old name: test 106)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.1</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.2</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 20 (old name: test 107)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.1</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.2</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!-- justyna -->
-
-
-<!--- test 21 (old name: test 103 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s21</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 23 (old name: test 105 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s23</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 24 (old name: test 106 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s24</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <subject-match attr="version" match="5"/>
- <resource-match attr="resource-id" match="device:pim"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.1 (old name: test 107 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.2 (old name: test 107 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.3 (old name: test 107 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 25.4 (old name: test 107 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 26.1 (old name: test 108 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.2 (old name: test 108 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.3 (old name: test 108 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 26.4 (old name: test 108 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.1 (old name: test 109 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.2 (old name: test 109a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.3 (old name: test 109b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.4 (old name: test 109c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 28 (old name: test 110 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s28</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 29 (old name: test 111 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s29</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.1 (old name: test 112 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.2 (old name: test 112a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.3 (old name: test 112b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.4 (old name: test 112c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-
-
-<!--- test 31.1 (old name: test 113 U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 31.2.1 (old name: test 113a U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.2.2 (old name: test 113aa U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.3 (old name: test 113b U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.3</subject-match>
- </subject>
- </target>
-
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-<!--- test 32.1 (old name: test 114 U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 32.2.1 (old name: test 114a U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.2.2 (old name: test 114aa U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.3 (old name: test 114b U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.1 (old name: test 115 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.2 (old name: test 115a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.3 (old name: test 115b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.3</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 34.1 (old name: test 116 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 34.2 (old name: test 116 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 35.1 (old name: test 117 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 35.2 (old name: test 117 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set>
- <target>
- <subject>
- <subject-match attr="id">org.tizen.widget.analogclock</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="http://helloheloo/"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 36 (old name: test 102 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s36</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-
-<!--- test 37 (old name: test 108 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s37</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-oneshot">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 38 (old name: test 109 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 39 (old name: test 110 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- Maria -->
-<!-- testing different methods of policies and rules combining-->
-<!--- test 40 (old name: test 200 -->
-
-<!--- two opposite rules put into different policies in one policy set -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s40</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 41 (old name: test 201 -->
-
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s41</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r41</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r41.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.1 (old name: test 202 -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.2 (old name: test 202b -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 43.1 (old name: test 203 -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 43.2 (old name: test 203b -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.1 (old name: test 204 -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.2 (old name: test 204b -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 45.1 (old name: test 205 -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of permit in contradiction to test 202 -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 45.2 (old name: test 205b -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of deny-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 46.1 (old name: test 206 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 46.2 (old name: test 206b -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 47.1 (old name: test 207 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 47.2 (old name: test 207b -->
-<!--- two opposite rules put into one policy -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 48 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
-<target>
-<subject>
-<subject-match attr="id">s48</subject-match>
-<subject-match attr="uri.host" match="www.test.pl"/>
-
-</subject>
-</target>
-<policy>
-<rule effect="permit">
-<condition combine="and">
-<resource-match attr="resource-id" match="device:pim.contacts"/>
-<!--<subject-match attr="uri" match="http://www.test.pl:80"/>-->
-</condition>
-</rule>
-</policy>
-</policy-set>
-
-</policy-set>
-
-</signed-policy>
+++ /dev/null
-<!DOCTYPE signed-policy SYSTEM "bondixml.dtd">
-
-<signed-policy>
-
- <Signature Id="SignatureExample" xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w2.org/2006/12/xml-c14n11"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <Reference URI="Policy-1">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-2">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-3">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-4">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-5">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-6">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-7">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-8">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-9">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-10">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-11">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-12">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-13">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-14">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-15">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-16">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- <Reference URI="Policy-17">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>dGhpcyBpcyBub3QgYSBzaWduYXR1cmUK...</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>asdfkjlhxvczxnbcvnjahfjhsdfklahfdas</SignatureValue>
- <KeyInfo>
- <KeyValue>
- <DSAKeyValue>
- <P> PValue </P><Q> QValue </Q><G> Gvalue </G><Y> laj?</Y>
- </DSAKeyValue>
- <RSAKeyValue>
- <Modulus>
- modulus
- </Modulus>
- <Exponent>
- exponent
- </Exponent>
- </RSAKeyValue>
- </KeyValue>
- <X509Data>
- <X509SubjectName> Subject name </X509SubjectName>
- <X509SKI> SKI </X509SKI>
- </X509Data>
- </KeyInfo>
- </Signature>
-
-
-
-<policy-set id="Policy-1">
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">
- subject
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- <subject-match attr="version" match="3" />
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set >
- <target>
- <subject>
- <subject-match attr="id">
- subject3
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject4" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject4
- </subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set id="Policy-2" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="subject5" />
- </subject>
- <subject>
- <subject-match attr="id" match="subject6" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject5
- </subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource5
- </resource-match>
- <subject-match attr="version" match="5" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id">
- resource6
- </resource-match>
- <subject-match attr="version" match="6" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-<policy-set id="Policy-4" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-5" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-6" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- <resource-match attr="r8v2" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny" />
- </policy>
-</policy-set>
-
-<policy-set id="Policy-7" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-8" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b" match="777" func="equal" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-9" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme" match="http" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.authority" match="onet.pl" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-10" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9d</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme-authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-11" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9e</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-12" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9f</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-13" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9g</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-14" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9h</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-15" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-16" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-17" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- justyna -->
-
-<!--- test 13 (old name: test 100)-->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s13</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 14 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s14</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 15 (old name: test 102) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri.host" match="//buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 16 (old name: test 103) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s16</subject-match>
- <subject-match attr="uri.host" match="v.com.pl"/>
-
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 17 (old name: test 104)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject4</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject5</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 18 (old name: test 105)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri" match="buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18b"/>
- <subject-match attr="uri" match="buu.s18b.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18c"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="uri" match="buu.s18c.pl"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 19 (old name: test 106)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.1</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.2</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 20 (old name: test 107)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.1</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.2</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!-- justyna -->
-
-
-<!--- test 21 (old name: test 103 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s21</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 23 (old name: test 105 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s23</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 24 (old name: test 106 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s24</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <subject-match attr="version" match="5"/>
- <resource-match attr="resource-id" match="device:pim"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.1 (old name: test 107 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.2 (old name: test 107 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.3 (old name: test 107 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 25.4 (old name: test 107 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 26.1 (old name: test 108 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.2 (old name: test 108 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.3 (old name: test 108 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 26.4 (old name: test 108 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.1 (old name: test 109 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.2 (old name: test 109a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.3 (old name: test 109b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.4 (old name: test 109c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 28 (old name: test 110 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s28</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 29 (old name: test 111 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s29</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.1 (old name: test 112 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.2 (old name: test 112a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.3 (old name: test 112b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.4 (old name: test 112c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-
-
-<!--- test 31.1 (old name: test 113 U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 31.2.1 (old name: test 113a U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.2.2 (old name: test 113aa U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.3 (old name: test 113b U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.3</subject-match>
- </subject>
- </target>
-
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-<!--- test 32.1 (old name: test 114 U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 32.2.1 (old name: test 114a U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.2.2 (old name: test 114aa U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.3 (old name: test 114b U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.1 (old name: test 115 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.2 (old name: test 115a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.3 (old name: test 115b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.3</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 34.1 (old name: test 116 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 34.2 (old name: test 116 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 35.1 (old name: test 117 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 35.2 (old name: test 117 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set>
- <target>
- <subject>
- <subject-match attr="id">org.tizen.widget.analogclock</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="http://helloheloo/"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 36 (old name: test 102 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s36</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-
-<!--- test 37 (old name: test 108 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s37</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-oneshot">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 38 (old name: test 109 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 39 (old name: test 110 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- Maria -->
-<!-- testing different methods of policies and rules combining-->
-<!--- test 40 (old name: test 200 -->
-
-<!--- two opposite rules put into different policies in one policy set -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s40</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 41 (old name: test 201 -->
-
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s41</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r41</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r41.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.1 (old name: test 202 -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.2 (old name: test 202b -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 43.1 (old name: test 203 -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 43.2 (old name: test 203b -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.1 (old name: test 204 -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.2 (old name: test 204b -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 45.1 (old name: test 205 -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of permit in contradiction to test 202 -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 45.2 (old name: test 205b -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of deny-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 46.1 (old name: test 206 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 46.2 (old name: test 206b -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 47.1 (old name: test 207 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 47.2 (old name: test 207b -->
-<!--- two opposite rules put into one policy -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 48 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
-<target>
-<subject>
-<subject-match attr="id">s48</subject-match>
-<subject-match attr="uri.host" match="www.test.pl"/>
-
-</subject>
-</target>
-<policy>
-<rule effect="permit">
-<condition combine="and">
-<resource-match attr="resource-id" match="device:pim.contacts"/>
-<!--<subject-match attr="uri" match="http://www.test.pl:80"/>-->
-</condition>
-</rule>
-</policy>
-</policy-set>
-
-</policy-set>
-
-</signed-policy>
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/policy-example.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/policy-wac-2.0.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/policy-example2.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/policy-example3.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/policy_example.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/general-test.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/interceptpolicy.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/policy-test.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/policy-test-gsettings.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attre_config.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example1.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example2.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example3.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example4.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example5.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example6.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example7.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/attr_policy-example8.xml
- ${PROJECT_SOURCE_DIR}/tests/ace/test-configuration/undefined-test.xml
- DESTINATION /usr/etc/ace
- PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ GROUP_WRITE
- )
-
-ADD_SUBDIRECTORY(CMTest)
+++ /dev/null
- <policy-set id="Policy-1" combine="first-matching-target">
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="analogclock"/>
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- device.simcard
- </resource-match>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="memo" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- file.write
- </resource-match>
- <subject-match attr="name" match="memo" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="phonesearch" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- pim.contact
- </resource-match>
- <subject-match attr="name" match="phonesearch" />
- </condition>
- </rule>
- </policy>
-
- </policy-set>
\ No newline at end of file
+++ /dev/null
- <policy-set id="Policy-1" combine="first-matching-target">
-
-
- <policy>
- <target>
- <subject>
- <subject-match attr="uri.host" match="freebeer.evil.com" />
- <subject-match attr="version" match="4" />
-
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
-
- </policy>
-
-
-
- <policy>
- <target>
- <subject>
- <subject-match attr="key-root-trust" match="manufacturer" />
-
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </rule>
-
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="urn:megacorp:widget:anapp" />
-
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
-
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="signer-id" match="7zha89%49x£$" />
-
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
-
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="urn:megacorp:widget:anapp" />
-
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
-
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="signer-id" match="7zha89%49x£$" />
-
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
- </condition>
- </rule>
-
- </policy>
-
- </policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-1">
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">
- subject
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- <subject-match attr="version" match="3" />
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set >
- <target>
- <subject>
- <subject-match attr="id">
- subject3
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject4" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject4
- </subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-2" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="subject5" />
- </subject>
- <subject>
- <subject-match attr="id" match="subject6" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject5
- </subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource5
- </resource-match>
- <subject-match attr="version" match="5" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="author">
- resource6
- </resource-match>
- <subject-match attr="version" match="6" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-</policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <environment-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
-
-
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
-
-
-
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <environment-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <environment-match attr="ver" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-3" combine="deny-overrides">
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="analogclock"/>
- <subject-match attr="uri.host" match="freebeer.evil.com" />
- <subject-match attr="key-root-trust" match="manufacturer" />
- <subject-match attr="id" match="urn:megacorp:widget:anapp" />
- <subject-match attr="signer-id" match="7zha89%49xL$" />
- <subject-match attr="version" match="5"/>
-
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">device.simcard</resource-match>
- <resource-match attr="r8v2" match="2" />
- <resource-match attr="author" match="author3" />
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
-
- <environment-match attr="resource-id">device.simcard</environment-match>
- <environment-match attr="r8v2" match="2" />
- <environment-match attr="author" match="author3" />
- <environment-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- <environment-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- <environment-match attr="r9c.scheme-authority" match="http://onet.pl" />
-
- <subject-match attr="resource-id">device.simcard</subject-match>
- <subject-match attr="r8v2" match="2" />
- <subject-match attr="author" match="author3" />
- <subject-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- <subject-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- <subject-match attr="r9c.scheme-authority" match="http://onet.pl" />
-
- </condition>
- </rule>
- </policy>
-
-
-</policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-3" combine="deny-overrides">
-
-<policy>
- <target>
- <subject>
- <subject-match attr="s-name" match="analogclock"/>
- <subject-match attr="s-uri.host" match="freebeer.evil.com" />
- <subject-match attr="s-key-root-trust" match="manufacturer" />
- <subject-match attr="s-id" match="urn:megacorp:widget:anapp" />
- <subject-match attr="s-signer-id" match="7zha89%49xL$" />
- <subject-match attr="s-version" match="5"/>
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="r-resource-id">device.simcard</resource-match>
- <resource-match attr="r-r8v2" match="2" />
- <resource-match attr="r-author" match="author3" />
- <resource-match attr="r-r9a.scheme" match="http://onet.pl:80/test.html" />
- <resource-match attr="r-r9b.authority" match="http://onet.pl:80/test.html" />
- <resource-match attr="r-r9c.scheme-authority" match="http://onet.pl" />
-
- <environment-match attr="e-resource-id">device.simcard</environment-match>
- <environment-match attr="e-r8v2" match="2" />
- <environment-match attr="e-author" match="author3" />
- <environment-match attr="e-r9a.scheme" match="http://onet.pl:80/test.html" />
- <environment-match attr="e-r9b.authority" match="http://onet.pl:80/test.html" />
- <environment-match attr="e-r9c.scheme-authority" match="http://onet.pl" />
-
- <subject-match attr="s-resource-id">device.simcard</subject-match>
- <subject-match attr="s-r8v2" match="2" />
- <subject-match attr="s-author" match="author3" />
- <subject-match attr="s-r9a.scheme" match="http://onet.pl:80/test.html" />
- <subject-match attr="s-r9b.authority" match="http://onet.pl:80/test.html" />
- <subject-match attr="s-r9c.scheme-authority" match="http://onet.pl" />
- </condition>
- </rule>
-</policy>
-
-
-</policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-3" combine="deny-overrides">
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="analogclock"/>
- <subject-match attr="uri.host" match="freebeer.evil.com" />
- <subject-match attr="key-root-trust" match="manufacturer" />
- <subject-match attr="id" match="urn:megacorp:widget:anapp" />
- <subject-match attr="signer-id" match="7zha89%49xL$" />
- <subject-match attr="version" match="5"/>
-
- </subject>
- </target>
- <rule effect="permit">
- <condition>
-
- <subject-match attr="resource-id">device.simcard</subject-match>
- <subject-match attr="r8v2" match="2" />
- <subject-match attr="author" match="author3" />
- <subject-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- <subject-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- <subject-match attr="r9c.scheme-authority" match="http://onet.pl" />
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition>
-
- <environment-match attr="resource-id">device.simcard</environment-match>
- <environment-match attr="r8v2" match="2" />
- <environment-match attr="author" match="author3" />
- <environment-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- <environment-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- <environment-match attr="r9c.scheme-authority" match="http://onet.pl" />
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">device.simcard</resource-match>
- <resource-match attr="r8v2" match="2" />
- <resource-match attr="author" match="author3" />
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
-
- </condition>
- </rule>
-
- </policy>
-
-
-</policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" func="regexp" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" func="equal" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" func="regexp"/>
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" ?>
-<!DOCTYPE manager-settings SYSTEM "config.dtd">
-<manager-settings>
- <editable-by-user>false</editable-by-user>
- <storage-path>/usr/etc/ace/</storage-path>
- <policy-files>
- <file active="true">attr_policy-example.xml</file>
- </policy-files>
- <trusted-providers>
- <provider>samsung</provider>
- </trusted-providers>
- <untrusted-providers>
- <provider>nokia</provider>
- </untrusted-providers>
-</manager-settings>
-
-
+++ /dev/null
-<policy-set id="Policy-1" combine="first-matching-target" >
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">
- subject
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- <subject-match attr="version" match="3" />
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set >
- <target>
- <subject>
- <subject-match attr="id">
- subject3
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject4" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject4
- </subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set id="Policy-2" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="subject5" />
- </subject>
- <subject>
- <subject-match attr="id" match="subject6" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject5
- </subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource5
- </resource-match>
- <subject-match attr="version" match="5" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id">
- resource6
- </resource-match>
- <subject-match attr="version" match="6" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-<policy-set id="Policy-4" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-5" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-6" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- <resource-match attr="r8v2" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny" />
- </policy>
-</policy-set>
-
-<policy-set id="Policy-7" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9a</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable" >
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a.scheme" match="http" />
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-8" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9b</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable" >
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b.authority" match="onet.pl:80" />
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b" match="777" func="equal" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-9" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9c</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides" >
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme" match="http" />
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.authority" match="onet.pl:80" />
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl:80" />
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-10" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9d</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable" >
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d" match="*" func="glob" />
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme-authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-11" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9e</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable" >
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="onet.pl" />
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-12" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9f</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable" >
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.scheme-authority" match="http://onet.pl:80" />
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-13" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9g</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable" >
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="test.html" />
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-14" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9h</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable" >
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="test.html" />
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-15" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-16" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-17" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10c</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable" >
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c2" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- justyna -->
-
-<!--- test 13 (old name: test 100)-->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s13</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri.authority" match="buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s16</subject-match>
- <subject-match attr="uri.authority" match="v.com.pl"/>
-
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 17 (old name: test 104)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s17a</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s17b</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 18 (old name: test 105)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri" match="buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18b"/>
- <subject-match attr="uri" match="buu.s18b.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18c"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="uri" match="buu.s18c.pl"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 19 (old name: test 106)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.1</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.2</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 20 (old name: test 107)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.1</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.2</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!-- justyna -->
-
-
-<!--- test 21 (old name: test 103 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s21</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s21a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="undetermined"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 23 (old name: test 105 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s23</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 24 (old name: test 106 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s24</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <subject-match attr="version" match="5"/>
- <resource-match attr="resource-id" match="device:pim"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.1 (old name: test 107 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <environment-match attr="roaming" match="off"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.2 (old name: test 107 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.3 (old name: test 107 b U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s25.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <subject-match attr="version" match="9"/>
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 25.4 (old name: test 107 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 26.1 (old name: test 108 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.2 (old name: test 108 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.3 (old name: test 108 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 26.4 (old name: test 108 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.1 (old name: test 109 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.2 (old name: test 109a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.3 (old name: test 109b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.3</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.4 (old name: test 109c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 28 (old name: test 110 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s28</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 29 (old name: test 111 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s29</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.1 (old name: test 112 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.2 (old name: test 112a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.3 (old name: test 112b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.4 (old name: test 112c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-
-
-<!--- test 31.1 (old name: test 113 U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 31.2.1 (old name: test 113a U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.2.2 (old name: test 113aa U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.3 (old name: test 113b U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.3</subject-match>
- </subject>
- </target>
-
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-<!--- test 32.1 (old name: test 114 U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 32.2.1 (old name: test 114a U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.2.2 (old name: test 114aa U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.3 (old name: test 114b U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.1 (old name: test 115 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.2 (old name: test 115a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.3 (old name: test 115b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.3</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 34.1 (old name: test 116 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 34.2 (old name: test 116 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 35.1 (old name: test 117 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 35.2 (old name: test 117 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set>
- <target>
- <subject>
- <subject-match attr="id">org.tizen.widget.analogclock</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="http://helloheloo/"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 36 (old name: test 102 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s36</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-
-<!--- test 37 (old name: test 108 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s37</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-oneshot">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 38 (old name: test 109 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 39 (old name: test 110 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- Maria -->
-<!-- testing different methods of policies and rules combining-->
-<!--- test 40 (old name: test 200 -->
-
-<!--- two opposite rules put into different policies in one policy set -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s40</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 41 (old name: test 201 -->
-
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s41</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r41</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r41.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.1 (old name: test 202 -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.2 (old name: test 202b -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 43.1 (old name: test 203 -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 43.2 (old name: test 203b -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.1 (old name: test 204 -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.2 (old name: test 204b -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 45.1 (old name: test 205 -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of permit in contradiction to test 202 -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 45.2 (old name: test 205b -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of deny-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 46.1 (old name: test 206 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 46.2 (old name: test 206b -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 47.1 (old name: test 207 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 47.2 (old name: test 207b -->
-<!--- two opposite rules put into one policy -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 48 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s48</subject-match>
- <subject-match attr="uri.host" match="www.test.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <!--<subject-match attr="uri" match="http://www.test.pl:80"/>-->
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 51 - BugFest00-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">BF00</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="BFR00"/>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="BFR00"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 52 - BugFest01-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">BF01</subject-match>
- </subject>
- </target>
- <policy-set combine="first-matching-target">
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="BFR01"/>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="BFR01"/>
- </condition>
- </rule>
- </policy>
- </policy-set>
-</policy-set>
-
-
-<!--- test 53 - BugFest02-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">BF02</subject-match>
- </subject>
- </target>
- <policy-set combine="first-matching-target">
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="BFR02"/>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="BFR02"/>
- </condition>
- </rule>
- </policy>
- </policy-set>
-</policy-set>
-
-<!--- test 54 - BugFest03-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">BF03</subject-match>
- </subject>
- </target>
- <policy-set combine="first-matching-target">
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="BFR03"/>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="BFR03"/>
- </condition>
- </rule>
- </policy>
- </policy-set>
-</policy-set>
-
-
-<!--- test 55 - BugFest04-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">BF04</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">BFR04</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">BFR04</resource-match>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s61a</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r61a</resource-match>
- <resource-match attr="param:name">type</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r61a</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s61b</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r61b</resource-match>
- <resource-match attr="param:name">type</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r61b</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s61c</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r61c</resource-match>
- <resource-match attr="param:name">type</resource-match>
- <resource-match attr="param:name">port</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r61c</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s61d</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r61d</resource-match>
- <resource-match attr="param:name">type</resource-match>
- <resource-match attr="param:name">port</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r61d</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">paramTestSubject</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="dev-cap">messaging</resource-match>
- <resource-match attr="param:recipients" func="glob" >+4409*</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="dev-cap">messaging</resource-match>
- <resource-match attr="param:recipients" func="glob" >+4408*</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="dev-cap">messaging</resource-match>
- <resource-match attr="param:recipients" func="glob" >+48*</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="dev-cap">camera</resource-match>
- <resource-match attr="param:quality">high</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="dev-cap">camera</resource-match>
- <resource-match attr="param:quality">low</resource-match>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-
-</policy-set>
+++ /dev/null
- <policy-set id="Policy-1" combine="first-matching-target">
-
- <policy-set combine="deny-overrides" >
- <target>
- <subject>
- <subject-match attr="JilSecurityDomain">
- Unidentified
- </subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device
- </resource-match>
- <resource-match attr="param:function">
- getAvailableApplications
- </resource-match>
- </condition>
- </rule>
- <rule effect="prompt-oneshot">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.update
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.captureImage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.launchApplication
- </resource-match>
- <resource-match attr="resource-id">
- DeviceStateInfo.requestPositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.sendMessage
- </resource-match>
- </condition>
- </rule>
- <rule effect="prompt-session">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.findAddressBookItems
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItemsCount
- </resource-match>
- </condition>
- </rule>
- <!-- If the resource was not specified above then the access is unrestricted -->
- <rule effect="permit">
- <condition combine="or" >
- <resource-match attr="resource-id">
- Device.PositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAvailableAttributes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.setAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.open
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.play
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.pause
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.resume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.stop
- </resource-match>
- <resource-match attr="resource-id">
- AudioPlayer.onStateChange
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.onCameraCaptured
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.setWindow
- </resource-match>
- <resource-match attr="resource-id">
- Device.PositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- Device.DeviceStateInfo
- </resource-match>
- <resource-match attr="resource-id">
- DeviceStateInfo.onPositionRetrieved
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.createMessage
- </resource-match>
- <resource-match attr="resource-id">
- Messaging.onMessageSendingFailure
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.getVolume
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.stopAll
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.isAudioPlaying
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.createAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- PIM.onAddressBookItemFound
- </resource-match>
-
- <!-- This part contains api-features defined in WAC1.0 -->
-
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/accelerometerinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/applicationtypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.2/camera
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exception
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exceptiontypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/message
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messagetypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/positioninfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/widget
- </resource-match>
- </condition>
- </rule>
- <rule effect="permit" />
- </policy>
- </policy-set>
-
- <policy-set combine="deny-overrides" >
- <target>
- <subject>
- <subject-match attr="JilSecurityDomain">
- Identified
- </subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="prompt-session">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.update
- </resource-match>
- <resource-match attr="resource-id">
- DeviceStateInfo.requestPositionInfo
- </resource-match>
- </condition>
- </rule>
- <rule effect="prompt-blanket">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.launchApplication
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.captureImage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.sendMessage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.findAddressBookItems
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItemsCount
- </resource-match>
- </condition>
- </rule>
- <!-- If the resource was not specified above then the access is unrestricted -->
- <rule effect="permit">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.getAvailableApplications
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAvailableAttributes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.setAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.open
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.play
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.pause
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.resume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.stop
- </resource-match>
- <resource-match attr="resource-id">
- AudioPlayer.onStateChange
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.onCameraCaptured
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.setWindow
- </resource-match>
- <resource-match attr="resource-id">
- Device.PositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- Device.DeviceStateInfo
- </resource-match>
- <resource-match attr="resource-id">
- DeviceStateInfo.onPositionRetrieved
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.createMessage
- </resource-match>
- <resource-match attr="resource-id">
- Messaging.onMessageSendingFailure
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.getVolume
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.stopAll
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.isAudioPlaying
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.createAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- PIM.onAddressBookItemFound
- </resource-match>
-
- <!-- This part contains api-features defined in WAC1.0 -->
-
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/accelerometerinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/applicationtypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.2/camera
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exception
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exceptiontypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/message
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messagetypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/positioninfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/widget
- </resource-match>
- </condition>
- </rule>
- <rule effect="permit" />
- </policy>
- </policy-set>
-
- <policy-set combine="deny-overrides" >
- <target>
- <subject>
- <subject-match attr="JilSecurityDomain">
- Operator
- </subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="or" >
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.launchApplication
- </resource-match>
- <resource-match attr="resource-id">
- DeviceStateInfo.requestPositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.update
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device.Device.getAvailableApplications
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.getAvailableAttributes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem.AddressBookItem.setAttributeValue
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.open
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.play
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.pause
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.resume
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.AudioPlayer.stop
- </resource-match>
- <resource-match attr="resource-id">
- AudioPlayer.onStateChange
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.onCameraCaptured
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.setWindow
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia.Camera.captureImage
- </resource-match>
- <resource-match attr="resource-id">
- Device.PositionInfo
- </resource-match>
- <resource-match attr="resource-id">
- Device.DeviceStateInfo
- </resource-match>
- <resource-match attr="resource-id">
- DeviceStateInfo.onPositionRetrieved
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.createMessage
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging.Messaging.sendMessage
- </resource-match>
- <resource-match attr="resource-id">
- Messaging.onMessageSendingFailure
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.getVolume
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.stopAll
- </resource-match>
- <resource-match attr="resource-id">
- Multimedia.isAudioPlaying
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.createAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- PIM.onAddressBookItemFound
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.findAddressBookItems
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim.PIM.getAddressBookItemsCount
- </resource-match>
-
- <!-- This part contains api-features defined in WAC1.0 -->
-
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/accelerometerinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/addressbookitem
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/applicationtypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.2/camera
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/device
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/devicestateinfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exception
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.5/exceptiontypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/message
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messagetypes
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/messaging
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/multimedia
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1.1/pim
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/positioninfo
- </resource-match>
- <resource-match attr="resource-id">
- http://jil.org/jil/api/1.1/widget
- </resource-match>
- </condition>
- </rule>
- <rule effect="permit" />
- </policy>
- </policy-set>
- </policy-set>
+++ /dev/null
- <policy-set id="Policy-1" combine="first-matching-target">
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="analogclock"/>
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- device.simcard
- </resource-match>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="memo" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- file.write
- </resource-match>
- <subject-match attr="name" match="memo" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="phonesearch" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- pim.contact
- </resource-match>
- <subject-match attr="name" match="phonesearch" />
- </condition>
- </rule>
- </policy>
-
- </policy-set>
+++ /dev/null
- <policy-set id="Policy-1" combine="first-matching-target">
- <!---
- <policy>
- <rule effect="permit"/>
- </policy>
- -->
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="analogclock"/>
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="api-feature">
- devicestatus
- </resource-match>
- <!--
- <resource-match attr="feature-install-uri">
- ww.samsung.com1
- </resource-match>
- -->
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="batteryMonitor"/>
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="api-feature">
- devicestatus
- </resource-match>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="appconfig"/>
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="api-feature">
- http://bondi.omtp.org/api.appconfig
- </resource-match>
- </condition>
- </rule>
- </policy>
-
-
- <policy>
- <rule effect="permit"/>
- </policy>
-
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="memo" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- file.write
- </resource-match>
- <subject-match attr="name" match="memo" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="phonesearch" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- pim.contact
- </resource-match>
- <subject-match attr="name" match="phonesearch" />
- </condition>
- </rule>
- </policy>
-
- </policy-set>
\ No newline at end of file
+++ /dev/null
- <policy-set id="Policy-1" combine="first-matching-target">
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="analogclock" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- device.simcard
- </resource-match>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="memo" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- file.write
- </resource-match>
- <subject-match attr="name" match="memo" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="phonesearch" />
- </subject>
- </target>
- <rule effect="prompt-oneshot">
- <condition>
- <resource-match attr="resource-id">
- pim.contact
- </resource-match>
- <subject-match attr="name" match="phonesearch" />
- </condition>
- </rule>
- </policy>
-
- </policy-set>
\ No newline at end of file
+++ /dev/null
- <policy-set id="Policy-1" combine="first-matching-target">
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="analogclock" />
- </subject>
- </target>
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="resource-id">
- device.simcard
- </resource-match>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="memo" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- file.write
- </resource-match>
- <subject-match attr="name" match="memo" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <target>
- <subject>
- <subject-match attr="name" match="phonesearch" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- pim.contact
- </resource-match>
- <subject-match attr="name" match="phonesearch" />
- </condition>
- </rule>
- </policy>
-
- </policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-4" combine="first-matching-target">
-<policy>
- <target>
- <subject>
- <subject-match attr="id">a1</subject-match>
- </subject>
- </target>
-
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">d3</resource-match>
- </condition>
- </rule>
- </policy>
-<policy>
- <target>
- <subject>
- <subject-match attr="id">aa2</subject-match>
- </subject>
- </target>
-
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">bb2</resource-match>
- </condition>
- </rule>
- </policy>
-
-<policy>
- <target>
- <subject>
- <subject-match attr="id">c3</subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">d3</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-4" combine="first-matching-target">
-<policy>
- <target>
- <subject>
- <subject-match attr="id">a1</subject-match>
- </subject>
- </target>
-
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">b1</resource-match>
- </condition>
- </rule>
- </policy>
-<policy>
- <target>
- <subject>
- <subject-match attr="id">aa2</subject-match>
- </subject>
- </target>
-
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">bb2</resource-match>
- </condition>
- </rule>
- </policy>
-
-<policy>
- <target>
- <subject>
- <subject-match attr="id">c3</subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">d3</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set id="Policy-1" combine="first-matching-target">
- <policy description="WAC">
-
- <!-- permit access to private filesystem -->
- <rule effect="permit">
- <condition>
- <resource-match attr="device-cap" match="messaging.write"/>
- </condition>
- </rule>
- <!-- permit access to camera preview -->
- <rule effect="permit">
- <condition>
- <resource-match attr="device-cap" match="camera.show"/>
- </condition>
-
- </rule>
- <!-- prompt-blanket access to IMEI -->
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="device-cap" match="devicestatus.networkinfo"/>
- <resource-match attr="param:property" match="imei"/>
- </condition>
- </rule>
- <!-- prompt-session access to messging when roaming -->
- <rule effect="prompt-session">
- <condition>
- <resource-match attr="device-cap" match="messaging.send"/>
- <environment-match attr="roaming" match="true"/>
- </condition>
- </rule>
- <!-- prompt-session access to network when roaming -->
- <rule effect="prompt-session">
- <condition>
- <condition combine="or">
- <resource-match attr="device-cap" match="XMLHttpRequest"/>
- <resource-match attr="device-cap" match="externalNetworkAccess"/>
- </condition>
- <environment-match attr="roaming" match="true"/>
- </condition>
- </rule>
- <!-- prompt-blanket access to camera capture -->
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="device-cap" match="camera.capture"/>
- </condition>
- </rule>
- <!-- prompt-blanket access to contacts -->
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="device-cap" match="pim.contact.*"/>
- </condition>
- </rule>
- <!-- prompt-blanket access to calendar -->
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="device-cap" match="pim.calendar.*"/>
- </condition>
- </rule>
- <!-- prompt-blanket access to task -->
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="device-cap" match="pim.task.*"/>
- </condition>
- </rule>
- <!-- prompt-blanket access to devicestatus -->
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="device-cap" match="devicestatus.*"/>
- </condition>
- </rule>
- <!-- prompt-blanket access to geolocation -->
- <rule effect="prompt-oneshot">
- <condition>
- <resource-match attr="device-cap" match="geolocation"/>
- </condition>
- </rule>
- <!-- prompt-blanket access to networking -->
- <rule effect="prompt-session">
- <condition combine="or">
- <resource-match attr="device-cap" match="XMLHttpRequest"/>
- <resource-match attr="device-cap" match="externalNetworkAccess"/>
- </condition>
- </rule>
- <!-- prompt-blanket access to filesystem -->
- <rule effect="prompt-blanket">
- <condition>
- <resource-match attr="device-cap" match="filesystem.*"/>
- </condition>
- </rule>
- <rule effect="deny">
- <condition>
- <resource-match attr="device-cap" match="messaging.subscribe"/>
- </condition>
- </rule>
- <!-- permit access to all remaining deviceapis -->
- <rule effect="permit">
- <condition>
- <resource-match attr="device-cap" match="*"/>
- </condition>
- </rule>
- <rule effect="permit"/>
-</policy>
-</policy-set>
+++ /dev/null
-<policy-set id="Policy-1">
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">
- subject
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- <subject-match attr="version" match="3" />
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id" match="subject2" />
- </subject>
- </target>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set >
- <target>
- <subject>
- <subject-match attr="id">
- subject3
- </subject-match>
- </subject>
- <subject>
- <subject-match attr="id" match="subject4" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource2
- </resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject4
- </subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<policy-set id="Policy-2" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="subject5" />
- </subject>
- <subject>
- <subject-match attr="id" match="subject6" />
- </subject>
- </target>
- <policy>
- <target>
- <subject>
- <subject-match attr="id">
- subject5
- </subject-match>
- </subject>
- </target>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource5
- </resource-match>
- <subject-match attr="version" match="5" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id">
- resource6
- </resource-match>
- <subject-match attr="version" match="6" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-3" combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id" match="subject7" />
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="and">
- <condition combine="or">
- <subject-match attr="version" match="7" />
- <subject-match attr="version" match="6" />
- </condition>
- <resource-match attr="author" match="author2" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">
- resource7
- </resource-match>
- <condition combine="or">
- <condition combine="or">
- <subject-match attr="version" match="1" />
- <subject-match attr="version" match="2" />
- </condition>
- <resource-match attr="author" match="author3" />
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-<policy-set id="Policy-4" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-5" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v2" match="2" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-6" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s8c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r8</resource-match>
- <resource-match attr="r8v1" match="1" />
- <resource-match attr="r8v2" match="1" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny" />
- </policy>
-</policy-set>
-
-<policy-set id="Policy-7" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-8" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9b" match="777" func="equal" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-9" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme" match="http" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.authority" match="onet.pl" />
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c.scheme-authority" match="http://onet.pl" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9c" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-10" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9d</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d" match="*" func="glob" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9d.scheme-authority" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-11" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9e</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-12" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9f</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e.host" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9e" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-13" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9g</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-14" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s9h</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g.path" match="http://onet.pl:80/test.html" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r9</resource-match>
- <resource-match attr="r9g" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-15" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10a</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-16" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10b</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10a" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set id="Policy-17" combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s10c</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="[1234567890]+[ab]+" func="regexp" />
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r10</resource-match>
- <resource-match attr="r10c" match="*" func="glob"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- justyna -->
-
-<!--- test 13 (old name: test 100)-->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s13</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 14 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s14</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 15 (old name: test 102) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri.host" match="//buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 16 (old name: test 103) -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s16</subject-match>
- <subject-match attr="uri.host" match="v.com.pl"/>
-
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 17 (old name: test 104)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject4</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">subject5</subject-match>
- <subject-match attr="version" match="4" />
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 18 (old name: test 105)-->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="uri" match="buu.com.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18b"/>
- <subject-match attr="uri" match="buu.s18b.pl"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id" match="s18c"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="uri" match="buu.s18c.pl"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 19 (old name: test 106)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.1</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s19.2</subject-match>
- <subject-match attr="key-root-trust" match="voperator"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 20 (old name: test 107)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.1</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="deny">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s20.2</subject-match>
- <subject-match attr="signer-id" match="v7zha89%49x£$"/>
- </subject>
- </target>
-<policy>
- <rule effect="permit">
- <condition>
- <resource-match attr="resource-id">
- resource4
- </resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!-- justyna -->
-
-
-<!--- test 21 (old name: test 103 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s21</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 23 (old name: test 105 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s23</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 24 (old name: test 106 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s24</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <subject-match attr="version" match="5"/>
- <resource-match attr="resource-id" match="device:pim"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.1 (old name: test 107 U)-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.2 (old name: test 107 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 25.3 (old name: test 107 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 25.4 (old name: test 107 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 26.1 (old name: test 108 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.2 (old name: test 108 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 26.3 (old name: test 108 b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 26.4 (old name: test 108 c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.1 (old name: test 109 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.2 (old name: test 109a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 27.3 (old name: test 109b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 27.4 (old name: test 109c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 28 (old name: test 110 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s28</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 29 (old name: test 111 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s29</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.1 (old name: test 112 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.2 (old name: test 112a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 30.3 (old name: test 112b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 30.4 (old name: test 112c U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s30.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-
-
-<!--- test 31.1 (old name: test 113 U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 31.2.1 (old name: test 113a U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.2.2 (old name: test 113aa U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 31.3 (old name: test 113b U -->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.3</subject-match>
- </subject>
- </target>
-
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
-</policy-set>
-
-<!--- test 32.1 (old name: test 114 U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 32.2.1 (old name: test 114a U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.2.2 (old name: test 114aa U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 32.3 (old name: test 114b U -->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.1 (old name: test 115 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.2 (old name: test 115a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 33.3 (old name: test 115b U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s33.3</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 34.1 (old name: test 116 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 34.2 (old name: test 116 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s34.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-<!--- test 35.1 (old name: test 117 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 35.2 (old name: test 117 a U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s35.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set>
- <target>
- <subject>
- <subject-match attr="id">org.tizen.widget.analogclock</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="http://helloheloo/"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 36 (old name: test 102 U -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s36</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-
-
-<!--- test 37 (old name: test 108 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s37</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-oneshot">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 38 (old name: test 109 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s38.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-session">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 39 (old name: test 110 -->
-<!-- mbialota modified -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s39.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="prompt-blanket">
- <condition combine="and">
- <resource-match attr="resource-id">device:pim.contacts.read</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!-- Maria -->
-<!-- testing different methods of policies and rules combining-->
-<!--- test 40 (old name: test 200 -->
-
-<!--- two opposite rules put into different policies in one policy set -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s40</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r40</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 41 (old name: test 201 -->
-
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s41</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r41</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r41.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.1 (old name: test 202 -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 42.2 (old name: test 202b -->
-<!--- two opposite rules put into one policy in one policy set-->
-<!--- this case will have the result of deny because of default rules combining==deny override, which is not the same as policies combining -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s42.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r42.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 43.1 (old name: test 203 -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 43.2 (old name: test 203b -->
-
-<!--- two opposite rules put into different policies in one policy set-->
-<policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s43.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r43.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.1 (old name: test 204 -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 44.2 (old name: test 204b -->
-<!--- two different rules put into different policies in one policy set-->
-<policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s44.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r44.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 45.1 (old name: test 205 -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of permit in contradiction to test 202 -->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 45.2 (old name: test 205b -->
-<!--- two opposite rules put into one policy -->
-<!--- testing rules combining methods-->
-<!--- this case should have the result of deny-->
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s45.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r45.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 46.1 (old name: test 206 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 46.2 (old name: test 206b -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s46.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r46.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-<!--- test 47.1 (old name: test 207 -->
-<!--- two opposite rules put into one policy -->
-
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.1</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-<!--- test 47.2 (old name: test 207b -->
-<!--- two opposite rules put into one policy -->
-
-<policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s47.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id">r47.2</resource-match>
- </condition>
- </rule>
- </policy>
-</policy-set>
-
-
-<!--- test 48 (old name: test 101)-->
-
-<policy-set combine="first-matching-target">
-<target>
-<subject>
-<subject-match attr="id">s48</subject-match>
-<subject-match attr="uri.host" match="www.test.pl"/>
-
-</subject>
-</target>
-<policy>
-<rule effect="permit">
-<condition combine="and">
-<resource-match attr="resource-id" match="device:pim.contacts"/>
-<!--<subject-match attr="uri" match="http://www.test.pl:80"/>-->
-</condition>
-</rule>
-</policy>
-</policy-set>
-
-</policy-set>
+++ /dev/null
-<policy-set id="Policy-1">
-
-<policy>
- <target>
-<!--
- <subject>
- <subject-match attr="id" match="analogclock"/>
- </subject>
--->
- </target>
- <rule effect="permit">
- <condition>
- <!--
- <resource-match attr="resource-id">
- api.appconfig
- </resource-match>
- <resource-match attr="device-cap">
- api.appconfig
- </resource-match>
- -->
- </condition>
- </rule>
-</policy>
-
-
-</policy-set>
\ No newline at end of file
+++ /dev/null
-<policy-set combine="deny-overrides" >
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s25.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s25.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <subject-match attr="version" match="9"/>
- </condition>
-
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 25.4 (old name: test 107 c U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s25.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
-
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
-
- <!--- test 26.1 (old name: test 108 U -->
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 26.2 (old name: test 108 a U -->
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 26.3 (old name: test 108 b U -->
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s26.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 26.4 (old name: test 108 c U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s26.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
-
- <!--- test 27.1 (old name: test 109 U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s27.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 27.2 (old name: test 109a U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s27.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 27.3 (old name: test 109b U -->
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.3</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
-
- <!--- test 27.4 (old name: test 109c U -->
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s27.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
-
- <!--- test 28 (old name: test 110 U -->
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s28</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 29 (old name: test 111 U -->
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s29</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 30.1 (old name: test 112 U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s30.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 30.2 (old name: test 112a U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s30.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 30.3 (old name: test 112b U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s30.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 30.4 (old name: test 112c U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s30.4</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
-
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- </policy-set>
-
-
-
- <!--- test 31.1 (old name: test 113 U -->
- <policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
-
- <!--- test 31.2.1 (old name: test 113a U -->
- <policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 31.2.2 (old name: test 113aa U -->
- <policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 31.3 (old name: test 113b U -->
- <policy-set combine="deny-overrides">
- <target>
- <subject>
- <subject-match attr="id">s31.3</subject-match>
- </subject>
- </target>
-
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- </policy-set>
-
- <!--- test 32.1 (old name: test 114 U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 32.2.1 (old name: test 114a U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.1</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 32.2.2 (old name: test 114aa U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.2.2</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 32.3 (old name: test 114b U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s32.3</subject-match>
- </subject>
- </target>
- <policy>
- <rule effect="deny">
- <condition combine="or">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="or">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
-
- <policy>
- <rule effect="deny">
- <condition combine="and">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 33.1 (old name: test 115 U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s33.1</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 33.2 (old name: test 115a U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s33.2</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 33.3 (old name: test 115b U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s33.3</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="or">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 34.1 (old name: test 116 U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s34.1</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <!--- test 34.2 (old name: test 116 a U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s34.2</subject-match>
- </subject>
- </target>
- <policy combine="permit-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
-
- <!--- test 35.1 (old name: test 117 U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s35.1</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 35.2 (old name: test 117 a U -->
- <policy-set combine="permit-overrides">
- <target>
- <subject>
- <subject-match attr="id">s35.2</subject-match>
- </subject>
- </target>
- <policy combine="deny-overrides">
- <rule effect="deny">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device"/>
- <subject-match attr="version" match="5"/>
-
- </condition>
- </rule>
- </policy>
- </policy-set>
-
- <policy-set>
- <target>
- <subject>
- <subject-match attr="id">org.tizen.widget.analogclock</subject-match>
- </subject>
- </target>
- <policy combine="first-applicable">
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="http://helloheloo/"/>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-
- <!--- test 36 (old name: test 102 U -->
- <policy-set combine="first-matching-target">
- <target>
- <subject>
- <subject-match attr="id">s36</subject-match>
- <subject-match attr="version" match="5"/>
- </subject>
- </target>
- <policy>
- <rule effect="permit">
- <condition combine="and">
- <resource-match attr="resource-id" match="device:pim.contacts"/>
- <subject-match attr="version" match="5"/>
- </condition>
- </rule>
- </policy>
- </policy-set>
-
-</policy-set>
)
INSTALL(TARGETS ${TARGET_NAME}
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
-)
+ DESTINATION bin)
INSTALL(FILES
${PROJECT_SOURCE_DIR}/tests/core/data/sample.zip
DESTINATION /opt/apps/wrt/wrt-commons/tests/core
-)
\ No newline at end of file
+)
)
INSTALL(TARGETS ${TARGET_NAME}
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
-)
+ DESTINATION bin)
INSTALL(FILES
${PROJECT_SOURCE_DIR}/tests/db/orm/dpl_orm_test.db
DESTINATION /opt/apps/wrt/wrt-commons/tests/db
-)
\ No newline at end of file
+)
DPL::DB::SqlConnection connection(
m_dbFileName,
DPL::DB::SqlConnection::Flag::None,
+ DPL::DB::SqlConnection::Flag::RW,
m_generator->Create());
DPL::DB::SqlConnection::DataCommandAutoPtr countCommand =
)
INSTALL(TARGETS ${TARGET_DBUS_TESTS} ${TARGET_DBUS_TEST_SERVICE}
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
-)
+ DESTINATION bin)
INSTALL(FILES
${PROJECT_SOURCE_DIR}/tests/dbus/data/org.tizen.DBusTestService.service
)
INSTALL(TARGETS ${TARGET_NAME}
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
-)
\ No newline at end of file
+ DESTINATION bin)
)
INSTALL(TARGETS ${TARGET_LOC}
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
- )
+ DESTINATION bin)
ADD_SUBDIRECTORY(files)
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# @file CMakeLists.txt
-# @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
-# @author Pawel Sikorski (p.sikorski@samsung.com)
-# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
-# @version 1.0
-# @brief
-#
-INCLUDE(FindPkgConfig)
-SET(TARGET_VCORE_TEST "dpl-tests-vcore")
-
-PKG_CHECK_MODULES(VCORE_TEST_DEP
- libsoup-2.4
- REQUIRED
- )
-
-SET(VCORE_TESTS_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/vcore/vcore_tests.cpp
- ${PROJECT_SOURCE_DIR}/tests/vcore/TestCases.cpp
- ${PROJECT_SOURCE_DIR}/tests/vcore/TestEnv.cpp
- ${PROJECT_SOURCE_DIR}/tests/vcore/TestCRL.cpp
- )
-
-INCLUDE_DIRECTORIES(
- ${SYS_EFL_INCLUDE_DIRS}
- ${DPL_TEST_INCLUDE_DIR}
- ${PROJECT_SOURCE_DIR}/modules/vcore/src
- ${PROJECT_SOURCE_DIR}/tests/vcore
- ${PROJECT_SOURCE_DIR}/modules/widget_dao/include # global_config.h
- ${VCORE_TEST_DEP_INCLUDE_DIRS}
- )
-
-ADD_EXECUTABLE(${TARGET_VCORE_TEST} ${VCORE_TESTS_SOURCES})
-
-TARGET_LINK_LIBRARIES(${TARGET_VCORE_TEST}
- ${SYS_EFL_LIBRARIES}
- ${TARGET_DPL_EFL}
- ${TARGET_DPL_TEST_ENGINE_EFL}
- ${TARGET_VCORE_LIB}
- ${TARGET_WRT_DAO_RO_LIB} # global_config.h_
- ${VCORE_TEST_DEP_LIBRARIES}
- )
-
-INSTALL(TARGETS ${TARGET_VCORE_TEST}
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
- )
-
-INSTALL(FILES ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/dpl-tests-vcore-ocsp-server.sh
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
- )
-
-ADD_CUSTOM_COMMAND(TARGET ${TARGET_VCORE_TEST} POST_BUILD
- COMMAND ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/create_certs.sh
- WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/
- COMMENT "Generate certificate chains"
- )
-
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/widget/author-signature.xml
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/widget/signature1.xml
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/widget/signature22.xml
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/widget/config.xml
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/widget/index.html
- DESTINATION
- /opt/apps/widget/tests/vcore_widget_uncompressed
- )
-
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/keys/ocsp_level0deprecated.crt
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/keys/ocsp_level1.crt
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/keys/ocsp_level2.crt
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/keys/ocsp_rootca.crt
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/keys/operator.root.cert.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/keys/root_cacert.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/test-cases/keys/CAbundle.crt
- DESTINATION
- /opt/apps/widget/tests/vcore_keys
- )
-
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/demoCA/cacert.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/1second_level.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/1third_level.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/2second_level.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/2third_level.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/3second_level.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/3third_level.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/cacrl1.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/cacrl2.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/respcert.pem
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/respcert.key
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/openssl.cnf
- DESTINATION
- /opt/apps/widget/tests/vcore_certs/
-)
-
-INSTALL(DIRECTORY
- ${PROJECT_SOURCE_DIR}/tests/vcore/certificate-generator/demoCA
- DESTINATION
- /opt/apps/widget/tests/vcore_certs/
-)
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <algorithm>
-#include <cstring>
-#include <openssl/x509v3.h>
-#include <dpl/file_input_mapping.h>
-#include <dpl/log/log.h>
-#include "TestCRL.h"
-
-using namespace ValidationCore;
-using namespace std;
-
-
-namespace {
-const char *CRL_LOOKUP_DIR = "/opt/etc/ssl/certs/";
-const char *beginCertificate = "-----BEGIN CERTIFICATE-----";
-const char *endCertificate = "-----END CERTIFICATE-----";
-const char *beginTrustedCertificate = "-----BEGIN TRUSTED CERTIFICATE-----";
-const char *endTrustedCertificate = "-----END TRUSTED CERTIFICATE-----";
-
-
-bool whiteCharacter(char a){
- return a == '\n';
-}
-
-}
-
-TestCRL::TestCRL()
-{
- //Add additional lookup dir
- int rv = X509_LOOKUP_add_dir(m_lookup, CRL_LOOKUP_DIR, X509_FILETYPE_PEM);
- if (!rv) {
- LogError("Failed to add lookup dir for PEM files.");
- ThrowMsg(CRLException::StorageError,
- "Failed to add lookup dir for PEM files.");
- }
- LogInfo("CRL storage initialization complete.");
-}
-
-std::string TestCRL::getFileContent(const std::string &filename)
-{
- //Only PEM formatted files allowed
- LogInfo("Read file: " << filename);
- DPL::FileInputMapping file(filename);
- string content(reinterpret_cast<const char*>(file.GetAddress()),
- file.GetSize());
-
- size_t posBegin = content.find(beginCertificate);
- size_t posEnd = content.find(endCertificate);
- if (posBegin != string::npos &&
- posEnd != string::npos) {
- posBegin += strlen(beginCertificate);
- } else {
- posBegin = content.find(beginTrustedCertificate);
- posEnd = content.find(endTrustedCertificate);
- if (posBegin != string::npos &&
- posEnd != string::npos) {
- posBegin += strlen(beginTrustedCertificate);
- } else {
- LogError("Failed to parse PEM file");
- return string();
- }
- }
- //Remove whitespaces
- string cert(content, posBegin, posEnd - posBegin);
- cert.erase(std::remove_if(cert.begin(), cert.end(), whiteCharacter),
- cert.end());
-
- return cert;
-}
-
-void TestCRL::addCRLToStore(const string &filename, const string &uri)
-{
- LogInfo("Read file: " << filename);
- //Only PEM formatted files allowed
- DPL::FileInputMapping file(filename);
- char *buffer = new char[file.GetSize()];
- memcpy(buffer, file.GetAddress(), file.GetSize());
- CRLDataPtr crl(new CRLData(buffer, file.GetSize(), uri));
- updateCRL(crl);
-}
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _TEST_CRL_H
-#define _TEST_CRL_H
-
-#include <string>
-#include <vcore/CRL.h>
-
-class TestCRL : public ValidationCore::CRL
-{
- public:
- TestCRL();
-
- void addCRLToStore(const std::string &filename, const std::string &uri);
-
- //convinient function
- std::string getFileContent(const std::string &filename);
-};
-
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <string>
-
-#include <dpl/test/test_runner.h>
-#include <dpl/event/event_delivery.h>
-#include <dpl/wrt-dao-ro/global_config.h>
-#include <vcore/ReferenceValidator.h>
-#include <vcore/SignatureFinder.h>
-#include <vcore/SignatureReader.h>
-#include <vcore/SignatureValidator.h>
-#include <vcore/OCSP.h>
-#include <vcore/CachedOCSP.h>
-#include "TestEnv.h"
-#include <vcore/SSLContainers.h>
-#include <vcore/Base64.h>
-#include <vcore/CertificateLoader.h>
-#include <vcore/CRL.h>
-#include <vcore/CachedCRL.h>
-#include <vcore/RevocationCheckerBase.h>
-#include "TestCRL.h"
-#include <vcore/CertificateCacheDAO.h>
-
-namespace {
-
-const std::string widget_path =
- "/opt/apps/widget/tests/vcore_widget_uncompressed/";
-const std::string keys_path = "/opt/apps/widget/tests/vcore_keys/";
-const std::string widget_store_path = "/opt/apps/widget/tests/vcore_widgets/";
-const std::string cert_store_path = "/opt/apps/widget/tests/vcore_certs/";
-const std::string crl_URI = "http://localhost/my.crl";
-
-const std::string anka_ec_key_type = "urn:oid:1.2.840.10045.3.1.7";
-const std::string anka_ec_public_key =
- "BGi9RmTUjpqCpQjx6SSiKdfmtjQBFNSN7ghm6TuaH9r4x73WddeLxLioH3VEmFLC+QLiR"\
- "kPxDxL/6YmQdgfGrqk=";
-
-const std::string rsa_modulus =
- "ocwjKEFaPxLNcPTz2PtT2Gyu5jzkWaPo4thjZo3rXuNbD4TzjY02UGnTxvflNeORLpSS1"\
- "PeYr/1E/Nhr7qQAzj9g0DwW7p8zQEdOUi3v76VykeB0pFJH+0Fxp6LVBX9Z+EvZk+dbOy"\
- "GJ4Njm9B6M09axXlV11Anj9B/HYUDfDX8=";
-const std::string rsa_exponent = "AQAB";
-
-const std::string magda_dsa_p =
- "2BYIQj0ePUVxzrdBT41eCblraa9Dqag7QXFMCRM2PtyS22JPDKuV77tBc/jg0V3htHWdR"\
- "q9n6/kQDwrP7FIPoLATLIiC3oAYWj46Mr6d9k/tt/JZU6PvULmB2k1wrrmvKUi+U+I5Ro"\
- "qe8ui8lqR9pp9u2WCh2QmFfCohKNjN5qs=";
-const std::string magda_dsa_q = "4p4JcDqz+S7CbWyd8txApZw0sik=";
-const std::string magda_dsa_g =
- "AQrLND1ZGFvzwBpPPXplmPh1ijPx1O2gQEvPvyjR88guWcGqQc0m7dTb6PEvbI/oZ0o91"\
- "k7VEkfthURnNR1WtOLT8dmAuKQfwTQLPwCwUM/QiuWSlCyKLTE4Ev8aOG7ZqWudsKm/td"\
- "n9pUNGtcod1wo1ZtP7PfEJ6rYZGQDOlz8=";
-
-const std::string googleCA =
-"MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG"
-"A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz"
-"cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2"
-"MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV"
-"BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt"
-"YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN"
-"ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE"
-"BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is"
-"I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G"
-"CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do"
-"lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc"
-"AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k";
-
-const std::string google2nd =
-"MIIDIzCCAoygAwIBAgIEMAAAAjANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJV"
-"UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDMgUHVi"
-"bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNTEzMDAw"
-"MDAwWhcNMTQwNTEyMjM1OTU5WjBMMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh"
-"d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBD"
-"QTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1NNn0I0Vf67NMf59HZGhPwtx"
-"PKzMyGT7Y/wySweUvW+Aui/hBJPAM/wJMyPpC3QrccQDxtLN4i/1CWPN/0ilAL/g"
-"5/OIty0y3pg25gqtAHvEZEo7hHUD8nCSfQ5i9SGraTaEMXWQ+L/HbIgbBpV8yeWo"
-"3nWhLHpo39XKHIdYYBkCAwEAAaOB/jCB+zASBgNVHRMBAf8ECDAGAQH/AgEAMAsG"
-"A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwKAYDVR0RBCEwH6QdMBsxGTAX"
-"BgNVBAMTEFByaXZhdGVMYWJlbDMtMTUwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDov"
-"L2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwMgYIKwYBBQUHAQEEJjAkMCIGCCsG"
-"AQUFBzABhhZodHRwOi8vb2NzcC50aGF3dGUuY29tMDQGA1UdJQQtMCsGCCsGAQUF"
-"BwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgpghkgBhvhFAQgBMA0GCSqGSIb3DQEB"
-"BQUAA4GBAFWsY+reod3SkF+fC852vhNRj5PZBSvIG3dLrWlQoe7e3P3bB+noOZTc"
-"q3J5Lwa/q4FwxKjt6lM07e8eU9kGx1Yr0Vz00YqOtCuxN5BICEIlxT6Ky3/rbwTR"
-"bcV0oveifHtgPHfNDs5IAn8BL7abN+AqKjbc1YXWrOU/VG+WHgWv";
-
-const std::string google3rd =
-"MIIDITCCAoqgAwIBAgIQL9+89q6RUm0PmqPfQDQ+mjANBgkqhkiG9w0BAQUFADBM"
-"MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg"
-"THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0wOTEyMTgwMDAwMDBaFw0x"
-"MTEyMTgyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh"
-"MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRcw"
-"FQYDVQQDFA53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC"
-"gYEA6PmGD5D6htffvXImttdEAoN4c9kCKO+IRTn7EOh8rqk41XXGOOsKFQebg+jN"
-"gtXj9xVoRaELGYW84u+E593y17iYwqG7tcFR39SDAqc9BkJb4SLD3muFXxzW2k6L"
-"05vuuWciKh0R73mkszeK9P4Y/bz5RiNQl/Os/CRGK1w7t0UCAwEAAaOB5zCB5DAM"
-"BgNVHRMBAf8EAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudGhhd3Rl"
-"LmNvbS9UaGF3dGVTR0NDQS5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUF"
-"BwMCBglghkgBhvhCBAEwcgYIKwYBBQUHAQEEZjBkMCIGCCsGAQUFBzABhhZodHRw"
-"Oi8vb2NzcC50aGF3dGUuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vd3d3LnRoYXd0"
-"ZS5jb20vcmVwb3NpdG9yeS9UaGF3dGVfU0dDX0NBLmNydDANBgkqhkiG9w0BAQUF"
-"AAOBgQCfQ89bxFApsb/isJr/aiEdLRLDLE5a+RLizrmCUi3nHX4adpaQedEkUjh5"
-"u2ONgJd8IyAPkU0Wueru9G2Jysa9zCRo1kNbzipYvzwY4OA8Ys+WAi0oR1A04Se6"
-"z5nRUP8pJcA2NhUzUnC+MY+f6H/nEQyNv4SgQhqAibAxWEEHXw==";
-
-const std::string certVerisign =
-"MIIG+DCCBeCgAwIBAgIQU9K++SSnJF6DygHkbKokdzANBgkqhkiG9w0BAQUFADCB"
-"vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL"
-"ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug"
-"YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv"
-"VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew"
-"HhcNMTAwNTI2MDAwMDAwWhcNMTIwNTI1MjM1OTU5WjCCASkxEzARBgsrBgEEAYI3"
-"PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVsYXdhcmUxGzAZBgNVBA8TElYx"
-"LjAsIENsYXVzZSA1LihiKTEQMA4GA1UEBRMHMjQ5Nzg4NjELMAkGA1UEBhMCVVMx"
-"DjAMBgNVBBEUBTk0MDQzMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHFA1N"
-"b3VudGFpbiBWaWV3MSIwIAYDVQQJFBk0ODcgRWFzdCBNaWRkbGVmaWVsZCBSb2Fk"
-"MRcwFQYDVQQKFA5WZXJpU2lnbiwgSW5jLjEmMCQGA1UECxQdIFByb2R1Y3Rpb24g"
-"U2VjdXJpdHkgU2VydmljZXMxGTAXBgNVBAMUEHd3dy52ZXJpc2lnbi5jb20wggEi"
-"MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj+PvvK+fZOXwno0yT/OTy2Zm9"
-"ehnZjTtO/X2IWBEa3jG30C52uHFQI4NmXiQVNvJHkBaAj0ilVjvGdxXmkyyFsugt"
-"IWOTZ8pSKdX1tmGFIon6Ko9+lBFkVkudA1ogAUbtTB8IcdeOlpK78T4SjdVMhY18"
-"150YzSw6hRKlw52wBaDxtGZElvOth41K7TUcaDnQVzz5SBPW5MUhi7AWrdoSk17O"
-"BozOzmB/jkYDVDnwLcbR89SLHEOle/idSYSDQUmab3y0JS8RyQV1+DB70mnFALnD"
-"fLiL47nMQQCGxXgp5voQ2YmSXhevKmEJ9vvtC6C7yv2W6yomfS/weUEce9pvAgMB"
-"AAGjggKCMIICfjCBiwYDVR0RBIGDMIGAghB3d3cudmVyaXNpZ24uY29tggx2ZXJp"
-"c2lnbi5jb22CEHd3dy52ZXJpc2lnbi5uZXSCDHZlcmlzaWduLm5ldIIRd3d3LnZl"
-"cmlzaWduLm1vYmmCDXZlcmlzaWduLm1vYmmCD3d3dy52ZXJpc2lnbi5ldYILdmVy"
-"aXNpZ24uZXUwCQYDVR0TBAIwADAdBgNVHQ4EFgQU8oBwK/WBXCZDWi0dbuDgPyTK"
-"iJIwCwYDVR0PBAQDAgWgMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9FVkludGwt"
-"Y3JsLnZlcmlzaWduLmNvbS9FVkludGwyMDA2LmNybDBEBgNVHSAEPTA7MDkGC2CG"
-"SAGG+EUBBxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNv"
-"bS9ycGEwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUFBwMCBglghkgBhvhCBAEw"
-"HwYDVR0jBBgwFoAUTkPIHXbvN1N6T/JYb5TzOOLVvd8wdgYIKwYBBQUHAQEEajBo"
-"MCsGCCsGAQUFBzABhh9odHRwOi8vRVZJbnRsLW9jc3AudmVyaXNpZ24uY29tMDkG"
-"CCsGAQUFBzAChi1odHRwOi8vRVZJbnRsLWFpYS52ZXJpc2lnbi5jb20vRVZJbnRs"
-"MjAwNi5jZXIwbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJaW1hZ2UvZ2lmMCEw"
-"HzAHBgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYkaHR0cDovL2xvZ28u"
-"dmVyaXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQB9VZxB"
-"wDMRGyhFWYkY5rwUVGuDJiGeas2xRJC0G4+riQ7IN7pz2a2BhktmZ5HbxXL4ZEY4"
-"yMN68DEVErhtKiuL02ng27alhlngadKQzSL8pLdmQ+3jEwm9nva5C/7pbeqy+qGF"
-"is4IWNYOc4HKNkABxXm5v0ouys8HPNkTLFLep0gLqRXW3gYN2XbKUWMs7z7hJpkY"
-"GxP8YQSxi513O2dWVCXB8S6erIz9E/bcfdXoCPyQdn42y3IEoJvPvBS3S55fD4+Q"
-"Q43GPhumSg9a6S3hnyw8DX5OiUGmqgQrtSeDRsNmWqtWizEQbe+fotZpEn/7zYTa"
-"tk1ni/k5jDH/QeuG";
-
-const std::string crlExampleCertificate =
-"MIIFlDCCBHygAwIBAgIBADANBgkqhkiG9w0BAQUFADBDMRIwEAYKCZImiZPyLGQB"
-"GRYCZXMxGDAWBgoJkiaJk/IsZAEZFghpcmlzZ3JpZDETMBEGA1UEAxMKSVJJU0dy"
-"aWRDQTAeFw0wNTA2MjgwNTAyMjhaFw0xNTA2MjYwNTAyMjhaMEMxEjAQBgoJkiaJ"
-"k/IsZAEZFgJlczEYMBYGCgmSJomT8ixkARkWCGlyaXNncmlkMRMwEQYDVQQDEwpJ"
-"UklTR3JpZENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CQiWlff"
-"ajoMSTuismKqLQ+Mt33Tq4bBpCZvCBXhqan1R0ksILPtK1L7C8QWqPk6AZZpuNmY"
-"cNVtJGc8ksgDWvX0EB3GKwZTZ8RrSRlSEe9Otq+Ur7S9uxM1JMmCr6zZTMFANzBS"
-"4btnduV78C09IhFYG4OW8IPhNrbfPaeOR+PRPAa/qdSONAwTrM1sZkIvGpAkBWM6"
-"Pn7TK9BAK6GLvwgii780fWj3Cwgmp8EDCTievBbWj+z8/apMEy9R0vyB2dWNNCnk"
-"6q8VvrjgMsJt33O3BqOoBuZ8R/SS9OFWLFSU3s7cfrRaUSJk/Mx8OGFizRkcXSzX"
-"0Nidcg7hX5i78wIDAQABo4ICkTCCAo0wDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E"
-"FgQUnUJkLlupXvH/bMg8NtPxtkOYrRowawYDVR0jBGQwYoAUnUJkLlupXvH/bMg8"
-"NtPxtkOYrRqhR6RFMEMxEjAQBgoJkiaJk/IsZAEZFgJlczEYMBYGCgmSJomT8ixk"
-"ARkWCGlyaXNncmlkMRMwEQYDVQQDEwpJUklTR3JpZENBggEAMA4GA1UdDwEB/wQE"
-"AwIBxjARBglghkgBhvhCAQEEBAMCAAcwOwYJYIZIAYb4QgENBC4WLElSSVNHcmlk"
-"IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IENlcnRpZmljYXRlMIGZBgNVHR8EgZEw"
-"gY4wLqAsoCqGKGh0dHA6Ly93d3cuaXJpc2dyaWQuZXMvcGtpL2NybC9jYWNybC5w"
-"ZW0wXKBaoFiGVmxkYXA6Ly9sZGFwLmlyaXNncmlkLmVzOjEzODAvY249SVJJU0dy"
-"aWRDQSxkYz1pcmlzZ3JpZCxkYz1lcz9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0"
-"MDcGCWCGSAGG+EIBAwQqFihodHRwOi8vd3d3LmlyaXNncmlkLmVzL3BraS9jcmwv"
-"Y2FjcmwucGVtME4GCWCGSAGG+EIBCARBFj9odHRwOi8vd3d3LmlyaXNncmlkLmVz"
-"L3BraS9wb2xpY3kvMS4zLjYuMS40LjEuNzU0Ny4yLjIuNC4xLjEuMS8waQYDVR0g"
-"BGIwYDBeBg0rBgEEAbp7AgIEAQEBME0wSwYIKwYBBQUHAgEWP2h0dHA6Ly93d3cu"
-"aXJpc2dyaWQuZXMvcGtpL3BvbGljeS8xLjMuNi4xLjQuMS43NTQ3LjIuMi40LjEu"
-"MS4xLzANBgkqhkiG9w0BAQUFAAOCAQEAaqRfyLER+P2QOZLLdz66m7FGsgtFsAEx"
-"wiNrIChFWfyHVZG7Ph1fn/GDD5LMsrU23lx3NBN5/feHuut1XNYKNs8vtV07D70r"
-"DKjUlPbmWV0B+/GDxe1FDGop/tKQfyHSUaBuauXChFU/2INu5lhBerNl7QxNJ1ws"
-"cWGiT7R+L/2EjgzWgH1V/0zmIOMep6kY7MUs8rlyF0O5MNFs232cA1trl9kvhAGU"
-"9p58Enf5DWMrh17SPH586yIJeiWZtPez9G54ftY+XIqfn0X0zso0dnoXNJQYS043"
-"/5vSnoHdRx/EmN8yjeEavZtC48moN0iJ38eB44uKgCD77rZW5s1XqA==";
-
-//class TestCleanup
-//{
-// public:
-// explicit TestCleanup(bool bCheckForFakeVerification = false)
-// {
-// if (bCheckForFakeVerification) {
-// bool bUnsetEnvVar = true;
-//
-// m_strEnvVar = "CHECK_ONLY_DOMAIN_INSTEAD_OF_VALIDATION";
-// if (getenv(m_strEnvVar.c_str()) != NULL) {
-// bUnsetEnvVar = false;
-// } else {
-// setenv(m_strEnvVar.c_str(), "1", 0);
-// }
-// }
-// }
-//
-// ~TestCleanup()
-// {
-// if (!m_strRootCAPath.empty()) {
-// removeCertGivenByFilename(m_strRootCAPath.c_str());
-// }
-//
-// if (!m_strEnvVar.empty()) {
-// unsetenv(m_strEnvVar.c_str());
-// }
-// }
-//
-// void setRootCAPath(const std::string& strRootCAPath)
-// {
-// m_strRootCAPath = strRootCAPath;
-// }
-//
-// private:
-// std::string m_strRootCAPath;
-// std::string m_strEnvVar;
-//};
-//
-//class PolicyChanger : public DPL::Event::EventListener<AceUpdateResponseEvent>
-//{
-// public:
-// PolicyChanger()
-// {
-// DPL::Event::EventDeliverySystem::AddListener<AceUpdateResponseEvent>(this);
-// }
-//
-// ~PolicyChanger()
-// {
-// DPL::Event::EventDeliverySystem::RemoveListener<AceUpdateResponseEvent>(this);
-// }
-//
-// void OnEventReceived(const AceUpdateResponseEvent& event)
-// {
-// if (0 != event.GetArg0()) {
-// LogError("Policy change failed");
-// }
-// Assert(0 == event.GetArg0() && "Policy change failed");
-// LoopControl::finish_wait_for_wrt_init();
-// }
-//
-// void updatePolicy(const std::string& path)
-// {
-// AceUpdateRequestEvent event(path);
-// DPL::Event::EventDeliverySystem::Publish(event);
-// LoopControl::wait_for_wrt_init();
-// }
-//};
-
-} // namespace anonymous
-
-using namespace ValidationCore;
-
-//////////////////////////////////////////////////
-//////// VALIDATION CORE TEST SUITE ////////////
-//////////////////////////////////////////////////
-
-RUNNER_TEST(test01_signature_finder)
-{
- SignatureFileInfoSet signatureSet;
- SignatureFinder signatureFinder(widget_path);
- RUNNER_ASSERT_MSG(
- SignatureFinder::NO_ERROR == signatureFinder.find(signatureSet),
- "SignatureFinder failed");
- RUNNER_ASSERT_MSG(signatureSet.size() == 3,
- "Some signature has not been found");
-
- SignatureFileInfo first = *(signatureSet.begin());
- RUNNER_ASSERT_MSG(
- std::string("author-signature.xml") == first.getFileName(),
- "Author Signature");
- RUNNER_ASSERT_MSG(-1 == first.getFileNumber(), "Wrong signature number.");
- first = *(signatureSet.rbegin());
- RUNNER_ASSERT_MSG(std::string("signature22.xml") == first.getFileName(),
- "Wrong signature fileName.");
- RUNNER_ASSERT_MSG(22 == first.getFileNumber(), "Wrong signature number.");
-}
-
-RUNNER_TEST(test02_signature_reader)
-{
- SignatureFileInfoSet signatureSet;
- SignatureFinder signatureFinder(widget_path);
- RUNNER_ASSERT_MSG(
- SignatureFinder::NO_ERROR == signatureFinder.find(signatureSet),
- "SignatureFinder failed");
-
- SignatureFileInfoSet::reverse_iterator iter = signatureSet.rbegin();
-
- for (; iter != signatureSet.rend(); ++iter) {
- SignatureData data(widget_path + iter->getFileName(),
- iter->getFileNumber());
- SignatureReader xml;
- xml.initialize(data, WrtDB::GlobalConfig::GetSignatureXmlSchema());
- xml.read(data);
- }
-}
-
-RUNNER_TEST(test03_signature_validator)
-{
- SignatureFileInfoSet signatureSet;
- SignatureFinder signatureFinder(widget_path);
- RUNNER_ASSERT_MSG(
- SignatureFinder::NO_ERROR == signatureFinder.find(signatureSet),
- "SignatureFinder failed");
-
- SignatureFileInfoSet::reverse_iterator iter = signatureSet.rbegin();
-
- for (; iter != signatureSet.rend(); ++iter) {
- SignatureData data(widget_path + iter->getFileName(),
- iter->getFileNumber());
- SignatureReader xml;
- xml.initialize(data, WrtDB::GlobalConfig::GetSignatureXmlSchema());
- xml.read(data);
-
- SignatureValidator validator(
- false,
- false,
- false);
-
- if (data.isAuthorSignature()) {
- RUNNER_ASSERT_MSG(
- SignatureValidator::SIGNATURE_DISREGARD ==
- validator.check(data, widget_path),
- "Validation failed");
- } else {
- RUNNER_ASSERT_MSG(
- SignatureValidator::SIGNATURE_VERIFIED ==
- validator.check(data, widget_path),
- "Validation failed");
- }
- }
-}
-
-RUNNER_TEST(test05_signature_reference)
-{
- SignatureFileInfoSet signatureSet;
- SignatureFinder signatureFinder(widget_path);
- RUNNER_ASSERT_MSG(
- SignatureFinder::NO_ERROR == signatureFinder.find(signatureSet),
- "SignatureFinder failed");
-
- SignatureFileInfoSet::reverse_iterator iter = signatureSet.rbegin();
-
- for (; iter != signatureSet.rend(); ++iter) {
- SignatureData data(widget_path + iter->getFileName(),
- iter->getFileNumber());
- SignatureReader xml;
- xml.initialize(data, WrtDB::GlobalConfig::GetSignatureXmlSchema());
- xml.read(data);
-
- SignatureValidator sval(
- false,
- false,
- false);
- sval.check(data, widget_path);
-
- ReferenceValidator val(widget_path);
- RUNNER_ASSERT(
- ReferenceValidator::NO_ERROR == val.checkReferences(data));
- }
-}
-
-RUNNER_TEST(test07t01_base64)
-{
- std::string strraw = "1234567890qwertyuiop[]asdfghjkl;'zxcvbnm,.";
- std::string strenc =
- "MTIzNDU2Nzg5MHF3ZXJ0eXVpb3BbXWFzZGZnaGprbDsnenhjdmJubSwu";
-
- Base64Encoder encoder;
- encoder.reset();
- encoder.append(strraw);
- encoder.finalize();
- RUNNER_ASSERT_MSG(strenc == encoder.get(), "Error in Base64Encoder.");
-
- Base64Decoder decoder;
- decoder.reset();
- decoder.append(strenc);
- RUNNER_ASSERT(decoder.finalize());
- RUNNER_ASSERT_MSG(strraw == decoder.get(), "Error in Base64Decoder.");
-}
-
-RUNNER_TEST(test07t02_base64)
-{
- const size_t MAX = 40;
- char buffer[MAX];
- for (size_t i = 0; i<MAX; ++i) {
- buffer[i] = static_cast<char>(i);
- }
-
- std::string raw(&buffer[0], &buffer[MAX]);
-
- RUNNER_ASSERT(MAX == raw.size());
-
- Base64Encoder encoder;
- encoder.reset();
- encoder.append(raw);
- encoder.finalize();
- std::string enc = encoder.get();
-
- Base64Decoder decoder;
- decoder.reset();
- decoder.append(enc);
- RUNNER_ASSERT(decoder.finalize());
- RUNNER_ASSERT_MSG(raw == decoder.get(), "Error in Base64 conversion.");
-}
-
-RUNNER_TEST(test07t03_base64)
-{
- std::string invalid = "1234)";
-
- Base64Decoder decoder;
- decoder.reset();
- decoder.append(invalid);
- RUNNER_ASSERT(false == decoder.finalize());
-}
-
-RUNNER_TEST(test07t04_base64)
-{
- std::string invalid = "12234";
-
- Base64Decoder decoder;
- decoder.reset();
-
- bool exception = false;
- Try {
- std::string temp = decoder.get();
- } Catch(Base64Decoder::Exception::NotFinalized) {
- exception = true;
- }
-
- RUNNER_ASSERT_MSG(exception, "Base64Decoder does not throw error.");
-}
-
-RUNNER_TEST(test08t01_Certificate)
-{
- Certificate cert(certVerisign, Certificate::FORM_BASE64);
-
- DPL::OptionalString result;
-
- result = cert.getCommonName(Certificate::FIELD_SUBJECT);
- RUNNER_ASSERT_MSG(!result.IsNull(), "No common name");
- RUNNER_ASSERT_MSG(*result == DPL::FromUTF8String("www.verisign.com"),
- "CommonName mismatch");
-
- result = cert.getCommonName(Certificate::FIELD_ISSUER);
- RUNNER_ASSERT_MSG(!result.IsNull(), "No common name");
- RUNNER_ASSERT_MSG(result == DPL::FromUTF8String(
- "VeriSign Class 3 Extended Validation SSL SGC CA"),
- "CommonName mismatch");
-
- result = cert.getCountryName();
- RUNNER_ASSERT_MSG(!result.IsNull(), "No country");
- RUNNER_ASSERT_MSG(*result == DPL::FromUTF8String("US"),
- "Country mismatch");
-}
-
-RUNNER_TEST(test08t02_Certificate)
-{
- Certificate cert(certVerisign, Certificate::FORM_BASE64);
-
- Certificate::Fingerprint fin =
- cert.getFingerprint(Certificate::FINGERPRINT_SHA1);
-
- unsigned char buff[20] = {
- 0xb9, 0x72, 0x1e, 0xd5, 0x49,
- 0xed, 0xbf, 0x31, 0x84, 0xd8,
- 0x27, 0x0c, 0xfe, 0x03, 0x11,
- 0x19, 0xdf, 0xc2, 0x2b, 0x0a};
- RUNNER_ASSERT_MSG(fin.size() == 20, "Wrong size of fingerprint");
-
- for (size_t i = 0; i<20; ++i) {
- RUNNER_ASSERT_MSG(fin[i] == buff[i], "Fingerprint mismatch");
- }
-}
-
-RUNNER_TEST(test08t03_Certificate)
-{
- Certificate cert(certVerisign, Certificate::FORM_BASE64);
-
- Certificate::AltNameSet nameSet = cert.getAlternativeNameDNS();
-
- RUNNER_ASSERT(nameSet.size() == 8);
-
- DPL::String str = DPL::FromUTF8String("verisign.com");
- RUNNER_ASSERT(nameSet.find(str) != nameSet.end());
-
- str = DPL::FromUTF8String("fake.com");
- RUNNER_ASSERT(nameSet.find(str) == nameSet.end());
-
-}
-
-RUNNER_TEST(test09t01_CertificateCollection)
-{
- CertificateList list;
- list.push_back(CertificatePtr(
- new Certificate(google2nd, Certificate::FORM_BASE64)));
- list.push_back(CertificatePtr(
- new Certificate(googleCA, Certificate::FORM_BASE64)));
- list.push_back(CertificatePtr(
- new Certificate(google3rd, Certificate::FORM_BASE64)));
-
- CertificateCollection collection;
- collection.load(list);
-
- bool exception = false;
-
- Try {
- RUNNER_ASSERT(collection.isChain());
- } Catch (CertificateCollection::Exception::WrongUsage) {
- exception = true;
- }
-
- RUNNER_ASSERT_MSG(exception, "Exception expected!");
-
- RUNNER_ASSERT_MSG(collection.sort(), "Sort failed");
-
- RUNNER_ASSERT(collection.isChain());
-
- std::string encoded = collection.toBase64String();
-
- collection.clear();
-
- RUNNER_ASSERT_MSG(collection.size() == 0, "Function clear failed.");
-
- collection.load(encoded);
-
- RUNNER_ASSERT_MSG(collection.sort(), "Sort failed");
-
- list = collection.getChain();
-
- RUNNER_ASSERT(
- DPL::ToUTF8String(*(list.front().Get()->getCommonName())) ==
- "www.google.com");
- RUNNER_ASSERT(
- DPL::ToUTF8String(*(list.back().Get()->getOrganizationName())) ==
- "VeriSign, Inc.");
-}
-
-RUNNER_TEST(test51t01_ocsp_validation_negative)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateList lOCSPCertificates;
- CertificatePtr certificatePtr;
- CertificatePtr pCert0;
- CertificatePtr pCert1;
- CertificatePtr pCert2;
- CertificatePtr pRootCert;
- std::string caRootPath(keys_path + "ocsp_rootca.crt"),
- certLevel0Path(keys_path + "ocsp_level0deprecated.crt"),
- certLevel1Path(keys_path + "ocsp_level1.crt"),
- certLevel2Path(keys_path + "ocsp_level2.crt");
-
- pRootCert = RevocationCheckerBase::loadPEMFile(caRootPath.c_str());
- if (!pRootCert) {
- RUNNER_ASSERT_MSG(false, "Couldn't load ocsp_rootca.crt");
- }
- lOCSPCertificates.push_back(pRootCert);
-
- pCert0 = RevocationCheckerBase::loadPEMFile(certLevel0Path.c_str());
- if (!pCert0) {
- RUNNER_ASSERT_MSG(false, "Couldn't load ocsp_level0.crt");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert0));
-
- pCert1 = RevocationCheckerBase::loadPEMFile(certLevel1Path.c_str());
- if (!pCert1) {
- RUNNER_ASSERT_MSG(false, "Couldn't load ocsp_level1.crt");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert1));
-
- pCert2 = RevocationCheckerBase::loadPEMFile(certLevel2Path.c_str());
- if (!pCert2) {
- RUNNER_ASSERT_MSG(false, "Couldn't load ocsp_level2.crt");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert2));
-
- OCSP ocsp;
- ocsp.setDigestAlgorithmForCertId(ValidationCore::OCSP::SHA1);
- ocsp.setDigestAlgorithmForRequest(ValidationCore::OCSP::SHA1);
-
- CertificateCollection collection;
- collection.load(lOCSPCertificates);
- RUNNER_ASSERT(collection.sort());
- CertificateList sorted = collection.getChain();
-
- ocsp.setTrustedStore(sorted);
- VerificationStatusSet status = ocsp.validateCertificateList(sorted);
-
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_CONNECTION_FAILED),
- "Caught OCSP connection error from store exception");
- RUNNER_ASSERT_MSG(status.contains(VERIFICATION_STATUS_GOOD),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(status.contains(VERIFICATION_STATUS_VERIFICATION_ERROR),
- "Caught OCSP verification error exception");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test51t02_ocsp_validation_positive)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateList lOCSPCertificates;
- CertificatePtr certificatePtr;
- CertificatePtr pCert0;
- CertificatePtr pCert1;
- CertificatePtr pCert2;
- CertificatePtr pRootCert;
- std::string caRootPath(keys_path + "ocsp_rootca.crt"),
- certLevel1Path(keys_path + "ocsp_level1.crt"),
- certLevel2Path(keys_path + "ocsp_level2.crt");
-
- pRootCert = RevocationCheckerBase::loadPEMFile(caRootPath.c_str());
- if (!pRootCert) {
- RUNNER_ASSERT_MSG(false, "Couldn't load ocsp_rootca.crt");
- }
- lOCSPCertificates.push_back(pRootCert);
-
- pCert1 = RevocationCheckerBase::loadPEMFile(certLevel1Path.c_str());
- if (!pCert1) {
- RUNNER_ASSERT_MSG(false, "Couldn't load ocsp_level1.crt");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert1));
-
- pCert2 = RevocationCheckerBase::loadPEMFile(certLevel2Path.c_str());
- if (!pCert2) {
- RUNNER_ASSERT_MSG(false, "Couldn't load ocsp_level2.crt");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert2));
-
- OCSP ocsp;
- ocsp.setDigestAlgorithmForCertId(ValidationCore::OCSP::SHA1);
- ocsp.setDigestAlgorithmForRequest(ValidationCore::OCSP::SHA1);
-
- CertificateCollection collection;
- collection.load(lOCSPCertificates);
- RUNNER_ASSERT(collection.sort());
- CertificateList sorted = collection.getChain();
-
- ocsp.setTrustedStore(sorted);
- VerificationStatusSet status = ocsp.validateCertificateList(sorted);
-
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_CONNECTION_FAILED),
- "Caught OCSP connection error from store exception");
- RUNNER_ASSERT_MSG(status.contains(VERIFICATION_STATUS_GOOD),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_VERIFICATION_ERROR),
- "Caught OCSP verification error exception");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test51t04_ocsp_request)
-{
- CertificateList lTrustedCerts;
-
- lTrustedCerts.push_back(CertificatePtr(
- new Certificate(google3rd, Certificate::FORM_BASE64)));
- lTrustedCerts.push_back(CertificatePtr(
- new Certificate(google2nd, Certificate::FORM_BASE64)));
- lTrustedCerts.push_back(CertificatePtr(
- new Certificate(googleCA, Certificate::FORM_BASE64)));
-
- CertificateCollection chain;
- chain.load(lTrustedCerts);
- chain.sort();
-
- OCSP ocsp;
- ocsp.setDigestAlgorithmForCertId(OCSP::SHA1);
- ocsp.setDigestAlgorithmForRequest(OCSP::SHA1);
- ocsp.setTrustedStore(lTrustedCerts);
- VerificationStatus result = ocsp.checkEndEntity(chain);
-
- RUNNER_ASSERT(VERIFICATION_STATUS_GOOD == result);
-}
-
-RUNNER_TEST(test51t05_cached_ocsp_validation_negative)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateList lOCSPCertificates;
- CertificatePtr certificatePtr;
- CertificatePtr pCert0;
- CertificatePtr pCert1;
- CertificatePtr pCert2;
- CertificatePtr pRootCert;
- std::string caRootPath(keys_path + "ocsp_rootca.crt"),
- certLevel0Path(keys_path + "ocsp_level0deprecated.crt"),
- certLevel1Path(keys_path + "ocsp_level1.crt"),
- certLevel2Path(keys_path + "ocsp_level2.crt");
-
- pRootCert = RevocationCheckerBase::loadPEMFile(caRootPath.c_str());
- RUNNER_ASSERT_MSG(pRootCert, "Couldn't load ocsp_rootca.crt");
- lOCSPCertificates.push_back(pRootCert);
-
- pCert0 = RevocationCheckerBase::loadPEMFile(certLevel0Path.c_str());
- RUNNER_ASSERT_MSG(pCert0, "Couldn't load ocsp_level0.crt");
- lOCSPCertificates.push_back(CertificatePtr(pCert0));
-
- pCert1 = RevocationCheckerBase::loadPEMFile(certLevel1Path.c_str());
- RUNNER_ASSERT_MSG(pCert1, "Couldn't load ocsp_level1.crt");
- lOCSPCertificates.push_back(CertificatePtr(pCert1));
-
- pCert2 = RevocationCheckerBase::loadPEMFile(certLevel2Path.c_str());
- RUNNER_ASSERT_MSG(pCert2, "Couldn't load ocsp_level2.crt");
- lOCSPCertificates.push_back(CertificatePtr(pCert2));
-
- CachedOCSP ocsp;
-
- CertificateCollection collection;
- collection.load(lOCSPCertificates);
- RUNNER_ASSERT(collection.sort());
-
- VerificationStatus status = ocsp.check(collection);
-
- RUNNER_ASSERT_MSG(status != VERIFICATION_STATUS_GOOD,
- "Caught OCSP verification error exception");
-
- OCSPCachedStatusList respList;
- CertificateCacheDAO::getOCSPStatusList(&respList);
- unsigned len = respList.size();
-
- status = ocsp.check(collection);
-
- RUNNER_ASSERT_MSG(status != VERIFICATION_STATUS_GOOD,
- "Caught OCSP verification error exception");
-
- respList.clear();
- CertificateCacheDAO::getOCSPStatusList(&respList);
- RUNNER_ASSERT_MSG(respList.size() == len && len > 0,
- "Caught OCSP cache error exception");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test51t06_cached_ocsp_validation_positive)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateList lOCSPCertificates;
- CertificatePtr certificatePtr;
- CertificatePtr pCert0;
- CertificatePtr pCert1;
- CertificatePtr pCert2;
- CertificatePtr pRootCert;
- std::string caRootPath(keys_path + "ocsp_rootca.crt"),
- certLevel1Path(keys_path + "ocsp_level1.crt"),
- certLevel2Path(keys_path + "ocsp_level2.crt");
-
- pRootCert = RevocationCheckerBase::loadPEMFile(caRootPath.c_str());
- RUNNER_ASSERT_MSG(pRootCert, "Couldn't load ocsp_rootca.crt");
- lOCSPCertificates.push_back(pRootCert);
-
- pCert1 = RevocationCheckerBase::loadPEMFile(certLevel1Path.c_str());
- RUNNER_ASSERT_MSG(pCert1, "Couldn't load ocsp_level1.crt");
- lOCSPCertificates.push_back(CertificatePtr(pCert1));
-
- pCert2 = RevocationCheckerBase::loadPEMFile(certLevel2Path.c_str());
- RUNNER_ASSERT_MSG(pCert2, "Couldn't load ocsp_level2.crt");
- lOCSPCertificates.push_back(CertificatePtr(pCert2));
-
- CachedOCSP ocsp;
-
- CertificateCollection collection;
- collection.load(lOCSPCertificates);
- RUNNER_ASSERT(collection.sort());
-
- VerificationStatus status = ocsp.check(collection);
-
- RUNNER_ASSERT_MSG(status == VERIFICATION_STATUS_GOOD,
- "Caught OCSP verification error exception");
-
- OCSPCachedStatusList respList;
- CertificateCacheDAO::getOCSPStatusList(&respList);
- unsigned len = respList.size();
-
- status = ocsp.check(collection);
-
- RUNNER_ASSERT_MSG(status == VERIFICATION_STATUS_GOOD,
- "Caught OCSP verification error exception");
-
- respList.clear();
- CertificateCacheDAO::getOCSPStatusList(&respList);
- RUNNER_ASSERT_MSG(respList.size() == len && len > 0,
- "Caught OCSP cache error exception");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test61_crl_test_revocation_no_crl)
-{
- //Clear CRL cache so there is no CRL for those certificates URI.
- CertificateCacheDAO::clearCertificateCache();
- //Prepare certificate chain
- TestCRL crl;
- std::string cacertStr(crl.getFileContent(cert_store_path + "cacert.pem"));
- std::string certAStr(
- crl.getFileContent(cert_store_path + "1second_level.pem"));
- std::string certBStr(
- crl.getFileContent(cert_store_path + "1third_level.pem"));
-
- CertificateLoader loader;
- CertificateList certList;
- CertificateCollection collection;
- RUNNER_ASSERT(loader.loadCertificateFromRawData(cacertStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certAStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certBStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
-
- collection.load(certList);
-
- CRL::RevocationStatus status = crl.checkCertificateChain(collection);
- RUNNER_ASSERT_MSG(status.isCRLValid == false,
- "Some certificate have no CRL extension!");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test62_crl_test_revocation_set1)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- //Prepare certificate chain
- TestCRL crl;
- std::string cacertStr(crl.getFileContent(cert_store_path + "cacert.pem"));
- std::string certAStr(
- crl.getFileContent(cert_store_path + "1second_level.pem"));
- std::string certBStr(
- crl.getFileContent(cert_store_path + "1third_level.pem"));
- crl.addCRLToStore(cert_store_path + "cacrl1.pem", crl_URI);
-
- CertificateLoader loader;
- CertificateList certList;
- CertificateCollection collection;
- RUNNER_ASSERT(loader.loadCertificateFromRawData(cacertStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certAStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certBStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
-
- collection.load(certList);
-
- CRL::RevocationStatus status = crl.checkCertificateChain(collection);
- RUNNER_ASSERT(status.isCRLValid);
- RUNNER_ASSERT(status.isRevoked);
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test63_crl_test_revocation_set1)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- //Prepare certificate chain
- TestCRL crl;
- std::string cacertStr(crl.getFileContent(cert_store_path + "cacert.pem"));
- std::string certAStr(
- crl.getFileContent(cert_store_path + "1second_level.pem"));
- std::string certBStr(
- crl.getFileContent(cert_store_path + "1third_level.pem"));
- crl.addCRLToStore(cert_store_path + "cacrl1.pem", crl_URI);
-
- CertificateLoader loader;
- CertificateList certList;
- CertificateCollection collection;
- RUNNER_ASSERT(loader.loadCertificateFromRawData(cacertStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certAStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certBStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
-
- collection.load(certList);
-
- CRL::RevocationStatus status = crl.checkCertificateChain(collection);
- RUNNER_ASSERT(status.isCRLValid);
- RUNNER_ASSERT(status.isRevoked);
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test64_crl_test_revocation_set2)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- //Prepare certificate chain
- TestCRL crl;
- std::string cacertStr(crl.getFileContent(cert_store_path + "cacert.pem"));
- std::string certAStr(
- crl.getFileContent(cert_store_path + "2second_level.pem"));
- std::string certBStr(
- crl.getFileContent(cert_store_path + "2third_level.pem"));
- crl.addCRLToStore(cert_store_path + "cacrl1.pem", crl_URI);
-
- CertificateLoader loader;
- CertificateList certList;
- CertificateCollection collection;
- RUNNER_ASSERT(loader.loadCertificateFromRawData(cacertStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certAStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certBStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
-
- collection.load(certList);
-
- CRL::RevocationStatus status = crl.checkCertificateChain(collection);
- RUNNER_ASSERT(status.isCRLValid);
- RUNNER_ASSERT(!status.isRevoked);
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test65_crl_test_revocation_set2)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- //Prepare certificate chain
- TestCRL crl;
- std::string cacertStr(crl.getFileContent(cert_store_path + "cacert.pem"));
- std::string certAStr(
- crl.getFileContent(cert_store_path + "2second_level.pem"));
- std::string certBStr(
- crl.getFileContent(cert_store_path + "2third_level.pem"));
- crl.addCRLToStore(cert_store_path + "cacrl2.pem", crl_URI);
-
- CertificateLoader loader;
- CertificateList certList;
- CertificateCollection collection;
- RUNNER_ASSERT(loader.loadCertificateFromRawData(cacertStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certAStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certBStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
-
- collection.load(certList);
-
- CRL::RevocationStatus status = crl.checkCertificateChain(collection);
- RUNNER_ASSERT(status.isCRLValid);
- RUNNER_ASSERT(status.isRevoked);
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test66_crl_update_expired_lists)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateLoader loader;
- loader.loadCertificateFromRawData(google2nd);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- TestCRL crl;
- RUNNER_ASSERT_MSG(
- crl.updateList(loader.getCertificatePtr(), CRL::UPDATE_ON_EXPIRED),
- "CRL update on expired succeeded");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test67_crl_update_lists_on_demand)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateLoader loader;
- loader.loadCertificateFromRawData(google2nd);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- TestCRL crl;
- RUNNER_ASSERT_MSG(
- crl.updateList(loader.getCertificatePtr(), CRL::UPDATE_ON_DEMAND),
- "CRL update on demand succeeded");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test68_cached_crl_test_positive)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- TestCRL crl;
-
- std::string cacertStr(crl.getFileContent(cert_store_path + "cacert.pem"));
- std::string certAStr(
- crl.getFileContent(cert_store_path + "2second_level.pem"));
- std::string certBStr(
- crl.getFileContent(cert_store_path + "2third_level.pem"));
- crl.addCRLToStore(cert_store_path + "cacrl1.pem", crl_URI);
-
- CertificateLoader loader;
- CertificateList certList;
- CertificateCollection collection;
- RUNNER_ASSERT(loader.loadCertificateFromRawData(cacertStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certAStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certBStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
-
- collection.load(certList);
-
- CRL::RevocationStatus status = crl.checkCertificateChain(collection);
-
- CachedCRL cached;
- VerificationStatus cached_status = cached.check(collection);
- CRLCachedDataList list;
- CertificateCacheDAO::getCRLResponseList(&list);
- unsigned len = list.size();
-
- RUNNER_ASSERT(status.isCRLValid);
- RUNNER_ASSERT(!status.isRevoked &&
- cached_status == VERIFICATION_STATUS_GOOD);
-
- cached_status = cached.check(collection);
- list.clear();
- CertificateCacheDAO::getCRLResponseList(&list);
-
- RUNNER_ASSERT(len == list.size());
- RUNNER_ASSERT(!status.isRevoked &&
- cached_status == VERIFICATION_STATUS_GOOD);
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test69_cached_crl_test_negative)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- //Prepare certificate chain
- TestCRL crl;
- std::string cacertStr(crl.getFileContent(cert_store_path + "cacert.pem"));
- std::string certAStr(
- crl.getFileContent(cert_store_path + "2second_level.pem"));
- std::string certBStr(
- crl.getFileContent(cert_store_path + "2third_level.pem"));
- crl.addCRLToStore(cert_store_path + "cacrl2.pem", crl_URI);
-
- CertificateLoader loader;
- CertificateList certList;
- CertificateCollection collection;
- RUNNER_ASSERT(loader.loadCertificateFromRawData(cacertStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certAStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
- RUNNER_ASSERT(loader.loadCertificateFromRawData(certBStr) ==
- CertificateLoader::NO_ERROR);
- RUNNER_ASSERT(!!loader.getCertificatePtr());
- certList.push_back(loader.getCertificatePtr());
-
- collection.load(certList);
-
- CRL::RevocationStatus status = crl.checkCertificateChain(collection);
- CachedCRL cached;
- VerificationStatus cached_status = cached.check(collection);
- CRLCachedDataList list;
- CertificateCacheDAO::getCRLResponseList(&list);
- unsigned len = list.size();
-
- RUNNER_ASSERT(status.isCRLValid);
- RUNNER_ASSERT(status.isRevoked &&
- cached_status == VERIFICATION_STATUS_REVOKED);
-
- cached_status = cached.check(collection);
- list.clear();
- CertificateCacheDAO::getCRLResponseList(&list);
-
- RUNNER_ASSERT(len == list.size());
- RUNNER_ASSERT(status.isRevoked &&
- cached_status == VERIFICATION_STATUS_REVOKED);
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test70_ocsp_local_validation_positive)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateList lOCSPCertificates;
- CertificatePtr certificatePtr;
- CertificatePtr pCert0;
- CertificatePtr pRootCert;
- std::string caRootPath(cert_store_path + "cacert.pem"),
- certLevel0Path(cert_store_path + "1second_level.pem");
-
- pRootCert = RevocationCheckerBase::loadPEMFile(caRootPath.c_str());
- if (!pRootCert) {
- RUNNER_ASSERT_MSG(false, "Couldn't load cacert.pem");
- }
- lOCSPCertificates.push_back(pRootCert);
-
- pCert0 = RevocationCheckerBase::loadPEMFile(certLevel0Path.c_str());
- if (!pCert0) {
- RUNNER_ASSERT_MSG(false, "Couldn't load 1second_level.pem");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert0));
-
- OCSP ocsp;
- ocsp.setDigestAlgorithmForCertId(ValidationCore::OCSP::SHA1);
- ocsp.setDigestAlgorithmForRequest(ValidationCore::OCSP::SHA1);
-
- CertificateCollection collection;
- collection.load(lOCSPCertificates);
- RUNNER_ASSERT(collection.sort());
- CertificateList sorted = collection.getChain();
-
- ocsp.setTrustedStore(sorted);
- VerificationStatusSet status = ocsp.validateCertificateList(sorted);
-
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_CONNECTION_FAILED),
- "Caught OCSP connection error - check if "
- "dpl-tests-vcore-ocsp-server.sh is running!");
- RUNNER_ASSERT_MSG(status.contains(VERIFICATION_STATUS_GOOD),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_VERIFICATION_ERROR),
- "Caught OCSP verification error exception");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test71_ocsp_local_validation_positive)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateList lOCSPCertificates;
- CertificatePtr certificatePtr;
- CertificatePtr pCert0;
- CertificatePtr pRootCert;
- std::string caRootPath(cert_store_path + "cacert.pem"),
- certLevel0Path(cert_store_path + "3second_level.pem");
-
- pRootCert = RevocationCheckerBase::loadPEMFile(caRootPath.c_str());
- if (!pRootCert) {
- RUNNER_ASSERT_MSG(false, "Couldn't load cacert.pem");
- }
- lOCSPCertificates.push_back(pRootCert);
-
- pCert0 = RevocationCheckerBase::loadPEMFile(certLevel0Path.c_str());
- if (!pCert0) {
- RUNNER_ASSERT_MSG(false, "Couldn't load 3second_level.pem");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert0));
-
- OCSP ocsp;
- ocsp.setDigestAlgorithmForCertId(ValidationCore::OCSP::SHA1);
- ocsp.setDigestAlgorithmForRequest(ValidationCore::OCSP::SHA1);
-
- CertificateCollection collection;
- collection.load(lOCSPCertificates);
- RUNNER_ASSERT(collection.sort());
- CertificateList sorted = collection.getChain();
-
- ocsp.setTrustedStore(sorted);
- VerificationStatusSet status = ocsp.validateCertificateList(sorted);
-
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_CONNECTION_FAILED),
- "Caught OCSP connection error - check if "
- "dpl-tests-vcore-ocsp-server.sh is running!");
- RUNNER_ASSERT_MSG(status.contains(VERIFICATION_STATUS_GOOD),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_VERIFICATION_ERROR),
- "Caught OCSP verification error exception");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test72_ocsp_local_validation_revoked)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateList lOCSPCertificates;
- CertificatePtr certificatePtr;
- CertificatePtr pCert0;
- CertificatePtr pRootCert;
- std::string caRootPath(cert_store_path + "cacert.pem"),
- certLevel0Path(cert_store_path + "2second_level.pem");
-
- pRootCert = RevocationCheckerBase::loadPEMFile(caRootPath.c_str());
- if (!pRootCert) {
- RUNNER_ASSERT_MSG(false, "Couldn't load cacert.pem");
- }
- lOCSPCertificates.push_back(pRootCert);
-
- pCert0 = RevocationCheckerBase::loadPEMFile(certLevel0Path.c_str());
- if (!pCert0) {
- RUNNER_ASSERT_MSG(false, "Couldn't load 2second_level.pem");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert0));
-
- OCSP ocsp;
- ocsp.setDigestAlgorithmForCertId(ValidationCore::OCSP::SHA1);
- ocsp.setDigestAlgorithmForRequest(ValidationCore::OCSP::SHA1);
-
- CertificateCollection collection;
- collection.load(lOCSPCertificates);
- RUNNER_ASSERT(collection.sort());
- CertificateList sorted = collection.getChain();
-
- ocsp.setTrustedStore(sorted);
- VerificationStatusSet status = ocsp.validateCertificateList(sorted);
-
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_CONNECTION_FAILED),
- "Caught OCSP connection error - check if "
- "dpl-tests-vcore-ocsp-server.sh is running!");
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_GOOD),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(status.contains(VERIFICATION_STATUS_REVOKED),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_UNKNOWN),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_VERIFICATION_ERROR),
- "Caught OCSP verification error exception");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
-RUNNER_TEST(test73_ocsp_local_validation_error_unknown_cert)
-{
- CertificateCacheDAO::clearCertificateCache();
-
- CertificateList lOCSPCertificates;
- CertificatePtr certificatePtr;
- CertificatePtr pCert0;
- CertificatePtr pCert1;
- CertificatePtr pRootCert;
- std::string caRootPath(cert_store_path + "cacert.pem"),
- certLevel0Path(cert_store_path + "1second_level.pem"),
- certLevel1Path(cert_store_path + "1third_level.pem");
-
- pRootCert = RevocationCheckerBase::loadPEMFile(caRootPath.c_str());
- if (!pRootCert) {
- RUNNER_ASSERT_MSG(false, "Couldn't load cacerr.pem");
- }
- lOCSPCertificates.push_back(pRootCert);
-
- pCert0 = RevocationCheckerBase::loadPEMFile(certLevel0Path.c_str());
- if (!pCert0) {
- RUNNER_ASSERT_MSG(false, "Couldn't load 1second_level.pem");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert0));
-
- pCert1 = RevocationCheckerBase::loadPEMFile(certLevel1Path.c_str());
- if (!pCert1) {
- RUNNER_ASSERT_MSG(false, "Couldn't load 1third_level.pem");
- }
- lOCSPCertificates.push_back(CertificatePtr(pCert1));
-
- OCSP ocsp;
- ocsp.setDigestAlgorithmForCertId(ValidationCore::OCSP::SHA1);
- ocsp.setDigestAlgorithmForRequest(ValidationCore::OCSP::SHA1);
-
- CertificateCollection collection;
- collection.load(lOCSPCertificates);
- RUNNER_ASSERT(collection.sort());
- CertificateList sorted = collection.getChain();
-
- ocsp.setTrustedStore(sorted);
- VerificationStatusSet status = ocsp.validateCertificateList(sorted);
-
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_CONNECTION_FAILED),
- "Caught OCSP connection error - check if "
- "dpl-tests-vcore-ocsp-server.sh is running!");
- RUNNER_ASSERT_MSG(status.contains(VERIFICATION_STATUS_GOOD),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_REVOKED),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(status.contains(VERIFICATION_STATUS_VERIFICATION_ERROR),
- "Caught OCSP verification error exception");
- RUNNER_ASSERT_MSG(!status.contains(VERIFICATION_STATUS_UNKNOWN),
- "Caught OCSP verification error exception");
-
- CertificateCacheDAO::clearCertificateCache();
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include <string>
-#include <cstring>
-#include <dpl/log/log.h>
-
-#include <cert-service.h>
-
-#include "TestEnv.h"
-
-const char *storePath = "code-signing_wac";
-
-int addCertToStore(const char* name){
- int result = cert_svc_add_certificate_to_store(name, storePath);
-
- if (CERT_SVC_ERR_NO_ERROR != result) {
- LogError("Error adding certificate: " << name << " To: " << storePath);
- }
- return result;
-}
-
-//long int removeCertFromStore(const char* subjectName, const char* issuerName)
-//{
-// long int result = OPERATION_SUCCESS;
-// /* Retrieve all the certificates from store */
-// certmgr_cert_id certId;
-// certmgr_mem_buff certRetrieved;
-// certmgr_ctx context;
-// char storeId[CERTMGR_MAX_PLUGIN_ID_SIZE];
-// char type[CERTMGR_MAX_CERT_TYPE_SIZE];
-// unsigned char certBuff[CERTMGR_MAX_BUFFER_SIZE * 2];
-//
-// certmgr_cert_descriptor descriptor;
-// certId.storeId = storeId;
-// certId.type = type;
-//
-// CERTMGR_INIT_CONTEXT((&context), (sizeof(certmgr_ctx)))
-// std::string storeName("Operator");
-// strncpy(context.storeId, storeName.c_str(), storeName.size());
-//
-// certRetrieved.data = certBuff;
-// certRetrieved.size = CERTMGR_MAX_BUFFER_SIZE * 2;
-//
-// certRetrieved.firstFree = 0;
-//
-// for(certRetrieved.firstFree = 0;
-// OPERATION_SUCCESS ==
-// (result = certmgr_retrieve_certificate_from_store( &context, &certRetrieved, &certId));
-// certRetrieved.firstFree = 0)
-// {
-// if(OPERATION_SUCCESS ==
-// certmgr_extract_certificate_data(&certRetrieved, &descriptor)){
-// LogDebug("The subject of this certificate is " << descriptor.mandatory.subject);
-// LogDebug("The issuer of this certificate is " << descriptor.mandatory.issuer);
-// }
-//
-// if(strcmp(descriptor.mandatory.subject, subjectName) == 0 &&
-// strcmp(descriptor.mandatory.issuer,issuerName) == 0 &&
-// OPERATION_SUCCESS == certmgr_remove_certificate_from_store(&certId))
-// {
-// LogDebug("***Certificate has been REMOVED***");
-// return OPERATION_SUCCESS;
-// }
-// }
-//
-// if(ERR_NO_MORE_CERTIFICATES == result){
-// LogDebug("***THIS CERT IS NOT IN STORE***");
-// return OPERATION_SUCCESS;
-// }
-//
-// return result;
-//}
-
-int removeCertGivenByFilename(const char* name){
- int result = cert_svc_delete_certificate_from_store(name, storePath);
-
- if (CERT_SVC_ERR_NO_ERROR != result) {
- LogError("Error removing certificate: " << name << " From: " << storePath);
- }
-
- return result;
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef _TESTENV_H_
-#define _TESTENV_H_
-
-int addCertToStore(const char *name);
-long int removeCertFromStore(const char *subjectName, const char *issuerName);
-int removeCertGivenByFilename(const char *name);
-
-#endif
+++ /dev/null
-#!/bin/bash
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-#Prerequisite to run script is to
-#create root certificate and directory structure (demoCA) with command:
-#/usr/lib/ssl/misc/CA.sh -newca
-#for automated tests default structure is created in demoCA.init
-
-#make sure current dir has no files from previous generation
-rm -r 1* 2* 3* ca* respcert* demoCA
-cp -R demoCA.init demoCA
-echo "01" > ./demoCA/crlnumber
-
-for index in 1 2 3
-do
- #create certificate A
- openssl genrsa -out ${index}second_level.key 1024 -passin pass:1234 -config ./openssl.cnf
- openssl req -new -key ${index}second_level.key -out ${index}second_level.csr -passin pass:1234 -config ./openssl.cnf <<CONTENT
-PL
-Masovian
-Warsaw
-priv
-priv
-second_level${index}
-
-
-
-CONTENT
-
- openssl ca -in ${index}second_level.csr -out ${index}second_level.pem -passin pass:1234 -config ./openssl.cnf -extensions v3_ca <<CONTENT
-y
-y
-CONTENT
-
- #create certificate B
- openssl req -new -keyout ${index}third_level.key -out ${index}third_level.request -passin pass:1234 -passout pass:1234 -days 365 -config ./openssl.cnf <<CONTENT
-PL
-Masovian
-Warsaw
-priv
-priv
-third_level${index}
-
-
-
-CONTENT
-
- openssl ca -config ./openssl.cnf -extensions v3_ca -policy policy_anything -keyfile ${index}second_level.key -cert ${index}second_level.pem -out ${index}third_level.pem -infiles ${index}third_level.request <<CONTENT
-y
-y
-CONTENT
-
-done
-
-#generate OCSP response signing certificate
-openssl genrsa -out respcert.key 1024 -passin pass:1234 -config ./openssl.cnf
-openssl req -new -key respcert.key -out respcert.csr -passin pass:1234 -config ./openssl.cnf <<CONTENT
-PL
-Masovian
-Warsaw
-priv
-priv
-responce_cert
-
-
-
-CONTENT
-
-openssl ca -in respcert.csr -out respcert.pem -passin pass:1234 -config ./openssl.cnf -extensions ocsp_cert <<CONTENT
-y
-y
-CONTENT
-
-#generate CRL
-openssl ca -passin pass:1234 -gencrl -keyfile ./demoCA/private/cakey.pem -cert ./demoCA/cacert.pem -out cacrl1.pem -crldays 30 -config ./openssl.cnf
-openssl ca -passin pass:1234 -revoke 1third_level.pem -keyfile ./demoCA/private/cakey.pem -cert ./demoCA/cacert.pem -config ./openssl.cnf
-openssl ca -passin pass:1234 -gencrl -keyfile ./demoCA/private/cakey.pem -cert ./demoCA/cacert.pem -out cacrl1.pem -crldays 30 -config ./openssl.cnf
-
-openssl ca -passin pass:1234 -gencrl -keyfile ./demoCA/private/cakey.pem -cert ./demoCA/cacert.pem -out cacrl2.pem -crldays 30 -config ./openssl.cnf
-openssl ca -passin pass:1234 -revoke 2second_level.pem -keyfile ./demoCA/private/cakey.pem -cert ./demoCA/cacert.pem -config ./openssl.cnf
-openssl ca -passin pass:1234 -gencrl -keyfile ./demoCA/private/cakey.pem -cert ./demoCA/cacert.pem -out cacrl2.pem -crldays 30 -config ./openssl.cnf
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 0 (0x0)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=PL, ST=Masovian, O=priv, OU=priv, CN=priv
- Validity
- Not Before: Jul 29 14:32:12 2011 GMT
- Not After : Jul 28 14:32:12 2014 GMT
- Subject: C=PL, ST=Masovian, O=priv, OU=priv, CN=priv
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ab:68:cc:1a:41:78:50:0c:f4:43:3f:9e:8d:7b:
- 90:3d:eb:d6:8b:ce:d9:c1:b5:f4:d3:2e:75:f3:e1:
- b3:29:97:1b:38:c6:20:73:8d:a6:cd:61:3f:e1:1c:
- 78:0f:fd:25:e2:a0:95:6d:a9:33:30:fe:24:76:3d:
- e4:9d:23:b2:39:3c:98:a5:b2:20:2f:7d:c8:7d:d5:
- 00:7c:11:2c:6e:58:a2:18:03:02:48:4a:81:c7:eb:
- 7b:e9:e3:8d:b0:eb:3d:ee:21:19:7c:04:c2:ad:4f:
- 45:b3:1a:13:d1:76:35:c4:38:7e:0c:6c:7c:e7:83:
- 41:f0:78:1b:b4:16:d5:93:d9
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- F6:6E:9E:36:6D:49:02:FC:91:1A:5A:9D:D3:FA:B4:9F:07:EE:A9:B3
- X509v3 Authority Key Identifier:
- keyid:F6:6E:9E:36:6D:49:02:FC:91:1A:5A:9D:D3:FA:B4:9F:07:EE:A9:B3
- DirName:/C=PL/ST=Masovian/O=priv/OU=priv/CN=priv
- serial:00
-
- X509v3 Basic Constraints:
- CA:TRUE
- Signature Algorithm: sha1WithRSAEncryption
- 96:3c:f7:22:3d:32:c0:67:fc:3a:0a:3c:b7:62:38:7d:a6:d5:
- 2d:86:c2:ce:6a:84:66:d4:56:b3:93:4e:4c:37:d1:49:b6:67:
- 91:76:57:96:96:cc:5a:71:da:69:b7:52:9d:8f:17:f7:66:fa:
- 6c:f1:98:28:44:af:60:df:ad:2a:8b:f5:f3:8c:27:c4:68:a5:
- 2a:35:c1:6c:84:37:20:ee:c2:9c:58:98:a1:ff:ba:fd:38:36:
- 45:c3:d7:38:5d:47:ad:c8:0d:26:2b:a9:9d:2e:39:73:b2:aa:
- da:e5:19:b8:57:28:62:dd:94:2a:c9:50:5b:33:59:b0:56:cf:
- eb:2f
------BEGIN CERTIFICATE-----
-MIICuDCCAiGgAwIBAgIBADANBgkqhkiG9w0BAQUFADBNMQswCQYDVQQGEwJQTDER
-MA8GA1UECBMITWFzb3ZpYW4xDTALBgNVBAoTBHByaXYxDTALBgNVBAsTBHByaXYx
-DTALBgNVBAMTBHByaXYwHhcNMTEwNzI5MTQzMjEyWhcNMTQwNzI4MTQzMjEyWjBN
-MQswCQYDVQQGEwJQTDERMA8GA1UECBMITWFzb3ZpYW4xDTALBgNVBAoTBHByaXYx
-DTALBgNVBAsTBHByaXYxDTALBgNVBAMTBHByaXYwgZ8wDQYJKoZIhvcNAQEBBQAD
-gY0AMIGJAoGBAKtozBpBeFAM9EM/no17kD3r1ovO2cG19NMudfPhsymXGzjGIHON
-ps1hP+EceA/9JeKglW2pMzD+JHY95J0jsjk8mKWyIC99yH3VAHwRLG5YohgDAkhK
-gcfre+njjbDrPe4hGXwEwq1PRbMaE9F2NcQ4fgxsfOeDQfB4G7QW1ZPZAgMBAAGj
-gacwgaQwHQYDVR0OBBYEFPZunjZtSQL8kRpandP6tJ8H7qmzMHUGA1UdIwRuMGyA
-FPZunjZtSQL8kRpandP6tJ8H7qmzoVGkTzBNMQswCQYDVQQGEwJQTDERMA8GA1UE
-CBMITWFzb3ZpYW4xDTALBgNVBAoTBHByaXYxDTALBgNVBAsTBHByaXYxDTALBgNV
-BAMTBHByaXaCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCWPPci
-PTLAZ/w6Cjy3Yjh9ptUthsLOaoRm1Fazk05MN9FJtmeRdleWlsxacdppt1Kdjxf3
-Zvps8ZgoRK9g360qi/XzjCfEaKUqNcFshDcg7sKcWJih/7r9ODZFw9c4XUetyA0m
-K6mdLjlzsqra5Rm4Vyhi3ZQqyVBbM1mwVs/rLw==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBnjCCAQcCAQAwXjELMAkGA1UEBhMCUEwxETAPBgNVBAgTCE1hc292aWFuMQ8w
-DQYDVQQHEwZXYXJzYXcxDTALBgNVBAoTBHByaXYxDTALBgNVBAsTBHByaXYxDTAL
-BgNVBAMTBHByaXYwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKtozBpBeFAM
-9EM/no17kD3r1ovO2cG19NMudfPhsymXGzjGIHONps1hP+EceA/9JeKglW2pMzD+
-JHY95J0jsjk8mKWyIC99yH3VAHwRLG5YohgDAkhKgcfre+njjbDrPe4hGXwEwq1P
-RbMaE9F2NcQ4fgxsfOeDQfB4G7QW1ZPZAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB
-gQBfWbLoBMhFCjsTklaKNKIoF4WRNmGXPBQt+BWZhlVjnxh1ncL3QX2M4r/ys3ax
-bKGm24i5XvUvZ1uR8SxOHGbuTzjRALBOgfb9X5mma/8ZytammJmgjdYkVvvRNFXL
-O+WaOykOlw1zUEUVK0VAmdQ5STPQDypyYwGF5JYL24F84A==
------END CERTIFICATE REQUEST-----
+++ /dev/null
-V 140728143212Z 00 unknown /C=PL/ST=Masovian/O=priv/OU=priv/CN=priv
+++ /dev/null
-unique_subject = yes
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 0 (0x0)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=PL, ST=Masovian, O=priv, OU=priv, CN=priv
- Validity
- Not Before: Jul 29 14:32:12 2011 GMT
- Not After : Jul 28 14:32:12 2014 GMT
- Subject: C=PL, ST=Masovian, O=priv, OU=priv, CN=priv
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ab:68:cc:1a:41:78:50:0c:f4:43:3f:9e:8d:7b:
- 90:3d:eb:d6:8b:ce:d9:c1:b5:f4:d3:2e:75:f3:e1:
- b3:29:97:1b:38:c6:20:73:8d:a6:cd:61:3f:e1:1c:
- 78:0f:fd:25:e2:a0:95:6d:a9:33:30:fe:24:76:3d:
- e4:9d:23:b2:39:3c:98:a5:b2:20:2f:7d:c8:7d:d5:
- 00:7c:11:2c:6e:58:a2:18:03:02:48:4a:81:c7:eb:
- 7b:e9:e3:8d:b0:eb:3d:ee:21:19:7c:04:c2:ad:4f:
- 45:b3:1a:13:d1:76:35:c4:38:7e:0c:6c:7c:e7:83:
- 41:f0:78:1b:b4:16:d5:93:d9
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- F6:6E:9E:36:6D:49:02:FC:91:1A:5A:9D:D3:FA:B4:9F:07:EE:A9:B3
- X509v3 Authority Key Identifier:
- keyid:F6:6E:9E:36:6D:49:02:FC:91:1A:5A:9D:D3:FA:B4:9F:07:EE:A9:B3
- DirName:/C=PL/ST=Masovian/O=priv/OU=priv/CN=priv
- serial:00
-
- X509v3 Basic Constraints:
- CA:TRUE
- Signature Algorithm: sha1WithRSAEncryption
- 96:3c:f7:22:3d:32:c0:67:fc:3a:0a:3c:b7:62:38:7d:a6:d5:
- 2d:86:c2:ce:6a:84:66:d4:56:b3:93:4e:4c:37:d1:49:b6:67:
- 91:76:57:96:96:cc:5a:71:da:69:b7:52:9d:8f:17:f7:66:fa:
- 6c:f1:98:28:44:af:60:df:ad:2a:8b:f5:f3:8c:27:c4:68:a5:
- 2a:35:c1:6c:84:37:20:ee:c2:9c:58:98:a1:ff:ba:fd:38:36:
- 45:c3:d7:38:5d:47:ad:c8:0d:26:2b:a9:9d:2e:39:73:b2:aa:
- da:e5:19:b8:57:28:62:dd:94:2a:c9:50:5b:33:59:b0:56:cf:
- eb:2f
------BEGIN CERTIFICATE-----
-MIICuDCCAiGgAwIBAgIBADANBgkqhkiG9w0BAQUFADBNMQswCQYDVQQGEwJQTDER
-MA8GA1UECBMITWFzb3ZpYW4xDTALBgNVBAoTBHByaXYxDTALBgNVBAsTBHByaXYx
-DTALBgNVBAMTBHByaXYwHhcNMTEwNzI5MTQzMjEyWhcNMTQwNzI4MTQzMjEyWjBN
-MQswCQYDVQQGEwJQTDERMA8GA1UECBMITWFzb3ZpYW4xDTALBgNVBAoTBHByaXYx
-DTALBgNVBAsTBHByaXYxDTALBgNVBAMTBHByaXYwgZ8wDQYJKoZIhvcNAQEBBQAD
-gY0AMIGJAoGBAKtozBpBeFAM9EM/no17kD3r1ovO2cG19NMudfPhsymXGzjGIHON
-ps1hP+EceA/9JeKglW2pMzD+JHY95J0jsjk8mKWyIC99yH3VAHwRLG5YohgDAkhK
-gcfre+njjbDrPe4hGXwEwq1PRbMaE9F2NcQ4fgxsfOeDQfB4G7QW1ZPZAgMBAAGj
-gacwgaQwHQYDVR0OBBYEFPZunjZtSQL8kRpandP6tJ8H7qmzMHUGA1UdIwRuMGyA
-FPZunjZtSQL8kRpandP6tJ8H7qmzoVGkTzBNMQswCQYDVQQGEwJQTDERMA8GA1UE
-CBMITWFzb3ZpYW4xDTALBgNVBAoTBHByaXYxDTALBgNVBAsTBHByaXYxDTALBgNV
-BAMTBHByaXaCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCWPPci
-PTLAZ/w6Cjy3Yjh9ptUthsLOaoRm1Fazk05MN9FJtmeRdleWlsxacdppt1Kdjxf3
-Zvps8ZgoRK9g360qi/XzjCfEaKUqNcFshDcg7sKcWJih/7r9ODZFw9c4XUetyA0m
-K6mdLjlzsqra5Rm4Vyhi3ZQqyVBbM1mwVs/rLw==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,E653123E49750191
-
-OgQe9fnwRSQjEqAuqts2/up+mCfMyiZLwi/ZfhZjBxsRD0n34J5NrLptcWMDNvPT
-TueYJ24eUhE61RE6u9VpcdYd0d/7sbR6i8jiBYa8R15frtTUaD1XCbhz3Sn6REbL
-qDrKW7hHuSKKRfb/6bHVGNGMCR6eCSw9isYcqFDlmRpGiYC5m2nxr/W1JFq4K/te
-KgvZ0kwE9DPeCdLVyHbZ7AcK0aDzUeZOFxxyHvQRLIbprx2DoFi+erPVvPfehJp1
-n2CVa2CXwkY4vIoCKn3KbtRqR+vHbc9UmlSvd2AINPEgCYAr11AGvDl9O6fdLXRJ
-PXq6TMv3se//4qPcyKEiXRhR64a0dxIutyPvESLrnz4BZGsQN695ym3s96x1IEtK
-yb7AGws3kr/zMVFilFFtHZgsMse9kzsMmoQZ31VfyIM1CpmieCVyN2gYV+iQN04f
-1HaT498quauFvxezDe9UC4d9yaFKAM8lqeuMwoisTCu18LR5jA4ODzEJDENnny4O
-ejLVKkdPViJOW5UwGpjl2MQYtmRyN6/FHjFIx9FEIClaxLiYMFXNxIGSWdq85JUb
-/VpkmCiJqjy2eIW137ThbmN2GblLg6l9Hkz1wTBqhqhBK/uznwE7Mh0VL3QNTnys
-4Ib2WoApWS3b9a6UAeybZvZ1vvK/9hryG19iwZsqpmuJoTTSlwZQbBYpVHRiSmrw
-S26rP4kBnId4ftf3oIGCwUgFXhj1cQ7V/PC4EAOzo0opAMQkI6TR1DP8gv1ESmIN
-mdrHvKbzmrRe5enDjrk3G2HVhd2+fPwC0Go8mORvxRtRfDDYeySEPQ==
------END RSA PRIVATE KEY-----
+++ /dev/null
-#!/bin/sh
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-pkill -9 openssl # if previously it was launched and openssl didn't close sockets
-
-OPENSSL_CONF=/opt/apps/widget/tests/vcore_certs/openssl.cnf openssl ocsp -index /opt/apps/widget/tests/vcore_certs/demoCA/index.txt -port 8881 -rsigner /opt/apps/widget/tests/vcore_certs/respcert.pem -rkey /opt/apps/widget/tests/vcore_certs/respcert.key -CA /opt/apps/widget/tests/vcore_certs/demoCA/cacert.pem
+++ /dev/null
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME = .
-RANDFILE = $ENV::HOME/.rnd
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file = $ENV::HOME/.oid
-oid_section = new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions =
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca = CA_default # The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir = ./demoCA # Where everything is kept
-certs = $dir/certs # Where the issued certs are kept
-crl_dir = $dir/crl # Where the issued crl are kept
-database = $dir/index.txt # database index file.
-#unique_subject = no # Set to 'no' to allow creation of
- # several ctificates with same subject.
-new_certs_dir = $dir/newcerts # default place for new certs.
-
-certificate = $dir/cacert.pem # The CA certificate
-serial = $dir/serial # The current serial number
-crlnumber = $dir/crlnumber # the current crl number
- # must be commented out to leave a V1 CRL
-crl = $dir/crl.pem # The current CRL
-private_key = $dir/private/cakey.pem# The private key
-RANDFILE = $dir/private/.rand # private random number file
-
-x509_extensions = usr_cert # The extentions to add to the cert
-
-# Comment out the following two lines for the "traditional"
-# (and highly broken) format.
-name_opt = ca_default # Subject Name options
-cert_opt = ca_default # Certificate field options
-
-# Extension copying option: use with caution.
-# copy_extensions = copy
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crlnumber must also be commented out to leave a V1 CRL.
-
-#crl_extensions = crl_ext
-
-default_days = 365 # how long to certify for
-default_crl_days= 30 # how long before next CRL
-default_md = sha1 # which md to use.
-preserve = no # keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy = policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName = match
-stateOrProvinceName = match
-organizationName = match
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-####################################################################
-[ req ]
-default_bits = 1024
-default_keyfile = privkey.pem
-distinguished_name = req_distinguished_name
-attributes = req_attributes
-x509_extensions = v3_ca # The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options.
-# default: PrintableString, T61String, BMPString.
-# pkix : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = AU
-countryName_min = 2
-countryName_max = 2
-
-stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default = Some-State
-
-localityName = Locality Name (eg, city)
-
-0.organizationName = Organization Name (eg, company)
-0.organizationName_default = Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName = Second Organization Name (eg, company)
-#1.organizationName_default = World Wide Web Pty Ltd
-
-organizationalUnitName = Organizational Unit Name (eg, section)
-#organizationalUnitName_default =
-
-commonName = Common Name (eg, YOUR name)
-commonName_max = 64
-
-emailAddress = Email Address
-emailAddress_max = 64
-
-# SET-ex3 = SET extension number 3
-
-[ req_attributes ]
-challengePassword = A challenge password
-challengePassword_min = 4
-challengePassword_max = 20
-
-unstructuredName = An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-crlDistributionPoints = URI:http://localhost/my.crl
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType = server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment = "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# OCSP and CRL local servers - for test certificates
-authorityInfoAccess=OCSP;URI:http://localhost:8881/
-crlDistributionPoints=URI:http://localhost/my.crl
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
-crlDistributionPoints=crldp1_section
-URI=http://localhost/my.crl
-
-[ proxy_cert_ext ]
-# These extensions should be added when creating a proxy certificate
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType = server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment = "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This really needs to be in place for it to be a proxy certificate.
-proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
-
-[ my_v3_ext ]
-basicConstraints = CA:true
-
-[ ocsp_cert ]
-extendedKeyUsage = OCSP Signing
\ No newline at end of file
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIEuDCCA6CgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBtDELMAkGA1UEBhMCQlIx
-EzARBgNVBAoTCklDUC1CcmFzaWwxPTA7BgNVBAsTNEluc3RpdHV0byBOYWNpb25h
-bCBkZSBUZWNub2xvZ2lhIGRhIEluZm9ybWFjYW8gLSBJVEkxETAPBgNVBAcTCEJy
-YXNpbGlhMQswCQYDVQQIEwJERjExMC8GA1UEAxMoQXV0b3JpZGFkZSBDZXJ0aWZp
-Y2Fkb3JhIFJhaXogQnJhc2lsZWlyYTAeFw0wMTExMzAxMjU4MDBaFw0xMTExMzAy
-MzU5MDBaMIG0MQswCQYDVQQGEwJCUjETMBEGA1UEChMKSUNQLUJyYXNpbDE9MDsG
-A1UECxM0SW5zdGl0dXRvIE5hY2lvbmFsIGRlIFRlY25vbG9naWEgZGEgSW5mb3Jt
-YWNhbyAtIElUSTERMA8GA1UEBxMIQnJhc2lsaWExCzAJBgNVBAgTAkRGMTEwLwYD
-VQQDEyhBdXRvcmlkYWRlIENlcnRpZmljYWRvcmEgUmFpeiBCcmFzaWxlaXJhMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPMudwX/hvm+Uh2b/lQAcHVA
-isamaLkWdkwP9/S/tOKIgRrL6Oy+ZIGlOUdd6uYtk9Ma/3pUpgcfNAj0vYm5gsyj
-Qo9emsc+x6m4VWwk9iqMZSCK5EQkAq/Ut4n7KuLE1+gdftwdIgxfUsPt4CyNrY50
-QV57KM2UT8x5rrmzEjr7TICGpSUAl2gVqe6xaii+bmYR1QrmWaBSAG59LrkrjrYt
-bRhFboUDe1DK+6T8s5L6k8c8okpbHpa9veMztDVC9sPJ60MWXh6anVKo1UcLcbUR
-yEeNvZneVRKAAU6ouwdjDvwlsaKydFKwed0ToQ47bmUKgcm+wV3eTRk36UOnTwID
-AQABo4HSMIHPME4GA1UdIARHMEUwQwYFYEwBAQAwOjA4BggrBgEFBQcCARYsaHR0
-cDovL2FjcmFpei5pY3BicmFzaWwuZ292LmJyL0RQQ2FjcmFpei5wZGYwPQYDVR0f
-BDYwNDAyoDCgLoYsaHR0cDovL2FjcmFpei5pY3BicmFzaWwuZ292LmJyL0xDUmFj
-cmFpei5jcmwwHQYDVR0OBBYEFIr68VeEERM1kEL6V0lUaQ2kxPA3MA8GA1UdEwEB
-/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQAZA5c1
-U/hgIh6OcgLAfiJgFWpvmDZWqlV30/bHFpj8iBobJSm5uDpt7TirYh1Uxe3fQaGl
-YjJe+9zd+izPRbBqXPVQA34EXcwk4qpWuf1hHriWfdrx8AcqSqr6CuQFwSr75Fos
-SzlwDADa70mT7wZjAmQhnZx2xJ6wfWlT9VQfS//JYeIc7Fue2JNLd00UOSMMaiK/
-t79enKNHEA2fupH3vEigf5Eh4bVAN5VohrTm6MY53x7XQZZr1ME7a55lFEnSeT0u
-mlOAjR2mAbvSM5X5oSZNrmetdzyTj2flCM8CC7MLab0kkdngRIlUBGHF1/S5nmPb
-K+9A46sd33oqK8n8
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
-IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
-IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
-Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO
-BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi
-MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ
-ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
-CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ
-8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6
-zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y
-fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7
-w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc
-G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k
-epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q
-laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ
-QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU
-fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826
-YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w
-ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY
-gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe
-MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0
-IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy
-dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw
-czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0
-dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl
-aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC
-AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg
-b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB
-ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc
-nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg
-18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c
-gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl
-Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY
-sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T
-SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF
-CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum
-GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk
-zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW
-omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
-IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
-IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
-Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS
-BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v
-cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9
-4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB
-Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J
-0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ
-FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx
-bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q
-SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb
-6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV
-m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g
-eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG
-kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7
-6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG
-CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc
-aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB
-gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w
-aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6
-tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0
-nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M
-77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV
-Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L
-ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM
-zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU
-rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF
-YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT
-oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu
-FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB
-0m6lG5kngOcLqagA
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIESzCCAzOgAwIBAgIJAJigUTEEXRQpMA0GCSqGSIb3DQEBBQUAMHYxCzAJBgNV
-BAYTAkRFMQ8wDQYDVQQIEwZIZXNzZW4xDjAMBgNVBAcTBUZ1bGRhMRAwDgYDVQQK
-EwdEZWJjb25mMRMwEQYDVQQDEwpEZWJjb25mIENBMR8wHQYJKoZIhvcNAQkBFhBq
-b2VyZ0BkZWJpYW4ub3JnMB4XDTA1MTEwNTE3NTUxNFoXDTE1MTEwMzE3NTUxNFow
-djELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjEOMAwGA1UEBxMFRnVsZGEx
-EDAOBgNVBAoTB0RlYmNvbmYxEzARBgNVBAMTCkRlYmNvbmYgQ0ExHzAdBgkqhkiG
-9w0BCQEWEGpvZXJnQGRlYmlhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCvbOo0SrIwI5IMlsshH8WF3dHB9r9JlSKhMPaybawa1EyvZspMQ3wa
-F5qxNf3Sj+NElEmjseEqvCZiIIzqwerHu0Qw62cDYCdCd2+Wb5m0bPYB5CGHiyU1
-eNP0je42O0YeXG2BvUujN8AviocVo39X2YwNQ0ryy4OaqYgm2pRlbtT2ESbF+SfV
-Y2iqQj/f8ymF+lHo/pz8tbAqxWcqaSiHFAVQJrdqtFhtoodoNiE3q76zJoUkZTXB
-k60Yc3MJSnatZCpnsSBr/D7zpntl0THrUjjtdRWCjQVhqfhM1yZJV+ApbLdheFh0
-ZWlSxdnp25p0q0XYw/7G92ELyFDfBUUNAgMBAAGjgdswgdgwHQYDVR0OBBYEFMuV
-dFNb4mCWUFbcP5LOtxFLrEVTMIGoBgNVHSMEgaAwgZ2AFMuVdFNb4mCWUFbcP5LO
-txFLrEVToXqkeDB2MQswCQYDVQQGEwJERTEPMA0GA1UECBMGSGVzc2VuMQ4wDAYD
-VQQHEwVGdWxkYTEQMA4GA1UEChMHRGViY29uZjETMBEGA1UEAxMKRGViY29uZiBD
-QTEfMB0GCSqGSIb3DQEJARYQam9lcmdAZGViaWFuLm9yZ4IJAJigUTEEXRQpMAwG
-A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGZXxHg4mnkvilRIM1EQfGdY
-S5b/WcyF2MYSTeTvK4aIB6VHwpZoZCnDGj2m2D3CkHT0upAD9o0zM1tdsfncLzV+
-mDT/jNmBtYo4QXx5vEPwvEIcgrWjwk7SyaEUhZjtolTkHB7ACl0oD0r71St4iEPR
-qTUCEXk2E47bg1Fz58wNt/yo2+4iqiRjg1XCH4evkQuhpW+dTZnDyFNqwSYZapOE
-TBA+9zBb6xD1KM2DdY7r4GiyYItN0BKLfuWbh9LXGbl1C+f4P11g+m2MPiavIeCe
-1iazG5pcS3KoTLACsYlEX24TINtg4kcuS81XdllcnsV3Kdts0nIqPj6uhTTZD0k=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDvjCCA3ygAwIBAgIFJQaThoEwCwYHKoZIzjgEAwUAMIGFMQswCQYDVQQGEwJG
-UjEPMA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczEQMA4GA1UEChMHUE0v
-U0dETjEOMAwGA1UECxMFRENTU0kxDjAMBgNVBAMTBUlHQy9BMSMwIQYJKoZIhvcN
-AQkBFhRpZ2NhQHNnZG4ucG0uZ291di5mcjAeFw0wMjEyMTMxNDM5MTVaFw0yMDEw
-MTcxNDM5MTRaMIGFMQswCQYDVQQGEwJGUjEPMA0GA1UECBMGRnJhbmNlMQ4wDAYD
-VQQHEwVQYXJpczEQMA4GA1UEChMHUE0vU0dETjEOMAwGA1UECxMFRENTU0kxDjAM
-BgNVBAMTBUlHQy9BMSMwIQYJKoZIhvcNAQkBFhRpZ2NhQHNnZG4ucG0uZ291di5m
-cjCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCFkMImdk9zDzJfTO4XPdAAmLbAdWws
-ZiEMZh19RyTo3CyhFqO77OIXrwY6vc1pcc3MgWJ0dgQpAgrDMtmFFxpUu4gmjVsx
-8GpxQC+4VOgLY8Cvmcd/UDzYg07EIRto8BwCpPJ/JfUxwzV2V3N713aAX+cEoKZ/
-s+kgxC6nZCA7oQIVALME/JYjkdW2uKIGngsEPbXAjdhDAoGADh/uqWJx94UBm31c
-9d8ZTBfRGRnmSSRVFDgPWgA69JD4BR5da8tKz+1HjfMhDXljbMH86ixpD5Ka1Z0V
-pRYUPbyAoB37tsmXMJY7kjyD19d5VdaZboUjVvhH6UJy5lpNNNGSvFl4fqkxyvw+
-pq1QV0N5RcvK120hlXdfHUX+YKYDgYQAAoGAQGr7IuKJcYIvJRMjxwl43KxXY2xC
-aoCiM/bv117MfI94aNf1UusGhp7CbYAY9CXuL60P0oPMAajbaTE5Z34AuITeHq3Y
-CNMHwxalip8BHqSSGmGiQsXeK7T+r1rPXsccZ1c5ikGDZ4xn5gUaCyy2rCmb+fOJ
-6VAfCbAbAjmNKwejdzB1MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgFGMBUG
-A1UdIAQOMAwwCgYIKoF6AXkBAQEwHQYDVR0OBBYEFPkeNRcUf8idzpKblYbLNxs0
-MQhSMB8GA1UdIwQYMBaAFPkeNRcUf8idzpKblYbLNxs0MQhSMAsGByqGSM44BAMF
-AAMvADAsAhRVh+CJA5eVyEYU5AO9Tm7GxX0rmQIUBCqsU5u1WxoZ5lEXicDX5/Ob
-sRQ=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEAjCCAuqgAwIBAgIFORFFEJQwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYT
-AkZSMQ8wDQYDVQQIEwZGcmFuY2UxDjAMBgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQ
-TS9TR0ROMQ4wDAYDVQQLEwVEQ1NTSTEOMAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG
-9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2LmZyMB4XDTAyMTIxMzE0MjkyM1oXDTIw
-MTAxNzE0MjkyMlowgYUxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIEwZGcmFuY2UxDjAM
-BgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQTS9TR0ROMQ4wDAYDVQQLEwVEQ1NTSTEO
-MAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2
-LmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh/R0GLFMzvABIaI
-s9z4iPf930Pfeo2aSVz2TqrMHLmh6yeJ8kbpO0px1R2OLc/mratjUMdUC24SyZA2
-xtgv2pGqaMVy/hcKshd+ebUyiHDKcMCWSo7kVc0dJ5S/znIq7Fz5cyD+vfcuiWe4
-u0dzEvfRNWk68gq5rv9GQkaiv6GFGvm/5P9JhfejcIYyHF2fYPepraX/z9E0+X1b
-F8bc1g4oa8Ld8fUzaJ1O/Id8NhLWo4DoQw1VYZTqZDdH6nfK0LJYBcNdfrGoRpAx
-Vs5wKpayMLh35nnAvSk7/ZR3TL0gzUEl4C7HG7vupARB0l2tEmqKm0f7yd1GQOGd
-PDPQtQIDAQABo3cwdTAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBRjAVBgNV
-HSAEDjAMMAoGCCqBegF5AQEBMB0GA1UdDgQWBBSjBS8YYFDCiQrdKyFP/45OqDAx
-NjAfBgNVHSMEGDAWgBSjBS8YYFDCiQrdKyFP/45OqDAxNjANBgkqhkiG9w0BAQUF
-AAOCAQEABdwm2Pp3FURo/C9mOnTgXeQp/wYHE4RKq89toB9RlPhJy3Q2FLwV3duJ
-L92PoF189RLrn544pEfMs5bZvpwlqwN+Mw+VgQ39FuCIvjfwbF3QMZsyK10XZZOY
-YLxuj7GoPB7ZHPOpJkL5ZB3C55L29B5aqhlSXa/oovdgoPaN8In1buAKBQGVyYsg
-Crpa/JosPL3Dt8ldeCUFP1YUmwza+zpI/pdpXsoQhvdOlgQITeywvl3cO45Pwf2a
-NjSaTFR+FwNIlQgRHAdvhQh+XU3Endv7rs6y0bO4g2wdsrN58dhwmX7wEwLOXt1R
-0982gaEbeC9xs/FZTEYYKKuF0mBWWg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDtTCCAp2gAwIBAgIRANAeQJAAAEZSAAAAAQAAAAQwDQYJKoZIhvcNAQEFBQAw
-gYkxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJEQzETMBEGA1UEBxMKV2FzaGluZ3Rv
-bjEXMBUGA1UEChMOQUJBLkVDT00sIElOQy4xGTAXBgNVBAMTEEFCQS5FQ09NIFJv
-b3QgQ0ExJDAiBgkqhkiG9w0BCQEWFWFkbWluQGRpZ3NpZ3RydXN0LmNvbTAeFw05
-OTA3MTIxNzMzNTNaFw0wOTA3MDkxNzMzNTNaMIGJMQswCQYDVQQGEwJVUzELMAkG
-A1UECBMCREMxEzARBgNVBAcTCldhc2hpbmd0b24xFzAVBgNVBAoTDkFCQS5FQ09N
-LCBJTkMuMRkwFwYDVQQDExBBQkEuRUNPTSBSb290IENBMSQwIgYJKoZIhvcNAQkB
-FhVhZG1pbkBkaWdzaWd0cnVzdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQCx0xHgeVVDBwhMywVCAOINg0Y95JO6tgbTDVm9PsHOQ2cBiiGo77zM
-0KLMsFWWU4RmBQDaREmA2FQKpSWGlO1jVv9wbKOhGdJ4vmgqRF4vz8wYXke8OrFG
-PR7wuSw0X4x8TAgpnUBV6zx9g9618PeKgw6hTLQ6pbNfWiKX7BmbwQVo/ea3qZGU
-LOR4SCQaJRk665WcOQqKz0Ky8BzVX/tr7WhWezkscjiw7pOp03t3POtxA6k4ShZs
-iSrK2jMTecJVjO2cu/LLWxD4LmE1xilMKtAqY9FlWbT4zfn0AIS2V0KFnTKo+SpU
-+/94Qby9cSj0u5C8/5Y0BONFnqFGKECBAgMBAAGjFjAUMBIGA1UdEwEB/wQIMAYB
-Af8CAQgwDQYJKoZIhvcNAQEFBQADggEBAARvJYbk5pYntNlCwNDJALF/VD6Hsm0k
-qS8Kfv2kRLD4VAe9G52dyntQJHsRW0mjpr8SdNWJt7cvmGQlFLdh6X9ggGvTZOir
-vRrWUfrAtF13Gn9kCF55xgVM8XrdTX3O5kh7VNJhkoHWG9YA8A6eKHegTYjHInYZ
-w8eeG6Z3ePhfm1bR8PIXrI6dWeYf/le22V7hXZ9F7GFoGUHhsiAm/lowdiT/QHI8
-eZ98IkirRs3bs4Ysj78FQdPB4xTjQRcm0HyncUwZ6EoPclgxfexgeqMiKL0ZJGA/
-O4dzwGvky663qyVDslUte6sGDnVdNOVdc22esnVApVnJTzFxiNmIf1Q=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID5jCCAs6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
-HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
-IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyOTA2MDAwMFoXDTM3MTEyMDE1
-MDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
-SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
-IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnej8Mlo2k06AX3dLm/WpcZuS+U
-0pPlLYnKhHw/EEMbjIt8hFj4JHxIzyr9wBXZGH6EGhfT257XyuTZ16pYUYfw8ItI
-TuLCxFlpMGK2MKKMCxGZYTVtfu/FsRkGIBKOQuHfD5YQUqjPnF+VFNivO3ULMSAf
-RC+iYkGzuxgh28pxPIzstrkNn+9R7017EvILDOGsQI93f7DKeHEMXRZxcKLXwjqF
-zQ6axOAAsNUl6twr5JQtOJyJQVdkKGUZHLZEtMgxa44Be3ZZJX8VHIQIfHNlIAqh
-BC4aMqiaILGcLCFZ5/vP7nAtCMpjPiybkxlqpMKX/7eGV4iFbJ4VFitNLLMCAwEA
-AaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUoTYwFsuGkABFgFOxj8jY
-PXy+XxIwHwYDVR0jBBgwFoAUoTYwFsuGkABFgFOxj8jYPXy+XxIwDgYDVR0PAQH/
-BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQCKIBilvrMvtKaEAEAwKfq0FHNMeUWn
-9nDg6H5kHgqVfGphwu9OH77/yZkfB2FK4V1Mza3u0FIy2VkyvNp5ctZ7CegCgTXT
-Ct8RHcl5oIBN/lrXVtbtDyqvpxh1MwzqwWEFT2qaifKNuZ8u77BfWgDrvq2g+EQF
-Z7zLBO+eZMXpyD8Fv8YvBxzDNnGGyjhmSs3WuEvGbKeXO/oTLW4jYYehY0KswsuX
-n2Fozy1MBJ3XJU8KDk2QixhWqJNIV9xvrr2eZ1d3iVCzvhGbRWeDhhmH05i9CBoW
-H1iCC+GWaQVLjuyDUTEH1dSf/1l7qG6Fz9NLqUmwX7A5KGgOc90lmt4S
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF5jCCA86gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
-HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
-IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyOTA2MDAwMFoXDTM3MDkyODIz
-NDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
-SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
-IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIw
-DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALQ3WggWmRToVbEbJGv8x4vmh6mJ
-7ouZzU9AhqS2TcnZsdw8TQ2FTBVsRotSeJ/4I/1n9SQ6aF3Q92RhQVSji6UI0ilb
-m2BPJoPRYxJWSXakFsKlnUWsi4SVqBax7J/qJBrvuVdcmiQhLE0OcR+mrF1FdAOY
-xFSMFkpBd4aVdQxHAWZg/BXxD+r1FHjHDtdugRxev17nOirYlxcwfACtCJ0zr7iZ
-YYCLqJV+FNwSbKTQ2O9ASQI2+W6p1h2WVgSysy0WVoaP2SBXgM1nEG2wTPDaRrbq
-JS5Gr42whTg0ixQmgiusrpkLjhTXUr2eacOGAgvqdnUxCc4zGSGFQ+aJLZ8lN2fx
-I2rSAG2X+Z/nKcrdH9cG6rjJuQkhn8g/BsXS6RJGAE57COtCPStIbp1n3UsC5ETz
-kxmlJ85per5n0/xQpCyrw2u544BMzwVhSyvcG7mm0tCq9Stz+86QNZ8MUhy/XCFh
-EVsVS6kkUfykXPcXnbDS+gfpj1bkGoxoigTTfFrjnqKhynFbotSg5ymFXQNoKk/S
-Btc9+cMDLz9l+WceR0DTYw/j1Y75hauXTLPXJuuWCpTehTacyH+BCQJJKg71ZDIM
-gtG6aoIbs0t0EfOMd9afv9w3pKdVBC/UMejTRrkDfNoSTllkt1ExMVCgyhwn2RAu
-rda9EGYrw7AiShJbAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FE9pbQN+nZ8HGEO8txBO1b+pxCAoMB8GA1UdIwQYMBaAFE9pbQN+nZ8HGEO8txBO
-1b+pxCAoMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAO/Ouyugu
-h4X7ZVnnrREUpVe8WJ8kEle7+z802u6teio0cnAxa8cZmIDJgt43d15Ui47y6mdP
-yXSEkVYJ1eV6moG2gcKtNuTxVBFT8zRFASbI5Rq8NEQh3q0l/HYWdyGQgJhXnU7q
-7C+qPBR7V8F+GBRn7iTGvboVsNIYvbdVgaxTwOjdaRITQrcCtQVBynlQboIOcXKT
-RuidDV29rs4prWPVVRaAMCf/drr3uNZK49m1+VLQTkCpx+XCMseqdiThawVQ68W/
-ClTluUI8JPu3B5wwn3la5uBAUhX0/Kr0VvlEl4ftDmVyXr4m+02kLQgH3thcoNyB
-M5kYJRF3p+v9WAksmWsbivNSPxpNSGDxoPYzAlOL7SUJuA0t7Zdz7NeWH45gDtoQ
-my8YJPamTQr5O8t1wswvziRpyQoijlmn94IM19drNZxDAGrElWe6nEXLuA4399xO
-AU++CrYD062KRffaJ00psUjf5BHklka9bAI+1lHIlRcBFanyqqryvy9lG2/QuRqT
-9Y41xICHPpQvZuTpqP9BnHAqTyo5GJUefvthATxRCC4oGKQWDzH9OmwjkyB24f0H
-hdFbP9IcczLd+rn4jM8Ch3qaluTtT4mNU0OrDhPAARW0eTjb/G49nlG2uBOLZ8/5
-fNkiHfZdxRwBL5joeiQYvITX+txyW/fBOmg=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
-IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
-MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
-FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
-bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
-dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
-H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
-uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
-mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
-a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
-E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
-WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
-VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
-Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
-cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
-IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
-AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
-YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
-6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
-Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
-c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
-mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw
-MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
-QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD
-VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul
-CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n
-tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl
-dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch
-PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC
-+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O
-BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
-BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl
-MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk
-ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB
-IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X
-7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz
-43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
-eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl
-pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA
-WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAx
-MDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtB
-ZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIDAeBgNV
-BAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV
-6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nX
-GCwwfQ56HmIexkvA/X1id9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnP
-dzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH
-1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF
-62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQW
-BBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw
-AwEB/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDEL
-MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU
-cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJv
-b3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmuG7jD8WS6
-IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL+YPoRNWyQSW/
-iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh
-4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQm
-XiLsks3/QppEIW1cxeMiHV9HEufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEU
-MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3
-b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1
-MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYTAlNFMRQwEgYDVQQK
-EwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5ldHdvcmsxIzAh
-BgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwq
-xBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G
-87B4pfYOQnrjfxvM0PC3KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i
-2O+tCBGaKZnhqkRFmhJePp1tUvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8U
-WfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c1
-0cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0G
-A1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6Fr
-pGkwZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL
-ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlm
-aWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2VhlRO6aQTv
-hsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxGGuoYQ992zPlm
-hpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3
-P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9Y
-iQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5no
-xqE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
-MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
-bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyODA2
-MDAwMFoXDTM3MTExOTIwNDMwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
-ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
-Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAKgv6KRpBgNHw+kqmP8ZonCaxlCyfqXfaE0bfA+2l2h9LaaLl+lk
-hsmj76CGv2BlnEtUiMJIxUo5vxTjWVXlGbR0yLQFOVwWpeKVBeASrlmLojNoWBym
-1BW32J/X3HGrfpq/m44zDyL9Hy7nBzbvYjnF3cu6JRQj3gzGPTzOggjmZj7aUTsW
-OqMFf6Dch9Wc/HKpoH145LcxVR5lu9RhsCFg7RAycsWSJR74kEoYeEfffjA3PlAb
-2xzTa5qGUwew76wGePiEmf4hjUyAtgyC9mZweRrTT6PP8c9GsEsPPt2IYriMqQko
-O3rHl+Ee5fSfwMCuJKDIodkP1nsmgmkyPacCAwEAAaNjMGEwDwYDVR0TAQH/BAUw
-AwEB/zAdBgNVHQ4EFgQUAK3Zo/Z59m50qX8zPYEX10zPM94wHwYDVR0jBBgwFoAU
-AK3Zo/Z59m50qX8zPYEX10zPM94wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
-BQUAA4IBAQB8itEfGDeC4Liwo+1WlchiYZwFos3CYiZhzRAW18y0ZTTQEYqtqKkF
-Zu90821fnZmv9ov761KyBZiibyrFVL0lvV+uyIbqRizBs73B6UlwGBaXCBOMIOAb
-LjpHyx7kADCVW/RFo8AasAFOq73AI25jP4BKxQft3OJvx8Fi8eNy1gTIdGcL+oir
-oQHIb/AUr9KZzVGTfu0uOMe9zkZQPXLjeSWdm4grECDdpbgyn43gKd8hdIaC2y+C
-MMbHNYaz+ZZfRtsMRf3zUMNvxsNIrUam4SdHCh0Om7bCd39j8uB9Gr784N/Xx6ds
-sPmuujz9dLQR6FgNgLzTqIA6me11zEZ7
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFpDCCA4ygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
-MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
-bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyODA2
-MDAwMFoXDTM3MDkyOTE0MDgwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
-ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
-Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAMxBRR3pPU0Q9oyxQcngXssNt79Hc9PwVU3dxgz6sWYFas14tNwC
-206B89enfHG8dWOgXeMHDEjsJcQDIPT/DjsS/5uN4cbVG7RtIuOx238hZK+GvFci
-KtZHgVdEglZTvYYUAQv8f3SkWq7xuhG1m1hagLQ3eAkzfDJHA1zEpYNI9FdWboE2
-JxhP7JsowtS013wMPgwr38oE18aO6lhOqKSlGBxsRZijQdEt0sdtjRnxrXm3gT+9
-BoInLRBYBbV4Bbkv2wxrkJB+FFk4u5QkE+XRnRTf04JNRvCAOVIyD+OEsnpD8l7e
-Xz8d3eOyG6ChKiMDbi4BFYdcpnV1x5dhvt6G3NRI270qv0pV2uh9UPu0gBe4lL8B
-PeraunzgWGcXuVjgiIZGZ2ydEEdYMtA1fHkqkKJaEBEjNa0vzORKW6fIJ/KD3l67
-Xnfn6KVuY8INXWHQjNJsWiEOyiijzirplcdIz5ZvHZIlyMbGwcEMBawmxNJ10uEq
-Z8A9W6Wa6897GqidFEXlD6CaZd4vKL3Ob5Rmg0gp2OpljK+T2WSfVVcmv2/LNzGZ
-o2C7HK2JNDJiuEMhBnIMoVxtRsX6Kc8w3onccVvdtjc+31D1uAclJuW8tf48ArO3
-+L5DwYcRlJ4jbBeKuIonDFRH8KmzwICMoCfrHRnjB453cMor9H124HhnAgMBAAGj
-YzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE1FwWg4u3OpaaEg5+31IqEj
-FNeeMB8GA1UdIwQYMBaAFE1FwWg4u3OpaaEg5+31IqEjFNeeMA4GA1UdDwEB/wQE
-AwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZ2sGuV9FOypLM7PmG2tZTiLMubekJcmn
-xPBUlgtk87FYT15R/LKXeydlwuXK5w0MJXti4/qftIe3RUavg6WXSIylvfEWK5t2
-LHo1YGwRgJfMqZJS5ivmae2p+DYtLHe/YUjRYwu5W1LtGLBDQiKmsXeu3mnFzccc
-obGlHBD7GL4acN3Bkku+KVqdPzW+5X1R+FXgJXUjhx5c3LqdsKyzadsXg8n33gy8
-CNyRnqjQ1xU3c6U1uPx+xURABsPr+CKAXEfOAuMRn0T//ZoyzH1kUQ7rVyZ2OuMe
-IjzCpjbdGe+n/BLzJsBZMYVMnNjP36TMzCmT/5RtdlwTCJfy7aULTd3oyWgOZtMA
-DjMSW7yV5TKQqLPGbIOtd+6Lfn6xqavT4fG2wLHqiMDn05DpKJKUe2h7lyoKZy2F
-AjgQ5ANh1NolNscIWC2hp1GvMApJ9aZphwctREZ2jirlmjvXGKL8nDgQzMY70rUX
-Om/9riW99XJZZLF0KjhfGEzfz3EEWjbUvy+ZnOjZurGV5gJLIaFb1cFPj65pbVPb
-AZO1XB4Y3WRayhgoPmMEEf0cjQAPuDffZ4qdZqkCapH/E8ovXYO8h5Ns3CRRFgQl
-Zvqz2cK6Kb6aSDiCmfS/O0oxGfm/jiEzFMpPVF/7zvuPcX/9XhmgD0uRuMRUvAaw
-RY8mkaKO/qk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
-RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
-VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
-DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
-ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
-VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
-mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
-IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
-mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
-XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
-dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
-jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
-BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
-DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
-9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
-jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
-Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
-ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
-R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB
-gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
-BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw
-MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
-YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
-RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3
-UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
-2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
-Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
-+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
-DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
-nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW
-/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g
-PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u
-QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY
-SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv
-IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/
-RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4
-zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
-BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB
-ZQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL
-MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
-BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
-IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw
-MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
-ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
-T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR
-FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J
-cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW
-BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
-BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm
-fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv
-GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
-b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa
-MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB
-ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw
-IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B
-AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb
-unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d
-BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq
-7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3
-0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX
-roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG
-A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j
-aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p
-26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA
-BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud
-EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN
-BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
-aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB
-AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd
-p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi
-1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc
-XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0
-eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
-tGWaIZDgqtCYvDi1czyL+Nw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
-MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
-ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
-YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9
-MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy
-NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G
-A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA
-A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0
-Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s
-QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV
-eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795
-B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh
-z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T
-AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i
-ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w
-TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH
-MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD
-VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE
-VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
-bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B
-AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM
-bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi
-ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG
-VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c
-ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
-AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw
-PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz
-cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9
-MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz
-IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ
-ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR
-VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL
-kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd
-EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas
-H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0
-HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud
-DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4
-QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu
-Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/
-AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8
-yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR
-FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA
-ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB
-kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7
-l7+ijrRU
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E
-jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo
-ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI
-ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu
-Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg
-AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7
-HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
-uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa
-TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg
-xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q
-CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x
-O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
-6GAqm4VKQPNriiTsBhYscw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
-YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL
-MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
-BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM
-GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua
-BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe
-3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4
-YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR
-rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm
-ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU
-oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
-MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
-QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t
-b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF
-AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q
-GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
-Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
-G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
-l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
-smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRp
-ZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVow
-fjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAiBgNV
-BAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPM
-cm3ye5drswfxdySRXyWP9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3S
-HpR7LZQdqnXXs5jLrLxkU0C8j6ysNstcrbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996
-CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rCoznl2yY4rYsK7hljxxwk
-3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3Vp6ea5EQz
-6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNV
-HQ4EFgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wgYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2Rv
-Y2EuY29tL1NlY3VyZUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRw
-Oi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmww
-DQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm4J4oqF7Tt/Q0
-5qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtI
-gKvcnDe4IRRLDXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJ
-aD61JlfutuC23bkpgHl9j6PwpCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDl
-izeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1HRR3B7Hzs/Sk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEb
-MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
-GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0
-aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEwMDAwMDBaFw0yODEyMzEyMzU5NTla
-MH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUwIwYD
-VQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWW
-fnJSoBVC21ndZHoa0Lh73TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMt
-TGo87IvDktJTdyR0nAducPy9C1t2ul/y/9c3S0pgePfw+spwtOpZqqPOSC+pw7IL
-fhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6juljatEPmsbS9Is6FARW
-1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsSivnkBbA7
-kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0G
-A1UdDgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYD
-VR0TAQH/BAUwAwEB/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21v
-ZG9jYS5jb20vVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRo
-dHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENlcnRpZmljYXRlU2VydmljZXMu
-Y3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8NtwuleGFTQQuS9/
-HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxIS
-jBc/lDb+XbDABHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+
-xqFx7D+gIIxmOom0jtTYsU0lR+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/Atyjcn
-dBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O9y5Xt5hwXsjEeLBi
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBb
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3Qx
-ETAPBgNVBAsTCERTVCBBQ0VTMRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0w
-MzExMjAyMTE5NThaFw0xNzExMjAyMTE5NThaMFsxCzAJBgNVBAYTAlVTMSAwHgYD
-VQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UECxMIRFNUIEFDRVMx
-FzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPu
-ktKe1jzIDZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7
-gLFViYsx+tC3dr5BPTCapCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZH
-fAjIgrrep4c9oW24MFbCswKBXy314powGCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4a
-ahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPyMjwmR/onJALJfh1biEIT
-ajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rk
-c3QuY29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjto
-dHRwOi8vd3d3LnRydXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMt
-aW5kZXguaHRtbDAdBgNVHQ4EFgQUCXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZI
-hvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V25FYrnJmQ6AgwbN99Pe7lv7Uk
-QIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6tFr8hlxCBPeP/
-h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
-nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpR
-rscL9yuwNwXsvFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf2
-9w4LTJxoeHtxMcfrHuBnQfO3oKfN5XozNmr6mis=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
-MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
-DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
-PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
-Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
-rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
-OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
-xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
-7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
-aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
-HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
-SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
-ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
-AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
-R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
-JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
-Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
-b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG
-EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
-cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c
-JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP
-mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+
-wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4
-VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/
-AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB
-AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW
-BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun
-pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC
-dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf
-fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm
-NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx
-H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe
-+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
-QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
-b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
-CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
-nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
-43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
-T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
-gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
-BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
-TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
-DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
-hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
-06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
-PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
-YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
-CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
-ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
-MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
-LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
-RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
-+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
-PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
-xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
-Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
-hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
-EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
-FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
-nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
-eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
-hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
-Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
-vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
-+OkuE6N36B9K
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFijCCA3KgAwIBAgIQDHbanJEMTiye/hXQWJM8TDANBgkqhkiG9w0BAQUFADBf
-MQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdp
-Tm90YXIgUm9vdCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmww
-HhcNMDcwNTE2MTcxOTM2WhcNMjUwMzMxMTgxOTIxWjBfMQswCQYDVQQGEwJOTDES
-MBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdpTm90YXIgUm9vdCBDQTEg
-MB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQCssFjBAL3YIQgLK5r+blYwBZ8bd5AQQVzDDYcRd46B
-8cp86Yxq7Th0Nbva3/m7wAk3tJZzgX0zGpg595NvlX89ubF1h7pRSOiLcD6VBMXY
-tsMW2YiwsYcdcNqGtA8Ui3rPENF0NqISe3eGSnnme98CEWilToauNFibJBN4ViIl
-HgGLS1Fx+4LMWZZpiFpoU8W5DQI3y0u8ZkqQfioLBQftFl9VkHXYRskbg+IIvvEj
-zJkd1ioPgyAVWCeCLvriIsJJsbkBgWqdbZ1Ad2h2TiEqbYRAhU52mXyC8/O3AlnU
-JgEbjt+tUwbRrhjd4rI6y9eIOI6sWym5GdOY+RgDz0iChmYLG2kPyes4iHomGgVM
-ktck1JbyrFIto0fVUvY//s6EBnCmqj6i8rZWNBhXouSBbefK8GrTx5FrAoNBfBXv
-a5pkXuPQPOWx63tdhvvL5ndJzaNl3Pe5nLjkC1+Tz8wwGjIczhxjlaX56uF0i57p
-K6kwe6AYHw4YC+VbqdPRbB4HZ4+RS6mKvNJmqpMBiLKR+jFc1abBUggJzQpjotMi
-puih2TkGl/VujQKQjBR7P4DNG5y6xFhyI6+2Vp/GekIzKQc/gsnmHwUNzUwoNovT
-yD4cxojvXu6JZOkd69qJfjKmadHdzIif0dDJZiHcBmfFlHqabWJMfczgZICynkeO
-owIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
-HQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wDQYJKoZIhvcNAQEFBQADggIBADsC
-jcs8MOhuoK3yc7NfniUTBAXT9uOLuwt5zlPe5JbF0a9zvNXD0EBVfEB/zRtfCdXy
-fJ9oHbtdzno5wozWmHvFg1Wo1X1AyuAe94leY12hE8JdiraKfADzI8PthV9xdvBo
-Y6pFITlIYXg23PFDk9Qlx/KAZeFTAnVR/Ho67zerhChXDNjU1JlWbOOi/lmEtDHo
-M/hklJRRl6s5xUvt2t2AC298KQ3EjopyDedTFLJgQT2EkTFoPSdE2+Xe9PpjRchM
-Ppj1P0G6Tss3DbpmmPHdy59c91Q2gmssvBNhl0L4eLvMyKKfyvBovWsdst+Nbwed
-2o5nx0ceyrm/KkKRt2NTZvFCo+H0Wk1Ya7XkpDOtXHAd3ODy63MUkZoDweoAZbwH
-/M8SESIsrqC9OuCiKthZ6SnTGDWkrBFfGbW1G/8iSlzGeuQX7yCpp/Q/rYqnmgQl
-nQ7KN+ZQ/YxCKQSa7LnPS3K94gg2ryMvYuXKAdNw23yCIywWMQzGNgeQerEfZ1jE
-O1hZibCMjFCz2IbLaKPECudpSyDOwR5WS5WpI2jYMNjD67BVUc3l/Su49bsRn1NU
-9jQZjHkJNsphFyUXC4KYcwx3dMPVDceoEkzHp1RxRy4sGn3J4ys7SN4nhKdjNrN9
-j6BkOSQNPXuHr2ZcdBtLc7LljPCGmbjlxd+Ewbfr
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDKTCCApKgAwIBAgIENnAVljANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJV
-UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQL
-EwhEU1RDQSBFMTAeFw05ODEyMTAxODEwMjNaFw0xODEyMTAxODQwMjNaMEYxCzAJ
-BgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4x
-ETAPBgNVBAsTCERTVENBIEUxMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCg
-bIGpzzQeJN3+hijM3oMv+V7UQtLodGBmE5gGHKlREmlvMVW5SXIACH7TpWJENySZ
-j9mDSI+ZbZUTu0M7LklOiDfBu1h//uG9+LthzfNHwJmm8fOR6Hh8AMthyUQncWlV
-Sn5JTe2io74CTADKAqjuAQIxZA9SLRN0dja1erQtcQIBA6OCASQwggEgMBEGCWCG
-SAGG+EIBAQQEAwIABzBoBgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMx
-JDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMI
-RFNUQ0EgRTExDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMTAxODEw
-MjNagQ8yMDE4MTIxMDE4MTAyM1owCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFGp5
-fpFpRhgTCgJ3pVlbYJglDqL4MB0GA1UdDgQWBBRqeX6RaUYYEwoCd6VZW2CYJQ6i
-+DAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG
-SIb3DQEBBQUAA4GBACIS2Hod3IEGtgllsofIH160L+nEHvI8wbsEkBFKg05+k7lN
-QseSJqBcNJo4cvj9axY+IO6CizEqkzaFI4iKPANo08kJD038bKTaKHKTDomAsH3+
-gG9lbRgzl4vCa4nuYD3Im+9/KzJic5PLPON74nZ4RbyhkwS7hp86W0N6w4pl
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID2DCCAsACEQDQHkCLAAACfAAAAAIAAAABMA0GCSqGSIb3DQEBBQUAMIGpMQsw
-CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
-dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UE
-CxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDExITAfBgkqhkiG9w0B
-CQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODEyMDExODE4NTVaFw0wODExMjgx
-ODE4NTVaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMO
-U2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0
-IENvLjERMA8GA1UECxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDEx
-ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBANLGJrbnpT3BxGjVUG9TxW9JEwm4ryxIjRRqoxdf
-WvnTLnUv2Chi0ZMv/E3Uq4flCMeZ55I/db3rJbQVwZsZPdJEjdd0IG03Ao9pk1uK
-xBmd9LIO/BZsubEFkoPRhSxglD5FVaDZqwgh5mDoO3TymVBRaNADLbGAvqPYUrBE
-zUNKcI5YhZXhTizWLUFv1oTnyJhEykfbLCSlaSbPa7gnYsP0yXqSI+0TZ4KuRS5F
-5X5yP4WdlGIQ5jyRoa13AOAV7POEgHJ6jm5gl8ckWRA0g1vhpaRptlc1HHhZxtMv
-OnNn7pTKBBMFYgZwI7P0fO5F2WQLW0mqpEPOJsREEmy43XkCAwEAATANBgkqhkiG
-9w0BAQUFAAOCAQEAojeyP2n714Z5VEkxlTMr89EJFEliYIalsBHiUMIdBlc+Legz
-ZL6bqq1fG03UmZWii5rJYnK1aerZWKs17RWiQ9a2vAd5ZWRzfdd5ynvVWlHG4VME
-lo04z6MXrDlxawHDi1M8Y+nuecDkvpIyZHqzH5eUYr3qsiAVlfuX8ngvYzZAOONG
-Dx3drJXK50uQe7FLqdTF65raqtWjlBRGjS0f8zrWkzr2Pnn86Oawde3uPclwx12q
-gUtGJRzHbBXjlU4PqjI3lAoXJJIThFjSY28r9+ZbYgsTF7ANUkz+/m9c4pFuHf2k
-Ytdo+o56T9II2pPc8JIRetDccpMMc5NihWjQ9A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDKTCCApKgAwIBAgIENm7TzjANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJV
-UzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQL
-EwhEU1RDQSBFMjAeFw05ODEyMDkxOTE3MjZaFw0xODEyMDkxOTQ3MjZaMEYxCzAJ
-BgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4x
-ETAPBgNVBAsTCERTVENBIEUyMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC/
-k48Xku8zExjrEH9OFr//Bo8qhbxe+SSmJIi2A7fBw18DW9Fvrn5C6mYjuGODVvso
-LeE4i7TuqAHhzhy2iCoiRoX7n6dwqUcUP87eZfCocfdPJmyMvMa1795JJ/9IKn3o
-TQPMx7JSxhcxEzu1TdvIxPbDDyQq2gyd55FbgM2UnQIBA6OCASQwggEgMBEGCWCG
-SAGG+EIBAQQEAwIABzBoBgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMx
-JDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMI
-RFNUQ0EgRTIxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkxOTE3
-MjZagQ8yMDE4MTIwOTE5MTcyNlowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFB6C
-TShlgDzJQW6sNS5ay97u+DlbMB0GA1UdDgQWBBQegk0oZYA8yUFurDUuWsve7vg5
-WzAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG
-SIb3DQEBBQUAA4GBAEeNg61i8tuwnkUiBbmi1gMOOHLnnvx75pO2mqWilMg0HZHR
-xdf0CiUPPXiBng+xZ8SQTGPdXqfiup/1902lMXucKS1M/mQ+7LZT/uqb7YLbdHVL
-B3luHtgZg3Pe9T7Qtd7nS2h9Qy4qIOF+oHhEngj1mPnHfxsb1gYgAlihw6ID
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID2DCCAsACEQDQHkCLAAB3bQAAAAEAAAAEMA0GCSqGSIb3DQEBBQUAMIGpMQsw
-CQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENp
-dHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UE
-CxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIxITAfBgkqhkiG9w0B
-CQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODExMzAyMjQ2MTZaFw0wODExMjcy
-MjQ2MTZaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMO
-U2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0
-IENvLjERMA8GA1UECxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIx
-ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBANx18IzAdZaawGIfJvfE4Zrq4FZzW5nNAUSoCLbV
-p9oaBBg5kkp4o4HC9Xd6ULRw/5qrxsfKboNPQpj7Jgva3G3WqZlVUmfpKAOS3OWw
-BZoPFflrWXJW8vo5/Kpo7g8fEIMv/J36F5bdguPmRX3AS4BEH+0s4IT9kVySVGkl
-5WJp3OXuAFK9MwutdQKFp2RQLcUZGTDAJtvJ0/0uma1ZtQtN1EGuhUhDWdy3qOKi
-3sOP17ihYqZoUFLkzzGnlIXan0YyF1bl8utmPRL/Q9uY73fPy4GNNLHGUEom0eQ+
-QVCvbK4iNC7Va26Dunm4dmVI2gkpZGMiuftHdoWMhkTLCdsCAwEAATANBgkqhkiG
-9w0BAQUFAAOCAQEAtTYOXeFhKFoRZcA/gwN5Tb4opgsHAlKFzfiR0BBstWogWxyQ
-2TA8xkieil5k+aFxd+8EJx8H6+Qm93N0yUQYGmbT4EOvkTvRyyzYdFQ6HE3K1GjN
-I3wdEJ5F6fYAbqbNGf9PLCmPV03Ed5K+4EwJ+11EhmYhqLkyolbV6YyDfFk/xPEL
-553snr2cGA4+wjl5KLcDDQjLxufZATdQEOzMYRZA1K8xdHv8PzGn0EdzMzkbzE5q
-10mDEQb+64JYMzJM8FasHpwvVpp7wUocpf1VNs78lk30sPDst2yC7S8xmUJMqbIN
-uBVd8d+6ybVK1GSYsyapMMj9puyrliGtf8J4tg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEgzCCA+ygAwIBAgIEOJ725DANBgkqhkiG9w0BAQQFADCBtDEUMBIGA1UEChML
-RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9HQ0NBX0NQUyBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAyMDAw
-IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVu
-dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMDAyMDcxNjE2NDBaFw0yMDAy
-MDcxNjQ2NDBaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
-LmVudHJ1c3QubmV0L0dDQ0FfQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
-YWIuKTElMCMGA1UECxMcKGMpIDIwMDAgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
-A1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCTdLS25MVL1qFof2LV7PdRV7Ny
-Spj10InJrWPNTTVRaoTUrcloeW+46xHbh65cJFET8VQlhK8pK5/jgOLZy93GRUk0
-iJBeAZfv6lOm3fzB3ksqJeTpNfpVBQbliXrqpBFXO/x8PTbNZzVtpKklWb1m9fkn
-5JVn1j+SgF7yNH0rhQIDAQABo4IBnjCCAZowEQYJYIZIAYb4QgEBBAQDAgAHMIHd
-BgNVHR8EgdUwgdIwgc+ggcyggcmkgcYwgcMxFDASBgNVBAoTC0VudHJ1c3QubmV0
-MUAwPgYDVQQLFDd3d3cuZW50cnVzdC5uZXQvR0NDQV9DUFMgaW5jb3JwLiBieSBy
-ZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMjAwMCBFbnRydXN0Lm5l
-dCBMaW1pdGVkMTMwMQYDVQQDEypFbnRydXN0Lm5ldCBDbGllbnQgQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMjAwMDAy
-MDcxNjE2NDBagQ8yMDIwMDIwNzE2NDY0MFowCwYDVR0PBAQDAgEGMB8GA1UdIwQY
-MBaAFISLdP3FjcD/J20gN0V8/i3OutN9MB0GA1UdDgQWBBSEi3T9xY3A/ydtIDdF
-fP4tzrrTfTAMBgNVHRMEBTADAQH/MB0GCSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4w
-AwIEkDANBgkqhkiG9w0BAQQFAAOBgQBObzWAO9GK9Q6nIMstZVXQkvTnhLUGJoMS
-hAusO7JE7r3PQNsgDrpuFOow4DtifH+La3xKp9U1PL6oXOpLu5OOgGarDyn9TS2/
-GpsKkMWr2tGzhtQvJFJcem3G8v7lTRowjJDyutdKPkN+1MhQGof4T4HHdguEOnKd
-zmVml64mXg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIElTCCA/6gAwIBAgIEOJsRPDANBgkqhkiG9w0BAQQFADCBujEUMBIGA1UEChML
-RW50cnVzdC5uZXQxPzA9BgNVBAsUNnd3dy5lbnRydXN0Lm5ldC9TU0xfQ1BTIGlu
-Y29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDIwMDAg
-RW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5uZXQgU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMDAyMDQxNzIwMDBa
-Fw0yMDAyMDQxNzUwMDBaMIG6MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDE/MD0GA1UE
-CxQ2d3d3LmVudHJ1c3QubmV0L1NTTF9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1p
-dHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMjAwMCBFbnRydXN0Lm5ldCBMaW1pdGVk
-MTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp
-b24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHwV9OcfHO
-8GCGD9JYf9Mzly0XonUwtZZkJi9ow0SrqHXmAGc0V55lxyKbc+bT3QgON1WqJUaB
-bL3+qPZ1V1eMkGxKwz6LS0MKyRFWmponIpnPVZ5h2QLifLZ8OAfc439PmrkDQYC2
-dWcTC5/oVzbIXQA23mYU2m52H083jIITiQIDAQABo4IBpDCCAaAwEQYJYIZIAYb4
-QgEBBAQDAgAHMIHjBgNVHR8EgdswgdgwgdWggdKggc+kgcwwgckxFDASBgNVBAoT
-C0VudHJ1c3QubmV0MT8wPQYDVQQLFDZ3d3cuZW50cnVzdC5uZXQvU1NMX0NQUyBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAyMDAw
-IEVudHJ1c3QubmV0IExpbWl0ZWQxOjA4BgNVBAMTMUVudHJ1c3QubmV0IFNlY3Vy
-ZSBTZXJ2ZXIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxDTALBgNVBAMTBENSTDEw
-KwYDVR0QBCQwIoAPMjAwMDAyMDQxNzIwMDBagQ8yMDIwMDIwNDE3NTAwMFowCwYD
-VR0PBAQDAgEGMB8GA1UdIwQYMBaAFMtswGvjuz7L/CKc/vuLkpyw8m4iMB0GA1Ud
-DgQWBBTLbMBr47s+y/winP77i5KcsPJuIjAMBgNVHRMEBTADAQH/MB0GCSqGSIb2
-fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0BAQQFAAOBgQBi24GRzsia
-d0Iv7L0no1MPUBvqTpLwqa+poLpIYcvvyQbvH9X07t9WLebKahlzqlO+krNQAraF
-JnJj2HVQYnUUt7NQGj/KEQALhUVpbbalrlHhStyCP2yMNLJ3a9kC9n8O6mUE8c1U
-yrrJzOCE98g+EZfTYAkYvAX/bIkz8OwVDw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
-RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
-IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0xOTEy
-MjQxODIwNTFaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3
-LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp
-YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG
-A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq
-K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe
-sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX
-MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT
-XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/
-HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH
-4QIDAQABo3QwcjARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUVeSB0RGA
-vtiJuQijMfmhJAkWuXAwHQYDVR0OBBYEFFXkgdERgL7YibkIozH5oSQJFrlwMB0G
-CSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEA
-WUesIYSKF8mciVMeuoCFGsY8Tj6xnLZ8xpJdGGQC49MGCBFhfGPjK50xA3B20qMo
-oPS7mmNz7W3lKtvtFKkrxjYR0CvrB4ul2p5cGZ1WEvVUKcgF7bISKo30Axv/55IQ
-h7A6tcOdBTcSo8f0FbnVpDkWm1M6I5HxqIKiaohowXkCIryqptau37AUX7iH0N18
-f3v/rxzP5tsHrV7bhZ3QKw0z2wTR5klAEyt2+z7pnIkPFc4YsIV4IU9rTw76NmfN
-B/L/CNDi3tm/Kq+4h4YhPATKt5Rof8886ZjXOP/swNlQ8C5LWK5Gb9Auw2DaclVy
-vUxFnmG6v4SBkgPR0ml8xQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50cnVzdC5u
-ZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBsaW1pdHMgbGlh
-Yi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV
-BAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
-Fw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBaMIHJMQswCQYDVQQGEwJVUzEU
-MBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9D
-bGllbnRfQ0FfSW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjEl
-MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMq
-RW50cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0G
-CSqGSIb3DQEBAQUAA4GLADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo
-6oT9n3V5z8GKUZSvx1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux
-5zDeg7K6PvHViTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zm
-AqTmT173iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSC
-ARkwggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50
-cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5m
-by9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMp
-IDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQg
-Q2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCyg
-KqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9DbGllbnQxLmNybDArBgNV
-HRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkxMDEyMTkyNDMwWjALBgNVHQ8E
-BAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW/O5bs8qZdIuV6kwwHQYDVR0OBBYE
-FMT7nCl7l81MlvzuW7PKmXSLlepMMAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EA
-BAwwChsEVjQuMAMCBJAwDQYJKoZIhvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7
-pFuPeJoSSJn59DXeDDYHAmsQOokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzz
-wy5E97BnRqqS5TvaHBkUODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/a
-EkP/TOYGJqibGapEPHayXOw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
-ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
-KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
-ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1
-MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UE
-ChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5j
-b3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBF
-bnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUg
-U2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUA
-A4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/
-I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3
-wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OC
-AdcwggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHb
-oIHYpIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5
-BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1p
-dHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVk
-MTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp
-b24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVu
-dHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0
-MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8Bdi
-E1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAa
-MAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI
-hvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN
-95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd
-2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
-VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
-Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
-KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl
-cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw
-NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw
-NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy
-ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV
-BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo
-Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4
-4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9
-KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI
-rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi
-94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB
-sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi
-gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo
-kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE
-vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA
-A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t
-O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua
-AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP
-9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/
-eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
-0vdXcDazv/wor3ElhVsT/h5/WrQ8
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
-UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
-dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
-MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
-dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
-AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
-BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
-cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
-AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
-MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
-aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
-ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
-IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
-MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
-A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
-7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
-1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEc
-MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBT
-ZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTk5MDYyMTA0MDAwMFoXDTIw
-MDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0VxdWlmYXggU2Vj
-dXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJlIEdsb2JhbCBlQnVzaW5l
-c3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuucXkAJlsTRVPEnC
-UdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQytd4zjTov2/KaelpzmKNc6fuKcxtc
-58O/gGzNqfTWK8D3+ZmqY6KxRwIP1ORROhI8bIpaVIRw28HFkM9yRcuoWcDNM50/
-o5brhTMhHD4ePmBudpxnhcXIw2ECAwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAH
-MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1dr
-aGwwHQYDVR0OBBYEFL6ooHRyUGtEt8kj2Puo/7NXa2hsMA0GCSqGSIb3DQEBBAUA
-A4GBADDiAVGqx+pf2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okENI7SS+RkA
-Z70Br83gcfxaz2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv
-8qIYNMR1pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBBDANBgkqhkiG9w0BAQQFADBTMQswCQYDVQQGEwJVUzEc
-MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBT
-ZWN1cmUgZUJ1c2luZXNzIENBLTEwHhcNOTkwNjIxMDQwMDAwWhcNMjAwNjIxMDQw
-MDAwWjBTMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5j
-LjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2luZXNzIENBLTEwgZ8wDQYJ
-KoZIhvcNAQEBBQADgY0AMIGJAoGBAM4vGbwXt3fek6lfWg0XTzQaDJj0ItlZ1MRo
-RvC0NcWFAyDGr0WlIVFFQesWWDYyb+JQYmT5/VGcqiTZ9J2DKocKIdMSODRsjQBu
-WqDZQu4aIZX5UkxVWsUPOE9G+m34LjXWHXzr4vCwdYDIqROsvojvOm6rXyo4YgKw
-Env+j6YDAgMBAAGjZjBkMBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTAD
-AQH/MB8GA1UdIwQYMBaAFEp4MlIR21kWNl7fwRQ2QGpHfEyhMB0GA1UdDgQWBBRK
-eDJSEdtZFjZe38EUNkBqR3xMoTANBgkqhkiG9w0BAQQFAAOBgQB1W6ibAxHm6VZM
-zfmpTMANmvPMZWnmJXbMWbfWVMMdzZmsGd20hdXgPfxiIKeES1hl8eL5lSE/9dR+
-WB5Hh1Q+WKG1tfgq73HnvMP2sUlG4tega+VWeponmHxGYhTnyfxuAxJ5gDgdSIKN
-/Bf+KpYrtWKmpj29f5JZzVoqgrI3eQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDIDCCAomgAwIBAgIEN3DPtTANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
-UzEXMBUGA1UEChMORXF1aWZheCBTZWN1cmUxJjAkBgNVBAsTHUVxdWlmYXggU2Vj
-dXJlIGVCdXNpbmVzcyBDQS0yMB4XDTk5MDYyMzEyMTQ0NVoXDTE5MDYyMzEyMTQ0
-NVowTjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkVxdWlmYXggU2VjdXJlMSYwJAYD
-VQQLEx1FcXVpZmF4IFNlY3VyZSBlQnVzaW5lc3MgQ0EtMjCBnzANBgkqhkiG9w0B
-AQEFAAOBjQAwgYkCgYEA5Dk5kx5SBhsoNviyoynF7Y6yEb3+6+e0dMKP/wXn2Z0G
-vxLIPw7y1tEkshHe0XMJitSxLJgJDR5QRrKDpkWNYmi7hRsgcDKqQM2mll/EcTc/
-BPO3QSQ5BxoeLmFYoBIL5aXfxavqN3HMHMg3OrmXUqesxWoklE6ce8/AatbfIb0C
-AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEX
-MBUGA1UEChMORXF1aWZheCBTZWN1cmUxJjAkBgNVBAsTHUVxdWlmYXggU2VjdXJl
-IGVCdXNpbmVzcyBDQS0yMQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTkw
-NjIzMTIxNDQ1WjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUUJ4L6q9euSBIplBq
-y/3YIHqngnYwHQYDVR0OBBYEFFCeC+qvXrkgSKZQasv92CB6p4J2MAwGA1UdEwQF
-MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
-A4GBAAyGgq3oThr1jokn4jVYPSm0B482UJW/bsGe68SQsoWou7dC4A8HOd/7npCy
-0cE+U58DRLB+S/Rv5Hwf5+Kx5Lia78O9zt4LMjTZ3ijtM2vE1Nc9ElirfQkty3D1
-E4qUoSek1nDFbZS1yX2doNLGCEnZZpum0/QL3MUmV+GRMOrN
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEVzCCAz+gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMCRVMx
-IjAgBgNVBAcTGUMvIE11bnRhbmVyIDI0NCBCYXJjZWxvbmExQjBABgNVBAMTOUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2
-MjYzNDA2ODEmMCQGCSqGSIb3DQEJARYXY2FAZmlybWFwcm9mZXNpb25hbC5jb20w
-HhcNMDExMDI0MjIwMDAwWhcNMTMxMDI0MjIwMDAwWjCBnTELMAkGA1UEBhMCRVMx
-IjAgBgNVBAcTGUMvIE11bnRhbmVyIDI0NCBCYXJjZWxvbmExQjBABgNVBAMTOUF1
-dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2
-MjYzNDA2ODEmMCQGCSqGSIb3DQEJARYXY2FAZmlybWFwcm9mZXNpb25hbC5jb20w
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnIwNvbyOlXnjOlSztlB5u
-Cp4Bx+ow0Syd3Tfom5h5VtP8c9/Qit5Vj1H5WuretXDE7aTt/6MNbg9kUDGvASdY
-rv5sp0ovFy3Tc9UTHI9ZpTQsHVQERc1ouKDAA6XPhUJHlShbz++AbOCQl4oBPB3z
-hxAwJkh91/zpnZFx/0GaqUC1N5wpIE8fUuOgfRNtVLcK3ulqTgesrBlf3H5idPay
-BQC6haD9HThuy1q7hryUZzM1gywfI834yJFxzJeL764P3CkDG8A563DtwW4O2GcL
-iam8NeTvtjS0pbbELaW+0MOUJEjb35bTALVmGotmBQ/dPz/LP6pemkr4tErvlTcb
-AgMBAAGjgZ8wgZwwKgYDVR0RBCMwIYYfaHR0cDovL3d3dy5maXJtYXByb2Zlc2lv
-bmFsLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEBMCsGA1UdEAQkMCKADzIwMDExMDI0
-MjIwMDAwWoEPMjAxMzEwMjQyMjAwMDBaMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
-FgQUMwugZtHq2s7eYpMEKFK1FH84aLcwDQYJKoZIhvcNAQEFBQADggEBAEdz/o0n
-VPD11HecJ3lXV7cVVuzH2Fi3AQL0M+2TUIiefEaxvT8Ub/GzR0iLjJcG1+p+o1wq
-u00vR+L4OQbJnC4xGgN49Lw4xiKLMzHwFgQEffl25EvXwOaD7FnMP97/T2u3Z36m
-hoEyIwOdyPdfwUpgpZKpsaSgYMN4h7Mi8yrrW6ntBas3D7Hi05V2Y1Z0jFhyGzfl
-ZKG+TQyTmAyX9odtsz/ny4Cm7YjHX1BiAuiZdBbQ5rQ58SfLyEDW44YQqSMSkuBp
-QWOnryULwMWSyx6Yo1q6xTMPoJcB3X/ge9YGVM+h4k0460tQtcsm9MracEpqoeJ5
-quGnM/b9Sh/22WA=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
-bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
-b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH
-iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS
-r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4
-04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r
-GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9
-3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P
-lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
-b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
-cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
-RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
-ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
-1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
-dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
-IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
-bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
-R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
-9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
-fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
-iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
-1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
-bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
-MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
-ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
-uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
-Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
-tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
-PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
-hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
-5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFs
-IENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-R2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvPE1A
-PRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/NTL8
-Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hL
-TytCOb1kLUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL
-5mkWRxHCJ1kDs6ZgwiFAVvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7
-S4wMcoKK+xfNAGw6EzywhIdLFnopsk/bHdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe
-2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
-FHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNHK266ZUap
-EBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6td
-EPx7srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv
-/NgdRN3ggX+d6YvhZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywN
-A0ZF66D0f0hExghAzN4bcLUprbqLOzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0
-abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkCx1YAzUm5s2x7UwQa4qjJqhIF
-I8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqFH4z1Ir+rzoPz
-4iIprn2DQKi6bA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY
-MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
-R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx
-MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
-Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9
-AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA
-ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0
-7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W
-kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI
-mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G
-A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ
-KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1
-6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl
-4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K
-oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj
-UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU
-AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
-c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE
-BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0
-IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV
-VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8
-cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT
-QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh
-F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v
-c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w
-mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd
-VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX
-teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ
-f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe
-Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+
-nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB
-/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY
-MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG
-9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc
-aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX
-IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn
-ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z
-uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN
-Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja
-QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW
-koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9
-ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt
-DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm
-bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy
-c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD
-VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1
-c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
-AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81
-WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG
-FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq
-XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL
-se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb
-KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd
-IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73
-y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt
-hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc
-QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4
-Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV
-HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV
-HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ
-KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z
-dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ
-L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr
-Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo
-ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY
-T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz
-GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m
-1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV
-OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH
-6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX
-QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
-MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
-aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
-jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
-xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
-1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
-snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
-U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
-9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
-BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
-AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
-yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
-38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
-AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
-DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
-HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
-MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
-YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3
-MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo
-ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg
-MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN
-ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA
-PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w
-wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi
-EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY
-avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+
-YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE
-sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h
-/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5
-IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
-ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy
-OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
-TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
-HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
-dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
-ReYNnyicsbkqWletNw+vHX/bvZ8=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIH6jCCB1OgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARIxCzAJBgNVBAYTAkVT
-MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
-ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
-ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEuMCwGA1UECxMl
-SVBTIENBIENMQVNFMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl
-SVBTIENBIENMQVNFMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEeMBwGCSqGSIb3
-DQEJARYPaXBzQG1haWwuaXBzLmVzMB4XDTAxMTIyOTAwNTkzOFoXDTI1MTIyNzAw
-NTkzOFowggESMQswCQYDVQQGEwJFUzESMBAGA1UECBMJQmFyY2Vsb25hMRIwEAYD
-VQQHEwlCYXJjZWxvbmExLjAsBgNVBAoTJUlQUyBJbnRlcm5ldCBwdWJsaXNoaW5n
-IFNlcnZpY2VzIHMubC4xKzApBgNVBAoUImlwc0BtYWlsLmlwcy5lcyBDLkkuRi4g
-IEItNjA5Mjk0NTIxLjAsBgNVBAsTJUlQUyBDQSBDTEFTRTEgQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkxLjAsBgNVBAMTJUlQUyBDQSBDTEFTRTEgQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkxHjAcBgkqhkiG9w0BCQEWD2lwc0BtYWlsLmlwcy5lczCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4FEnpwvdr9G5Q1uCN0VWcu+atsIS7ywS
-zHb5BlmvXSHU0lq4oNTzav3KaY1mSPd05u42veiWkXWmcSjK5yISMmmwPh5r9FBS
-YmL9Yzt9fuzuOOpi9GyocY3h6YvJP8a1zZRCb92CRTzo3wno7wpVqVZHYUxJZHMQ
-KD/Kvwn/xi8CAwEAAaOCBEowggRGMB0GA1UdDgQWBBTrsxl588GlHKzcuh9morKb
-adB4CDCCAUQGA1UdIwSCATswggE3gBTrsxl588GlHKzcuh9morKbadB4CKGCARqk
-ggEWMIIBEjELMAkGA1UEBhMCRVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UE
-BxMJQmFyY2Vsb25hMS4wLAYDVQQKEyVJUFMgSW50ZXJuZXQgcHVibGlzaGluZyBT
-ZXJ2aWNlcyBzLmwuMSswKQYDVQQKFCJpcHNAbWFpbC5pcHMuZXMgQy5JLkYuICBC
-LTYwOTI5NDUyMS4wLAYDVQQLEyVJUFMgQ0EgQ0xBU0UxIENlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MS4wLAYDVQQDEyVJUFMgQ0EgQ0xBU0UxIENlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOCAQAwDAYD
-VR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUFBwMBBggr
-BgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCNwIB
-FQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglghkgBhvhC
-AQEEBAMCAAcwGgYDVR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1UdEgQTMBGB
-D2lwc0BtYWlsLmlwcy5lczBBBglghkgBhvhCAQ0ENBYyQ0xBU0UxIENBIENlcnRp
-ZmljYXRlIGlzc3VlZCBieSBodHRwOi8vd3d3Lmlwcy5lcy8wKQYJYIZIAYb4QgEC
-BBwWGmh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvMDoGCWCGSAGG+EIBBAQtFito
-dHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJDTEFTRTEuY3JsMD8GCWCG
-SAGG+EIBAwQyFjBodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL3Jldm9jYXRpb25D
-TEFTRTEuaHRtbD8wPAYJYIZIAYb4QgEHBC8WLWh0dHA6Ly93d3cuaXBzLmVzL2lw
-czIwMDIvcmVuZXdhbENMQVNFMS5odG1sPzA6BglghkgBhvhCAQgELRYraHR0cDov
-L3d3dy5pcHMuZXMvaXBzMjAwMi9wb2xpY3lDTEFTRTEuaHRtbDBzBgNVHR8EbDBq
-MDGgL6AthitodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJDTEFTRTEu
-Y3JsMDWgM6Axhi9odHRwOi8vd3d3YmFjay5pcHMuZXMvaXBzMjAwMi9pcHMyMDAy
-Q0xBU0UxLmNybDAvBggrBgEFBQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9v
-Y3NwLmlwcy5lcy8wDQYJKoZIhvcNAQEFBQADgYEAK9Dr/drIyllq2tPMMi7JVBuK
-Yn4VLenZMdMu9Ccj/1urxUq2ckCuU3T0vAW0xtnIyXf7t/k0f3gA+Nak5FI/LEpj
-V4F1Wo7ojPsCwJTGKbqz3Bzosq/SLmJbGqmODszFV0VRFOlOHIilkfSj945RyKm+
-hjM+5i9Ibq9UkE6tsSU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIH6jCCB1OgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARIxCzAJBgNVBAYTAkVT
-MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
-ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
-ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEuMCwGA1UECxMl
-SVBTIENBIENMQVNFMyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl
-SVBTIENBIENMQVNFMyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEeMBwGCSqGSIb3
-DQEJARYPaXBzQG1haWwuaXBzLmVzMB4XDTAxMTIyOTAxMDE0NFoXDTI1MTIyNzAx
-MDE0NFowggESMQswCQYDVQQGEwJFUzESMBAGA1UECBMJQmFyY2Vsb25hMRIwEAYD
-VQQHEwlCYXJjZWxvbmExLjAsBgNVBAoTJUlQUyBJbnRlcm5ldCBwdWJsaXNoaW5n
-IFNlcnZpY2VzIHMubC4xKzApBgNVBAoUImlwc0BtYWlsLmlwcy5lcyBDLkkuRi4g
-IEItNjA5Mjk0NTIxLjAsBgNVBAsTJUlQUyBDQSBDTEFTRTMgQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkxLjAsBgNVBAMTJUlQUyBDQSBDTEFTRTMgQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkxHjAcBgkqhkiG9w0BCQEWD2lwc0BtYWlsLmlwcy5lczCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxf+DrDGaBtT8FK+n/ra+osTBLsBjzLZ
-H49NzjaY2uQARIwo2BNEKqRrThckQpzTiKRBgtYj+4vJhuW5qYIF3PHeH+AMmVWY
-8jjsbJ0gA8DvqqPGZARRLXgNo9KoOtYkTOmWehisEyMiG3zoMRGzXwmqMHBxRiVr
-SXGAK5UBsh8CAwEAAaOCBEowggRGMB0GA1UdDgQWBBS4k/8uy9wsjqLnev42USGj
-mFsMNDCCAUQGA1UdIwSCATswggE3gBS4k/8uy9wsjqLnev42USGjmFsMNKGCARqk
-ggEWMIIBEjELMAkGA1UEBhMCRVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UE
-BxMJQmFyY2Vsb25hMS4wLAYDVQQKEyVJUFMgSW50ZXJuZXQgcHVibGlzaGluZyBT
-ZXJ2aWNlcyBzLmwuMSswKQYDVQQKFCJpcHNAbWFpbC5pcHMuZXMgQy5JLkYuICBC
-LTYwOTI5NDUyMS4wLAYDVQQLEyVJUFMgQ0EgQ0xBU0UzIENlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MS4wLAYDVQQDEyVJUFMgQ0EgQ0xBU0UzIENlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOCAQAwDAYD
-VR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUFBwMBBggr
-BgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCNwIB
-FQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglghkgBhvhC
-AQEEBAMCAAcwGgYDVR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1UdEgQTMBGB
-D2lwc0BtYWlsLmlwcy5lczBBBglghkgBhvhCAQ0ENBYyQ0xBU0UzIENBIENlcnRp
-ZmljYXRlIGlzc3VlZCBieSBodHRwOi8vd3d3Lmlwcy5lcy8wKQYJYIZIAYb4QgEC
-BBwWGmh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvMDoGCWCGSAGG+EIBBAQtFito
-dHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJDTEFTRTMuY3JsMD8GCWCG
-SAGG+EIBAwQyFjBodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL3Jldm9jYXRpb25D
-TEFTRTMuaHRtbD8wPAYJYIZIAYb4QgEHBC8WLWh0dHA6Ly93d3cuaXBzLmVzL2lw
-czIwMDIvcmVuZXdhbENMQVNFMy5odG1sPzA6BglghkgBhvhCAQgELRYraHR0cDov
-L3d3dy5pcHMuZXMvaXBzMjAwMi9wb2xpY3lDTEFTRTMuaHRtbDBzBgNVHR8EbDBq
-MDGgL6AthitodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJDTEFTRTMu
-Y3JsMDWgM6Axhi9odHRwOi8vd3d3YmFjay5pcHMuZXMvaXBzMjAwMi9pcHMyMDAy
-Q0xBU0UzLmNybDAvBggrBgEFBQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9v
-Y3NwLmlwcy5lcy8wDQYJKoZIhvcNAQEFBQADgYEAF2VcmZVDAyevJuXr0LMXI/dD
-qsfwfewPxqmurpYPdikc4gYtfibFPPqhwYHOU7BC0ZdXGhd+pFFhxu7pXu8Fuuu9
-D6eSb9ijBmgpjnn1/7/5p6/ksc7C0YBCJwUENPjDfxZ4IwwHJPJGR607VNCv1TGy
-r33I6unUVtkOE7LFRVA=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIH9zCCB2CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARQxCzAJBgNVBAYTAkVT
-MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
-ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
-ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEvMC0GA1UECxMm
-SVBTIENBIENMQVNFQTEgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxLzAtBgNVBAMT
-JklQUyBDQSBDTEFTRUExIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR4wHAYJKoZI
-hvcNAQkBFg9pcHNAbWFpbC5pcHMuZXMwHhcNMDExMjI5MDEwNTMyWhcNMjUxMjI3
-MDEwNTMyWjCCARQxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQ
-BgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UEChMlSVBTIEludGVybmV0IHB1Ymxpc2hp
-bmcgU2VydmljZXMgcy5sLjErMCkGA1UEChQiaXBzQG1haWwuaXBzLmVzIEMuSS5G
-LiAgQi02MDkyOTQ1MjEvMC0GA1UECxMmSVBTIENBIENMQVNFQTEgQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkxLzAtBgNVBAMTJklQUyBDQSBDTEFTRUExIENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXMw
-gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALsw19zQVL01Tp/FTILq0VA8R5j8
-m2mdd81u4D/u6zJfX5/S0HnllXNEITLgCtud186Nq1KLK3jgm1t99P1tCeWu4Wwd
-ByOgF9H5fahGRpEiqLJpxq339fWUoTCUvQDMRH/uxJ7JweaPCjbB/SQ9AaD1e+J8
-eGZDi09Z8pvZ+kmzAgMBAAGjggRTMIIETzAdBgNVHQ4EFgQUZyaW56G/2LUDnf47
-3P7yiuYV3TAwggFGBgNVHSMEggE9MIIBOYAUZyaW56G/2LUDnf473P7yiuYV3TCh
-ggEcpIIBGDCCARQxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQ
-BgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UEChMlSVBTIEludGVybmV0IHB1Ymxpc2hp
-bmcgU2VydmljZXMgcy5sLjErMCkGA1UEChQiaXBzQG1haWwuaXBzLmVzIEMuSS5G
-LiAgQi02MDkyOTQ1MjEvMC0GA1UECxMmSVBTIENBIENMQVNFQTEgQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkxLzAtBgNVBAMTJklQUyBDQSBDTEFTRUExIENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOC
-AQAwDAYDVR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUF
-BwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYB
-BAGCNwIBFQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglg
-hkgBhvhCAQEEBAMCAAcwGgYDVR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1Ud
-EgQTMBGBD2lwc0BtYWlsLmlwcy5lczBCBglghkgBhvhCAQ0ENRYzQ0xBU0VBMSBD
-QSBDZXJ0aWZpY2F0ZSBpc3N1ZWQgYnkgaHR0cDovL3d3dy5pcHMuZXMvMCkGCWCG
-SAGG+EIBAgQcFhpodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyLzA7BglghkgBhvhC
-AQQELhYsaHR0cDovL3d3dy5pcHMuZXMvaXBzMjAwMi9pcHMyMDAyQ0xBU0VBMS5j
-cmwwQAYJYIZIAYb4QgEDBDMWMWh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcmV2
-b2NhdGlvbkNMQVNFQTEuaHRtbD8wPQYJYIZIAYb4QgEHBDAWLmh0dHA6Ly93d3cu
-aXBzLmVzL2lwczIwMDIvcmVuZXdhbENMQVNFQTEuaHRtbD8wOwYJYIZIAYb4QgEI
-BC4WLGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcG9saWN5Q0xBU0VBMS5odG1s
-MHUGA1UdHwRuMGwwMqAwoC6GLGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvaXBz
-MjAwMkNMQVNFQTEuY3JsMDagNKAyhjBodHRwOi8vd3d3YmFjay5pcHMuZXMvaXBz
-MjAwMi9pcHMyMDAyQ0xBU0VBMS5jcmwwLwYIKwYBBQUHAQEEIzAhMB8GCCsGAQUF
-BzABhhNodHRwOi8vb2NzcC5pcHMuZXMvMA0GCSqGSIb3DQEBBQUAA4GBAH66iqyA
-AIQVCtWYUQxkxZwCWINmyq0eB81+atqAB98DNEock8RLWCA1NnHtogo1EqWmZaeF
-aQoO42Hu6r4okzPV7Oi+xNtff6j5YzHIa5biKcJboOeXNp13XjFr/tOn2yrb25aL
-H2betgPAK7N41lUH5Y85UN4HI3LmvSAUS7SG
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIH9zCCB2CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARQxCzAJBgNVBAYTAkVT
-MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
-ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
-ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEvMC0GA1UECxMm
-SVBTIENBIENMQVNFQTMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxLzAtBgNVBAMT
-JklQUyBDQSBDTEFTRUEzIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR4wHAYJKoZI
-hvcNAQkBFg9pcHNAbWFpbC5pcHMuZXMwHhcNMDExMjI5MDEwNzUwWhcNMjUxMjI3
-MDEwNzUwWjCCARQxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQ
-BgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UEChMlSVBTIEludGVybmV0IHB1Ymxpc2hp
-bmcgU2VydmljZXMgcy5sLjErMCkGA1UEChQiaXBzQG1haWwuaXBzLmVzIEMuSS5G
-LiAgQi02MDkyOTQ1MjEvMC0GA1UECxMmSVBTIENBIENMQVNFQTMgQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkxLzAtBgNVBAMTJklQUyBDQSBDTEFTRUEzIENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXMw
-gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO6AAPYaZC6tasiDsYun7o/ZttvN
-G7uGBiJ2MwwSbUhWYdLcgiViL5/SaTBlA0IjWLxH3GvWdV0XPOH/8lhneaDBgbHU
-VqLyjRGZ/fZ98cfEXgIqmuJKtROKAP2Md4bm15T1IHUuDky/dMQ/gT6DtKM4Ninn
-6Cr1jIhBqoCm42zvAgMBAAGjggRTMIIETzAdBgNVHQ4EFgQUHp9XUEe2YZM50yz8
-2l09BXW3mQIwggFGBgNVHSMEggE9MIIBOYAUHp9XUEe2YZM50yz82l09BXW3mQKh
-ggEcpIIBGDCCARQxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQ
-BgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UEChMlSVBTIEludGVybmV0IHB1Ymxpc2hp
-bmcgU2VydmljZXMgcy5sLjErMCkGA1UEChQiaXBzQG1haWwuaXBzLmVzIEMuSS5G
-LiAgQi02MDkyOTQ1MjEvMC0GA1UECxMmSVBTIENBIENMQVNFQTMgQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkxLzAtBgNVBAMTJklQUyBDQSBDTEFTRUEzIENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5MR4wHAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOC
-AQAwDAYDVR0TBAUwAwEB/zAMBgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUF
-BwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYB
-BAGCNwIBFQYKKwYBBAGCNwIBFgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglg
-hkgBhvhCAQEEBAMCAAcwGgYDVR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1Ud
-EgQTMBGBD2lwc0BtYWlsLmlwcy5lczBCBglghkgBhvhCAQ0ENRYzQ0xBU0VBMyBD
-QSBDZXJ0aWZpY2F0ZSBpc3N1ZWQgYnkgaHR0cDovL3d3dy5pcHMuZXMvMCkGCWCG
-SAGG+EIBAgQcFhpodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyLzA7BglghkgBhvhC
-AQQELhYsaHR0cDovL3d3dy5pcHMuZXMvaXBzMjAwMi9pcHMyMDAyQ0xBU0VBMy5j
-cmwwQAYJYIZIAYb4QgEDBDMWMWh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcmV2
-b2NhdGlvbkNMQVNFQTMuaHRtbD8wPQYJYIZIAYb4QgEHBDAWLmh0dHA6Ly93d3cu
-aXBzLmVzL2lwczIwMDIvcmVuZXdhbENMQVNFQTMuaHRtbD8wOwYJYIZIAYb4QgEI
-BC4WLGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcG9saWN5Q0xBU0VBMy5odG1s
-MHUGA1UdHwRuMGwwMqAwoC6GLGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvaXBz
-MjAwMkNMQVNFQTMuY3JsMDagNKAyhjBodHRwOi8vd3d3YmFjay5pcHMuZXMvaXBz
-MjAwMi9pcHMyMDAyQ0xBU0VBMy5jcmwwLwYIKwYBBQUHAQEEIzAhMB8GCCsGAQUF
-BzABhhNodHRwOi8vb2NzcC5pcHMuZXMvMA0GCSqGSIb3DQEBBQUAA4GBAEo9IEca
-2on0eisxeewBwMwB9dbB/MjD81ACUZBYKp/nNQlbMAqBACVHr9QPDp5gJqiVp4MI
-3y2s6Q73nMify5NF8bpqxmdRSmlPa/59Cy9SKcJQrSRE7SOzSMtEQMEDlQwKeAYS
-AfWRMS1Jjbs/RU4s4OjNtckUFQzjB4ObJnXv
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIH9zCCB2CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCARwxCzAJBgNVBAYTAkVT
-MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
-ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
-ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjEzMDEGA1UECxMq
-SVBTIENBIENoYWluZWQgQ0FzIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTMwMQYD
-VQQDEypJUFMgQ0EgQ2hhaW5lZCBDQXMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkx
-HjAcBgkqhkiG9w0BCQEWD2lwc0BtYWlsLmlwcy5lczAeFw0wMTEyMjkwMDUzNTha
-Fw0yNTEyMjcwMDUzNThaMIIBHDELMAkGA1UEBhMCRVMxEjAQBgNVBAgTCUJhcmNl
-bG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMS4wLAYDVQQKEyVJUFMgSW50ZXJuZXQg
-cHVibGlzaGluZyBTZXJ2aWNlcyBzLmwuMSswKQYDVQQKFCJpcHNAbWFpbC5pcHMu
-ZXMgQy5JLkYuICBCLTYwOTI5NDUyMTMwMQYDVQQLEypJUFMgQ0EgQ2hhaW5lZCBD
-QXMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxMzAxBgNVBAMTKklQUyBDQSBDaGFp
-bmVkIENBcyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEeMBwGCSqGSIb3DQEJARYP
-aXBzQG1haWwuaXBzLmVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcVpJJ
-spQgvJhPUOtopKdJC7/SMejHT8KGC/po/UNaivNgkjWZOLtNA1IhW/A3mTXhQSCB
-hYEFcYGdtJUZqV92NC5jNzVXjrQfQj8VXOF6wV8TGDIxya2+o8eDZh65nAQTy2nB
-Bt4wBrszo7Uf8I9vzv+W6FS+ZoCua9tBhDaiPQIDAQABo4IEQzCCBD8wHQYDVR0O
-BBYEFKGtMbH5PuEXpsirNPxShwkeYlJBMIIBTgYDVR0jBIIBRTCCAUGAFKGtMbH5
-PuEXpsirNPxShwkeYlJBoYIBJKSCASAwggEcMQswCQYDVQQGEwJFUzESMBAGA1UE
-CBMJQmFyY2Vsb25hMRIwEAYDVQQHEwlCYXJjZWxvbmExLjAsBgNVBAoTJUlQUyBJ
-bnRlcm5ldCBwdWJsaXNoaW5nIFNlcnZpY2VzIHMubC4xKzApBgNVBAoUImlwc0Bt
-YWlsLmlwcy5lcyBDLkkuRi4gIEItNjA5Mjk0NTIxMzAxBgNVBAsTKklQUyBDQSBD
-aGFpbmVkIENBcyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEzMDEGA1UEAxMqSVBT
-IENBIENoYWluZWQgQ0FzIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR4wHAYJKoZI
-hvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOCAQAwDAYDVR0TBAUwAwEB/zAMBgNVHQ8E
-BQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMG
-CCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCNwIBFQYKKwYBBAGCNwIBFgYKKwYB
-BAGCNwoDAQYKKwYBBAGCNwoDBDARBglghkgBhvhCAQEEBAMCAAcwGgYDVR0RBBMw
-EYEPaXBzQG1haWwuaXBzLmVzMBoGA1UdEgQTMBGBD2lwc0BtYWlsLmlwcy5lczBC
-BglghkgBhvhCAQ0ENRYzQ2hhaW5lZCBDQSBDZXJ0aWZpY2F0ZSBpc3N1ZWQgYnkg
-aHR0cDovL3d3dy5pcHMuZXMvMCkGCWCGSAGG+EIBAgQcFhpodHRwOi8vd3d3Lmlw
-cy5lcy9pcHMyMDAyLzA3BglghkgBhvhCAQQEKhYoaHR0cDovL3d3dy5pcHMuZXMv
-aXBzMjAwMi9pcHMyMDAyQ0FDLmNybDA8BglghkgBhvhCAQMELxYtaHR0cDovL3d3
-dy5pcHMuZXMvaXBzMjAwMi9yZXZvY2F0aW9uQ0FDLmh0bWw/MDkGCWCGSAGG+EIB
-BwQsFipodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL3JlbmV3YWxDQUMuaHRtbD8w
-NwYJYIZIAYb4QgEIBCoWKGh0dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvcG9saWN5
-Q0FDLmh0bWwwbQYDVR0fBGYwZDAuoCygKoYoaHR0cDovL3d3dy5pcHMuZXMvaXBz
-MjAwMi9pcHMyMDAyQ0FDLmNybDAyoDCgLoYsaHR0cDovL3d3d2JhY2suaXBzLmVz
-L2lwczIwMDIvaXBzMjAwMkNBQy5jcmwwLwYIKwYBBQUHAQEEIzAhMB8GCCsGAQUF
-BzABhhNodHRwOi8vb2NzcC5pcHMuZXMvMA0GCSqGSIb3DQEBBQUAA4GBAERyMJ1W
-WKJBGyi3leGmGpVfp3hAK+/blkr8THFj2XOVvQLiogbHvpcqk4A0hgP63Ng9HgfN
-HnNDJGD1HWHc3JagvPsd4+cSACczAsDAK1M92GsDgaPb1pOVIO/Tln4mkImcJpvN
-b2ar7QMiRDjMWb2f2/YHogF/JsRj9SVCXmK9
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICtzCCAiACAQAwDQYJKoZIhvcNAQEEBQAwgaMxCzAJBgNVBAYTAkVTMRIwEAYD
-VQQIEwlCQVJDRUxPTkExEjAQBgNVBAcTCUJBUkNFTE9OQTEZMBcGA1UEChMQSVBT
-IFNlZ3VyaWRhZCBDQTEYMBYGA1UECxMPQ2VydGlmaWNhY2lvbmVzMRcwFQYDVQQD
-Ew5JUFMgU0VSVklET1JFUzEeMBwGCSqGSIb3DQEJARYPaXBzQG1haWwuaXBzLmVz
-MB4XDTk4MDEwMTIzMjEwN1oXDTA5MTIyOTIzMjEwN1owgaMxCzAJBgNVBAYTAkVT
-MRIwEAYDVQQIEwlCQVJDRUxPTkExEjAQBgNVBAcTCUJBUkNFTE9OQTEZMBcGA1UE
-ChMQSVBTIFNlZ3VyaWRhZCBDQTEYMBYGA1UECxMPQ2VydGlmaWNhY2lvbmVzMRcw
-FQYDVQQDEw5JUFMgU0VSVklET1JFUzEeMBwGCSqGSIb3DQEJARYPaXBzQG1haWwu
-aXBzLmVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsT1J0nznqjtwlxLyY
-XZhkJAk8IbPMGbWOlI6H0fg3PqHILVikgDVboXVsHUUMH2Fjal5vmwpMwci4YSM1
-gf/+rHhwLWjhOgeYlQJU3c0jt4BT18g3RXIGJBK6E2Ehim51KODFDzT9NthFf+G4
-Nu+z4cYgjui0OLzhPvYR3oydAQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACzzw3lY
-JN7GO9HgQmm47mSzPWIBubOE3yN93ZjPEKn+ANgilgUTB1RXxafey9m4iEL2mdsU
-dx+2/iU94aI+A6mB0i1sR/WWRowiq8jMDQ6XXotBtDvECgZAHd1G9AHduoIuPD14
-cJ58GNCr+Lh3B0Zx8coLY1xq+XKU1QFPoNtC
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIIODCCB6GgAwIBAgIBADANBgkqhkiG9w0BAQUFADCCAR4xCzAJBgNVBAYTAkVT
-MRIwEAYDVQQIEwlCYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9uYTEuMCwGA1UE
-ChMlSVBTIEludGVybmV0IHB1Ymxpc2hpbmcgU2VydmljZXMgcy5sLjErMCkGA1UE
-ChQiaXBzQG1haWwuaXBzLmVzIEMuSS5GLiAgQi02MDkyOTQ1MjE0MDIGA1UECxMr
-SVBTIENBIFRpbWVzdGFtcGluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTE0MDIG
-A1UEAxMrSVBTIENBIFRpbWVzdGFtcGluZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
-eTEeMBwGCSqGSIb3DQEJARYPaXBzQG1haWwuaXBzLmVzMB4XDTAxMTIyOTAxMTAx
-OFoXDTI1MTIyNzAxMTAxOFowggEeMQswCQYDVQQGEwJFUzESMBAGA1UECBMJQmFy
-Y2Vsb25hMRIwEAYDVQQHEwlCYXJjZWxvbmExLjAsBgNVBAoTJUlQUyBJbnRlcm5l
-dCBwdWJsaXNoaW5nIFNlcnZpY2VzIHMubC4xKzApBgNVBAoUImlwc0BtYWlsLmlw
-cy5lcyBDLkkuRi4gIEItNjA5Mjk0NTIxNDAyBgNVBAsTK0lQUyBDQSBUaW1lc3Rh
-bXBpbmcgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxNDAyBgNVBAMTK0lQUyBDQSBU
-aW1lc3RhbXBpbmcgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxHjAcBgkqhkiG9w0B
-CQEWD2lwc0BtYWlsLmlwcy5lczCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-vLjuVqWajOY2ycJioGaBjRrVetJznw6EZLqVtJCneK/K/lRhW86yIFcBrkSSQxA4
-Efdo/BdApWgnMjvEp+ZCccWZ73b/K5Uk9UmSGGjKALWkWi9uy9YbLA1UZ2t6KaFY
-q6JaANZbuxjC3/YeE1Z2m6Vo4pjOxgOKNNtMg0GmqaMCAwEAAaOCBIAwggR8MB0G
-A1UdDgQWBBSL0BBQCYHynQnVDmB4AyKiP8jKZjCCAVAGA1UdIwSCAUcwggFDgBSL
-0BBQCYHynQnVDmB4AyKiP8jKZqGCASakggEiMIIBHjELMAkGA1UEBhMCRVMxEjAQ
-BgNVBAgTCUJhcmNlbG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMS4wLAYDVQQKEyVJ
-UFMgSW50ZXJuZXQgcHVibGlzaGluZyBTZXJ2aWNlcyBzLmwuMSswKQYDVQQKFCJp
-cHNAbWFpbC5pcHMuZXMgQy5JLkYuICBCLTYwOTI5NDUyMTQwMgYDVQQLEytJUFMg
-Q0EgVGltZXN0YW1waW5nIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MTQwMgYDVQQD
-EytJUFMgQ0EgVGltZXN0YW1waW5nIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR4w
-HAYJKoZIhvcNAQkBFg9pcHNAbWFpbC5pcHMuZXOCAQAwDAYDVR0TBAUwAwEB/zAM
-BgNVHQ8EBQMDB/+AMGsGA1UdJQRkMGIGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB
-BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCNwIBFQYKKwYBBAGCNwIB
-FgYKKwYBBAGCNwoDAQYKKwYBBAGCNwoDBDARBglghkgBhvhCAQEEBAMCAAcwGgYD
-VR0RBBMwEYEPaXBzQG1haWwuaXBzLmVzMBoGA1UdEgQTMBGBD2lwc0BtYWlsLmlw
-cy5lczBHBglghkgBhvhCAQ0EOhY4VGltZXN0YW1waW5nIENBIENlcnRpZmljYXRl
-IGlzc3VlZCBieSBodHRwOi8vd3d3Lmlwcy5lcy8wKQYJYIZIAYb4QgECBBwWGmh0
-dHA6Ly93d3cuaXBzLmVzL2lwczIwMDIvMEAGCWCGSAGG+EIBBAQzFjFodHRwOi8v
-d3d3Lmlwcy5lcy9pcHMyMDAyL2lwczIwMDJUaW1lc3RhbXBpbmcuY3JsMEUGCWCG
-SAGG+EIBAwQ4FjZodHRwOi8vd3d3Lmlwcy5lcy9pcHMyMDAyL3Jldm9jYXRpb25U
-aW1lc3RhbXBpbmcuaHRtbD8wQgYJYIZIAYb4QgEHBDUWM2h0dHA6Ly93d3cuaXBz
-LmVzL2lwczIwMDIvcmVuZXdhbFRpbWVzdGFtcGluZy5odG1sPzBABglghkgBhvhC
-AQgEMxYxaHR0cDovL3d3dy5pcHMuZXMvaXBzMjAwMi9wb2xpY3lUaW1lc3RhbXBp
-bmcuaHRtbDB/BgNVHR8EeDB2MDegNaAzhjFodHRwOi8vd3d3Lmlwcy5lcy9pcHMy
-MDAyL2lwczIwMDJUaW1lc3RhbXBpbmcuY3JsMDugOaA3hjVodHRwOi8vd3d3YmFj
-ay5pcHMuZXMvaXBzMjAwMi9pcHMyMDAyVGltZXN0YW1waW5nLmNybDAvBggrBgEF
-BQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9vY3NwLmlwcy5lcy8wDQYJKoZI
-hvcNAQEFBQADgYEAZbrBzAAalZHK6Ww6vzoeFAh8+4Pua2JR0zORtWB5fgTYXXk3
-6MNbsMRnLWhasl8OCvrNPzpFoeo2zyYepxEoxZSPhExTCMWTs/zif/WN87GphV+I
-3pGW7hdbrqXqcGV4LCFkAZXOzkw+UPS2Wctjjba9GNSHSl/c7+lW8AoM6HU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFSzCCBLSgAwIBAgIBaTANBgkqhkiG9w0BAQQFADCBmTELMAkGA1UEBhMCSFUx
-ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
-b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTIwMAYDVQQD
-EylOZXRMb2NrIFV6bGV0aSAoQ2xhc3MgQikgVGFudXNpdHZhbnlraWFkbzAeFw05
-OTAyMjUxNDEwMjJaFw0xOTAyMjAxNDEwMjJaMIGZMQswCQYDVQQGEwJIVTERMA8G
-A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
-Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxMjAwBgNVBAMTKU5l
-dExvY2sgVXpsZXRpIChDbGFzcyBCKSBUYW51c2l0dmFueWtpYWRvMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQCx6gTsIKAjwo84YM/HRrPVG/77uZmeBNwcf4xK
-gZjupNTKihe5In+DCnVMm8Bp2GQ5o+2So/1bXHQawEfKOml2mrriRBf8TKPV/riX
-iK+IA4kfpPIEPsgHC+b5sy96YhQJRhTKZPWLgLViqNhr1nGTLbO/CVRY7QbrqHvc
-Q7GhaQIDAQABo4ICnzCCApswEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8E
-BAMCAAYwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1G
-SUdZRUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFu
-b3MgU3pvbGdhbHRhdGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBh
-bGFwamFuIGtlc3p1bHQuIEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExv
-Y2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGln
-aXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0
-IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJh
-c2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGph
-biBhIGh0dHBzOi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJo
-ZXRvIGF6IGVsbGVub3J6ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBP
-UlRBTlQhIFRoZSBpc3N1YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmlj
-YXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBo
-dHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNA
-bmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4GBAATbrowXr/gOkDFOzT4JwG06
-sPgzTEdM43WIEJessDgVkcYplswhwG08pXTP2IKlOcNl40JwuyKQ433bNXbhoLXa
-n3BukxowOR0w2y7jfLKRstE3Kfq51hdcR0/jHTjrn9V7lagonhVK0dHQKwCXoOKS
-NitjrFgBazMpUIaD8QFI
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFTzCCBLigAwIBAgIBaDANBgkqhkiG9w0BAQQFADCBmzELMAkGA1UEBhMCSFUx
-ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
-b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTQwMgYDVQQD
-EytOZXRMb2NrIEV4cHJlc3N6IChDbGFzcyBDKSBUYW51c2l0dmFueWtpYWRvMB4X
-DTk5MDIyNTE0MDgxMVoXDTE5MDIyMDE0MDgxMVowgZsxCzAJBgNVBAYTAkhVMREw
-DwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9u
-c2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE0MDIGA1UEAxMr
-TmV0TG9jayBFeHByZXNzeiAoQ2xhc3MgQykgVGFudXNpdHZhbnlraWFkbzCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6+ywbGGKIyWvYCDj2Z/8kwvbXY2wobNA
-OoLO/XXgeDIDhlqGlZHtU/qdQPzm6N3ZW3oDvV3zOwzDUXmbrVWg6dADEK8KuhRC
-2VImESLH0iDMgqSaqf64gXadarfSNnU+sYYJ9m5tfk63euyucYT2BDMIJTLrdKwW
-RMbkQJMdf60CAwEAAaOCAp8wggKbMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0P
-AQH/BAQDAgAGMBEGCWCGSAGG+EIBAQQEAwIABzCCAmAGCWCGSAGG+EIBDQSCAlEW
-ggJNRklHWUVMRU0hIEV6ZW4gdGFudXNpdHZhbnkgYSBOZXRMb2NrIEtmdC4gQWx0
-YWxhbm9zIFN6b2xnYWx0YXRhc2kgRmVsdGV0ZWxlaWJlbiBsZWlydCBlbGphcmFz
-b2sgYWxhcGphbiBrZXN6dWx0LiBBIGhpdGVsZXNpdGVzIGZvbHlhbWF0YXQgYSBO
-ZXRMb2NrIEtmdC4gdGVybWVrZmVsZWxvc3NlZy1iaXp0b3NpdGFzYSB2ZWRpLiBB
-IGRpZ2l0YWxpcyBhbGFpcmFzIGVsZm9nYWRhc2FuYWsgZmVsdGV0ZWxlIGF6IGVs
-b2lydCBlbGxlbm9yemVzaSBlbGphcmFzIG1lZ3RldGVsZS4gQXogZWxqYXJhcyBs
-ZWlyYXNhIG1lZ3RhbGFsaGF0byBhIE5ldExvY2sgS2Z0LiBJbnRlcm5ldCBob25s
-YXBqYW4gYSBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIGNpbWVuIHZhZ3kg
-a2VyaGV0byBheiBlbGxlbm9yemVzQG5ldGxvY2submV0IGUtbWFpbCBjaW1lbi4g
-SU1QT1JUQU5UISBUaGUgaXNzdWFuY2UgYW5kIHRoZSB1c2Ugb2YgdGhpcyBjZXJ0
-aWZpY2F0ZSBpcyBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIENQUyBhdmFpbGFibGUg
-YXQgaHR0cHM6Ly93d3cubmV0bG9jay5uZXQvZG9jcyBvciBieSBlLW1haWwgYXQg
-Y3BzQG5ldGxvY2submV0LjANBgkqhkiG9w0BAQQFAAOBgQAQrX/XDDKACtiG8XmY
-ta3UzbM2xJZIwVzNmtkFLp++UOv0JhQQLdRmF/iewSf98e3ke0ugbLWrmldwpu2g
-pO0u9f38vf5NNwgMvOOWgyL1SRt/Syu0VMGAfJlOHdCM7tCs5ZL6dVb+ZKATj7i4
-Fp1hBWeAyNDYpQcCNJgEjTME1A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGfTCCBWWgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwga8xCzAJBgNVBAYTAkhV
-MRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMe
-TmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0
-dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBLb3pqZWd5em9pIChDbGFzcyBB
-KSBUYW51c2l0dmFueWtpYWRvMB4XDTk5MDIyNDIzMTQ0N1oXDTE5MDIxOTIzMTQ0
-N1owga8xCzAJBgNVBAYTAkhVMRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQHEwhC
-dWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQu
-MRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBL
-b3pqZWd5em9pIChDbGFzcyBBKSBUYW51c2l0dmFueWtpYWRvMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHSMD7tM9DceqQWC2ObhbHDqeLVu0ThEDaiD
-zl3S1tWBxdRL51uUcCbbO51qTGL3cfNk1mE7PetzozfZz+qMkjvN9wfcZnSX9EUi
-3fRc4L9t875lM+QVOr/bmJBVOMTtplVjC7B4BPTjbsE/jvxReB+SnoPC/tmwqcm8
-WgD/qaiYdPv2LD4VOQ22BFWoDpggQrOxJa1+mm9dU7GrDPzr4PN6s6iz/0b2Y6LY
-Oph7tqyF/7AlT3Rj5xMHpQqPBffAZG9+pyeAlt7ULoZgx2srXnN7F+eRP2QM2Esi
-NCubMvJIH5+hCoR64sKtlz2O1cH5VqNQ6ca0+pii7pXmKgOM3wIDAQABo4ICnzCC
-ApswDgYDVR0PAQH/BAQDAgAGMBIGA1UdEwEB/wQIMAYBAf8CAQQwEQYJYIZIAYb4
-QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1GSUdZRUxFTSEgRXplbiB0
-YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFub3MgU3pvbGdhbHRhdGFz
-aSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBhbGFwamFuIGtlc3p1bHQu
-IEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExvY2sgS2Z0LiB0ZXJtZWtm
-ZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGlnaXRhbGlzIGFsYWlyYXMg
-ZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0IGVsbGVub3J6ZXNpIGVs
-amFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJhc2EgbWVndGFsYWxoYXRv
-IGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGphbiBhIGh0dHBzOi8vd3d3
-Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJoZXRvIGF6IGVsbGVub3J6
-ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBPUlRBTlQhIFRoZSBpc3N1
-YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3Qg
-dG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBodHRwczovL3d3dy5uZXRs
-b2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNAbmV0bG9jay5uZXQuMA0G
-CSqGSIb3DQEBBAUAA4IBAQBIJEb3ulZv+sgoA0BO5TE5ayZrU3/b39/zcT0mwBQO
-xmd7I6gMc90Bu8bKbjc5VdXHjFYgDigKDtIqpLBJUsY4B/6+CgmM0ZjPytoUMaFP
-0jn8DxEsQ8Pdq5PHVT5HfBgaANzze9jyf1JsIPQLX2lS9O74silg6+NJMSEN1rUQ
-QeJBCWziGppWS3cC9qCbmieH6FUpccKQn0V4GuEVZD3QDtigdp+uxdAu6tYPVuxk
-f1qbFFgBJ34TUMdrKuZoPL9coAob4Q566eKAw+np9v1sEZ7Q5SgnK1QyQhSCdeZK
-8CtmdWOMovsEPoMOmzbwGOQmIMOM8CgHrTwXZoi1/baI
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIG0TCCBbmgAwIBAgIBezANBgkqhkiG9w0BAQUFADCByTELMAkGA1UEBhMCSFUx
-ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
-b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMUIwQAYDVQQD
-EzlOZXRMb2NrIE1pbm9zaXRldHQgS296amVneXpvaSAoQ2xhc3MgUUEpIFRhbnVz
-aXR2YW55a2lhZG8xHjAcBgkqhkiG9w0BCQEWD2luZm9AbmV0bG9jay5odTAeFw0w
-MzAzMzAwMTQ3MTFaFw0yMjEyMTUwMTQ3MTFaMIHJMQswCQYDVQQGEwJIVTERMA8G
-A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
-Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxQjBABgNVBAMTOU5l
-dExvY2sgTWlub3NpdGV0dCBLb3pqZWd5em9pIChDbGFzcyBRQSkgVGFudXNpdHZh
-bnlraWFkbzEeMBwGCSqGSIb3DQEJARYPaW5mb0BuZXRsb2NrLmh1MIIBIjANBgkq
-hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1Ilstg91IRVCacbvWy5FPSKAtt2/Goq
-eKvld/Bu4IwjZ9ulZJm53QE+b+8tmjwi8F3JV6BVQX/yQ15YglMxZc4e8ia6AFQe
-r7C8HORSjKAyr7c3sVNnaHRnUPYtLmTeriZ539+Zhqurf4XsoPuAzPS4DB6TRWO5
-3Lhbm+1bOdRfYrCnjnxmOCyqsQhjF2d9zL2z8cM/z1A57dEZgxXbhxInlrfa6uWd
-vLrqOU+L73Sa58XQ0uqGURzk/mQIKAR5BevKxXEOC++r6uwSEaEYBTJp0QwsGj0l
-mT+1fMptsK6ZmfoIYOcZwvK9UdPM0wKswREMgM6r3JSda6M5UzrWhQIDAMV9o4IC
-wDCCArwwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwggJ1Bglg
-hkgBhvhCAQ0EggJmFoICYkZJR1lFTEVNISBFemVuIHRhbnVzaXR2YW55IGEgTmV0
-TG9jayBLZnQuIE1pbm9zaXRldHQgU3pvbGdhbHRhdGFzaSBTemFiYWx5emF0YWJh
-biBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBBIG1pbm9zaXRldHQg
-ZWxla3Ryb25pa3VzIGFsYWlyYXMgam9naGF0YXMgZXJ2ZW55ZXN1bGVzZW5laywg
-dmFsYW1pbnQgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYSBNaW5vc2l0ZXR0IFN6
-b2xnYWx0YXRhc2kgU3phYmFseXphdGJhbiwgYXogQWx0YWxhbm9zIFN6ZXJ6b2Rl
-c2kgRmVsdGV0ZWxla2JlbiBlbG9pcnQgZWxsZW5vcnplc2kgZWxqYXJhcyBtZWd0
-ZXRlbGUuIEEgZG9rdW1lbnR1bW9rIG1lZ3RhbGFsaGF0b2sgYSBodHRwczovL3d3
-dy5uZXRsb2NrLmh1L2RvY3MvIGNpbWVuIHZhZ3kga2VyaGV0b2sgYXogaW5mb0Bu
-ZXRsb2NrLm5ldCBlLW1haWwgY2ltZW4uIFdBUk5JTkchIFRoZSBpc3N1YW5jZSBh
-bmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGFyZSBzdWJqZWN0IHRvIHRo
-ZSBOZXRMb2NrIFF1YWxpZmllZCBDUFMgYXZhaWxhYmxlIGF0IGh0dHBzOi8vd3d3
-Lm5ldGxvY2suaHUvZG9jcy8gb3IgYnkgZS1tYWlsIGF0IGluZm9AbmV0bG9jay5u
-ZXQwHQYDVR0OBBYEFAlqYhaSsFq7VQ7LdTI6MuWyIckoMA0GCSqGSIb3DQEBBQUA
-A4IBAQCRalCc23iBmz+LQuM7/KbD7kPgz/PigDVJRXYC4uMvBcXxKufAQTPGtpvQ
-MznNwNuhrWw3AkxYQTvyl5LGSKjN5Yo5iWH5Upfpvfb5lHTocQ68d4bDBsxafEp+
-NFAwLvt/MpqNPfMgW/hqyobzMUwsWYACff44yTB1HLdV47yfuqhthCgFdbOLDcCR
-VCHnpgu0mfVRQdzNo0ci2ccBgcTcR08m6h/t280NmPSjnLRzMkqWmf68f8glWPhY
-83ZmiVSkpj7EUFy6iRiCdUgh0k8T6GB+B3bbELVR5qq5aKrN9p2QdRLqOBrKROi3
-macqaJVmlaut74nLYKkGEsaUR+ko
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
-MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
-MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp
-dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV
-UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO
-ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz
-c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP
-OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl
-mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF
-BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4
-qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw
-gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB
-BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu
-bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp
-dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8
-6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/
-h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH
-/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv
-wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
-pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
-TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz
-MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw
-IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR
-dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp
-li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D
-rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ
-WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug
-F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU
-xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC
-Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv
-dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw
-ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl
-IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh
-c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy
-ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
-Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI
-KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T
-KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq
-y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
-dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD
-VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL
-MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk
-fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
-7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R
-cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
-mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
-xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
-SnQ2+Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
-GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
-b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV
-BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
-YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa
-GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg
-Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J
-WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB
-rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp
-+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1
-ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i
-Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz
-PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og
-/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH
-oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI
-yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud
-EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2
-A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL
-MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT
-ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f
-BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn
-g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl
-fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K
-WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha
-B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc
-hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR
-TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD
-mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z
-ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
-4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
-8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
-GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
-b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV
-BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
-YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM
-V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB
-4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr
-H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd
-8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv
-vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT
-mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe
-btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc
-T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt
-WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ
-c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A
-4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD
-VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG
-CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0
-aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0
-aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu
-dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw
-czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G
-A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC
-TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg
-Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0
-7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem
-d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd
-+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B
-4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN
-t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x
-DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57
-k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s
-zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j
-Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT
-mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK
-4SVhM7JZG+Ju1zdXtg2pEto=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
-IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
-BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
-aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
-9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy
-NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
-azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
-YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
-Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
-cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD
-cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs
-2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY
-JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE
-Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ
-n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A
-PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICXDCCAcWgAwIBAgIQCgEBAQAAAnwAAAALAAAAAjANBgkqhkiG9w0BAQUFADA6
-MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJp
-dHkgMTAyNCBWMzAeFw0wMTAyMjIyMTAxNDlaFw0yNjAyMjIyMDAxNDlaMDoxGTAX
-BgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAbBgNVBAsTFFJTQSBTZWN1cml0eSAx
-MDI0IFYzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDV3f5mCc8kPD6ugU5O
-isRpgFtZO9+5TUzKtS3DJy08rwBCbbwoppbPf9dYrIMKo1W1exeQFYRMiu4mmdxY
-78c4pqqv0I5CyGLXq6yp+0p9v+r+Ek3d/yYtbzZUaMjShFbuklNhCbM/OZuoyZu9
-zp9+1BlqFikYvtc6adwlWzMaUQIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4G
-A1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBTEwBykB5T9zU0B1FTapQxf3q4FWjAd
-BgNVHQ4EFgQUxMAcpAeU/c1NAdRU2qUMX96uBVowDQYJKoZIhvcNAQEFBQADgYEA
-Py1q4yZDlX2Jl2X7deRyHUZXxGFraZ8SmyzVWujAovBDleMf6XbN3Ou8k6BlCsdN
-T1+nr6JGFLkM88y9am63nd4lQtBU/55oc2PcJOsiv6hy8l4A4Q1OOkNumU4/iXgD
-mMrzVcydro7BqkWY+o8aoI2II/EVQQ2lRj6RP4vr93E=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDYTCCAkmgAwIBAgIQCgEBAQAAAnwAAAAKAAAAAjANBgkqhkiG9w0BAQUFADA6
-MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJp
-dHkgMjA0OCBWMzAeFw0wMTAyMjIyMDM5MjNaFw0yNjAyMjIyMDM5MjNaMDoxGTAX
-BgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAbBgNVBAsTFFJTQSBTZWN1cml0eSAy
-MDQ4IFYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt49VcdKA3Xtp
-eafwGFAyPGJn9gqVB93mG/Oe2dJBVGutn3y+Gc37RqtBaB4Y6lXIL5F4iSj7Jylg
-/9+PjDvJSZu1pJTOAeo+tWN7fyb9Gd3AIb2E0S1PRsNO3Ng3OTsor8udGuorryGl
-wSMiuLgbWhOHV4PR8CDn6E8jQrAApX2J6elhc5SYcSa8LWrg903w8bYqODGBDSnh
-AMFRD0xS+ARaqn1y07iHKrtjEAMqs6FPDVpeRrc9DvV07Jmf+T0kgYim3WBU6JU2
-PcYJk5qjEoAAVZkZR73QpXzDuvsf9/UP+Ky5tfQ3mBMY3oVbtwyCO4dvlTlYMNpu
-AWgXIszACwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
-BjAfBgNVHSMEGDAWgBQHw1EwpKrpRa41JPr/JCwz0LGdjDAdBgNVHQ4EFgQUB8NR
-MKSq6UWuNST6/yQsM9CxnYwwDQYJKoZIhvcNAQEFBQADggEBAF8+hnZuuDU8TjYc
-HnmYv/3VEhF5Ug7uMYm83X/50cYVIeiKAVQNOvtUudZj1LGqlk2iQk3UUx+LEN5/
-Zb5gEydxiKRz44Rj0aRV4VCT5hsOedBnvEbIvz8XDZXmxpBp3ue0L96VfdASPz0+
-f00/FGj1EVDVwfSQpQgdMWD/YIwjVAqv/qFuxdF6Kmh4zx6CCiC0H63lhbJqaHVO
-rSU3lIW+vaHU6rcMSzyd6BIA8F+sDeGscGNz9395nzIlQnQFgCi/vcEkllgVsRch
-6YlL2weIZ/QVrXA+L02FO8K32/6YaCOJ4XQP3vTFhGMpG8zLB8kApKnXwiJPZ9d3
-7CAFYd4=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
-FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz
-MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv
-cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz
-Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO
-0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao
-wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj
-7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS
-8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT
-BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB
-/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg
-JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC
-NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3
-6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/
-3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm
-D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS
-CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR
-3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
-GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx
-MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg
-Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ
-iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa
-/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ
-jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI
-HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7
-sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w
-gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw
-KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG
-AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L
-URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO
-H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm
-I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY
-iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc
-f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
-MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
-dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5
-WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD
-VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8
-9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ
-DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9
-Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N
-QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ
-xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G
-A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG
-kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr
-Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5
-Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
-JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
-RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDIDCCAgigAwIBAgIBJDANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
-MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MxIENBMB4XDTAx
-MDQwNjEwNDkxM1oXDTIxMDQwNjEwNDkxM1owOTELMAkGA1UEBhMCRkkxDzANBgNV
-BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMSBDQTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBALWJHytPZwp5/8Ue+H887dF+2rDNbS82rDTG
-29lkFwhjMDMiikzujrsPDUJVyZ0upe/3p4zDq7mXy47vPxVnqIJyY1MPQYx9EJUk
-oVqlBvqSV536pQHydekfvFYmUk54GWVYVQNYwBSujHxVX3BbdyMGNpfzJLWaRpXk
-3w0LBUXl0fIdgrvGE+D+qnr9aTCU89JFhfzyMlsy3uhsXR/LpCJ0sICOXZT3BgBL
-qdReLjVQCfOAl/QMF6452F/NM8EcyonCIvdFEu1eEpOdY6uCLrnrQkFEy0oaAIIN
-nvmLVz5MxxftLItyM19yejhW1ebZrgUaHXVFsculJRwSVzb9IjcCAwEAAaMzMDEw
-DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIR+IMi/ZTiFIwCwYDVR0PBAQDAgEG
-MA0GCSqGSIb3DQEBBQUAA4IBAQCLGrLJXWG04bkruVPRsoWdd44W7hE928Jj2VuX
-ZfsSZ9gqXLar5V7DtxYvyOirHYr9qxp81V9jz9yw3Xe5qObSIjiHBxTZ/75Wtf0H
-DjxVyhbMp6Z3N/vbXB9OWQaHowND9Rart4S9Tu+fMTfwRvFAttEMpWT4Y14h21VO
-TzF2nBBhjrZTOqMRvq9tfB69ri3iDGnHhVNoomG6xT60eVR4ngrHAr5i0RGCS2Uv
-kVrCqIexVmiUefkl98HVrhq4uz2PqYo4Ffdz0Fpg0YCw8NzVUM1O7pJIae2yIx4w
-zMiUyLb1O4Z/P6Yun/Y+LLWSlj7fLJOK/4GMDw9ZIRlXvVWa
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
-MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
-MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV
-BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o
-Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt
-5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s
-3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej
-vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu
-8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw
-DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG
-MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil
-zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/
-3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD
-FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
-Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
-ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgIEAJiWijANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJO
-TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQTAeFw0wMjEyMTcwOTIzNDlaFw0xNTEy
-MTYwOTE1MzhaMFUxCzAJBgNVBAYTAk5MMR4wHAYDVQQKExVTdGFhdCBkZXIgTmVk
-ZXJsYW5kZW4xJjAkBgNVBAMTHVN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENB
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNK1URF6gaYUmHFtvszn
-ExvWJw56s2oYHLZhWtVhCb/ekBPHZ+7d89rFDBKeNVU+LCeIQGv33N0iYfXCxw71
-9tV2U02PjLwYdjeFnejKScfST5gTCaI+Ioicf9byEGW07l8Y1Rfj+MX94p2i71MO
-hXeiD+EwR+4A5zN9RGcaC1Hoi6CeUJhoNFIfLm0B8mBF8jHrqTFoKbt6QZ7GGX+U
-tFE5A3+y3qcym7RHjm+0Sq7lr7HcsBthvJly3uSJt3omXdozSVtSnA71iq3DuD3o
-BmrC1SoLbHuEvVYFy4ZlkuxEK7COudxwC0barbxjiDn622r+I/q85Ej0ZytqERAh
-SQIDAQABo4GRMIGOMAwGA1UdEwQFMAMBAf8wTwYDVR0gBEgwRjBEBgRVHSAAMDww
-OgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cucGtpb3ZlcmhlaWQubmwvcG9saWNpZXMv
-cm9vdC1wb2xpY3kwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSofeu8Y6R0E3QA
-7Jbg0zTBLL9s+DANBgkqhkiG9w0BAQUFAAOCAQEABYSHVXQ2YcG70dTGFagTtJ+k
-/rvuFbQvBgwp8qiSpGEN/KtcCFtREytNwiphyPgJWPwtArI5fZlmgb9uXJVFIGzm
-eafR2Bwp/MIgJ1HI8XxdNGdphREwxgDS1/PTfLbwMVcoEoJz6TMvplW0C5GUR5z6
-u3pCMuiufi3IvKwUv9kP2Vv8wfl6leF9fpb8cbDCTMjfRTTJzg3ynGQI0DvDKcWy
-7ZAEwbEpkcUwb8GpcjPM/l0WFywRaed+/sWDCN+83CI6LiBpIzlWYGeQiy52OfsR
-iJf2fL1LuCAWZwWN4jvBcj+UlTfHXbme2JOhF4//DGYVwSR8MnwDHTuhWEUykw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
-MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
-U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw
-NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE
-ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp
-ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3
-DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf
-8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN
-+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0
-X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa
-K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA
-1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G
-A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR
-zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0
-YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD
-bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w
-DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3
-L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
-eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
-xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
-VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
-WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
-MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
-Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
-MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
-U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
-cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
-A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
-pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
-OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
-Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
-Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
-HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
-Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
-+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
-Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
-Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
-26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
-AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
-ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
-LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
-BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
-dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
-cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
-YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
-dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
-bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
-YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
-TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
-9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
-jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
-FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
-ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
-ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
-EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
-L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
-O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
-um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
-NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFFjCCBH+gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBsDELMAkGA1UEBhMCSUwx
-DzANBgNVBAgTBklzcmFlbDEOMAwGA1UEBxMFRWlsYXQxFjAUBgNVBAoTDVN0YXJ0
-Q29tIEx0ZC4xGjAYBgNVBAsTEUNBIEF1dGhvcml0eSBEZXAuMSkwJwYDVQQDEyBG
-cmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS
-YWRtaW5Ac3RhcnRjb20ub3JnMB4XDTA1MDMxNzE3Mzc0OFoXDTM1MDMxMDE3Mzc0
-OFowgbAxCzAJBgNVBAYTAklMMQ8wDQYDVQQIEwZJc3JhZWwxDjAMBgNVBAcTBUVp
-bGF0MRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMRowGAYDVQQLExFDQSBBdXRob3Jp
-dHkgRGVwLjEpMCcGA1UEAxMgRnJlZSBTU0wgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkxITAfBgkqhkiG9w0BCQEWEmFkbWluQHN0YXJ0Y29tLm9yZzCBnzANBgkqhkiG
-9w0BAQEFAAOBjQAwgYkCgYEA7YRgACOeyEpRKSfeOqE5tWmrCbIvNP1h3D3TsM+x
-18LEwrHkllbEvqoUDufMOlDIOmKdw6OsWXuO7lUaHEe+o5c5s7XvIywI6Nivcy+5
-yYPo7QAPyHWlLzRMGOh2iCNJitu27Wjaw7ViKUylS7eYtAkUEKD4/mJ2IhULpNYI
-LzUCAwEAAaOCAjwwggI4MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgHmMB0G
-A1UdDgQWBBQcicOWzL3+MtUNjIExtpidjShkjTCB3QYDVR0jBIHVMIHSgBQcicOW
-zL3+MtUNjIExtpidjShkjaGBtqSBszCBsDELMAkGA1UEBhMCSUwxDzANBgNVBAgT
-BklzcmFlbDEOMAwGA1UEBxMFRWlsYXQxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4x
-GjAYBgNVBAsTEUNBIEF1dGhvcml0eSBEZXAuMSkwJwYDVQQDEyBGcmVlIFNTTCBD
-ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSYWRtaW5Ac3Rh
-cnRjb20ub3JnggEAMB0GA1UdEQQWMBSBEmFkbWluQHN0YXJ0Y29tLm9yZzAdBgNV
-HRIEFjAUgRJhZG1pbkBzdGFydGNvbS5vcmcwEQYJYIZIAYb4QgEBBAQDAgAHMC8G
-CWCGSAGG+EIBDQQiFiBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAy
-BglghkgBhvhCAQQEJRYjaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL2NhLWNybC5j
-cmwwKAYJYIZIAYb4QgECBBsWGWh0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy8wOQYJ
-YIZIAYb4QgEIBCwWKmh0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy9pbmRleC5waHA/
-YXBwPTExMTANBgkqhkiG9w0BAQQFAAOBgQBscSXhnjSRIe/bbL0BCFaPiNhBOlP1
-ct8nV0t2hPdopP7rPwl+KLhX6h/BquL/lp9JmeaylXOWxkjHXo0Hclb4g4+fd68p
-00UOpO6wNnQt8M2YI3s3S9r+UZjEHjQ8iP2ZO1CnwYszx8JSFhKVU2Ui77qLzmLb
-cCOxgN8aIDjnfg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
-BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
-biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF
-MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT
-d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
-CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8
-76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+
-bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c
-6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE
-emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd
-MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt
-MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y
-MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y
-FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi
-aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM
-gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB
-qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7
-lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn
-8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov
-L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6
-45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO
-UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5
-O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC
-bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv
-GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a
-77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC
-hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3
-92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp
-Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w
-ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
-Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
-BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu
-IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw
-WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD
-ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD
-ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y
-IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn
-IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+
-6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob
-jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw
-izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl
-+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY
-zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP
-pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF
-KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW
-ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB
-AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
-BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0
-ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW
-IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA
-A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0
-uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+
-FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7
-jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/
-u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D
-YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1
-puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa
-icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG
-DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x
-kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z
-Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE
-BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu
-IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow
-RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY
-U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
-MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv
-Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br
-YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF
-nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH
-6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt
-eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/
-c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ
-MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH
-HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf
-jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6
-5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB
-rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU
-F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c
-wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0
-cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB
-AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp
-WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9
-xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ
-2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ
-IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8
-aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X
-em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR
-dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/
-OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+
-hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy
-tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBk
-MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0
-YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg
-Q0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4MTgyMjA2MjBaMGQxCzAJBgNVBAYT
-AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp
-Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9
-m2BtRsiMMW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdih
-FvkcxC7mlSpnzNApbjyFNDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/
-TilftKaNXXsLmREDA/7n29uj/x2lzZAeAR81sH8A25Bvxn570e56eqeqDFdvpG3F
-EzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkCb6dJtDZd0KTeByy2dbco
-kdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn7uHbHaBu
-HYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNF
-vJbNcA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo
-19AOeCMgkckkKmUpWyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjC
-L3UcPX7ape8eYIVpQtPM+GP+HkM5haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJW
-bjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNYMUJDLXT5xp6mig/p/r+D5kNX
-JLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw
-FDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzc
-K6FptWfUjNP9MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzf
-ky9NfEBWMXrrpA9gzXrzvsMnjgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7Ik
-Vh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQMbFamIp1TpBcahQq4FJHgmDmHtqB
-sfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4HVtA4oJVwIHaM190e
-3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtlvrsR
-ls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ip
-mXeascClOS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HH
-b6D0jqTsNFFbjCYDcKF31QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksf
-rK/7DZBaZmBwXarNeNQk7shBoJMBkpxqnvy5JMWzFYJ+vq6VK+uxwNrjAWALXmms
-hFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCyx/yP2FS1k2Kdzs9Z+z0Y
-zirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMWNY6E0F/6
-MBr1mmz0DlP5OlvRHA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDXDCCAsWgAwIBAgICA+owDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYTAkRF
-MRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFU
-QyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJI
-MSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBMSkwJwYJKoZIhvcN
-AQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAeFw05ODAzMDkxMTU5NTla
-Fw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJERTEQMA4GA1UECBMHSGFtYnVy
-ZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMxVEMgVHJ1c3RDZW50ZXIgZm9y
-IFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1
-c3RDZW50ZXIgQ2xhc3MgMiBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVA
-dHJ1c3RjZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANo46O0y
-AClxgwENv4wB3NrGrTmkqYov1YtcaF9QxmL1Zr3KkSLsqh1R1z2zUbKDTl3LSbDw
-TFXlay3HhQswHJJOgtTKAu33b77c4OMUuAVT8pr0VotanoWT0bSCVq5Nu6hLVxa8
-/vhYnvgpjbB7zXjJT6yLZwzxnPv8V5tXXE8NAgMBAAGjazBpMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3
-LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G
-CSqGSIb3DQEBBAUAA4GBAIRS+yjf/x91AbwBvgRWl2p0QiQxg/lGsQaKic+WLDO/
-jLVfenKhhQbOhvgFjuj5Jcrag4wGrOs2bYWRNAQ29ELw+HkuCkhcq8xRT3h2oNms
-Gb0q0WkEKJHKNhAngFdb0lz1wlurZIFjdFH0l7/NEij3TWZ/p/AcASZ4smZHcFFk
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDXDCCAsWgAwIBAgICA+swDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYTAkRF
-MRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFU
-QyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJI
-MSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAzIENBMSkwJwYJKoZIhvcN
-AQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAeFw05ODAzMDkxMTU5NTla
-Fw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJERTEQMA4GA1UECBMHSGFtYnVy
-ZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMxVEMgVHJ1c3RDZW50ZXIgZm9y
-IFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1
-c3RDZW50ZXIgQ2xhc3MgMyBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVA
-dHJ1c3RjZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALa0wTUF
-Lg2N7KBAahwOJ6ZQkmtQGwfeLud2zODa/ISoXoxjaitN2U4CdhHBC/KNecoAtvGw
-Dtf7pBc9r6tpepYnv68zoZoqWarEtTcI8hKlMbZD9TKWcSgoq40oht+77uMMfTDW
-w1Krj10nnGvAo+cFa1dJRLNu6mTP0o56UHd3AgMBAAGjazBpMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3
-LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G
-CSqGSIb3DQEBBAUAA4GBABY9xs3Bu4VxhUafPiCPUSiZ7C1FIWMjWwS7TJC4iJIE
-Tb19AaM/9uzO8d7+feXhPrvGq14L3T2WxMup1Pkm5gZOngylerpuw3yCGdHHsbHD
-2w2Om0B8NwvxXej9H5CIpQ5ON2QhqE6NtJ/x3kit1VYYUimLRzQSCdS7kjXvD9s0
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEKzCCAxOgAwIBAgIEOsylTDANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJE
-SzEVMBMGA1UEChMMVERDIEludGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQg
-Um9vdCBDQTAeFw0wMTA0MDUxNjMzMTdaFw0yMTA0MDUxNzAzMTdaMEMxCzAJBgNV
-BAYTAkRLMRUwEwYDVQQKEwxUREMgSW50ZXJuZXQxHTAbBgNVBAsTFFREQyBJbnRl
-cm5ldCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLhA
-vJHVYx/XmaCLDEAedLdInUaMArLgJF/wGROnN4NrXceO+YQwzho7+vvOi20jxsNu
-Zp+Jpd/gQlBn+h9sHvTQBda/ytZO5GhgbEaqHF1j4QeGDmUApy6mcca8uYGoOn0a
-0vnRrEvLznWv3Hv6gXPU/Lq9QYjUdLP5Xjg6PEOo0pVOd20TDJ2PeAG3WiAfAzc1
-4izbSysseLlJ28TQx5yc5IogCSEWVmb/Bexb4/DPqyQkXsN/cHoSxNK1EKC2IeGN
-eGlVRGn1ypYcNIUXJXfi9i8nmHj9eQY6otZaQ8H/7AQ77hPv01ha/5Lr7K7a8jcD
-R0G2l8ktCkEiu7vmpwIDAQABo4IBJTCCASEwEQYJYIZIAYb4QgEBBAQDAgAHMGUG
-A1UdHwReMFwwWqBYoFakVDBSMQswCQYDVQQGEwJESzEVMBMGA1UEChMMVERDIElu
-dGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQgUm9vdCBDQTENMAsGA1UEAxME
-Q1JMMTArBgNVHRAEJDAigA8yMDAxMDQwNTE2MzMxN1qBDzIwMjEwNDA1MTcwMzE3
-WjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUbGQBx/2FbazI2p5QCIUItTxWqFAw
-HQYDVR0OBBYEFGxkAcf9hW2syNqeUAiFCLU8VqhQMAwGA1UdEwQFMAMBAf8wHQYJ
-KoZIhvZ9B0EABBAwDhsIVjUuMDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQBO
-Q8zR3R0QGwZ/t6T609lN+yOfI1Rb5osvBCiLtSdtiaHsmGnc540mgwV5dOy0uaOX
-wTUA/RXaOYE6lTGQ3pfphqiZdwzlWqCE/xIWrG64jcN7ksKsLtB9KOy282A4aW8+
-2ARVPp7MVdK6/rtHBNcK2RYKNCn1WBPVT8+PVkuzHu7TmHnaCB4Mb7j4Fifvwm89
-9qNLPg7kbWzbO0ESm70NRyN/PErQr8Cv9u8btRXE64PECV90i9kR+8JWsTz4cMo0
-jUNAE4z9mQNUecYu6oah9jrUCbz0vGbMPVjQV0kK7iXiQe4T+Zs4NNEA9X7nlB38
-aQNiuJkFBT1reBK9sG9l
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFGTCCBAGgAwIBAgIEPki9xDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJE
-SzEMMAoGA1UEChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTAeFw0wMzAyMTEw
-ODM5MzBaFw0zNzAyMTEwOTA5MzBaMDExCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwNU
-REMxFDASBgNVBAMTC1REQyBPQ0VTIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEArGL2YSCyz8DGhdfjeebM7fI5kqSXLmSjhFuHnEz9pPPEXyG9VhDr
-2y5h7JNp46PMvZnDBfwGuMo2HP6QjklMxFaaL1a8z3sM8W9Hpg1DTeLpHTk0zY0s
-2RKY+ePhwUp8hjjEqcRhiNJerxomTdXkoCJHhNlktxmW/OwZ5LKXJk5KTMuPJItU
-GBxIYXvViGjaXbXqzRowwYCDdlCqT9HU3Tjw7xb04QxQBr/q+3pJoSgrHPb8FTKj
-dGqPqcNiKXEx5TukYBdedObaE+3pHx8b0bJoc8YQNHVGEBDjkAB2QMuLt0MJIf+r
-TpPGWOmlgtt3xDqZsXKVSQTwtyv6e1mO3QIDAQABo4ICNzCCAjMwDwYDVR0TAQH/
-BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgewGA1UdIASB5DCB4TCB3gYIKoFQgSkB
-AQEwgdEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuY2VydGlmaWthdC5kay9yZXBv
-c2l0b3J5MIGdBggrBgEFBQcCAjCBkDAKFgNUREMwAwIBARqBgUNlcnRpZmlrYXRl
-ciBmcmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMi4yMDguMTY5LjEu
-MS4xLiBDZXJ0aWZpY2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIg
-T0lEIDEuMi4yMDguMTY5LjEuMS4xLjARBglghkgBhvhCAQEEBAMCAAcwgYEGA1Ud
-HwR6MHgwSKBGoESkQjBAMQswCQYDVQQGEwJESzEMMAoGA1UEChMDVERDMRQwEgYD
-VQQDEwtUREMgT0NFUyBDQTENMAsGA1UEAxMEQ1JMMTAsoCqgKIYmaHR0cDovL2Ny
-bC5vY2VzLmNlcnRpZmlrYXQuZGsvb2Nlcy5jcmwwKwYDVR0QBCQwIoAPMjAwMzAy
-MTEwODM5MzBagQ8yMDM3MDIxMTA5MDkzMFowHwYDVR0jBBgwFoAUYLWF7FZkfhIZ
-J2cdUBVLc647+RIwHQYDVR0OBBYEFGC1hexWZH4SGSdnHVAVS3OuO/kSMB0GCSqG
-SIb2fQdBAAQQMA4bCFY2LjA6NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEACrom
-JkbTc6gJ82sLMJn9iuFXehHTuJTXCRBuo7E4A9G28kNBKWKnctj7fAXmMXAnVBhO
-inxO5dHKjHiIzxvTkIvmI/gLDjNDfZziChmPyQE+dF10yYscA+UYyAFMP8uXBV2Y
-caaYb7Z8vTd/vuGTJW1v8AqtFxjhA7wHKcitJuj4YfD9IQl+mo6paH1IYnK9AOoB
-mbgGglGBTvH1tJFUuSN6AJqfXY3gPGS5GhKSKseCRHI53OI8xthV9RVOyAUO28bQ
-YqbsFbS1AoLbrIyigfCbmTH1ICCoiGEKB5+U/NDXG8wuF/MEJ3Zn61SD/aSQfgY9
-BKNDLdr8C2LqL19iUw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID+zCCAuOgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBtzE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGDAJUUjEPMA0GA1UEBwwGQU5LQVJBMVYwVAYDVQQKDE0oYykg
-MjAwNSBUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8
-dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjAeFw0wNTA1MTMxMDI3MTdaFw0xNTAz
-MjIxMDI3MTdaMIG3MT8wPQYDVQQDDDZUw5xSS1RSVVNUIEVsZWt0cm9uaWsgU2Vy
-dGlmaWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLExCzAJBgNVBAYMAlRSMQ8wDQYD
-VQQHDAZBTktBUkExVjBUBgNVBAoMTShjKSAyMDA1IFTDnFJLVFJVU1QgQmlsZ2kg
-xLBsZXRpxZ9pbSB2ZSBCaWxpxZ9pbSBHw7x2ZW5sacSfaSBIaXptZXRsZXJpIEEu
-xZ4uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylIF1mMD2Bxf3dJ7
-XfIMYGFbazt0K3gNfUW9InTojAPBxhEqPZW8qZSwu5GXyGl8hMW0kWxsE2qkVa2k
-heiVfrMArwDCBRj1cJ02i67L5BuBf5OI+2pVu32Fks66WJ/bMsW9Xe8iSi9BB35J
-YbOG7E6mQW6EvAPs9TscyB/C7qju6hJKjRTP8wrgUDn5CDX4EVmt5yLqS8oUBt5C
-urKZ8y1UiBAG6uEaPj1nH/vO+3yC6BFdSsG5FOpU2WabfIl9BJpiyelSPJ6c79L1
-JuTm5Rh8i27fbMx4W09ysstcP4wFjdFMjK2Sx+F4f2VsSQZQLJ4ywtdKxnWKWU51
-b0dewQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAV
-9VX/N5aAWSGk/KEVTCD21F/aAyT8z5Aa9CEKmu46sWrv7/hg0Uw2ZkUd82YCdAR7
-kjCo3gp2D++Vbr3JN+YaDayJSFvMgzbC9UZcWYJWtNX+I7TYVBxEq8Sn5RTOPEFh
-fEPmzcSBCYsk+1Ql1haolgxnB2+zUEfjHCQo3SqYpGH+2+oSN7wBGjSFvW5P55Fy
-B0SFHljKVETd96y5y4khctuPwGkplyqjrhgjlxxBKot8KsF8kOipKMDTkcatKIdA
-aLX/7KfS0zgYnNN9aV3wxqUeJBujR/xpB2jn5Jq07Q+hh4cCzofSSE7hvP/L8XKS
-RGQDJereW26fyfJOrN3H
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEPDCCAySgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvjE/MD0GA1UEAww2VMOc
-UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
-c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV0wWwYDVQQKDFRUw5xS
-S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
-SGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtIDIwMDUwHhcNMDUxMTA3MTAwNzU3
-WhcNMTUwOTE2MTAwNzU3WjCBvjE/MD0GA1UEAww2VMOcUktUUlVTVCBFbGVrdHJv
-bmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJU
-UjEPMA0GA1UEBwwGQW5rYXJhMV0wWwYDVQQKDFRUw5xSS1RSVVNUIEJpbGdpIMSw
-bGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWe
-LiAoYykgS2FzxLFtIDIwMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCpNn7DkUNMwxmYCMjHWHtPFoylzkkBH3MOrHUTpvqeLCDe2JAOCtFp0if7qnef
-J1Il4std2NiDUBd9irWCPwSOtNXwSadktx4uXyCcUHVPr+G1QRT0mJKIx+XlZEdh
-R3n9wFHxwZnn3M5q+6+1ATDcRhzviuyV79z/rxAc653YsKpqhRgNF8k+v/Gb0AmJ
-Qv2gQrSdiVFVKc8bcLyEVK3BEx+Y9C52YItdP5qtygy/p1Zbj3e41Z55SZI/4PGX
-JHpsmxcPbe9TmJEr5A++WXkHeLuXlfSfadRYhwqp48y2WBmfJiGxxFmNskF1wK1p
-zpwACPI2/z7woQ8arBT9pmAPAgMBAAGjQzBBMB0GA1UdDgQWBBTZN7NOBf3Zz58S
-Fq62iS/rJTqIHDAPBgNVHQ8BAf8EBQMDBwYAMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
-KoZIhvcNAQEFBQADggEBAHJglrfJ3NgpXiOFX7KzLXb7iNcX/nttRbj2hWyfIvwq
-ECLsqrkw9qtY1jkQMZkpAL2JZkH7dN6RwRgLn7Vhy506vvWolKMiVW4XSf/SKfE4
-Jl3vpao6+XF75tpYHdN0wgH6PmlYX63LaL4ULptswLbcoCb6dxriJNoaN+BnrdFz
-gw2lGh1uEpJ+hGIAF728JRhX8tepb1mIvDS3LoV4nZbcFMMsilKbloxSZj2GFotH
-uFEJjOp9zYhys2AzsfAKRO8P9Qk3iCQOLGsgOqL6EfJANZxEaGM7rDNvY7wsu/LS
-y3Z9fYjYHcgFHW68lKlmjHdxx/qR+i9Rnuk5UrbnBEI=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
-MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow
-PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
-AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR
-IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q
-gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy
-yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts
-F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2
-jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx
-ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC
-VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK
-YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH
-EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN
-Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud
-DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE
-MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK
-UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ
-TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf
-qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK
-ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE
-JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7
-hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1
-EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm
-nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX
-udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz
-ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe
-LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
-pYYsfPQS
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDITCCAoqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
-VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
-ZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFBlcnNvbmFsIEJhc2lj
-IENBMSgwJgYJKoZIhvcNAQkBFhlwZXJzb25hbC1iYXNpY0B0aGF3dGUuY29tMB4X
-DTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgcsxCzAJBgNVBAYTAlpBMRUw
-EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UE
-ChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQZXJzb25hbCBCYXNpYyBD
-QTEoMCYGCSqGSIb3DQEJARYZcGVyc29uYWwtYmFzaWNAdGhhd3RlLmNvbTCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvLyTU23AUE+CFeZIlDWmWr5vQvoPR+53
-dXLdjUmbllegeNTKP1GzaQuRdhciB5dqxFGTS+CN7zeVoQxN2jSQHReJl+A1OFdK
-wPQIcOk8RHtQfmGakOMj04gRRif1CwcOu93RfyAKiLlWCy4cgNrx454p7xS9CkT7
-G1sY0b8jkyECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQF
-AAOBgQAt4plrsD16iddZopQBHyvdEktTwq1/qqcAXJFAVyVKOKqEcLnZgA+le1z7
-c8a914phXAPjLSeoF+CEhULcXpvGt7Jtu3Sv5D/Lp7ew4F2+eIMllNLbgQ95B21P
-9DkVWlIBe94y1k049hJcBlDfBVu9FEuh3ym6O0GN92NWod8isQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDLTCCApagAwIBAgIBADANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
-VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
-ZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVt
-YWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUu
-Y29tMB4XDTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgdExCzAJBgNVBAYT
-AlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEa
-MBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRp
-b24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBG
-cmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhh
-d3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1GnX1LCUZFtx6UfY
-DFG26nKRsIRefS0Nj3sS34UldSh0OkIsYyeflXtL734Zhx2G6qPduc6WZBrCFG5E
-rHzmj+hND3EfQDimAKOHePb5lIZererAXnbr2RSjXW56fAylS1V/Bhkpf56aJtVq
-uzgkCGqYx7Hao5iR/Xnb5VrEHLkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zAN
-BgkqhkiG9w0BAQQFAAOBgQDH7JJ+Tvj1lqVnYiqk8E0RYNBvjWBYYawmu1I1XAjP
-MPuoSpaKH2JCI4wXD/S6ZJwXrEcp352YXtJsYHFcoqzceePnbgBHH7UNKOgCneSa
-/RP0ptl8sfjcXyMmCZGAc9AUG95DqYMl8uacLxXK/qarigd1iwzdUYRr5PjRznei
-gQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDKTCCApKgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBzzELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
-VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
-ZXJ2aWNlcyBEaXZpc2lvbjEjMCEGA1UEAxMaVGhhd3RlIFBlcnNvbmFsIFByZW1p
-dW0gQ0ExKjAoBgkqhkiG9w0BCQEWG3BlcnNvbmFsLXByZW1pdW1AdGhhd3RlLmNv
-bTAeFw05NjAxMDEwMDAwMDBaFw0yMDEyMzEyMzU5NTlaMIHPMQswCQYDVQQGEwJa
-QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAY
-BgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9u
-IFNlcnZpY2VzIERpdmlzaW9uMSMwIQYDVQQDExpUaGF3dGUgUGVyc29uYWwgUHJl
-bWl1bSBDQTEqMCgGCSqGSIb3DQEJARYbcGVyc29uYWwtcHJlbWl1bUB0aGF3dGUu
-Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJZtn4B0TPuYwu8KHvE0Vs
-Bd/eJxZRNkERbGw77f4QfRKe5ZtCmv5gMcNmt3M6SK5O0DI3lIi1DbbZ8/JE2dWI
-Et12TfIa/G8jHnrx2JhFTgcQ7xZC0EN1bUre4qrJMf8fAHB8Zs8QJQi6+u4A6UYD
-ZicRFTuqW/KY3TZCstqIdQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
-SIb3DQEBBAUAA4GBAGk2ifc0KjNyL2071CKyuG+axTZmDhs8obF1Wub9NdP4qPIH
-b4Vnjt4rueIXsDqg8A6iAJrf8xQVbrvIhVqYgPn/vnQdPfP+MCXRNzRn+qVxeTBh
-KXLA4CxM+1bkOqhv5TJZUtt1KFBZDPgLGeSs2a+WjS9Q2wfD6h+rM+D1KzGJ
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
-VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
-biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
-dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
-MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
-MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
-A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
-b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
-cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
-VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
-ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
-uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
-9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
-hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
-pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
-VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
-biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
-MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
-MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
-DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
-dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
-cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
-DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
-gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
-yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
-L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
-EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
-7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
-QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
-qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICoTCCAgqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBizELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTEUMBIGA1UEBxMLRHVyYmFudmlsbGUxDzAN
-BgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUVGhhd3RlIENlcnRpZmljYXRpb24xHzAd
-BgNVBAMTFlRoYXd0ZSBUaW1lc3RhbXBpbmcgQ0EwHhcNOTcwMTAxMDAwMDAwWhcN
-MjAxMjMxMjM1OTU5WjCBizELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g
-Q2FwZTEUMBIGA1UEBxMLRHVyYmFudmlsbGUxDzANBgNVBAoTBlRoYXd0ZTEdMBsG
-A1UECxMUVGhhd3RlIENlcnRpZmljYXRpb24xHzAdBgNVBAMTFlRoYXd0ZSBUaW1l
-c3RhbXBpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYrWHhhRYZT
-6jR7UZztsOYuGA7+4F+oJ9O0yeB8WU4WDnNUYMF/9p8u6TqFJBU820cEY8OexJQa
-Wt9MevPZQx08EHp5JduQ/vBR5zDWQQD9nyjfeb6Uu522FOMjhdepQeBMpHmwKxqL
-8vg7ij5FrHGSALSQQZj7X+36ty6K+Ig3AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMB
-Af8wDQYJKoZIhvcNAQEEBQADgYEAZ9viwuaHPUCDhjc1fR/OmsMMZiCouqoEiYbC
-9RAIDb/LogWK0E02PvTX72nGXuSwlG9KuefeW4i2e9vjJ+V2w/A1wcu1J5szedyQ
-pgCed/r8zSeUQhac0xxo7L9c3eWpexAKMnRUEzGLhQOEkbdYATAUOK8oyvyxUBkZ
-CayJSdM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEZDCCA0ygAwIBAgIQRL4Mi1AAJLQR0zYwS8AzdzANBgkqhkiG9w0BAQUFADCB
-ozELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzApBgNVBAMTIlVUTi1VU0VSRmlyc3Qt
-TmV0d29yayBBcHBsaWNhdGlvbnMwHhcNOTkwNzA5MTg0ODM5WhcNMTkwNzA5MTg1
-NzQ5WjCBozELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0
-IExha2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYD
-VQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzApBgNVBAMTIlVUTi1VU0VS
-Rmlyc3QtTmV0d29yayBBcHBsaWNhdGlvbnMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCz+5Gh5DZVhawGNFugmliy+LUPBXeDrjKxdpJo7CNKyXY/45y2
-N3kDuatpjQclthln5LAbGHNhSuh+zdMvZOOmfAz6F4CjDUeJT1FxL+78P/m4FoCH
-iZMlIJpDgmkkdihZNaEdwH+DBmQWICzTSaSFtMBhf1EI+GgVkYDLpdXuOzr0hARe
-YFmnjDRy7rh4xdE7EkpvfmUnuaRVxblvQ6TFHSyZwFKkeEwVs0CYCGtDxgGwenv1
-axwiP8vv/6jQOkt2FZ7S0cYu49tXGzKiuG/ohqY/cKvlcJKrRB5AUPuco2LkbG6g
-yN7igEL66S/ozjIEj3yNtxyjNTwV3Z7DrpelAgMBAAGjgZEwgY4wCwYDVR0PBAQD
-AgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFPqGydvguul49Uuo1hXf8NPh
-ahQ8ME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
-VE4tVVNFUkZpcnN0LU5ldHdvcmtBcHBsaWNhdGlvbnMuY3JsMA0GCSqGSIb3DQEB
-BQUAA4IBAQCk8yXM0dSRgyLQzDKrm5ZONJFUICU0YV8qAhXhi6r/fWRRzwr/vH3Y
-IWp4yy9Rb/hCHTO967V7lMPDqaAt39EpHx3+jz+7qEUqf9FuVSTiuwL7MT++6Lzs
-QCv4AdRWOOTKRIK1YSAhZ2X28AvnNPilwpyjXEAfhZOVBt5P1CeptqX8Fs1zMT+4
-ZSfP1FMa8Kxun08FDAOBp4QpxFq9ZFdyrTvPNximmMatBrTcCKME1SmklpoSZ0qM
-YEWd8SOasACcaLWYUNPvji6SZbFIPiG+FTAqDbUMo2s/rn9X9R+WfN9v3YIwLGUb
-QErNaLly7HF27FSOH4UMAWr6pjisH8SE
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEXjCCA0agAwIBAgIQRL4Mi1AAIbQR0ypoBqmtaTANBgkqhkiG9w0BAQUFADCB
-kzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xGzAZBgNVBAMTElVUTiAtIERBVEFDb3Jw
-IFNHQzAeFw05OTA2MjQxODU3MjFaFw0xOTA2MjQxOTA2MzBaMIGTMQswCQYDVQQG
-EwJVUzELMAkGA1UECBMCVVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYD
-VQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cu
-dXNlcnRydXN0LmNvbTEbMBkGA1UEAxMSVVROIC0gREFUQUNvcnAgU0dDMIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+5YEKIrblXEjr8uRgnn4AgPLit6
-E5Qbvfa2gI5lBZMAHryv4g+OGQ0SR+ysraP6LnD43m77VkIVni5c7yPeIbkFdicZ
-D0/Ww5y0vpQZY/KmEQrrU0icvvIpOxboGqBMpsn0GFlowHDyUwDAXlCCpVZvNvlK
-4ESGoE1O1kduSUrLZ9emxAW5jh70/P/N5zbgnAVssjMiFdC04MwXwLLA9P4yPykq
-lXvY8qdOD1R8oQ2AswkDwf9c3V6aPryuvEeKaq5xyh+xKrhfQgUL7EYw0XILyulW
-bfXv33i+Ybqypa4ETLyorGkVl73v67SMvzX41MPRKA5cOp9wGDMgd8SirwIDAQAB
-o4GrMIGoMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRT
-MtGzz3/64PGgXYVOktKeRR20TzA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3Js
-LnVzZXJ0cnVzdC5jb20vVVROLURBVEFDb3JwU0dDLmNybDAqBgNVHSUEIzAhBggr
-BgEFBQcDAQYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMA0GCSqGSIb3DQEBBQUAA4IB
-AQAnNZcAiosovcYzMB4p/OL31ZjUQLtgyr+rFywJNn9Q+kHcrpY6CiM+iVnJowft
-Gzet/Hy+UUla3joKVAgWRcKZsYfNjGjgaQPpxE6YsjuMFrMOoAyYUJuTqXAJyCyj
-j98C5OBxOvG0I3KgqgHf35g+FFCgMSa9KOlaMCZ1+XtgHI3zzVAmbQQnmt/VDUVH
-KWss5nbZqSl9Mt3JNjy9rjXxEZ4du5A/EkdOjtd+D2JzHVImOBwYSf0wdJrE5SIv
-2MCN7ZF6TACPcn9d2t0bi0Vr591pl6jFVkwPDPafepE39peC4N1xaf92P2BNPM/3
-mfnGV/TJVTl4uix5yaaIK/QI
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB
-rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt
-Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa
-Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV
-BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l
-dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE
-AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B
-YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9
-hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l
-L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm
-SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM
-1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws
-6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
-DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw
-Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50
-aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
-AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u
-7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0
-xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ
-rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim
-eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk
-USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
-lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
-Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
-dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
-SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
-A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
-MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
-d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
-cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
-0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
-M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
-MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
-oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
-DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
-oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
-VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
-dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
-bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
-BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
-CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
-CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
-3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
-KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
-IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
-BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
-aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
-9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNTIyMjM0OFoXDTE5MDYy
-NTIyMjM0OFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
-azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
-YXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
-Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
-cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYWYJ6ibiWuqYvaG9Y
-LqdUHAZu9OqNSLwxlBfw8068srg1knaw0KWlAdcAAxIiGQj4/xEjm84H9b9pGib+
-TunRf50sQB1ZaG6m+FiwnRqP0z/x3BkGgagO4DrdyFNFCQbmD3DD+kCmDuJWBQ8Y
-TfwggtFzVXSNdnKgHZ0dwN0/cQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFBoPUn0
-LBwGlN+VYH+Wexf+T3GtZMjdd9LvWVXoP+iOBSoh8gfStadS/pyxtuJbdxdA6nLW
-I8sogTLDAHkY7FkXicnGah5xyf23dKUlRWnFSKsZ4UWKJWsZ7uW7EvV/96aNUcPw
-nXS3qT6gpf+2SQMT2iLM7XGCK5nPOrf1LXLI
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0
-IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz
-BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y
-aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG
-9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE5MDYy
-NjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y
-azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs
-YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw
-Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl
-cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5avIWZJV16vY
-dA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zfN1SLUzm1NZ9
-WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7RfZHM047QS
-v4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9v
-UJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTu
-IYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwC
-W/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
-MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
-ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
-biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
-U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
-aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
-nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
-t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
-SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
-BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
-rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
-NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
-BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
-BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
-aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
-MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
-p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
-5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
-WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
-4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
-hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICPTCCAaYCEQDNun9W8N/kvFT+IqyzcqpVMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
-c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
-NjAxMjkwMDAwMDBaFw0yODA4MDEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
-VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJp
-bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEA5Rm/baNWYS2ZSHH2Z965jeu3noaACpEO+jglr0aIguVzqKCbJF0N
-H8xlbgyw0FaEGIeaBpsQoXPftFg5a27B9hXVqKg/qhIGjTGsf7A01480Z4gJzRQR
-4k5FVmkfeAKA2txHkSm7NsljXMXg1y2He6G3MrB7MLoqLzGq7qNn2tsCAwEAATAN
-BgkqhkiG9w0BAQIFAAOBgQBMP7iLxmjf7kMzDl3ppssHhE16M/+SG/Q2rdiVIjZo
-EWx8QszznC7EBz8UsA9P/5CSdvnivErpj82ggAr3xSnxgiJduLHdgSOjeyUVRjB5
-FvjqBUuUfx3CHMjjt/QQQDwTw18fU+hI5Ia0e6E1sHslurjTjqs/OJ0ANACY89Fx
-lA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDAjCCAmsCEEzH6qqYPnHTkxD4PTqJkZIwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
-c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
-MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
-emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
-DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
-YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
-MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
-AQUAA4GNADCBiQKBgQCq0Lq+Fi24g9TK0g+8djHKlNgdk4xWArzZbxpvUjZudVYK
-VdPfQ4chEWWKfo+9Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIqWpDBucSm
-Fc/IReumXY6cPvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQID
-AQABMA0GCSqGSIb3DQEBBQUAA4GBAKlPww3HZ74sy9mozS11534Vnjty637rXC0J
-h9ZrbWB85a7FkCMMXErQr7Fd88e2CtvgFZMN3QO8x3aKtd1Pw5sTdbgBwObJW2ul
-uIncrKTdcu1OofdPvAbT6shkdHvClUGcZXNY8ZCaPGqxmMnEh7zPRW1F4m4iP/68
-DzFc6PLZ
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw
-CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
-cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
-LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
-aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
-VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
-bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
-IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
-LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4
-nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO
-8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV
-ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb
-PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2
-6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr
-n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a
-qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4
-wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3
-ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs
-pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4
-E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICPDCCAaUCEC0b/EoXjaOR6+f/9YtFvgswDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
-cyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
-MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
-BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAyIFB1YmxpYyBQcmlt
-YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
-ADCBiQKBgQC2WoujDWojg4BrzzmH9CETMwZMJaLtVRKXxaeAufqDwSCg+i8VDXyh
-YGt+eSz6Bg86rvYbb7HS/y8oUl+DfUvEerf4Zh+AVPy3wo5ZShRXRtGak75BkQO7
-FYCTXOvnzAhsPz6zSvz/S2wj1VCCJkQZjiPDceoZJEcEnnW/yKYAHwIDAQABMA0G
-CSqGSIb3DQEBAgUAA4GBAIobK/o5wXTXXtgZZKJYSi034DNHD6zt96rbHuSLBlxg
-J8pFUs4W7z8GZOeUaHxgMxURaa+dYo2jA1Rrpr7l7gUYYAS/QoD90KioHgE796Nc
-r6Pc5iaAIzy4RHT3Cq5Ji2F4zCS/iIqnDupzGUH9TQPwiNHleI2lKk/2lw0Xd8rY
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw
-CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns
-YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH
-MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y
-aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe
-Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX
-MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj
-IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx
-KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
-eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B
-AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM
-HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw
-DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC
-AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji
-nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX
-rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn
-jBJ7xUS0rg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
-aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s
-IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp
-Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
-eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV
-BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp
-Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu
-Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g
-Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
-IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU
-J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO
-JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY
-wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o
-koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN
-qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E
-Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe
-xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u
-7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU
-sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI
-sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP
-cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
-cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
-MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
-BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
-YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
-ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
-BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
-I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
-CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
-lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
-AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
-c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
-MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
-emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
-DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
-YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
-MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
-AQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4
-pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg0
-13gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwID
-AQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSk
-U01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i
-F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpY
-oJ2daZH9
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
-CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
-cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
-LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
-aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
-VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
-bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
-IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
-LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b
-N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t
-KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu
-kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm
-CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ
-Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu
-imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te
-2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe
-DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC
-/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p
-F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt
-TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDAjCCAmsCEDKIjprS9esTR/h/xCA3JfgwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
-c3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
-MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp
-emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X
-DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo
-YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5
-MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB
-AQUAA4GNADCBiQKBgQC68OTP+cSuhVS5B1f5j8V/aBH4xBewRNzjMHPVKmIquNDM
-HO0oW369atyzkSTKQWI8/AIBvxwWMZQFl3Zuoq29YRdsTjCG8FE3KlDHqGKB3FtK
-qsGgtG7rL+VXxbErQHDbWk2hjh+9Ax/YA9SPTJlxvOKCzFjomDqG04Y48wApHwID
-AQABMA0GCSqGSIb3DQEBBQUAA4GBAIWMEsGnuVAVess+rLhDityq3RS6iYF+ATwj
-cSGIL4LcY/oCRaxFWdcqWERbt5+BO5JoPeI3JPV7bI92NZYJqFmduc4jq3TWg/0y
-cyfYaT5DdPauxYma51N86Xv2S/PBZYPejYqcPIiNOVn8qj8ijaHBZlCBckztImRP
-T8qAkbYp
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGjCCAwICEQDsoKeLbnVqAc/EfMwvlF7XMA0GCSqGSIb3DQEBBQUAMIHKMQsw
-CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl
-cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu
-LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT
-aWduIENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD
-VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ
-bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu
-IENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
-LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3LpRFpxlmr8Y+1
-GQ9Wzsy1HyDkniYlS+BzZYlZ3tCD5PUPtbut8XzoIfzk6AzufEUiGXaStBO3IFsJ
-+mGuqPKljYXCKtbeZjbSmwL0qJJgfJxptI8kHtCGUvYynEFYHiK9zUVilQhu0Gbd
-U6LM8BDcVHOLBKFGMzNcF0C5nk3T875Vg+ixiY5afJqWIpA7iCXy0lOIAgwLePLm
-NxdLMEYH5IBtptiWLugs+BGzOA1mppvqySNb247i8xOOGlktqgLw7KSHZtzBP/XY
-ufTsgsbSPZUd5cBPhMnZo0QoBmrXRazwa2rvTl/4EYIeOGM0ZlDUPpNz+jDDZq3/
-ky2X7wMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAj/ola09b5KROJ1WrIhVZPMq1
-CtRK26vdoV9TxaBXOcLORyu+OshWv8LZJxA6sQU8wHcxuzrTBXttmhwwjIDLk5Mq
-g6sFUYICABFna/OIYUdfA5PVWw3g8dShMjWFsjrbsIKr0csKvE+MW8VLADsfKoKm
-fjaF3H48ZwC15DtS4KjrXRX5xm3wrR0OhbepmnMUWluPQSjA1egtTaRezarZ7c7c
-2NU8Qh0XwRJdRTjDOPP8hS6DRkiy1yBfkjaP53kPmF6Z6PDQpLv1U70qzlmwr25/
-bLvSHgCwIe34QWKCudiyxLtGUPMxxY8BqHTr9Xgn2uf3ZkPznoM+IKrDNWCRzg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDzTCCAzagAwIBAgIQU2GyYK7bcY6nlLMTM/QHCTANBgkqhkiG9w0BAQUFADCB
-wTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTwwOgYDVQQL
-EzNDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
-IC0gRzIxOjA4BgNVBAsTMShjKSAxOTk4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1
-dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv
-cmswHhcNMDAwOTI2MDAwMDAwWhcNMTAwOTI1MjM1OTU5WjCBpTEXMBUGA1UEChMO
-VmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsx
-OzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5j
-b20vcnBhIChjKTAwMSwwKgYDVQQDEyNWZXJpU2lnbiBUaW1lIFN0YW1waW5nIEF1
-dGhvcml0eSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0hmdZ8IAIVli
-zrQJIkRpivglWtvtDbc2fk7gu5Q+kCWHwmFHKdm9VLhjzCx9abQzNvQ3B5rB3UBU
-/OB4naCTuQk9I1F/RMIUdNsKvsvJMDRAmD7Q1yUQgZS9B0+c1lQn3y6ov8uQjI11
-S7zi6ESHzeZBCiVu6PQkAsVSD27smHUCAwEAAaOB3zCB3DAPBgNVHRMECDAGAQH/
-AgEAMEUGA1UdIAQ+MDwwOgYMYIZIAYb4RQEHFwEDMCowKAYIKwYBBQUHAgEWHGh0
-dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwMQYDVR0fBCowKDAmoCSgIoYgaHR0
-cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwCwYDVR0PBAQDAgEGMEIGCCsG
-AQUFBwEBBDYwNDAyBggrBgEFBQcwAaYmFiRodHRwOi8vb2NzcC52ZXJpc2lnbi5j
-b20vb2NzcC9zdGF0dXMwDQYJKoZIhvcNAQEFBQADgYEAgnBold+2DcIBcBlK0lRW
-HqzyRUyHuPU163hLBanInTsZIS5wNEqi9YngFXVF5yg3ADQnKeg3S/LvRJdrF1Ea
-w1adPBqK9kpGRjeM+sv1ZFo4aC4cw+9wzrhGBha/937ntag+RaypJXUie28/sJyU
-58dzq6wf7iWbwBbtt8pb8BQ=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDgDCCAmigAwIBAgICAx4wDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMCVVMx
-DTALBgNVBAoTBFZJU0ExLzAtBgNVBAsTJlZpc2EgSW50ZXJuYXRpb25hbCBTZXJ2
-aWNlIEFzc29jaWF0aW9uMRIwEAYDVQQDEwlHUCBSb290IDIwHhcNMDAwODE2MjI1
-MTAwWhcNMjAwODE1MjM1OTAwWjBhMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklT
-QTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRp
-b24xEjAQBgNVBAMTCUdQIFJvb3QgMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
-AQoCggEBAKkBcLWqxEDwq2omYXkZAPy/mzdZDK9vZBv42pWUJGkzEXDK41Z0ohdX
-ZFwgBuHW73G3O/erwWnQSaSxBNf0V2KJXLB1LRckaeNCYOTudNargFbYiCjh+20i
-/SN8RnNPflRzHqgsVVh1t0zzWkWlAhr62p3DRcMiXvOL8WAp0sdftAw6UYPvMPjU
-58fy+pmjIlC++QU3o63tmsPm7IgbthknGziLgE3sucfFicv8GjLtI/C1AVj59o/g
-halMCXI5Etuz9c9OYmTaxhkVOmMd6RdVoUwiPDQyRvhlV7or7zaMavrZ2UT0qt2E
-1w0cslSsMoW0ZA3eQbuxNMYBhjJk1Z8CAwEAAaNCMEAwHQYDVR0OBBYEFJ59SzS/
-ca3CBfYDdYDOqU8axCRMMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
-MA0GCSqGSIb3DQEBBQUAA4IBAQAhpXYUVfmtJ3CPPPTVbMjMCqujmAuKBiPFyWHb
-mQdpNSYx/scuhMKZYdQN6X0uEyt8joW2hcdLzzW2LEc9zikv2G+fiRxkk78IvXbQ
-kIqUs38oW26sTTMs7WXcFsziza6kPWKSBpUmv9+55CCmc2rBvveURNZNbyoLaxhN
-dBA2aGpawWqn3TYpjLgwi08hPwAuVDAHOrqK5MOeyti12HvOdUVmB/RtLdh6yumJ
-ivIj2C/LbgA2T/vwLwHMD8AiZfSr4k5hLQOCfZEWtTDVFN5ex5D8ofyrEK9ca3Cn
-B+8phuiyJccg/ybdd+95RBTEvd07xQObdyPsoOy7Wjm1zK0G
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
-MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
-cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv
-bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw
-CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h
-dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l
-cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h
-2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E
-lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV
-ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq
-299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t
-vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL
-dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
-AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF
-AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR
-zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3
-LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
-7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw
-++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
-398znM/jra6O1I7mT1GvFpLgXPYHDw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMx
-IDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxs
-cyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9v
-dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcxMjEzMTcwNzU0WhcNMjIxMjE0
-MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdl
-bGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQD
-DC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+r
-WxxTkqxtnt3CxC5FlAM1iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjU
-Dk/41itMpBb570OYj7OeUt9tkTmPOL13i0Nj67eT/DBMHAGTthP796EfvyXhdDcs
-HqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8bJVhHlfXBIEyg1J55oNj
-z7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiBK0HmOFaf
-SZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/Slwxl
-AgMBAAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqG
-KGh0dHA6Ly9jcmwucGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0P
-AQH/BAQDAgHGMB0GA1UdDgQWBBQmlRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0j
-BIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGBi6SBiDCBhTELMAkGA1UEBhMC
-VVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNX
-ZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg
-Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEB
-ALkVsUSRzCPIK0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd
-/ZDJPHV3V3p9+N701NX3leZ0bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pB
-A4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSljqHyita04pO2t/caaH/+Xc/77szWn
-k4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+esE2fDbbFwRnzVlhE9
-iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJtylv
-2G0xffX8oRAHh84vWdw+WNs=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID5TCCAs2gAwIBAgIEOeSXnjANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBD
-ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9v
-dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDAxMDExMTY0MTI4WhcNMjEwMTE0
-MTY0MTI4WjCBgjELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSww
-KgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0G
-A1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVqDM7Jvk0/82bfuUER84A4n13
-5zHCLielTWi5MbqNQ1mXx3Oqfz1cQJ4F5aHiidlMuD+b+Qy0yGIZLEWukR5zcUHE
-SxP9cMIlrCL1dQu3U+SlK93OvRw6esP3E48mVJwWa2uv+9iWsWCaSOAlIiR5NM4O
-JgALTqv9i86C1y8IcGjBqAr5dE8Hq6T54oN+J3N0Prj5OEL8pahbSCOz6+MlsoCu
-ltQKnMJ4msZoGK43YjdeUXWoWGPAUe5AeH6orxqg4bB4nVCMe+ez/I4jsNtlAHCE
-AQgAFG5Uhpq6zPk3EPbg3oQtnaSFN9OH4xXQwReQfhkhahKpdv0SAulPIV4XAgMB
-AAGjYTBfMA8GA1UdEwEB/wQFMAMBAf8wTAYDVR0gBEUwQzBBBgtghkgBhvt7hwcB
-CzAyMDAGCCsGAQUFBwIBFiRodHRwOi8vd3d3LndlbGxzZmFyZ28uY29tL2NlcnRw
-b2xpY3kwDQYJKoZIhvcNAQEFBQADggEBANIn3ZwKdyu7IvICtUpKkfnRLb7kuxpo
-7w6kAOnu5+/u9vnldKTC2FJYxHT7zmu1Oyl5GFrvm+0fazbuSCUlFLZWohDo7qd/
-0D+j0MNdJu4HzMPBJCGHHt8qElNvQRbn7a6U+oxy+hNH8Dx+rn0ROhPs7fpvcmR7
-nX1/Jv16+yWt6j4pf0zjAFcysLPp7VMX2YuyFA4w6OXVE8Zkr8QA1dhYJPz1j+zx
-x32l2w8n0cbyQIjmH/ZhqPRCyLk306m+LFZ4wnKbWV01QIroTmMatukgalHizqSQ
-33ZwmVxwQ023tqcZZE6St8WRPH9IFmV7Fv3L/PvZ1dZPIWU7Sn9Ho/s=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB
-gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk
-MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY
-UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx
-NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3
-dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy
-dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB
-dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6
-38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP
-KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q
-DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4
-qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa
-JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi
-PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P
-BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs
-jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0
-eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD
-ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR
-vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt
-qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa
-IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy
-i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
-O+7ETPTsJ3xCwnR8gooJybQDJbw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFajCCBFKgAwIBAgIEPLU9RjANBgkqhkiG9w0BAQUFADBmMRIwEAYDVQQKEwli
-ZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENBczEzMDEGA1UEAxMq
-YmVUUlVTVGVkIFJvb3QgQ0EtQmFsdGltb3JlIEltcGxlbWVudGF0aW9uMB4XDTAy
-MDQxMTA3Mzg1MVoXDTIyMDQxMTA3Mzg1MVowZjESMBAGA1UEChMJYmVUUlVTVGVk
-MRswGQYDVQQLExJiZVRSVVNUZWQgUm9vdCBDQXMxMzAxBgNVBAMTKmJlVFJVU1Rl
-ZCBSb290IENBLUJhbHRpbW9yZSBJbXBsZW1lbnRhdGlvbjCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBALx+xDmcjOPWHIb/ymKt4H8wRXqOGrO4x/nRNv8i
-805qX4QQ+2aBw5R5MdKR4XeOGCrDFN5R9U+jK7wYFuK13XneIviCfsuBH/0nLI/6
-l2Qijvj/YaOcGx6Sj8CoCd8JEey3fTGaGuqDIQY8n7pc/5TqarjDa1U0Tz0yH92B
-FODEPM2dMPgwqZfT7syj0B9fHBOB1BirlNFjw55/NZKeX0Tq7PQiXLfoPX2k+Ymp
-kbIq2eszh+6l/ePazIjmiSZuxyuC0F6dWdsU7JGDBcNeDsYq0ATdcT0gTlgn/FP7
-eHgZFLL8kFKJOGJgB7Sg7KxrUNb9uShr71ItOrL/8QFArDcCAwEAAaOCAh4wggIa
-MA8GA1UdEwEB/wQFMAMBAf8wggG1BgNVHSAEggGsMIIBqDCCAaQGDysGAQQBsT4A
-AAEJKIORMTCCAY8wggFIBggrBgEFBQcCAjCCAToaggE2UmVsaWFuY2Ugb24gb3Ig
-dXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY3JlYXRlcyBhbiBhY2tub3dsZWRnbWVu
-dCBhbmQgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJk
-IHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgdGhlIENlcnRpZmljYXRpb24g
-UHJhY3RpY2UgU3RhdGVtZW50IGFuZCB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1l
-bnQsIHdoaWNoIGNhbiBiZSBmb3VuZCBhdCB0aGUgYmVUUlVTVGVkIHdlYiBzaXRl
-LCBodHRwOi8vd3d3LmJldHJ1c3RlZC5jb20vcHJvZHVjdHNfc2VydmljZXMvaW5k
-ZXguaHRtbDBBBggrBgEFBQcCARY1aHR0cDovL3d3dy5iZXRydXN0ZWQuY29tL3By
-b2R1Y3RzX3NlcnZpY2VzL2luZGV4Lmh0bWwwHQYDVR0OBBYEFEU9w6nR3D8kVpgc
-cxiIav+DR+22MB8GA1UdIwQYMBaAFEU9w6nR3D8kVpgccxiIav+DR+22MA4GA1Ud
-DwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASZK8o+6svfoNyYt5hhwjdrCA
-WXf82n+0S9/DZEtqTg6t8n1ZdwWtColzsPq8y9yNAIiPpqCy6qxSJ7+hSHyXEHu6
-7RMdmgduyzFiEuhjA6p9beP4G3YheBufS0OM00mG9htc9i5gFdPp43t1P9ACg9AY
-gkHNZTfqjjJ+vWuZXTARyNtIVBw74acT02pIk/c9jH8F6M7ziCpjBLjqflh8AXtb
-4cV97yHgjQ5dUX2xZ/2jvTg2xvI4hocalmhgRvsoFEdV4aeADGvi6t9NfJBIoDa9
-CReJf8Py05yc493EG931t3GzUwWJBtDLSoDByFOQtTwxiBdQn8nEDovYqAJjDQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFLDCCBBSgAwIBAgIEOU99hzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJX
-VzESMBAGA1UEChMJYmVUUlVTVGVkMRswGQYDVQQDExJiZVRSVVNUZWQgUm9vdCBD
-QXMxGjAYBgNVBAMTEWJlVFJVU1RlZCBSb290IENBMB4XDTAwMDYyMDE0MjEwNFoX
-DTEwMDYyMDEzMjEwNFowWjELMAkGA1UEBhMCV1cxEjAQBgNVBAoTCWJlVFJVU1Rl
-ZDEbMBkGA1UEAxMSYmVUUlVTVGVkIFJvb3QgQ0FzMRowGAYDVQQDExFiZVRSVVNU
-ZWQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANS0c3oT
-CjhVAb6JVuGUntS+WutKNHUbYSnE4a0IYCF4SP+00PpeQY1hRIfo7clY+vyTmt9P
-6j41ffgzeubx181vSUs9Ty1uDoM6GHh3o8/n9E1z2Jo7Gh2+lVPPIJfCzz4kUmwM
-jmVZxXH/YgmPqsWPzGCgc0rXOD8Vcr+il7dw6K/ifhYGTPWqZCZyByWtNfwYsSbX
-2P8ZDoMbjNx4RWc0PfSvHI3kbWvtILNnmrRhyxdviTX/507AMhLn7uzf/5cwdO2N
-R47rtMNE5qdMf1ZD6Li8tr76g5fmu/vEtpO+GRg+jIG5c4gW9JZDnGdzF5DYCW5j
-rEq2I8QBoa2k5MUCAwEAAaOCAfgwggH0MA8GA1UdEwEB/wQFMAMBAf8wggFZBgNV
-HSAEggFQMIIBTDCCAUgGCisGAQQBsT4BAAAwggE4MIIBAQYIKwYBBQUHAgIwgfQa
-gfFSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1
-bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0
-ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGFuZCBjZXJ0aWZpY2F0aW9uIHBy
-YWN0aWNlIHN0YXRlbWVudCwgd2hpY2ggY2FuIGJlIGZvdW5kIGF0IGJlVFJVU1Rl
-ZCdzIHdlYiBzaXRlLCBodHRwczovL3d3dy5iZVRSVVNUZWQuY29tL3ZhdWx0L3Rl
-cm1zMDEGCCsGAQUFBwIBFiVodHRwczovL3d3dy5iZVRSVVNUZWQuY29tL3ZhdWx0
-L3Rlcm1zMDQGA1UdHwQtMCswKaAnoCWkIzAhMRIwEAYDVQQKEwliZVRSVVNUZWQx
-CzAJBgNVBAYTAldXMB0GA1UdDgQWBBQquZtpLjub2M3eKjEENGvKBxirZzAfBgNV
-HSMEGDAWgBQquZtpLjub2M3eKjEENGvKBxirZzAOBgNVHQ8BAf8EBAMCAf4wDQYJ
-KoZIhvcNAQEFBQADggEBAHlh26Nebhax6nZR+csVm8tpvuaBa58oH2U+3RGFktTo
-Qb9+M70j5/Egv6S0phkBxoyNNXxlpE8JpNbYIxUFE6dDea/bow6be3ga8wSGWsb2
-jCBHOElQBp1yZzrwmAOtlmdE/D8QDYZN5AA7KXvOOzuZhmElQITcE2K3+spZ1gMe
-1lMBzW1MaFVA4e5rxyoAAEiCswoBw2AqDPeCNe5IhpbkdNQ96gFxugR1QKepfzk5
-mlWXKWWuGVUlBXJH0+gY3Ljpr0NzARJ0o+FcXxVdJPP55PS2Z2cS52QiivalQaYc
-tmBjRYoQtLpGEK5BV2VsPyMQPyEQWbfkQN0mDCP2qq4=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGUTCCBTmgAwIBAgIEPLVPQDANBgkqhkiG9w0BAQUFADBmMRIwEAYDVQQKEwli
-ZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENBczEzMDEGA1UEAxMq
-YmVUUlVTVGVkIFJvb3QgQ0EgLSBFbnRydXN0IEltcGxlbWVudGF0aW9uMB4XDTAy
-MDQxMTA4MjQyN1oXDTIyMDQxMTA4NTQyN1owZjESMBAGA1UEChMJYmVUUlVTVGVk
-MRswGQYDVQQLExJiZVRSVVNUZWQgUm9vdCBDQXMxMzAxBgNVBAMTKmJlVFJVU1Rl
-ZCBSb290IENBIC0gRW50cnVzdCBJbXBsZW1lbnRhdGlvbjCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBALr0RAOqEmq1Q+xVkrYwfTVXDNvzDSduTPdQqJtO
-K2/b9a0cS12zqcH+e0TrW6MFDR/FNCswACnxeECypP869AGIF37m1CbTukzqMvtD
-d5eHI8XbQ6P1KqNRXuE70mVpflUVm3rnafdE4Fe1FehmYA8NA/uCjqPoEXtsvsdj
-DheT389Lrm5zdeDzqrmkwAkbhepxKYhBMvnwKg5sCfJ0a2ZsUhMfGLzUPvfYbiCe
-yv78IZTuEyhL11xeDGbu6bsPwTSxfwh28z0mcMmLJR1iJAzqHHVOwBLkuhMdMCkt
-VjMFu5dZfsZJT4nXLySotohAtWSSU1Yk5KKghbNekLQSM80CAwEAAaOCAwUwggMB
-MIIBtwYDVR0gBIIBrjCCAaowggGmBg8rBgEEAbE+AAACCSiDkTEwggGRMIIBSQYI
-KwYBBQUHAgIwggE7GoIBN1JlbGlhbmNlIG9uIG9yIHVzZSBvZiB0aGlzIENlcnRp
-ZmljYXRlIGNyZWF0ZXMgYW4gYWNrbm93bGVkZ21lbnQgYW5kIGFjY2VwdGFuY2Ug
-b2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0
-aW9ucyBvZiB1c2UsIHRoZSBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu
-dCBhbmQgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50LCB3aGljaCBjYW4gYmUg
-Zm91bmQgYXQgdGhlIGJlVFJVU1RlZCB3ZWIgc2l0ZSwgaHR0cHM6Ly93d3cuYmV0
-cnVzdGVkLmNvbS9wcm9kdWN0c19zZXJ2aWNlcy9pbmRleC5odG1sMEIGCCsGAQUF
-BwIBFjZodHRwczovL3d3dy5iZXRydXN0ZWQuY29tL3Byb2R1Y3RzX3NlcnZpY2Vz
-L2luZGV4Lmh0bWwwEQYJYIZIAYb4QgEBBAQDAgAHMIGJBgNVHR8EgYEwfzB9oHug
-eaR3MHUxEjAQBgNVBAoTCWJlVFJVU1RlZDEbMBkGA1UECxMSYmVUUlVTVGVkIFJv
-b3QgQ0FzMTMwMQYDVQQDEypiZVRSVVNUZWQgUm9vdCBDQSAtIEVudHJ1c3QgSW1w
-bGVtZW50YXRpb24xDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMjAwMjA0MTEw
-ODI0MjdagQ8yMDIyMDQxMTA4NTQyN1owCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaA
-FH1w5a44iwY/qhwaj/nPJDCqhIQWMB0GA1UdDgQWBBR9cOWuOIsGP6ocGo/5zyQw
-qoSEFjAMBgNVHRMEBTADAQH/MB0GCSqGSIb2fQdBAAQQMA4bCFY2LjA6NC4wAwIE
-kDANBgkqhkiG9w0BAQUFAAOCAQEAKrgXzh8QlOu4mre5X+za95IkrNySO8cgjfKZ
-5V04ocI07cUTWVwFtStPYZuR+0H8/NU8TZh2BvWBfevdkObRVlTa4y0MnxEylCIB
-evZsLHRnBMylj44ss0O1lKLQfelifwa+JwGDnjr9iu6YQ0pr17WXOzq/T220Y/oz
-ADQuLW2WyXvKmWO6vvT2MKAtmJbpVkQFqUSjYRDrgqFnXbxdJ3Wqiig2KjiS2d2k
-XgClzMx8KSreKJCrt+G2/30lC0DYqjSjLd4H61/OCt3Kfjp9JsFiaDrmLzfzgYYh
-xKlkqu9FNtEaZnz46TfW1mG+oq1I59/mdP7TbX3SJdysYlep9w==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFaDCCBFCgAwIBAgIQO1nHe81bV569N1KsdrSqGjANBgkqhkiG9w0BAQUFADBi
-MRIwEAYDVQQKEwliZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENB
-czEvMC0GA1UEAxMmYmVUUlVTVGVkIFJvb3QgQ0EgLSBSU0EgSW1wbGVtZW50YXRp
-b24wHhcNMDIwNDExMTExODEzWhcNMjIwNDEyMTEwNzI1WjBiMRIwEAYDVQQKEwli
-ZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENBczEvMC0GA1UEAxMm
-YmVUUlVTVGVkIFJvb3QgQ0EgLSBSU0EgSW1wbGVtZW50YXRpb24wggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkujQwCY5X0LkGLG9uJIAiv11DpvpPrILn
-HGhwhRujbrWqeNluB0s/6d/16uhUoWGKDi9pdRi3DOUUjXFumLhV/AyV0Jtu4S2I
-1DpAa5LxmZZk3tv/ePTulh1HiXzUvrmIdyM6CeYEnm2qXtLIvZpOGd+J6lsOfsPk
-tPDgaTuID0GQ+NRxQyTBjyZLO1bp/4xsN+lFrYWMU8NghpBKlsmzVLC7F/AcRdnU
-GxlkVgoZ98zh/4avflherHqQH8koOUV7orbHnB/ahdQhhlkwk75TMzf270HPM8er
-cmsl9fNTGwxMLvF1S++gh/f+ihXQbNXL+WhTuXAVE8L1LvtDNXUtAgMBAAGjggIY
-MIICFDAMBgNVHRMEBTADAQH/MIIBtQYDVR0gBIIBrDCCAagwggGkBg8rBgEEAbE+
-AAADCSiDkTEwggGPMEEGCCsGAQUFBwIBFjVodHRwOi8vd3d3LmJldHJ1c3RlZC5j
-b20vcHJvZHVjdHNfc2VydmljZXMvaW5kZXguaHRtbDCCAUgGCCsGAQUFBwICMIIB
-OhqCATZSZWxpYW5jZSBvbiBvciB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjcmVh
-dGVzIGFuIGFja25vd2xlZGdtZW50IGFuZCBhY2NlcHRhbmNlIG9mIHRoZSB0aGVu
-IGFwcGxpY2FibGUgc3RhbmRhcmQgdGVybXMgYW5kIGNvbmRpdGlvbnMgb2YgdXNl
-LCB0aGUgQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQgYW5kIHRoZSBS
-ZWx5aW5nIFBhcnR5IEFncmVlbWVudCwgd2hpY2ggY2FuIGJlIGZvdW5kIGF0IHRo
-ZSBiZVRSVVNUZWQgd2ViIHNpdGUsIGh0dHA6Ly93d3cuYmV0cnVzdGVkLmNvbS9w
-cm9kdWN0c19zZXJ2aWNlcy9pbmRleC5odG1sMAsGA1UdDwQEAwIBBjAfBgNVHSME
-GDAWgBSp7BR++dlDzFMrFK3P9/BZiUHNGTAdBgNVHQ4EFgQUqewUfvnZQ8xTKxSt
-z/fwWYlBzRkwDQYJKoZIhvcNAQEFBQADggEBANuXsHXqDMTBmMpWBcCorSZIry0g
-6IHHtt9DwSwddUvUQo3neqh03GZCWYez9Wlt2ames30cMcH1VOJZJEnl7r05pmuK
-mET7m9cqg5c0Lcd9NUwtNLg+DcTsiCevnpL9UGGCqGAHFFPMZRPB9kdEadIxyKbd
-LrML3kqNWz2rDcI1UqJWN8wyiyiFQpyRQHpwKzg21eFzGh/l+n5f3NacOzDq28Bb
-J1zTcwfBwvNMm2+fG8oeqqg4MwlYsq78B+g23FW6L09A/nq9BqaBwZMifIYRCgZ3
-SK41ty8ymmFei74pnykkiFY5LKjSq5YDWtRIn7lAhAuYaPsBQ9Yb4gmxlxw=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB
-qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
-BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw
-NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j
-LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG
-A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl
-IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs
-W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta
-3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk
-6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6
-Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J
-NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA
-MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP
-r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU
-DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz
-YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX
-xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2
-/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/
-LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7
-jVaMaA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIETzCCAzegAwIBAgIEO63vKTANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJQTDEfMB0GA1UE
-ChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2Fjamkg
-U2lnbmV0MRswGQYDVQQDExJDQyBTaWduZXQgLSBSb290Q0EwHhcNMDEwOTIzMTQxODE3WhcNMTEw
-OTIzMTMxODE3WjB1MQswCQYDVQQGEwJQTDEfMB0GA1UEChMWVFAgSW50ZXJuZXQgU3AuIHogby5v
-LjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2FjamkgU2lnbmV0MR8wHQYDVQQDExZDQyBTaWdu
-ZXQgLSBDQSBLbGFzYSAxMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4SRW9Q58g5DY1Hw7h
-gCRKBEdPdGn0MFHsfw7rlu/oQm7IChI/uWd9q5wwo77YojtTDjRnpgZsjqBeynX8T90vFILqsY2K
-5CF1OESalwvVr3sZiQX79lisuFKat92u6hBFikFIVxfHHB67Af+g7u0dEHdDW7lwy81MwFYxBTRy
-9wIDAQABo4IBbTCCAWkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwggEEBgNVHSAE
-gfwwgfkwgfYGDSsGAQQBvj8CAQoBAQAwgeQwgZoGCCsGAQUFBwICMIGNGoGKQ2VydHlmaWthdCB3
-eXN0YXdpb255IHpnb2RuaWUgeiBkb2t1bWVudGVtOiAiUG9saXR5a2EgQ2VydHlmaWthY2ppIGRs
-YSBSb290Q0EiLiBDZXJ0eWZpa2F0IHd5c3Rhd2lvbnkgcHJ6ZXogUm9vdENBIHcgaGllcmFyY2hp
-aSBDQyBTaWduZXQuMEUGCCsGAQUFBwIBFjlodHRwOi8vd3d3LnNpZ25ldC5wbC9yZXBvenl0b3Jp
-dW0vZG9rdW1lbnR5L3BjX3Jvb3RjYS50eHQwHwYDVR0jBBgwFoAUwJvFIw0C4aZOSGsfAOnjmhQb
-sa8wHQYDVR0OBBYEFMODHtVZd1T7TftXR/nEI1zR54njMA0GCSqGSIb3DQEBBQUAA4IBAQBRIHQB
-FIGh8Jpxt87AgSLwIEEk4+oGy769u3NtoaR0R3WNMdmt7fXTi0tyTQ9V4AIszxVjhnUPaKnF1KYy
-f8Tl+YTzk9ZfFkZ3kCdSaILZAOIrmqWNLPmjUQ5/JiMGho0e1YmWUcMci84+pIisTsytFzVP32/W
-+sz2H4FQAvOIMmxB7EJX9AdbnXn9EXZ+4nCqi0ft5z96ZqOJJiCB3vSaoYg+wdkcvb6souMJzuc2
-uptXtR1Xf3ihlHaGW+hmnpcwFA6AoNrom6Vgzk6U1ienx0Cw28BhRSKqzKkyXkuK8gRflZUx84uf
-tXncwKJrMiE3lvgOOBITRzcahirLer4c
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE9zCCA9+gAwIBAgIEPL/xoTANBgkqhkiG9w0BAQUFADB2MQswCQYDVQQGEwJQTDEfMB0GA1UE
-ChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2Fjamkg
-U2lnbmV0MSAwHgYDVQQDExdDQyBTaWduZXQgLSBQQ0EgS2xhc2EgMjAeFw0wMjA0MTkxMDI5NTNa
-Fw0xNzA0MTgxMjUzMDdaMHUxCzAJBgNVBAYTAlBMMR8wHQYDVQQKExZUUCBJbnRlcm5ldCBTcC4g
-eiBvLm8uMSQwIgYDVQQLExtDZW50cnVtIENlcnR5ZmlrYWNqaSBTaWduZXQxHzAdBgNVBAMTFkND
-IFNpZ25ldCAtIENBIEtsYXNhIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqgLJu
-QqY4yavbSgHg8CyfKTx4BokNSDOVz4eD9vptUr11Kqd06ED1hlH7Sg0goBFAfntNU/QTKwSBaNui
-me7C4sSEdgsKrPoAhGb4Mq8y7Ty7RqZz7mkzNMqzL2L2U4yQ2QjvpH8MH0IBqOWEcpSkpwnrCDIm
-RoTfd+YlZWKi2JceQixUUYIQ45Ox8+x8hHbvvZdgqtcvo8PW27qoHkp/7hMuJ44kDAGrmxffBXl/
-OBRZp0uO1CSLcMcVJzyr2phKhy406MYdWrtNPEluGs0GFDzd0nrIctiWAO4cmct4S72S9Q6e//0G
-O9f3/Ca5Kb2I1xYLj/xE+HgjHX9aD2MhAgMBAAGjggGMMIIBiDAPBgNVHRMBAf8EBTADAQH/MA4G
-A1UdDwEB/wQEAwIBBjCB4wYDVR0gBIHbMIHYMIHVBg0rBgEEAb4/AhQKAQEAMIHDMHUGCCsGAQUF
-BwICMGkaZ0NlcnR5ZmlrYXQgd3lzdGF3aW9ueSB6Z29kbmllIHogZG9rdW1lbnRlbTogIlBvbGl0
-eWthIENlcnR5ZmlrYWNqaSBQQ0EyIC0gQ2VydHlmaWthdHkgVXJ6ZWRvdyBLbGFzeSAyIi4wSgYI
-KwYBBQUHAgEWPmh0dHA6Ly93d3cuc2lnbmV0LnBsL3JlcG96eXRvcml1bS9kb2t1bWVudHkva2xh
-c2EyL3BjX3BjYTIudHh0MD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly93d3cuc2lnbmV0LnBsL3Jl
-cG96eXRvcml1bS9jcmwvcGNhMi5jcmwwHwYDVR0jBBgwFoAUwGxGyl2CfpYHRonE82AVXO08kMIw
-HQYDVR0OBBYEFLtFBlILy4HNKVSzvHxBTM0HDowlMA0GCSqGSIb3DQEBBQUAA4IBAQBWTsCbqXrX
-hBBev5v5cIuc6gJM8ww7oR0uMQRZoFSqvQUPWBYM2/TLI/f8UM9hSShUVj3zEsSj/vFHagUVmzuV
-Xo5u0WK8iaqATSyEVBhADHrPG6wYcLKJlagge/ILA0m+SieyP2sjYD9MUB9KZIEyBKv0429UuDTw
-6P7pslxMWJBSNyQxaLIs0SRKsqZZWkc7ZYAj2apSkBMX2Is1oHA+PwkF6jQMwCao/+CndXPUzfCF
-6caa9WwW31W26MlXCvSmJgfiTPwGvm4PkPmOnmWZ3CczzhHl4q7ztHFzshJH3sZWDnrWwBFjzz5e
-Pr3WHV1wA7EY6oT4zBx+2gT9XBTB
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEUzCCAzugAwIBAgIEPq+qjzANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJQTDE3MDUGA1UE
-ChMuQ1ppQyBDZW50cmFzdCBTQSB3IGltaWVuaXUgTWluaXN0cmEgR29zcG9kYXJraTEZMBcGA1UE
-AxMQQ1ppQyBDZW50cmFzdCBTQTAeFw0wMzA0MzAxMDUwNTVaFw0wODA0MjgxMDUwNTVaMGgxCzAJ
-BgNVBAYTAlBMMR8wHQYDVQQKExZUUCBJbnRlcm5ldCBTcC4geiBvLm8uMR8wHQYDVQQDExZDQyBT
-aWduZXQgLSBDQSBLbGFzYSAzMRcwFQYDVQQFEw5OdW1lciB3cGlzdTogNDCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBALVdeOM62cPH2NERFxbS5FIp/HSv3fgesdVsTUFxZbGtE+/E0RMl
-KZQJHH9emx7vRYubsi4EOLCjYsCOTFvgGRIpZzx7R7T5c0Di5XFkRU4gjBl7aHJoKb5SLzGlWdoX
-GsekVtl6keEACrizV2EafqjI8cnBWY7OxQ1ooLQp5AeFjXg+5PT0lO6TUZAubqjFbhVbxSWjqvdj
-93RGfyYE76MnNn4c2xWySD07n7uno06TC0IJe6+3WSX1h+76VsIFouWBXOoM7cxxiLjoqdBVu24+
-P8e81SukE7qEvOwDPmk9ZJFtt1nBNg8a1kaixcljrA/43XwOPz6qnJ+cIj/xywECAwEAAaOCAQow
-ggEGMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMDMGA1UdIAEB/wQpMCcwJQYEVR0g
-ADAdMBsGCCsGAQUFBwIBFg93d3cuY2VudHJhc3QucGwwgY4GA1UdIwSBhjCBg4AU2a7r85Cp1iJN
-W0Ca1LR6VG3996ShZaRjMGExCzAJBgNVBAYTAlBMMTcwNQYDVQQKEy5DWmlDIENlbnRyYXN0IFNB
-IHcgaW1pZW5pdSBNaW5pc3RyYSBHb3Nwb2RhcmtpMRkwFwYDVQQDExBDWmlDIENlbnRyYXN0IFNB
-ggQ9/0sQMB0GA1UdDgQWBBR7Y8wZkHq0zrY7nn1tFSdQ0PlJuTANBgkqhkiG9w0BAQUFAAOCAQEA
-ldt/svO5c1MU08FKgrOXCGEbEPbQxhpM0xcd6Iv3dCo6qugEgjEs9Qm5CwUNKMnFsvR27cJWUvZb
-MVcvwlwCwclOdwF6u/QRS8bC2HYErhYo9bp9yuxxzuow2A94c5fPqfVrjXy+vDouchAm6+A5Wjzv
-J8wxVFDCs+9iGACmyUWr/JGXCYiQIbQkwlkRKHHlan9ymKf1NvIej/3EpeT8fKr6ywxGuhAfqofW
-pg3WJY/RCB4lTzD8vZGNwfMFGkWhJkypad3i9w3lGmDVpsHaWtCgGfd0H7tUtWPkP+t7EjIRCD9J
-HYnTR+wbbewc5vOI+UobR15ynGfFIaSIiMTVtQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEejCCA2KgAwIBAgIEP4vk6TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJQ
-TDEfMB0GA1UEChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEkMCIGA1UECxMbQ2Vu
-dHJ1bSBDZXJ0eWZpa2FjamkgU2lnbmV0MR8wHQYDVQQDExZDQyBTaWduZXQgLSBD
-QSBLbGFzYSAyMB4XDTAzMTAxNDExNTgyMloXDTE3MDQxODEyNTMwN1owdzELMAkG
-A1UEBhMCUEwxHzAdBgNVBAoTFlRQIEludGVybmV0IFNwLiB6IG8uby4xJDAiBgNV
-BAsTG0NlbnRydW0gQ2VydHlmaWthY2ppIFNpZ25ldDEhMB8GA1UEAxMYQ0MgU2ln
-bmV0IC0gT0NTUCBLbGFzYSAyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCo
-VCsaBStblXQYVNthe3dvaCrfvKpPXngh4almm988iIlEv9CVTaAdCfaJNihvA+Vs
-Qw8++ix1VqteMQE474/MV/YaXigP0Zr0QB+g+/7PWVlv+5U9Gzp9+Xx4DJay8AoI
-iB7Iy5Qf9iZiHm5BiPRIuUXT4ZRbZRYPh0/76vgRsQIDAQABo4IBkjCCAY4wDgYD
-VR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMEEGA1UdHwQ6MDgwNqA0
-oDKGMGh0dHA6Ly93d3cuc2lnbmV0LnBsL3JlcG96eXRvcml1bS9jcmwva2xhc2Ey
-LmNybDCB2AYDVR0gBIHQMIHNMIHKBg4rBgEEAb4/AoFICgwBADCBtzBsBggrBgEF
-BQcCAjBgGl5DZXJ0eWZpa2F0IHd5ZGFueSB6Z29kbmllIHogZG9rdW1lbnRlbSAi
-UG9saXR5a2EgQ2VydHlmaWthY2ppIC0gQ2VydHlmaWthdHkgcmVzcG9uZGVyb3cg
-T0NTUCIuMEcGCCsGAQUFBwIBFjtodHRwOi8vd3d3LnNpZ25ldC5wbC9yZXBvenl0
-b3JpdW0vZG9rdW1lbnR5L3BjX29jc3BfMV8wLnBkZjAfBgNVHSMEGDAWgBS7RQZS
-C8uBzSlUs7x8QUzNBw6MJTAdBgNVHQ4EFgQUKEVrOY7cEHvsVgvoyZdytlbtgwEw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAQrRg5MV6dxr0HU2IsLInxhvt
-iUVmSFkIUsBCjzLoewOXA16d2oDyHhI/eE+VgAsp+2ANjZu4xRteHIHoYMsN218M
-eD2MLRsYS0U9xxAFK9gDj/KscPbrrdoqLvtPSMhUb4adJS9HLhvUe6BicvBf3A71
-iCNe431axGNDWKnpuj2KUpj4CFHYsWCXky847YtTXDjri9NIwJJauazsrSjK+oXp
-ngRS506mdQ7vWrtApkh8zhhWp7duCkjcCo1O8JxqYr2qEW1fXmgOISe010v2mmuv
-hHxPyVwoAU4KkOw0nbXZn53yak0is5+XmAjh0wWue44AssHrjC9nUh3mkLt6eQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEezCCA2OgAwIBAgIEP4vnLzANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJQ
-TDEfMB0GA1UEChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEfMB0GA1UEAxMWQ0Mg
-U2lnbmV0IC0gQ0EgS2xhc2EgMzEXMBUGA1UEBRMOTnVtZXIgd3Bpc3U6IDQwHhcN
-MDMxMDE0MTIwODAwWhcNMDgwNDI4MTA1MDU1WjB3MQswCQYDVQQGEwJQTDEfMB0G
-A1UEChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEkMCIGA1UECxMbQ2VudHJ1bSBD
-ZXJ0eWZpa2FjamkgU2lnbmV0MSEwHwYDVQQDExhDQyBTaWduZXQgLSBPQ1NQIEts
-YXNhIDMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM/9GwvARNuCVN+PqZmO
-4FqH8vTqhenUyqRkmAVT4YhLu0a9AXeLAYVDu+NTkYzsAUMAfu55rIKHNLlm6WbF
-KvLiKKz4p4pbUr+ToPcwl/TDotidloUdBAxDg0SL+PmQqACZDe3seJho2IYf2vDL
-/G4TLMbKmNB0mlWFuN0f4fJNAgMBAAGjggGgMIIBnDAOBgNVHQ8BAf8EBAMCB4Aw
-EwYDVR0lBAwwCgYIKwYBBQUHAwkwTwYDVR0fBEgwRjBEoEKgQIY+aHR0cDovL3d3
-dy5zaWduZXQucGwva3dhbGlmaWtvd2FuZS9yZXBvenl0b3JpdW0vY3JsL2tsYXNh
-My5jcmwwgdgGA1UdIASB0DCBzTCBygYOKwYBBAG+PwKCLAoCAQAwgbcwbAYIKwYB
-BQUHAgIwYBpeQ2VydHlmaWthdCB3eWRhbnkgemdvZG5pZSB6IGRva3VtZW50ZW0g
-IlBvbGl0eWthIENlcnR5ZmlrYWNqaSAtIENlcnR5ZmlrYXR5IHJlc3BvbmRlcm93
-IE9DU1AiLjBHBggrBgEFBQcCARY7aHR0cDovL3d3dy5zaWduZXQucGwvcmVwb3p5
-dG9yaXVtL2Rva3VtZW50eS9wY19vY3NwXzFfMC5wZGYwHwYDVR0jBBgwFoAUe2PM
-GZB6tM62O559bRUnUND5SbkwHQYDVR0OBBYEFG4jnCMvBALRQXtmDn9TyXQ/EKP+
-MAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBACXrKG5Def5lpRwmZom3UEDq
-bl7y4U3qomG4B+ok2FVZGgPZti+ZgvrenPj7PtbYCUBPsCSTNrznKinoT3gD9lQQ
-xkEHwdc6VD1GlFp+qI64u0+wS9Epatrdf7aBnizrOIB4LJd4E2TWQ6trspetjMIU
-upyWls1BmYUxB91R7QkTiAUSNZ87s3auhZuG4f0V0JLVCcg2rn7AN1rfMkgxCbHk
-GxiQbYWFljl6aatxR3odnnzVUe1I8uoY2JXpmmUcOG4dNGuQYziyKG3mtXCQWvug
-5qi9Mf3KUh1oSTKx6HfLjjNl1+wMB5Mdb8LF0XyZLdJM9yIZh7SBRsYm9QiXevY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFGjCCBAKgAwIBAgIEPL7eEDANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJQTDEfMB0GA1UE
-ChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2Fjamkg
-U2lnbmV0MRswGQYDVQQDExJDQyBTaWduZXQgLSBSb290Q0EwHhcNMDIwNDE4MTQ1NDA4WhcNMjYw
-OTIxMTU0MjE5WjB2MQswCQYDVQQGEwJQTDEfMB0GA1UEChMWVFAgSW50ZXJuZXQgU3AuIHogby5v
-LjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2FjamkgU2lnbmV0MSAwHgYDVQQDExdDQyBTaWdu
-ZXQgLSBQQ0EgS2xhc2EgMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM7BrBlbN5ma
-M5eg0BOTqoZ+9NBDvU8Lm5rTdrMswFTCathzpVVLK/JD4K3+4oCZ9SRAspEXE4gvwb08ASY6w5s+
-HpRkeJw8YzMFR5kDZD5adgnCAy4vDfIXYZgppXPaTQ8wnfUZ7BZ7Zfa7QBemUIcJIzJBB0UqgtxW
-Ceol9IekpBRVmuuSA6QG0Jkm+pGDJ05yj2eQG8jTcBENM7sVA8rGRMyFA4skSZ+D0OG6FS2xC1i9
-JyN0ag1yII/LPx8HK5J4W9MaPRNjAEeaa2qI9EpchwrOxnyVbQfSedCG1VRJfAsE/9tT9CMUPZ3x
-W20QjQcSZJqVcmGW9gVsXKQOVLsCAwEAAaOCAbMwggGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
-AQH/BAQDAgEGMIIBBAYDVR0gBIH8MIH5MIH2Bg0rBgEEAb4/AgEKAQEBMIHkMIGaBggrBgEFBQcC
-AjCBjRqBikNlcnR5ZmlrYXQgd3lzdGF3aW9ueSB6Z29kbmllIHogZG9rdW1lbnRlbTogIlBvbGl0
-eWthIENlcnR5ZmlrYWNqaSBkbGEgUm9vdENBIi4gQ2VydHlmaWthdCB3eXN0YXdpb255IHByemV6
-IFJvb3RDQSB3IGhpZXJhcmNoaWkgQ0MgU2lnbmV0LjBFBggrBgEFBQcCARY5aHR0cDovL3d3dy5z
-aWduZXQucGwvcmVwb3p5dG9yaXVtL2Rva3VtZW50eS9wY19yb290Y2EudHh0MEQGA1UdHwQ9MDsw
-OaA3oDWGM2h0dHA6Ly93d3cuc2lnbmV0LnBsL3JlcG96eXRvcml1bS9yb290Y2Evcm9vdGNhLmNy
-bDAfBgNVHSMEGDAWgBTAm8UjDQLhpk5Iax8A6eOaFBuxrzAdBgNVHQ4EFgQUwGxGyl2CfpYHRonE
-82AVXO08kMIwDQYJKoZIhvcNAQEFBQADggEBABp1TAUsa+BeVWg4cjowc8yTJ5XN3GvN96GObMkx
-UGY7U9kVrLI71xBgoNVyzXTiMNDBvjh7vdPWjpl5SDiRpnnKiOFXA43HvNWzUaOkTu1mxjJsZsan
-ot1Xt6j0ZDC+03FjLHdYMyM9kSWp6afb4980EPYZCcSzgM5TOGfJmNii5Tq468VFKrX+52Aou1G2
-2Ohu+EEOlOrG7ylKv1hHUJJCjwN0ZVEIn1nDbrU9FeGCz8J9ihVUvnENEBbBkU37PWqWuHitKQDV
-tcwTwJJdR8cmKq3NmkwAm9fPacidQLpaw0WkuGrS+fEDhu1Nhy9xELP6NA9GRTCNxm/dXlcwnmY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFGjCCBAKgAwIBAgIEPV0tNDANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJQTDEfMB0GA1UE
-ChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2Fjamkg
-U2lnbmV0MRswGQYDVQQDExJDQyBTaWduZXQgLSBSb290Q0EwHhcNMDIwODE2MTY0OTU2WhcNMjYw
-OTIxMTU0MjE5WjB2MQswCQYDVQQGEwJQTDEfMB0GA1UEChMWVFAgSW50ZXJuZXQgU3AuIHogby5v
-LjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2FjamkgU2lnbmV0MSAwHgYDVQQDExdDQyBTaWdu
-ZXQgLSBQQ0EgS2xhc2EgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALN3LanJtdue
-Ne6geWUTFENa+lEuzqELcoqhYB+a/tJcPEkc6TX/bYPzalRRjqs+quMP6KZTU0DixOrV+K7iWaqA
-iQ913HX5IBLmKDCrTVW/ZvSDpiBKbxlHfSNuJxAuVT6HdbzK7yAW38ssX+yS2tZYHZ5FhZcfqzPE
-OpO94mAKcBUhk6T/ki0evXX/ZvvktwmF3hKattzwtM4JMLurAEl8SInyEYULw5JdlfcBez2Tg6Db
-w34hA1A+ckTwhxzecrB8TUe2BnQKOs9vr2cCACpFFcOmPkM0Drtjctr1QHm1tYSqRFRf9VcV5tfC
-3P8QqoK4ONjtLPHc9x5NE1uK/FMCAwEAAaOCAbMwggGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
-AQH/BAQDAgEGMIIBBAYDVR0gBIH8MIH5MIH2Bg0rBgEEAb4/AgEKAQECMIHkMIGaBggrBgEFBQcC
-AjCBjRqBikNlcnR5ZmlrYXQgd3lzdGF3aW9ueSB6Z29kbmllIHogZG9rdW1lbnRlbTogIlBvbGl0
-eWthIENlcnR5ZmlrYWNqaSBkbGEgUm9vdENBIi4gQ2VydHlmaWthdCB3eXN0YXdpb255IHByemV6
-IFJvb3RDQSB3IGhpZXJhcmNoaWkgQ0MgU2lnbmV0LjBFBggrBgEFBQcCARY5aHR0cDovL3d3dy5z
-aWduZXQucGwvcmVwb3p5dG9yaXVtL2Rva3VtZW50eS9wY19yb290Y2EudHh0MEQGA1UdHwQ9MDsw
-OaA3oDWGM2h0dHA6Ly93d3cuc2lnbmV0LnBsL3JlcG96eXRvcml1bS9yb290Y2Evcm9vdGNhLmNy
-bDAfBgNVHSMEGDAWgBTAm8UjDQLhpk5Iax8A6eOaFBuxrzAdBgNVHQ4EFgQUXvthcPHlH5BgGhlM
-ErJNXWlhlgAwDQYJKoZIhvcNAQEFBQADggEBACIce95Mvn710KCAISA0CuHD4aznTU6pLoCDShW4
-7OR+GTpJUm1coTcUqlBHV9mra4VFrBcBuOkHZoBLq/jmE0QJWnpSEULDcH9J3mF0nqO9SM+mWyJG
-dsJF/XU/7smummgjMNQXwzQTtWORF+6v5KUbWX85anO2wR+M6YTBWC55zWpWi4RG3vkHFs5Ze2oF
-JTlpuxw9ZgxTnWlwI9QR2MvEhYIUMKMOWxw1nt0kKj+5TCNQQGh/VJJ1dsiroGh/io1DOcePEhKz
-1Ag52y6Wf0nJJB9yk0sFakqZH18F7eQecQImgZyyeRtsG95leNugB3BXWCW+KxwiBrtQTXv4dTE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEzzCCA7egAwIBAgIEO6ocGTANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJQTDEfMB0GA1UE
-ChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2Fjamkg
-U2lnbmV0MRswGQYDVQQDExJDQyBTaWduZXQgLSBSb290Q0EwHhcNMDEwOTIwMTY0MjE5WhcNMjYw
-OTIxMTU0MjE5WjBxMQswCQYDVQQGEwJQTDEfMB0GA1UEChMWVFAgSW50ZXJuZXQgU3AuIHogby5v
-LjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2FjamkgU2lnbmV0MRswGQYDVQQDExJDQyBTaWdu
-ZXQgLSBSb290Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrr2vydnNpELfGW3Ks
-ARiDhJvwDtUe4AbWev+OfMc3+vA29nX8ZmIwno3gmItjo5DbUCCRiCMq5c9epcGu+kg4a3BJChVX
-REl8gVh0ST15rr3RKrSc4VgsvQzl0ZUraeQLl8JoRT5PLsUj3qwF78jUCQVckiiLVcnGfZtFCm+D
-CJXliQBDMB9XFAUEiO/DtEBs0B7wJGx7lgJeJpQUcGiaOPjcJDYOk7rNAYmmD2gWeSlepufO8luU
-YG/YDxTC4mqhRqfa4MnVO5dqy+ICj2UvUpHbZDB0KfGRibgBYeQP1kuqgIzJN4UqknVAJb0aMBSP
-l+9k2fAUdchx1njlbdcbAgMBAAGjggFtMIIBaTAPBgNVHRMBAf8EBTADAQH/MIIBBAYDVR0gBIH8
-MIH5MIH2Bg0rBgEEAb4/AgEKAQEAMIHkMIGaBggrBgEFBQcCAjCBjRqBikNlcnR5ZmlrYXQgd3lz
-dGF3aW9ueSB6Z29kbmllIHogZG9rdW1lbnRlbTogIlBvbGl0eWthIENlcnR5ZmlrYWNqaSBkbGEg
-Um9vdENBIi4gQ2VydHlmaWthdCB3eXN0YXdpb255IHByemV6IFJvb3RDQSB3IGhpZXJhcmNoaWkg
-Q0MgU2lnbmV0LjBFBggrBgEFBQcCARY5aHR0cDovL3d3dy5zaWduZXQucGwvcmVwb3p5dG9yaXVt
-L2Rva3VtZW50eS9wY19yb290Y2EudHh0MB0GA1UdDgQWBBTAm8UjDQLhpk5Iax8A6eOaFBuxrzAf
-BgNVHSMEGDAWgBTAm8UjDQLhpk5Iax8A6eOaFBuxrzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcN
-AQEFBQADggEBAGnY5QmYqnnO9OqFOWZxxb25UHRnaRF6IV9aaGit5BZufZj2Tq3v8L3SgE34GOoI
-cdRMMG5JEpEU4mN/Ef3oY6Eo+7HfqaPHI4KFmbDSPiK5s+wmf+bQSm0Yq5/h4ZOdcAESlLQeLSt1
-CQk2JoKQJ6pyAf6xJBgWEIlm4RXE4J3324PUiOp83kW6MDvaa1xY976WyInr4rwoLgxVl11LZeKW
-ha0RJJxJgw/NyWpKG7LWCm1fglF8JH51vZNndGYq1iKtfnrIOvLZq6bzaCiZm1EurD8HE6P7pmAB
-KK6o3C2OXlNfNIgwkDN/cDqk5TYsTkrpfriJPdxXBH8hQOkW89g=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID/TCCA2agAwIBAgIEP4/gkTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJQTDEfMB0GA1UE
-ChMWVFAgSW50ZXJuZXQgU3AuIHogby5vLjEkMCIGA1UECxMbQ2VudHJ1bSBDZXJ0eWZpa2Fjamkg
-U2lnbmV0MR8wHQYDVQQDExZDQyBTaWduZXQgLSBDQSBLbGFzYSAxMB4XDTAzMTAxNzEyMjkwMloX
-DTExMDkyMzExMTgxN1owdjELMAkGA1UEBhMCUEwxHzAdBgNVBAoTFlRQIEludGVybmV0IFNwLiB6
-IG8uby4xJDAiBgNVBAsTG0NlbnRydW0gQ2VydHlmaWthY2ppIFNpZ25ldDEgMB4GA1UEAxMXQ0Mg
-U2lnbmV0IC0gVFNBIEtsYXNhIDEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOJYrISEtSsd
-uHajROh5/n7NGrkpYTT9NEaPe9+ucuQ37KxIbfJwXJjgUc1dw4wCkcQ12FJarD1X6mSQ4cfN/60v
-LfKI5ZD4nhJTMKlAj1pX9ScQ/MuyvKStCbn5WTkjPhjRAM0tdwXSnzuTEunfw0Oup559y3Iqxg1c
-ExflB6cfAgMBAAGjggGXMIIBkzBBBgNVHR8EOjA4MDagNKAyhjBodHRwOi8vd3d3LnNpZ25ldC5w
-bC9yZXBvenl0b3JpdW0vY3JsL2tsYXNhMS5jcmwwDgYDVR0PAQH/BAQDAgeAMBYGA1UdJQEB/wQM
-MAoGCCsGAQUFBwMIMIHaBgNVHSAEgdIwgc8wgcwGDSsGAQQBvj8CZAoRAgEwgbowbwYIKwYBBQUH
-AgIwYxphQ2VydHlmaWthdCB3eXN0YXdpb255IHpnb2RuaWUgeiBkb2t1bWVudGVtICJQb2xpdHlr
-YSBDZXJ0eWZpa2FjamkgQ0MgU2lnbmV0IC0gWm5ha293YW5pZSBjemFzZW0iLjBHBggrBgEFBQcC
-ARY7aHR0cDovL3d3dy5zaWduZXQucGwvcmVwb3p5dG9yaXVtL2Rva3VtZW50eS9wY190c2ExXzJf
-MS5wZGYwHwYDVR0jBBgwFoAUw4Me1Vl3VPtN+1dH+cQjXNHnieMwHQYDVR0OBBYEFJdDwEqtcavO
-Yd9u9tej53vWXwNBMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADgYEAnpiQkqLCJQYXUrqMHUEz
-+z3rOqS0XzSFnVVLhkVssvXc8S3FkJIiQTUrkScjI4CToCzujj3EyfNxH6yiLlMbskF8I31JxIeB
-vueqV+s+o76CZm3ycu9hb0I4lswuxoT+q5ZzPR8Irrb51rZXlolR+7KtwMg4sFDJZ8RNgOf7tbA=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEFTCCA36gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBvjELMAkGA1UEBhMCVVMx
-EDAOBgNVBAgTB0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UE
-ChMfU29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9z
-dG1hc3RlcjEgMB4GA1UEAxMXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJTAjBgkq
-hkiG9w0BCQEWFmhvc3RtYXN0ZXJAc3BpLWluYy5vcmcwHhcNMDMwMTE1MTYyOTE3
-WhcNMDcwMTE0MTYyOTE3WjCBvjELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0luZGlh
-bmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMfU29mdHdhcmUgaW4g
-dGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1hc3RlcjEgMB4GA1UE
-AxMXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJTAjBgkqhkiG9w0BCQEWFmhvc3Rt
-YXN0ZXJAc3BpLWluYy5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPB6
-rdoiLR3RodtM22LMcfwfqb5OrJNl7fwmvskgF7yP6sdD2bOfDIXhg9852jhY8/kL
-VOFe1ELAL2OyN4RAxk0rliZQVgeTgqvgkOVIBbNwgnjN6mqtuWzFiPL+NXQExq40
-I3whM+4lEiwSHaV+MYxWanMdhc+kImT50LKfkxcdAgMBAAGjggEfMIIBGzAdBgNV
-HQ4EFgQUB63oQR1/vda/G4F6P4xLiN4E0vowgesGA1UdIwSB4zCB4IAUB63oQR1/
-vda/G4F6P4xLiN4E0vqhgcSkgcEwgb4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdJ
-bmRpYW5hMRUwEwYDVQQHEwxJbmRpYW5hcG9saXMxKDAmBgNVBAoTH1NvZnR3YXJl
-IGluIHRoZSBQdWJsaWMgSW50ZXJlc3QxEzARBgNVBAsTCmhvc3RtYXN0ZXIxIDAe
-BgNVBAMTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MSUwIwYJKoZIhvcNAQkBFhZo
-b3N0bWFzdGVyQHNwaS1pbmMub3JnggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN
-AQEEBQADgYEAm/Abn8c2y1nO3fgpAIslxvi9iNBZDhQtJ0VQZY6wgSfANyDOR4DW
-iexO/AlorB49KnkFS7TjCAoLOZhcg5FaNiKnlstMI5krQmau1Qnb/vGSNsE/UGms
-1ts+QYPUs0KmGEAFUri2XzLy+aQo9Kw74VBvqnxvaaMeY5yMcKNOieY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIIDjCCBfagAwIBAgIJAOiOtsn4KhQoMA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzEQMA4GA1UECBMHSW5kaWFuYTEVMBMGA1UEBxMMSW5kaWFuYXBvbGlz
-MSgwJgYDVQQKEx9Tb2Z0d2FyZSBpbiB0aGUgUHVibGljIEludGVyZXN0MRMwEQYD
-VQQLEwpob3N0bWFzdGVyMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkx
-JTAjBgkqhkiG9w0BCQEWFmhvc3RtYXN0ZXJAc3BpLWluYy5vcmcwHhcNMDgwNTEz
-MDgwNzU2WhcNMTgwNTExMDgwNzU2WjCBvDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
-B0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMfU29mdHdh
-cmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1hc3RlcjEe
-MBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSUwIwYJKoZIhvcNAQkBFhZo
-b3N0bWFzdGVyQHNwaS1pbmMub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
-CgKCAgEA3DbmR0LCxFF1KYdAw9iOIQbSGE7r7yC9kDyFEBOMKVuUY/b0LfEGQpG5
-GcRCaQi/izZF6igFM0lIoCdDkzWKQdh4s/Dvs24t3dHLfer0dSbTPpA67tfnLAS1
-fOH1fMVO73e9XKKTM5LOfYFIz2u1IiwIg/3T1c87Lf21SZBb9q1NE8re06adU1Fx
-Y0b4ShZcmO4tbZoWoXaQ4mBDmdaJ1mwuepiyCwMs43pPx93jzONKao15Uvr0wa8u
-jyoIyxspgpJyQ7zOiKmqp4pRQ1WFmjcDeJPI8L20QcgHQprLNZd6ioFl3h1UCAHx
-ZFy3FxpRvB7DWYd2GBaY7r/2Z4GLBjXFS21ZGcfSxki+bhQog0oQnBv1b7ypjvVp
-/rLBVcznFMn5WxRTUQfqzj3kTygfPGEJ1zPSbqdu1McTCW9rXRTunYkbpWry9vjQ
-co7qch8vNGopCsUK7BxAhRL3pqXTT63AhYxMfHMgzFMY8bJYTAH1v+pk1Vw5xc5s
-zFNaVrpBDyXfa1C2x4qgvQLCxTtVpbJkIoRRKFauMe5e+wsWTUYFkYBE7axt8Feo
-+uthSKDLG7Mfjs3FIXcDhB78rKNDCGOM7fkn77SwXWfWT+3Qiz5dW8mRvZYChD3F
-TbxCP3T9PF2sXEg2XocxLxhsxGjuoYvJWdAY4wCAs1QnLpnwFVMCAwEAAaOCAg8w
-ggILMB0GA1UdDgQWBBQ0cdE41xU2g0dr1zdkQjuOjVKdqzCB8QYDVR0jBIHpMIHm
-gBQ0cdE41xU2g0dr1zdkQjuOjVKdq6GBwqSBvzCBvDELMAkGA1UEBhMCVVMxEDAO
-BgNVBAgTB0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMf
-U29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1h
-c3RlcjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSUwIwYJKoZIhvcN
-AQkBFhZob3N0bWFzdGVyQHNwaS1pbmMub3JnggkA6I62yfgqFCgwDwYDVR0TAQH/
-BAUwAwEB/zARBglghkgBhvhCAQEEBAMCAAcwCQYDVR0SBAIwADAuBglghkgBhvhC
-AQ0EIRYfU29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDAwBglghkgBhvhC
-AQQEIxYhaHR0cHM6Ly9jYS5zcGktaW5jLm9yZy9jYS1jcmwucGVtMDIGCWCGSAGG
-+EIBAwQlFiNodHRwczovL2NhLnNwaS1pbmMub3JnL2NlcnQtY3JsLnBlbTAhBgNV
-HREEGjAYgRZob3N0bWFzdGVyQHNwaS1pbmMub3JnMA4GA1UdDwEB/wQEAwIBBjAN
-BgkqhkiG9w0BAQUFAAOCAgEAtM294LnqsgMrfjLp3nI/yUuCXp3ir1UJogxU6M8Y
-PCggHam7AwIvUjki+RfPrWeQswN/2BXja367m1YBrzXU2rnHZxeb1NUON7MgQS4M
-AcRb+WU+wmHo0vBqlXDDxm/VNaSsWXLhid+hoJ0kvSl56WEq2dMeyUakCHhBknIP
-qxR17QnwovBc78MKYiC3wihmrkwvLo9FYyaW8O4x5otVm6o6+YI5HYg84gd1GuEP
-sTC8cTLSOv76oYnzQyzWcsR5pxVIBcDYLXIC48s9Fmq6ybgREOJJhcyWR2AFJS7v
-dVkz9UcZFu/abF8HyKZQth3LZjQl/GaD68W2MEH4RkRiqMEMVObqTFoo5q7Gt/5/
-O5aoLu7HaD7dAD0prypjq1/uSSotxdz70cbT0ZdWUoa2lOvUYFG3/B6bzAKb1B+P
-+UqPti4oOxfMxaYF49LTtcYDyeFIQpvLP+QX4P4NAZUJurgNceQJcHdC2E3hQqlg
-g9cXiUPS1N2nGLar1CQlh7XU4vwuImm9rWgs/3K1mKoGnOcqarihk3bOsPN/nOHg
-T7jYhkalMwIsJWE3KpLIrIF0aGOHM3a9BX9e1dUCbb2v/ypaqknsmHlHU5H2DjRa
-yaXG67Ljxay2oHA1u8hRadDytaIybrw/oDc5fHE2pgXfDBLkFqfF1stjo5VwP+YE
-o2A=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
-MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
-IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB
-IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE
-RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl
-U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290
-IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU
-ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC
-QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr
-rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S
-NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc
-QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH
-txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP
-BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp
-tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
-IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
-6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
-xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
-Cm26OWMohpLzGITY+9HPBVZkVw==
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIE3jCCA8agAwIBAgICAwEwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCVVMx
-ITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g
-RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMTYw
-MTU0MzdaFw0yNjExMTYwMTU0MzdaMIHKMQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
-QXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5j
-b20sIEluYy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5j
-b20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnR28gRGFkZHkgU2VjdXJlIENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5MREwDwYDVQQFEwgwNzk2OTI4NzCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAMQt1RWMnCZM7DI161+4WQFapmGBWTtwY6vj3D3H
-KrjJM9N55DrtPDAjhI6zMBS2sofDPZVUBJ7fmd0LJR4h3mUpfjWoqVTr9vcyOdQm
-VZWt7/v+WIbXnvQAjYwqDL1CBM6nPwT27oDyqu9SoWlm2r4arV3aLGbqGmu75RpR
-SgAvSMeYddi5Kcju+GZtCpyz8/x4fKL4o/K1w/O5epHBp+YlLpyo7RJlbmr2EkRT
-cDCVw5wrWCs9CHRK8r5RsL+H0EwnWGu1NcWdrxcx+AuP7q2BNgWJCJjPOq8lh8BJ
-6qf9Z/dFjpfMFDniNoW1fho3/Rb2cRGadDAW/hOUoz+EDU8CAwEAAaOCATIwggEu
-MB0GA1UdDgQWBBT9rGEyk2xF1uLuhV+auud2mWjM5zAfBgNVHSMEGDAWgBTSxLDS
-kdRMEXGzYcs9of7dqGrU4zASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUFBwEB
-BCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZ29kYWRkeS5jb20wRgYDVR0f
-BD8wPTA7oDmgN4Y1aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBv
-c2l0b3J5L2dkcm9vdC5jcmwwSwYDVR0gBEQwQjBABgRVHSAAMDgwNgYIKwYBBQUH
-AgEWKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeTAO
-BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBANKGwOy9+aG2Z+5mC6IG
-OgRQjhVyrEp0lVPLN8tESe8HkGsz2ZbwlFalEzAFPIUyIXvJxwqoJKSQ3kbTJSMU
-A2fCENZvD117esyfxVgqwcSeIaha86ykRvOe5GPLL5CkKSkB2XIsKd83ASe8T+5o
-0yGPwLPk9Qnt0hCqU7S+8MxZC9Y7lhyVJEnfzuz9p0iRFEUOOjZv2kWzRaJBydTX
-RE4+uXR21aITVSzGh6O1mawGhId/dQb8vxRMDsxuxN89txJx9OjxUUAiKEngHUuH
-qDTMBqLdElrRhjZkAzVvb3du6/KFUJheqwNTrZEjYx8WnM25sgVjOuH0aBsXBTWV
-U+4=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE+zCCBGSgAwIBAgICAQ0wDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1Zh
-bGlDZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu
-Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24g
-QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAe
-BgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTA0MDYyOTE3MDYyMFoX
-DTI0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBE
-YWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3MgMiBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgC
-ggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv
-2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+q
-N1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiO
-r18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lN
-f4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+YihfukEH
-U1jPEX44dMX4/7VpkI+EdOqXG68CAQOjggHhMIIB3TAdBgNVHQ4EFgQU0sSw0pHU
-TBFxs2HLPaH+3ahq1OMwgdIGA1UdIwSByjCBx6GBwaSBvjCBuzEkMCIGA1UEBxMb
-VmFsaUNlcnQgVmFsaWRhdGlvbiBOZXR3b3JrMRcwFQYDVQQKEw5WYWxpQ2VydCwg
-SW5jLjE1MDMGA1UECxMsVmFsaUNlcnQgQ2xhc3MgMiBQb2xpY3kgVmFsaWRhdGlv
-biBBdXRob3JpdHkxITAfBgNVBAMTGGh0dHA6Ly93d3cudmFsaWNlcnQuY29tLzEg
-MB4GCSqGSIb3DQEJARYRaW5mb0B2YWxpY2VydC5jb22CAQEwDwYDVR0TAQH/BAUw
-AwEB/zAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmdv
-ZGFkZHkuY29tMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jZXJ0aWZpY2F0ZXMu
-Z29kYWRkeS5jb20vcmVwb3NpdG9yeS9yb290LmNybDBLBgNVHSAERDBCMEAGBFUd
-IAAwODA2BggrBgEFBQcCARYqaHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNv
-bS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOBgQC1
-QPmnHfbq/qQaQlpE9xXUhUaJwL6e4+PrxeNYiY+Sn1eocSxI0YGyeR+sBjUZsE4O
-WBsUs5iB0QQeyAfJg594RAoYC5jcdnplDQ1tgMQLARzLrUc+cb53S8wGd9D0Vmsf
-SxOaFIqII6hR8INMqzW/Rn453HWkrugp++85j09VZw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----\r
-MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0\r
-IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz\r
-BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y\r
-aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG\r
-9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE5MDYy\r
-NjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y\r
-azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs\r
-YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw\r
-Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl\r
-cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5avIWZJV16vY\r
-dA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zfN1SLUzm1NZ9\r
-WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7RfZHM047QS\r
-v4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9v\r
-UJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTu\r
-IYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwC\r
-W/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd\r
------END CERTIFICATE-----\r
+++ /dev/null
-This directory contains certificate/public keys/private keys used to create unittests.
-Passwort to private keys is "1234" or "secret".
\ No newline at end of file
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- c7:4a:82:f6:9d:1b:f6:7e
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=PL, ST=Maz, O=Samsung, OU=SPRC, CN=Samsung/emailAddress=samsung@samsung.com
- Validity
- Not Before: Oct 5 12:00:51 2011 GMT
- Not After : Oct 2 12:00:51 2021 GMT
- Subject: C=PL, ST=MAZ, L=Leg, O=Sam, OU=SPRC, CN=Filip/emailAddress=filip@samsung.com
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d2:fe:c4:b4:c1:74:82:6f:7e:28:8c:df:1b:58:
- 57:78:3e:5f:5e:4c:b1:e1:d7:c5:0d:1a:c3:e9:2e:
- 9a:78:8a:d7:5f:b9:cf:ce:83:2a:9a:4a:80:f0:07:
- 35:61:11:60:15:2c:24:f1:7b:15:1a:e0:d7:2f:6b:
- ee:35:35:b9:16:e1:10:ac:17:37:86:b3:49:2d:a6:
- ed:7e:f1:0f:af:d1:01:0e:1a:a5:45:da:b4:24:82:
- 29:73:0c:5f:e8:3b:9e:85:c7:0f:6f:1b:53:80:fa:
- a7:50:77:7c:8e:01:5d:84:a8:b3:41:3e:b1:18:07:
- d2:b9:18:5c:9f:7e:b6:a4:49
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- Netscape Comment:
- OpenSSL Generated Certificate
- X509v3 Subject Key Identifier:
- 7B:2C:B7:89:5E:F9:2A:D3:A4:A4:F1:5D:EA:69:D1:F5:D1:46:64:CC
- X509v3 Authority Key Identifier:
- keyid:82:08:7F:DB:00:02:86:E8:53:2A:A5:FA:58:AE:67:7F:14:38:C8:60
-
- Signature Algorithm: sha1WithRSAEncryption
- 0e:db:f4:08:1a:d0:d5:00:8c:1f:d8:ca:16:3a:52:a6:ae:f3:
- 14:a3:17:41:e5:6d:6f:f6:62:7b:cd:b7:ff:fc:28:89:c8:3c:
- 93:19:cf:e6:c4:b8:74:95:8d:5c:d6:f5:88:c2:dd:86:05:7c:
- d2:0d:72:b7:78:13:58:fc:53:b4:5c:e9:ad:0c:8d:88:91:d3:
- 9a:b6:cd:59:72:d7:d6:ba:11:54:65:04:fc:8f:10:e3:17:b1:
- aa:96:cd:94:92:16:d8:98:e6:fe:4a:a8:29:f9:ca:c4:e4:46:
- e8:73:4f:5d:95:76:f4:d6:36:7c:34:4f:3c:e2:18:a0:54:33:
- ad:72
------BEGIN CERTIFICATE-----
-MIIC4zCCAkygAwIBAgIJAMdKgvadG/Z+MA0GCSqGSIb3DQEBBQUAMHIxCzAJBgNV
-BAYTAlBMMQwwCgYDVQQIEwNNYXoxEDAOBgNVBAoTB1NhbXN1bmcxDTALBgNVBAsT
-BFNQUkMxEDAOBgNVBAMTB1NhbXN1bmcxIjAgBgkqhkiG9w0BCQEWE3NhbXN1bmdA
-c2Ftc3VuZy5jb20wHhcNMTExMDA1MTIwMDUxWhcNMjExMDAyMTIwMDUxWjB4MQsw
-CQYDVQQGEwJQTDEMMAoGA1UECBMDTUFaMQwwCgYDVQQHEwNMZWcxDDAKBgNVBAoT
-A1NhbTENMAsGA1UECxMEU1BSQzEOMAwGA1UEAxMFRmlsaXAxIDAeBgkqhkiG9w0B
-CQEWEWZpbGlwQHNhbXN1bmcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDS/sS0wXSCb34ojN8bWFd4Pl9eTLHh18UNGsPpLpp4itdfuc/OgyqaSoDwBzVh
-EWAVLCTxexUa4Ncva+41NbkW4RCsFzeGs0ktpu1+8Q+v0QEOGqVF2rQkgilzDF/o
-O56Fxw9vG1OA+qdQd3yOAV2EqLNBPrEYB9K5GFyffrakSQIDAQABo3sweTAJBgNV
-HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp
-Y2F0ZTAdBgNVHQ4EFgQUeyy3iV75KtOkpPFd6mnR9dFGZMwwHwYDVR0jBBgwFoAU
-ggh/2wAChuhTKqX6WK5nfxQ4yGAwDQYJKoZIhvcNAQEFBQADgYEADtv0CBrQ1QCM
-H9jKFjpSpq7zFKMXQeVtb/Zie823//woicg8kxnP5sS4dJWNXNb1iMLdhgV80g1y
-t3gTWPxTtFzprQyNiJHTmrbNWXLX1roRVGUE/I8Q4xexqpbNlJIW2Jjm/kqoKfnK
-xORG6HNPXZV29NY2fDRPPOIYoFQzrXI=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,FDE9F633EA955697
-
-ASWLPmOFfKlo46nJXTJLCkhvD/q1MsHXPaaSByVzaavXxwMxOc2g7VkIR2D0yViQ
-mxQFhJLVeq/1UI9pXL2+zk0awptHogwjTw81r2I+R6qkHsSjGjl4Ds6hOX3J211K
-UqO4+3kf6JJOizXbH/y6WWbj9jEJeE7zzmhuyq8k6Kp47leZsle5y13usii323tz
-OgAzZGsQBSkrlBNKKM58O7TkCO6UbZLjVEoBqcJU+p+UiKoGKdUV/MxkbGEKTEPN
-wrFiqIxSk9KuV5iDAjnYCPz6iQIE+Q3NOW+MTw0yjWoMb7uXJexGM6VYkYFZUffe
-16nAzJpYbG+CsJ5XTiGoiodazloVYdnDFnbDLDGS2kLgiuuHzF/DL1lFlbXwgpGj
-sXFp6CemJ+KnMz4aIfC63Wuav+jvAVw26pl/cYxbhboSkl+H9ZKbk+KcIeMN1Rb7
-LD35tsjO5rnQ1QlG0WP6qT6O1SPG/4GgJTyzTwuw6i8jQw62ahKB5hTri/Z8Fmrn
-kFh8F7gTJ+YnxrQuTK8r9QrZrXsE/YqUbHtVEI/m/6uydWdFHNWzJxe6oavuwks2
-3mumh1101mBEuEClzOzHP925oeXW+N8R+jFnA/7NkIjeOo+J9Z+QzBiq6DVJcuEY
-5aqXcCIS9AciUoh3/ovtT637r25nhYwCruZLZ+4+Vkpv9n/gPSipHXgHt2cynaID
-6O7xyoADa+zY1zTRd+A4aA+SWd/bxvKe+6sc/6iBlKA8bKwfPJcwg7il4bX4g5dk
-dI8gTyM9puDoHrdTaLwY8+JL0MCguEvkk7LDttNfN0gxYvxXTpZ+Tg==
------END RSA PRIVATE KEY-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- c7:4a:82:f6:9d:1b:f6:7f
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=PL, ST=Maz, O=Samsung, OU=SPRC, CN=Samsung/emailAddress=samsung@samsung.com
- Validity
- Not Before: Oct 5 12:11:33 2011 GMT
- Not After : Oct 2 12:11:33 2021 GMT
- Subject: C=PL, ST=Mazowieckie, L=legionowo, O=samsung, OU=sprc, CN=magda/emailAddress=magda@samsung.com
- Subject Public Key Info:
- Public Key Algorithm: dsaEncryption
- DSA Public Key:
- pub:
- 00:ac:40:42:0e:cc:a8:28:24:0b:43:09:7e:d6:23:
- 35:a2:8c:e6:7d:62:66:fe:23:d6:58:b8:f7:32:9f:
- 63:99:d3:2c:ff:af:60:0b:e0:d2:8c:0b:35:8b:c9:
- e6:77:0a:7d:8d:43:00:23:d4:e3:ff:ad:0b:b4:d3:
- b9:af:79:c2:08:f9:af:0b:c0:5e:7c:e0:4b:23:86:
- b9:2a:f4:7c:af:43:ca:b1:fa:13:42:df:5d:3f:96:
- b8:84:07:6a:19:b6:89:26:f1:a8:fa:c2:86:59:e9:
- e7:f1:17:0d:30:5a:3b:a4:1f:76:9a:b4:04:fe:3c:
- 0a:56:5e:6f:17:00:f9:36:05
- P:
- 00:b5:3c:23:9a:b0:58:65:7c:c7:35:ca:37:5c:a7:
- bc:e4:cd:71:a2:5b:e3:29:56:e1:65:b1:d6:30:90:
- 06:bd:b0:8b:cd:ad:02:e2:da:e9:71:72:73:41:78:
- 21:ca:0d:b9:3b:53:e2:77:fd:0c:0e:d9:76:a7:6a:
- 94:0c:52:ab:df:8d:f8:cb:d5:04:39:55:fe:c4:35:
- 45:8f:34:fe:dc:12:fc:7c:d8:d6:f9:8d:67:47:c9:
- 17:d5:ff:f4:dc:88:16:4d:f0:62:cd:11:b7:e1:b5:
- 69:61:23:a0:9b:0d:6d:40:69:8d:27:3d:9f:3b:f6:
- b4:88:93:bf:da:34:a6:77:15
- Q:
- 00:b7:2b:f2:e4:00:9a:75:7e:dc:32:c8:03:99:d3:
- a3:40:60:d1:b8:cb
- G:
- 24:6e:e6:79:4b:50:6c:cb:a5:44:c7:63:cd:e0:a8:
- c9:ad:85:5d:d9:be:e1:a7:2f:22:71:3d:ff:e3:32:
- 6d:74:c1:dd:b1:40:34:cc:b0:e9:64:ef:93:82:bd:
- 44:af:2d:9b:9d:8d:f7:97:32:91:38:e9:01:bc:6a:
- 4c:c6:97:c2:47:56:6c:e1:5d:54:a0:0a:9f:2c:62:
- fd:42:ad:63:d4:3a:36:6c:09:07:68:5b:03:51:94:
- ce:13:e4:a3:ca:c4:75:ae:ba:08:69:74:55:bc:8c:
- d6:52:8c:26:30:3e:c2:9f:69:1b:5d:74:2f:4a:2f:
- d7:d4:3d:7e:fa:8a:a7:95
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- Netscape Comment:
- OpenSSL Generated Certificate
- X509v3 Subject Key Identifier:
- 99:2A:52:86:CC:2F:5A:D1:00:05:DF:A5:DD:6C:5C:71:17:02:C9:D5
- X509v3 Authority Key Identifier:
- keyid:82:08:7F:DB:00:02:86:E8:53:2A:A5:FA:58:AE:67:7F:14:38:C8:60
-
- Signature Algorithm: sha1WithRSAEncryption
- 81:f9:c0:bb:f8:0c:25:10:bf:04:5c:24:82:fa:c7:2f:44:d5:
- e1:f7:cf:54:07:fb:45:29:d9:4b:a8:9b:e0:81:c6:82:bb:d7:
- 26:f2:fe:42:1e:ef:1f:29:2f:64:8a:83:d8:bf:7a:9d:8d:84:
- 69:23:6b:d3:25:eb:4f:cd:58:44:e9:dd:39:05:09:37:1e:18:
- fd:6f:26:e9:ab:2e:e2:1c:c0:34:d6:6a:58:26:c0:a4:f0:c8:
- 30:ae:95:70:f0:35:c2:b2:a0:66:a6:d6:a7:6d:7c:58:1a:88:
- da:ff:69:5d:5d:0e:fa:3a:73:c6:ad:7e:19:e4:15:d9:4b:1b:
- 47:07
------BEGIN CERTIFICATE-----
-MIIEDzCCA3igAwIBAgIJAMdKgvadG/Z/MA0GCSqGSIb3DQEBBQUAMHIxCzAJBgNV
-BAYTAlBMMQwwCgYDVQQIEwNNYXoxEDAOBgNVBAoTB1NhbXN1bmcxDTALBgNVBAsT
-BFNQUkMxEDAOBgNVBAMTB1NhbXN1bmcxIjAgBgkqhkiG9w0BCQEWE3NhbXN1bmdA
-c2Ftc3VuZy5jb20wHhcNMTExMDA1MTIxMTMzWhcNMjExMDAyMTIxMTMzWjCBijEL
-MAkGA1UEBhMCUEwxFDASBgNVBAgTC01hem93aWVja2llMRIwEAYDVQQHEwlsZWdp
-b25vd28xEDAOBgNVBAoTB3NhbXN1bmcxDTALBgNVBAsTBHNwcmMxDjAMBgNVBAMT
-BW1hZ2RhMSAwHgYJKoZIhvcNAQkBFhFtYWdkYUBzYW1zdW5nLmNvbTCCAbcwggEr
-BgcqhkjOOAQBMIIBHgKBgQC1PCOasFhlfMc1yjdcp7zkzXGiW+MpVuFlsdYwkAa9
-sIvNrQLi2ulxcnNBeCHKDbk7U+J3/QwO2XanapQMUqvfjfjL1QQ5Vf7ENUWPNP7c
-Evx82Nb5jWdHyRfV//TciBZN8GLNEbfhtWlhI6CbDW1AaY0nPZ879rSIk7/aNKZ3
-FQIVALcr8uQAmnV+3DLIA5nTo0Bg0bjLAoGAJG7meUtQbMulRMdjzeCoya2FXdm+
-4acvInE9/+MybXTB3bFANMyw6WTvk4K9RK8tm52N95cykTjpAbxqTMaXwkdWbOFd
-VKAKnyxi/UKtY9Q6NmwJB2hbA1GUzhPko8rEda66CGl0VbyM1lKMJjA+wp9pG110
-L0ov19Q9fvqKp5UDgYUAAoGBAKxAQg7MqCgkC0MJftYjNaKM5n1iZv4j1li49zKf
-Y5nTLP+vYAvg0owLNYvJ5ncKfY1DACPU4/+tC7TTua95wgj5rwvAXnzgSyOGuSr0
-fK9DyrH6E0LfXT+WuIQHahm2iSbxqPrChlnp5/EXDTBaO6Qfdpq0BP48ClZebxcA
-+TYFo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy
-YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUmSpShswvWtEABd+l3WxccRcCydUw
-HwYDVR0jBBgwFoAUggh/2wAChuhTKqX6WK5nfxQ4yGAwDQYJKoZIhvcNAQEFBQAD
-gYEAgfnAu/gMJRC/BFwkgvrHL0TV4ffPVAf7RSnZS6ib4IHGgrvXJvL+Qh7vHykv
-ZIqD2L96nY2EaSNr0yXrT81YROndOQUJNx4Y/W8m6asu4hzANNZqWCbApPDIMK6V
-cPA1wrKgZqbWp218WBqI2v9pXV0O+jpzxq1+GeQV2UsbRwc=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN DSA PRIVATE KEY-----
-MIIBuwIBAAKBgQC1PCOasFhlfMc1yjdcp7zkzXGiW+MpVuFlsdYwkAa9sIvNrQLi
-2ulxcnNBeCHKDbk7U+J3/QwO2XanapQMUqvfjfjL1QQ5Vf7ENUWPNP7cEvx82Nb5
-jWdHyRfV//TciBZN8GLNEbfhtWlhI6CbDW1AaY0nPZ879rSIk7/aNKZ3FQIVALcr
-8uQAmnV+3DLIA5nTo0Bg0bjLAoGAJG7meUtQbMulRMdjzeCoya2FXdm+4acvInE9
-/+MybXTB3bFANMyw6WTvk4K9RK8tm52N95cykTjpAbxqTMaXwkdWbOFdVKAKnyxi
-/UKtY9Q6NmwJB2hbA1GUzhPko8rEda66CGl0VbyM1lKMJjA+wp9pG110L0ov19Q9
-fvqKp5UCgYEArEBCDsyoKCQLQwl+1iM1oozmfWJm/iPWWLj3Mp9jmdMs/69gC+DS
-jAs1i8nmdwp9jUMAI9Tj/60LtNO5r3nCCPmvC8BefOBLI4a5KvR8r0PKsfoTQt9d
-P5a4hAdqGbaJJvGo+sKGWenn8RcNMFo7pB92mrQE/jwKVl5vFwD5NgUCFC0583uX
-PgTY5e9pOTVpCwebt50S
------END DSA PRIVATE KEY-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIFVTCCBD2gAwIBAgIHBBrt1FojCzANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
-BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
-BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
-aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
-IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
-ODcwHhcNMTAwNjA5MDIwNzU3WhcNMTEwNjE5MTEwNDM2WjBRMRUwEwYDVQQKEwwq
-LnVidW50dS5jb20xITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEV
-MBMGA1UEAxMMKi51YnVudHUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAu8VcCeGdREV3PYYQukyrfUAay8Ic3fMhA+YUKzqbH8UuPhcjjS3izxaT
-vHLh7v80HS4DXYu6CqoQugZndV4R9KqJN1HVK5acar91VOeQgTSoowTSFtyg6aXJ
-JVdEETyftGHSpS4WjyQZ9FazTfC47c5lJr+3wCZ90UaxaWpNERpMc2L4ZxG1wGCw
-XYWVONtV817NecZVAiytvNPSmcnFm/OC/5GtzxNhfYmsNt1+MiC3IUFe2XnQwFhG
-rvn9IcG2RhEKOOu55pHM08FcnDbfyegBkEDAmQbFIUM+tFUI7nkDNQWy/Mgzuqtg
-DjydGu8h7BObEFrqXtUpm9CbTFZgzwIDAQABo4IBtjCCAbIwDwYDVR0TAQH/BAUw
-AwEBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQD
-AgWgMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2Rz
-MS0xOS5jcmwwUwYDVR0gBEwwSjBIBgtghkgBhv1tAQcXATA5MDcGCCsGAQUFBwIB
-FitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMIGA
-BggrBgEFBQcBAQR0MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHku
-Y29tLzBKBggrBgEFBQcwAoY+aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNv
-bS9yZXBvc2l0b3J5L2dkX2ludGVybWVkaWF0ZS5jcnQwHwYDVR0jBBgwFoAU/axh
-MpNsRdbi7oVfmrrndplozOcwIwYDVR0RBBwwGoIMKi51YnVudHUuY29tggp1YnVu
-dHUuY29tMB0GA1UdDgQWBBTUVPFNlBiCNfPjhD8O8mDUv7MLUjANBgkqhkiG9w0B
-AQUFAAOCAQEAUjuOqqu+vS0StsxVXj44hvPye1MC/MkanIrdce5BgYMc5a+8UJba
-ay8h34vtsvfDsTifNY8ijDx79Hprh9V2LwfWWAiWK2SdrceIdGrxDvzmDHllO5YT
-ig2XhAA7ll4toSnrUfsZmi/bgb1V6VNoq36xvK+riDGnPhc7tNDZZb1fBKE+nA1p
-CZq80Liv1xri4Nj1YQ0kMQQnSHkUgEGg7bvtf+cNkIp3OXTNW8f7VFoaWVZNKW8c
-cxNljypjJM+h7xXCG/YRKws8eCi+xpO1Oc41tnSvbCbc0B6+xwFjRx5tfja309QI
-R2+uBFsmWtBCtn31o4CFNytEnwBOPVbZBA==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIE3jCCA8agAwIBAgICAwEwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCVVMx
-ITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g
-RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMTYw
-MTU0MzdaFw0yNjExMTYwMTU0MzdaMIHKMQswCQYDVQQGEwJVUzEQMA4GA1UECBMH
-QXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5j
-b20sIEluYy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5j
-b20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnR28gRGFkZHkgU2VjdXJlIENlcnRpZmlj
-YXRpb24gQXV0aG9yaXR5MREwDwYDVQQFEwgwNzk2OTI4NzCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAMQt1RWMnCZM7DI161+4WQFapmGBWTtwY6vj3D3H
-KrjJM9N55DrtPDAjhI6zMBS2sofDPZVUBJ7fmd0LJR4h3mUpfjWoqVTr9vcyOdQm
-VZWt7/v+WIbXnvQAjYwqDL1CBM6nPwT27oDyqu9SoWlm2r4arV3aLGbqGmu75RpR
-SgAvSMeYddi5Kcju+GZtCpyz8/x4fKL4o/K1w/O5epHBp+YlLpyo7RJlbmr2EkRT
-cDCVw5wrWCs9CHRK8r5RsL+H0EwnWGu1NcWdrxcx+AuP7q2BNgWJCJjPOq8lh8BJ
-6qf9Z/dFjpfMFDniNoW1fho3/Rb2cRGadDAW/hOUoz+EDU8CAwEAAaOCATIwggEu
-MB0GA1UdDgQWBBT9rGEyk2xF1uLuhV+auud2mWjM5zAfBgNVHSMEGDAWgBTSxLDS
-kdRMEXGzYcs9of7dqGrU4zASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUFBwEB
-BCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZ29kYWRkeS5jb20wRgYDVR0f
-BD8wPTA7oDmgN4Y1aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBv
-c2l0b3J5L2dkcm9vdC5jcmwwSwYDVR0gBEQwQjBABgRVHSAAMDgwNgYIKwYBBQUH
-AgEWKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeTAO
-BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBANKGwOy9+aG2Z+5mC6IG
-OgRQjhVyrEp0lVPLN8tESe8HkGsz2ZbwlFalEzAFPIUyIXvJxwqoJKSQ3kbTJSMU
-A2fCENZvD117esyfxVgqwcSeIaha86ykRvOe5GPLL5CkKSkB2XIsKd83ASe8T+5o
-0yGPwLPk9Qnt0hCqU7S+8MxZC9Y7lhyVJEnfzuz9p0iRFEUOOjZv2kWzRaJBydTX
-RE4+uXR21aITVSzGh6O1mawGhId/dQb8vxRMDsxuxN89txJx9OjxUUAiKEngHUuH
-qDTMBqLdElrRhjZkAzVvb3du6/KFUJheqwNTrZEjYx8WnM25sgVjOuH0aBsXBTWV
-U+4=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIE+zCCBGSgAwIBAgICAQ0wDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1Zh
-bGlDZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu
-Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24g
-QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAe
-BgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTA0MDYyOTE3MDYyMFoX
-DTI0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBE
-YWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3MgMiBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgC
-ggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv
-2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+q
-N1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiO
-r18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lN
-f4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+YihfukEH
-U1jPEX44dMX4/7VpkI+EdOqXG68CAQOjggHhMIIB3TAdBgNVHQ4EFgQU0sSw0pHU
-TBFxs2HLPaH+3ahq1OMwgdIGA1UdIwSByjCBx6GBwaSBvjCBuzEkMCIGA1UEBxMb
-VmFsaUNlcnQgVmFsaWRhdGlvbiBOZXR3b3JrMRcwFQYDVQQKEw5WYWxpQ2VydCwg
-SW5jLjE1MDMGA1UECxMsVmFsaUNlcnQgQ2xhc3MgMiBQb2xpY3kgVmFsaWRhdGlv
-biBBdXRob3JpdHkxITAfBgNVBAMTGGh0dHA6Ly93d3cudmFsaWNlcnQuY29tLzEg
-MB4GCSqGSIb3DQEJARYRaW5mb0B2YWxpY2VydC5jb22CAQEwDwYDVR0TAQH/BAUw
-AwEB/zAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmdv
-ZGFkZHkuY29tMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jZXJ0aWZpY2F0ZXMu
-Z29kYWRkeS5jb20vcmVwb3NpdG9yeS9yb290LmNybDBLBgNVHSAERDBCMEAGBFUd
-IAAwODA2BggrBgEFBQcCARYqaHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNv
-bS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOBgQC1
-QPmnHfbq/qQaQlpE9xXUhUaJwL6e4+PrxeNYiY+Sn1eocSxI0YGyeR+sBjUZsE4O
-WBsUs5iB0QQeyAfJg594RAoYC5jcdnplDQ1tgMQLARzLrUc+cb53S8wGd9D0Vmsf
-SxOaFIqII6hR8INMqzW/Rn453HWkrugp++85j09VZw==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----\r
-MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0\r
-IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz\r
-BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y\r
-aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG\r
-9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE5MDYy\r
-NjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y\r
-azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs\r
-YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw\r
-Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl\r
-cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5avIWZJV16vY\r
-dA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zfN1SLUzm1NZ9\r
-WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7RfZHM047QS\r
-v4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9v\r
-UJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTu\r
-IYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwC\r
-W/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd\r
------END CERTIFICATE-----\r
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 85:7d:e1:c5:d9:de:7a:1f
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=PL, ST=Mazowieckie, O=Samsung, OU=SPRC, CN=Operator Test Root Certificate/emailAddress=operator@samsung.com
- Validity
- Not Before: Jan 4 17:27:08 2011 GMT
- Not After : Jan 3 17:27:08 2014 GMT
- Subject: C=PL, ST=Mazowieckie, O=Samsung, OU=SPRC, CN=Operator Test Root Certificate/emailAddress=operator@samsung.com
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c3:39:17:a8:f9:d0:69:37:9a:56:44:39:67:10:
- 14:a9:4b:a2:0b:c7:fc:a1:e8:e8:f7:1c:06:f4:9c:
- 83:f7:37:07:9d:9c:2c:1b:46:43:5f:f1:7b:91:a8:
- cd:c0:76:00:d5:9c:c9:28:f7:91:28:b6:97:ec:85:
- b1:10:0f:58:2e:f6:6f:98:b6:ab:7b:ca:08:10:7f:
- 55:32:bf:32:db:a7:c2:86:83:03:ee:41:0a:24:de:
- 17:e3:9d:8f:5b:fa:46:70:78:98:b4:c1:14:77:44:
- ab:59:7c:4c:d3:4a:f7:54:f2:30:0d:38:73:95:9f:
- 21:0e:a9:86:3e:fc:82:4e:0b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 25:A5:90:9F:4D:3A:A4:19:0A:80:46:5E:F3:FB:20:CE:56:30:33:DA
- X509v3 Authority Key Identifier:
- keyid:25:A5:90:9F:4D:3A:A4:19:0A:80:46:5E:F3:FB:20:CE:56:30:33:DA
- DirName:/C=PL/ST=Mazowieckie/O=Samsung/OU=SPRC/CN=Operator Test Root Certificate/emailAddress=operator@samsung.com
- serial:85:7D:E1:C5:D9:DE:7A:1F
-
- X509v3 Basic Constraints:
- CA:TRUE
- Signature Algorithm: sha1WithRSAEncryption
- b9:d7:72:49:09:d8:6f:61:94:51:40:9d:c3:d3:23:53:97:b8:
- 12:ee:cb:dd:57:e6:1f:a2:76:38:5d:42:51:bd:a9:30:19:f7:
- 67:5b:a8:67:4a:9e:a1:f0:a9:22:14:94:77:32:27:79:37:9c:
- 0a:0f:52:80:14:62:00:94:45:85:3b:fd:ad:b4:c3:20:45:ba:
- b7:91:1a:9e:38:51:0f:9b:d5:ce:74:c7:bd:4a:21:9a:2d:b5:
- 71:0b:42:d2:95:72:66:fe:eb:11:ad:62:44:6c:32:4e:b4:00:
- 37:d7:b8:d5:4b:f6:74:36:78:d6:ae:66:b3:ca:6e:42:ff:cb:
- c2:e6
------BEGIN CERTIFICATE-----
-MIIDnzCCAwigAwIBAgIJAIV94cXZ3nofMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
-VQQGEwJQTDEUMBIGA1UECBMLTWF6b3dpZWNraWUxEDAOBgNVBAoTB1NhbXN1bmcx
-DTALBgNVBAsTBFNQUkMxJzAlBgNVBAMTHk9wZXJhdG9yIFRlc3QgUm9vdCBDZXJ0
-aWZpY2F0ZTEjMCEGCSqGSIb3DQEJARYUb3BlcmF0b3JAc2Ftc3VuZy5jb20wHhcN
-MTEwMTA0MTcyNzA4WhcNMTQwMTAzMTcyNzA4WjCBkjELMAkGA1UEBhMCUEwxFDAS
-BgNVBAgTC01hem93aWVja2llMRAwDgYDVQQKEwdTYW1zdW5nMQ0wCwYDVQQLEwRT
-UFJDMScwJQYDVQQDEx5PcGVyYXRvciBUZXN0IFJvb3QgQ2VydGlmaWNhdGUxIzAh
-BgkqhkiG9w0BCQEWFG9wZXJhdG9yQHNhbXN1bmcuY29tMIGfMA0GCSqGSIb3DQEB
-AQUAA4GNADCBiQKBgQDDOReo+dBpN5pWRDlnEBSpS6ILx/yh6Oj3HAb0nIP3Nwed
-nCwbRkNf8XuRqM3AdgDVnMko95EotpfshbEQD1gu9m+Ytqt7yggQf1UyvzLbp8KG
-gwPuQQok3hfjnY9b+kZweJi0wRR3RKtZfEzTSvdU8jANOHOVnyEOqYY+/IJOCwID
-AQABo4H6MIH3MB0GA1UdDgQWBBQlpZCfTTqkGQqARl7z+yDOVjAz2jCBxwYDVR0j
-BIG/MIG8gBQlpZCfTTqkGQqARl7z+yDOVjAz2qGBmKSBlTCBkjELMAkGA1UEBhMC
-UEwxFDASBgNVBAgTC01hem93aWVja2llMRAwDgYDVQQKEwdTYW1zdW5nMQ0wCwYD
-VQQLEwRTUFJDMScwJQYDVQQDEx5PcGVyYXRvciBUZXN0IFJvb3QgQ2VydGlmaWNh
-dGUxIzAhBgkqhkiG9w0BCQEWFG9wZXJhdG9yQHNhbXN1bmcuY29tggkAhX3hxdne
-eh8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQC513JJCdhvYZRRQJ3D
-0yNTl7gS7svdV+YfonY4XUJRvakwGfdnW6hnSp6h8KkiFJR3Mid5N5wKD1KAFGIA
-lEWFO/2ttMMgRbq3kRqeOFEPm9XOdMe9SiGaLbVxC0LSlXJm/usRrWJEbDJOtAA3
-17jVS/Z0NnjWrmazym5C/8vC5g==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 85:7d:e1:c5:d9:de:7a:20
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=PL, ST=Mazowieckie, O=Samsung, OU=SPRC, CN=Operator Test Root Certificate/emailAddress=operator@samsung.com
- Validity
- Not Before: Jan 4 17:34:31 2011 GMT
- Not After : Jan 4 17:34:31 2012 GMT
- Subject: C=PL, ST=Malopolskie, L=Krakow, O=Samsung, OU=N/A, CN=Operator Test Second Level Certificate/emailAddress=second.operator@samsung.com
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ba:3c:58:ca:87:1e:59:68:54:8a:54:34:43:61:
- f1:81:e6:35:c1:46:74:16:c7:ff:f9:15:9e:0c:5a:
- 6a:89:c1:13:0c:61:2e:ba:00:e0:71:ea:7e:31:ae:
- 4e:ef:93:58:51:98:97:f3:bf:8a:9b:b2:c1:b7:0c:
- 5f:3f:56:b3:13:3b:d0:80:be:04:66:89:84:50:ca:
- fe:f6:f7:6b:05:3b:30:4e:96:9c:5b:c5:80:bc:d6:
- be:6e:69:f4:b9:9b:4c:06:7a:ed:37:67:b2:fe:45:
- 69:57:62:54:cb:69:69:48:b9:7d:a0:42:f1:b6:dc:
- f2:7f:eb:75:2a:d4:83:69:b9
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- Netscape Comment:
- OpenSSL Generated Certificate
- X509v3 Subject Key Identifier:
- D9:F3:11:BF:98:5A:60:12:7A:85:B5:E7:A7:38:4F:CF:51:1D:C6:B2
- X509v3 Authority Key Identifier:
- keyid:25:A5:90:9F:4D:3A:A4:19:0A:80:46:5E:F3:FB:20:CE:56:30:33:DA
-
- Signature Algorithm: sha1WithRSAEncryption
- 69:6c:26:81:51:91:a6:e6:11:dc:81:35:03:73:85:4f:2f:29:
- 1f:20:f2:23:54:82:ca:8f:b8:a6:e3:3f:cd:72:5e:d7:e7:f5:
- 84:8a:33:e2:51:9f:36:4b:30:85:f4:4f:87:c7:9a:69:0b:15:
- 6e:92:c7:1f:2f:58:a4:57:f8:c2:cd:59:6c:d2:11:63:ae:bb:
- b0:32:3f:09:e7:2e:ad:db:1b:fe:e7:a4:21:43:47:76:e1:de:
- 36:bb:26:3f:16:76:20:ed:a4:68:c1:48:ae:2b:95:fb:f6:d2:
- f2:7f:74:f6:83:e2:89:06:b5:89:54:6e:7f:cf:88:94:66:e8:
- da:32
------BEGIN CERTIFICATE-----
-MIIDPjCCAqegAwIBAgIJAIV94cXZ3nogMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
-VQQGEwJQTDEUMBIGA1UECBMLTWF6b3dpZWNraWUxEDAOBgNVBAoTB1NhbXN1bmcx
-DTALBgNVBAsTBFNQUkMxJzAlBgNVBAMTHk9wZXJhdG9yIFRlc3QgUm9vdCBDZXJ0
-aWZpY2F0ZTEjMCEGCSqGSIb3DQEJARYUb3BlcmF0b3JAc2Ftc3VuZy5jb20wHhcN
-MTEwMTA0MTczNDMxWhcNMTIwMTA0MTczNDMxWjCBsTELMAkGA1UEBhMCUEwxFDAS
-BgNVBAgTC01hbG9wb2xza2llMQ8wDQYDVQQHEwZLcmFrb3cxEDAOBgNVBAoTB1Nh
-bXN1bmcxDDAKBgNVBAsTA04vQTEvMC0GA1UEAxMmT3BlcmF0b3IgVGVzdCBTZWNv
-bmQgTGV2ZWwgQ2VydGlmaWNhdGUxKjAoBgkqhkiG9w0BCQEWG3NlY29uZC5vcGVy
-YXRvckBzYW1zdW5nLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAujxY
-yoceWWhUilQ0Q2HxgeY1wUZ0Fsf/+RWeDFpqicETDGEuugDgcep+Ma5O75NYUZiX
-87+Km7LBtwxfP1azEzvQgL4EZomEUMr+9vdrBTswTpacW8WAvNa+bmn0uZtMBnrt
-N2ey/kVpV2JUy2lpSLl9oELxttzyf+t1KtSDabkCAwEAAaN7MHkwCQYDVR0TBAIw
-ADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUw
-HQYDVR0OBBYEFNnzEb+YWmASeoW156c4T89RHcayMB8GA1UdIwQYMBaAFCWlkJ9N
-OqQZCoBGXvP7IM5WMDPaMA0GCSqGSIb3DQEBBQUAA4GBAGlsJoFRkabmEdyBNQNz
-hU8vKR8g8iNUgsqPuKbjP81yXtfn9YSKM+JRnzZLMIX0T4fHmmkLFW6Sxx8vWKRX
-+MLNWWzSEWOuu7AyPwnnLq3bG/7npCFDR3bh3ja7Jj8WdiDtpGjBSK4rlfv20vJ/
-dPaD4okGtYlUbn/PiJRm6Noy
------END CERTIFICATE-----
+++ /dev/null
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,44C051D8935528BB
-
-iISuf9ELdyP5M0vlWOK4msH09HRAhN+43qRu/RDznpsTs2lX2sJITXXEmJC4EJzS
-Zk4jf3ScTj1JsMGlg5k0mZWLmDb4kUxTRVUqJX2W4uUYEmWav7LQHRAsPwNUSMs3
-DzZabSf1vplnKKoL9mMtX4E0mj79AkJp7tARQu4Zn2FDMg/UnCErzhGeoFysztmM
-v0Biyrf8yTbatMMr7Ea6rIsKS8KbkEeYDk4LpxBXkMeOutnnUUdhUEXZ/mwgJq2e
-+8LLPiWdFsrGxPdub7iuLXidXSpOd9VaC9LN/ORKF+EiJtF+twWSBotxYOtwmtgj
-xUHfXBcbaFoPnLKNS0nxwsOHF07LUfsCHzfVm1uGyWFkkLrPfcSjb6PahFlfO6w5
-fv8HnUOgeAjlhK6X+xhmw1tpwMUlmcYmq31eC8rwxP59jNQbhH6GVr5+rEMRHNgp
-loC1WqthoRtBEC0bi99VpIHVIepe9G+p40sIropoUWftfDSLl3RtONg5GyyZWQ4a
-ROxsiLHDZ7+q8eKkJuYPkiZ61/5MHuOsH5k57PG7ppG6/0p+ED4bTwxxDb6PU4pA
-08xUTZQ0CUn1x80o/lKw+1E9TJOTbCvrEJAnMksfOkNkNyedgDJaxfV63wYvnL4+
-BLzCqa6djpe0Mg2olQieV/piRUt7JaGA7bnaMAn+bJ56PzUnMl0/WlxzGTMtHjkf
-zUqgLLdxZpJP7zl4XleSfRWlPgL1iN1s84x48ej+MGgOGi7xTgX/sfCLkN4No/8k
-c5Po+lQU261XAYNuAjtjUFQP/FgIMM9CnJrDWp8xHZXUJBo0c5lOKg==
------END RSA PRIVATE KEY-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- c7:4a:82:f6:9d:1b:f6:7d
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=PL, ST=Maz, O=Samsung, OU=SPRC, CN=Samsung/emailAddress=samsung@samsung.com
- Validity
- Not Before: Oct 5 11:52:36 2011 GMT
- Not After : Oct 4 11:52:36 2014 GMT
- Subject: C=PL, ST=Maz, O=Samsung, OU=SPRC, CN=Samsung/emailAddress=samsung@samsung.com
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:93:c2:12:8b:3e:b1:69:fe:c8:7e:f1:fa:b0:03:
- d7:bd:25:03:bb:14:70:ab:65:ff:8f:e9:38:14:2b:
- 92:02:d9:e7:b4:78:60:a0:ce:b1:b8:b6:78:c5:af:
- b3:83:3c:47:58:3d:1e:a0:78:69:4d:56:dd:8c:d8:
- 20:27:b2:0d:9f:bf:f1:d4:e1:39:0f:1b:6f:b8:cd:
- ca:f4:0b:fd:d7:cb:64:09:c7:6d:1e:e8:dd:89:43:
- 7f:72:85:3d:9a:54:6e:7c:55:a0:da:f5:e9:28:01:
- ec:3a:da:5a:18:45:fc:28:b1:0e:43:2c:4c:26:5c:
- ca:bc:44:d9:ce:7d:5a:f2:f3
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 82:08:7F:DB:00:02:86:E8:53:2A:A5:FA:58:AE:67:7F:14:38:C8:60
- X509v3 Authority Key Identifier:
- keyid:82:08:7F:DB:00:02:86:E8:53:2A:A5:FA:58:AE:67:7F:14:38:C8:60
- DirName:/C=PL/ST=Maz/O=Samsung/OU=SPRC/CN=Samsung/emailAddress=samsung@samsung.com
- serial:C7:4A:82:F6:9D:1B:F6:7D
-
- X509v3 Basic Constraints:
- CA:TRUE
- Signature Algorithm: sha1WithRSAEncryption
- 0f:cb:a3:cd:25:02:00:17:a9:c5:21:4a:6e:bb:ce:d9:14:74:
- 23:29:c5:47:ff:02:91:5a:ee:a1:53:a7:e4:69:6f:f2:00:bc:
- 09:87:80:f8:3b:a5:51:59:e9:20:1f:1d:5d:cb:91:eb:91:1e:
- f4:79:bf:35:68:a5:ed:24:e5:28:dd:c9:1f:bf:53:f7:75:77:
- 6c:fe:94:0c:de:9c:d9:8e:42:c6:7d:61:6b:5d:5d:ad:a7:6a:
- e4:9b:53:2a:f7:85:9c:51:1d:72:5d:5c:2f:eb:f9:ff:80:4c:
- 6d:46:e8:a0:2c:8a:6f:94:13:b2:00:47:2c:b0:b0:1c:12:fc:
- a0:65
------BEGIN CERTIFICATE-----
-MIIDOjCCAqOgAwIBAgIJAMdKgvadG/Z9MA0GCSqGSIb3DQEBBQUAMHIxCzAJBgNV
-BAYTAlBMMQwwCgYDVQQIEwNNYXoxEDAOBgNVBAoTB1NhbXN1bmcxDTALBgNVBAsT
-BFNQUkMxEDAOBgNVBAMTB1NhbXN1bmcxIjAgBgkqhkiG9w0BCQEWE3NhbXN1bmdA
-c2Ftc3VuZy5jb20wHhcNMTExMDA1MTE1MjM2WhcNMTQxMDA0MTE1MjM2WjByMQsw
-CQYDVQQGEwJQTDEMMAoGA1UECBMDTWF6MRAwDgYDVQQKEwdTYW1zdW5nMQ0wCwYD
-VQQLEwRTUFJDMRAwDgYDVQQDEwdTYW1zdW5nMSIwIAYJKoZIhvcNAQkBFhNzYW1z
-dW5nQHNhbXN1bmcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCTwhKL
-PrFp/sh+8fqwA9e9JQO7FHCrZf+P6TgUK5IC2ee0eGCgzrG4tnjFr7ODPEdYPR6g
-eGlNVt2M2CAnsg2fv/HU4TkPG2+4zcr0C/3Xy2QJx20e6N2JQ39yhT2aVG58VaDa
-9ekoAew62loYRfwosQ5DLEwmXMq8RNnOfVry8wIDAQABo4HXMIHUMB0GA1UdDgQW
-BBSCCH/bAAKG6FMqpfpYrmd/FDjIYDCBpAYDVR0jBIGcMIGZgBSCCH/bAAKG6FMq
-pfpYrmd/FDjIYKF2pHQwcjELMAkGA1UEBhMCUEwxDDAKBgNVBAgTA01hejEQMA4G
-A1UEChMHU2Ftc3VuZzENMAsGA1UECxMEU1BSQzEQMA4GA1UEAxMHU2Ftc3VuZzEi
-MCAGCSqGSIb3DQEJARYTc2Ftc3VuZ0BzYW1zdW5nLmNvbYIJAMdKgvadG/Z9MAwG
-A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAD8ujzSUCABepxSFKbrvO2RR0
-IynFR/8CkVruoVOn5Glv8gC8CYeA+DulUVnpIB8dXcuR65Ee9Hm/NWil7STlKN3J
-H79T93V3bP6UDN6c2Y5Cxn1ha11dradq5JtTKveFnFEdcl1cL+v5/4BMbUbooCyK
-b5QTsgBHLLCwHBL8oGU=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,D2942E015452A445
-
-0M/tC+qVDqyhNsxZZB/dGLuNxsStSUA7TRDRiSBee9JsvcFZjq03D/VjBakNIeET
-6efmKfAngomfvrWtxhped3RI4vasX05swfnr4qiUKjLPyftmNEepbNGeI8MaiD7a
-fEOZuAacstyS5RMHRBXrktq+jtXW2meQTuvEMBJf1AeAIuaFNvr3OvvpCtDwRffi
-1ijUVuG0ZQ6MpP7cGeqLYUZ9StTMxeiEesAPM4YrG7HIY13KaHwMr1ZRtENe7qZ8
-R8vwgW188FYkSSrcQjCVEuj/ztTg9eVuSKdTNgjfKzTWnlrjAzi8CKBsrkYoarwS
-6Rv3TqVVnx4HHdo9RIUKZPeLOdcMD1OPK7aOUedPTAcht3Y7SQQphBQypLf6PLKB
-DCo79B4TUA1W9MijT2d2GN7oJHqHax8zO2j+yCLkEcHF32JZsEFE63Bwss72FXMg
-mTmpCwyzR+oN93687JDUBAP9zNVd76ZnpzwlMZirB6QTY/lrH+iXLH3R3PO6cl2R
-0Jei4IQ1oB+SX6GOPt4tKGTqktUFhsJYbXyifj4O1ZyDVYTp0JafOLxJfU33oYTm
-278yshFdyHRgfKIHvqctZ1xJN2ioVcWf+9DprHc5kGb6wUKRVfQpipTS2hgbMBz+
-UWRZWq+CUD5QkTz4cSQfhPWQF6TNWpTQc0dvAlo3Cmxrro1PriDItsCOeydeNWvn
-Dyynx7ODp/F1rX5ekaXkVxsdGgD/HuNF+c7tEytD7U4/CmevytuXRIrFM0alj2OE
-aBFTqKicBoKgDV9VUOTKwuFeNV7MSuVDUnngEBeYrinwGa7wuV7tzA==
------END RSA PRIVATE KEY-----
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:wac="http://wacapps.net/ns/digsig" Id="AuthorSignature">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <Reference URI="config.xml">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>xUKQbov3HL7JD2/zVUKpPEVGc5C6VWDXwxoDHzDs9y0=</DigestValue>
- </Reference>
- <Reference URI="index.html">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>cIE41PzyhMnF++EmhJ3Ptnd4ZqXyBlRJgiIqxlutbV8=</DigestValue>
- </Reference>
- <Reference URI="#prop">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>MH34nIMXxv0fMQQ8bTV1wZUNLOrXTmpnxpADlNzmQ/4=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>fhh+VQq76Uodq4upHhvcC2tgbVY8bL9DiiSe9wn1O4YrIFKMnEEYqYmpQbL1puWU
-Zbht0hXpvEFXg1010q5kOZQxknqcyFg3hyVUpFDPARkJs1XhRNbFWJJF7qNXVgt5
-NyFrdXFv4lVFjkv+chSykaWu6V22z43E8kJcg+zGVU8=</SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509Certificate>MIIETTCCA7agAwIBAgIJANaOuOCRgiz3MA0GCSqGSIb3DQEBBQUAMIG8MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3Vy
-aXR5IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwG
-A1UECxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNh
-bmluMSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb20wHhcNMDUwNzEw
-MDIyOTAxWhcNMTUwNzA4MDIyOTAxWjCBvDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
-CkNhbGlmb3JuaWExPTA7BgNVBAoTNFhNTCBTZWN1cml0eSBMaWJyYXJ5IChodHRw
-Oi8vd3d3LmFsZWtzZXkuY29tL3htbHNlYykxHjAcBgNVBAsTFVRlc3QgUm9vdCBD
-ZXJ0aWZpY2F0ZTEWMBQGA1UEAxMNQWxla3NleSBTYW5pbjEhMB8GCSqGSIb3DQEJ
-ARYSeG1sc2VjQGFsZWtzZXkuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDayaFajJxOdVU+8EjwO31S2XqNmYxxbHfiUJO3w2h57OPUkKAcKe5Gvt9hJbPT
-b3C4blPScOke2RexKnXS7pAXXbxFlgUlZ0QK0K2pdl559OSmrtH3mPP9BJvvDMlx
-kcNj9/EeD+yGd8GN/yT6PTDh8G/4lszOXL+tyKIkC4Ys/wIDAQABo4IBUzCCAU8w
-DAYDVR0TBAUwAwEB/zAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg
-Q2VydGlmaWNhdGUwHQYDVR0OBBYEFNpG6Wvmr9M9quUhS1LtymYo4P6FMIHxBgNV
-HSMEgekwgeaAFNpG6Wvmr9M9quUhS1LtymYo4P6FoYHCpIG/MIG8MQswCQYDVQQG
-EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTE9MDsGA1UEChM0WE1MIFNlY3VyaXR5
-IExpYnJhcnkgKGh0dHA6Ly93d3cuYWxla3NleS5jb20veG1sc2VjKTEeMBwGA1UE
-CxMVVGVzdCBSb290IENlcnRpZmljYXRlMRYwFAYDVQQDEw1BbGVrc2V5IFNhbmlu
-MSEwHwYJKoZIhvcNAQkBFhJ4bWxzZWNAYWxla3NleS5jb22CCQDWjrjgkYIs9zAN
-BgkqhkiG9w0BAQUFAAOBgQBUXbdOTQwArcNrbxavzARp2JGOnzo6WzTm+OFSXC0F
-08YwT8jWbht97e8lNNVOBU4Y/38ReZqYC9OqFofG1/O9AdQ58WL/FWg8DgP5MJPT
-T9kRU3FU01jUiX2+kbdnghZAOJm0ziRNxfNPwIIWPKYXyXEKQQzrnxyFey1hP7cg
-6A==</X509Certificate>
-</X509Data>
- </KeyInfo>
- <Object Id="prop">
- <SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties">
- <SignatureProperty Id="profile" Target="#AuthorSignature">
- <dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"/>
- </SignatureProperty>
- <SignatureProperty Id="role" Target="#AuthorSignature">
- <dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-author"/>
- </SignatureProperty>
- <SignatureProperty Id="identifier" Target="#AuthorSignature">
- <dsp:Identifier/>
- </SignatureProperty>
- </SignatureProperties>
- </Object>
-</Signature>
+++ /dev/null
-<widget xmlns="http://www.w3.org/ns/widgets" id="Test Widget">
- <name shortname="ShortName">Widget Name OK</name>
- <version>1.2.3.4</version>
- <description>A short description of widget</description>
- <author>Author Name</author>
-</widget>
+++ /dev/null
-<!doctype html>
-<title>Not tested</title>
-<body style="background-color:#666">
-<h1>None</h1>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:wac="http://wacapps.net/ns/digsig" Id="DistributorSignature">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
- <Reference URI="author-signature.xml">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>ZLhd8X2rzCIDGHkIvpDbCXq+dwq+DK7ZZaDD/fII8RU=</DigestValue>
- </Reference>
- <Reference URI="config.xml">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>xUKQbov3HL7JD2/zVUKpPEVGc5C6VWDXwxoDHzDs9y0=</DigestValue>
- </Reference>
- <Reference URI="index.html">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>cIE41PzyhMnF++EmhJ3Ptnd4ZqXyBlRJgiIqxlutbV8=</DigestValue>
- </Reference>
- <Reference URI="#prop">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>ZxnfFPi1rAoxfpN98xSP3lv5tZg9ymJElAFdg3ejrXE=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>Dwm15jQbvUxe7fa7p4RVRAUzYY6eGQmDJSWXnv2LBbouch163OMaXgjKXWOLU+ZA
-MwwuUUXG44QvOIv5M3Kd/Pc6kwvyb9+xm8zqmFF/mhttmAHc7VjY5sfB+bYFt9/3
-8+upSqxiUGLXYzMD/9u4W9ociwAcLiOQytBF1/TCv/4=</SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509Certificate>MIIC4zCCAkygAwIBAgIJAMdKgvadG/Z+MA0GCSqGSIb3DQEBBQUAMHIxCzAJBgNV
-BAYTAlBMMQwwCgYDVQQIEwNNYXoxEDAOBgNVBAoTB1NhbXN1bmcxDTALBgNVBAsT
-BFNQUkMxEDAOBgNVBAMTB1NhbXN1bmcxIjAgBgkqhkiG9w0BCQEWE3NhbXN1bmdA
-c2Ftc3VuZy5jb20wHhcNMTExMDA1MTIwMDUxWhcNMjExMDAyMTIwMDUxWjB4MQsw
-CQYDVQQGEwJQTDEMMAoGA1UECBMDTUFaMQwwCgYDVQQHEwNMZWcxDDAKBgNVBAoT
-A1NhbTENMAsGA1UECxMEU1BSQzEOMAwGA1UEAxMFRmlsaXAxIDAeBgkqhkiG9w0B
-CQEWEWZpbGlwQHNhbXN1bmcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDS/sS0wXSCb34ojN8bWFd4Pl9eTLHh18UNGsPpLpp4itdfuc/OgyqaSoDwBzVh
-EWAVLCTxexUa4Ncva+41NbkW4RCsFzeGs0ktpu1+8Q+v0QEOGqVF2rQkgilzDF/o
-O56Fxw9vG1OA+qdQd3yOAV2EqLNBPrEYB9K5GFyffrakSQIDAQABo3sweTAJBgNV
-HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp
-Y2F0ZTAdBgNVHQ4EFgQUeyy3iV75KtOkpPFd6mnR9dFGZMwwHwYDVR0jBBgwFoAU
-ggh/2wAChuhTKqX6WK5nfxQ4yGAwDQYJKoZIhvcNAQEFBQADgYEADtv0CBrQ1QCM
-H9jKFjpSpq7zFKMXQeVtb/Zie823//woicg8kxnP5sS4dJWNXNb1iMLdhgV80g1y
-t3gTWPxTtFzprQyNiJHTmrbNWXLX1roRVGUE/I8Q4xexqpbNlJIW2Jjm/kqoKfnK
-xORG6HNPXZV29NY2fDRPPOIYoFQzrXI=</X509Certificate>
-</X509Data>
- </KeyInfo>
- <Object Id="prop">
- <SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties">
- <SignatureProperty Id="profile" Target="#DistributorSignature">
- <dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"/>
- </SignatureProperty>
- <SignatureProperty Id="role" Target="#DistributorSignature">
- <dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-distributor"/>
- </SignatureProperty>
- <SignatureProperty Id="identifier" Target="#DistributorSignature">
- <dsp:Identifier/>
- </SignatureProperty>
- </SignatureProperties>
- </Object>
-</Signature>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:wac="http://wacapps.net/ns/digsig" Id="DistributorSignature">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
- <Reference URI="author-signature.xml">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>ZLhd8X2rzCIDGHkIvpDbCXq+dwq+DK7ZZaDD/fII8RU=</DigestValue>
- </Reference>
- <Reference URI="config.xml">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>xUKQbov3HL7JD2/zVUKpPEVGc5C6VWDXwxoDHzDs9y0=</DigestValue>
- </Reference>
- <Reference URI="index.html">
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>cIE41PzyhMnF++EmhJ3Ptnd4ZqXyBlRJgiIqxlutbV8=</DigestValue>
- </Reference>
- <Reference URI="#prop">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
- <DigestValue>ZxnfFPi1rAoxfpN98xSP3lv5tZg9ymJElAFdg3ejrXE=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>fV1J/120GG5L7qsxEkyH6fBvQh2atlpiGMbVM1+pb8Q6pHib5beV6A==</SignatureValue>
- <KeyInfo>
- <X509Data>
- <X509Certificate>MIIEDzCCA3igAwIBAgIJAMdKgvadG/Z/MA0GCSqGSIb3DQEBBQUAMHIxCzAJBgNV
-BAYTAlBMMQwwCgYDVQQIEwNNYXoxEDAOBgNVBAoTB1NhbXN1bmcxDTALBgNVBAsT
-BFNQUkMxEDAOBgNVBAMTB1NhbXN1bmcxIjAgBgkqhkiG9w0BCQEWE3NhbXN1bmdA
-c2Ftc3VuZy5jb20wHhcNMTExMDA1MTIxMTMzWhcNMjExMDAyMTIxMTMzWjCBijEL
-MAkGA1UEBhMCUEwxFDASBgNVBAgTC01hem93aWVja2llMRIwEAYDVQQHEwlsZWdp
-b25vd28xEDAOBgNVBAoTB3NhbXN1bmcxDTALBgNVBAsTBHNwcmMxDjAMBgNVBAMT
-BW1hZ2RhMSAwHgYJKoZIhvcNAQkBFhFtYWdkYUBzYW1zdW5nLmNvbTCCAbcwggEr
-BgcqhkjOOAQBMIIBHgKBgQC1PCOasFhlfMc1yjdcp7zkzXGiW+MpVuFlsdYwkAa9
-sIvNrQLi2ulxcnNBeCHKDbk7U+J3/QwO2XanapQMUqvfjfjL1QQ5Vf7ENUWPNP7c
-Evx82Nb5jWdHyRfV//TciBZN8GLNEbfhtWlhI6CbDW1AaY0nPZ879rSIk7/aNKZ3
-FQIVALcr8uQAmnV+3DLIA5nTo0Bg0bjLAoGAJG7meUtQbMulRMdjzeCoya2FXdm+
-4acvInE9/+MybXTB3bFANMyw6WTvk4K9RK8tm52N95cykTjpAbxqTMaXwkdWbOFd
-VKAKnyxi/UKtY9Q6NmwJB2hbA1GUzhPko8rEda66CGl0VbyM1lKMJjA+wp9pG110
-L0ov19Q9fvqKp5UDgYUAAoGBAKxAQg7MqCgkC0MJftYjNaKM5n1iZv4j1li49zKf
-Y5nTLP+vYAvg0owLNYvJ5ncKfY1DACPU4/+tC7TTua95wgj5rwvAXnzgSyOGuSr0
-fK9DyrH6E0LfXT+WuIQHahm2iSbxqPrChlnp5/EXDTBaO6Qfdpq0BP48ClZebxcA
-+TYFo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy
-YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUmSpShswvWtEABd+l3WxccRcCydUw
-HwYDVR0jBBgwFoAUggh/2wAChuhTKqX6WK5nfxQ4yGAwDQYJKoZIhvcNAQEFBQAD
-gYEAgfnAu/gMJRC/BFwkgvrHL0TV4ffPVAf7RSnZS6ib4IHGgrvXJvL+Qh7vHykv
-ZIqD2L96nY2EaSNr0yXrT81YROndOQUJNx4Y/W8m6asu4hzANNZqWCbApPDIMK6V
-cPA1wrKgZqbWp218WBqI2v9pXV0O+jpzxq1+GeQV2UsbRwc=</X509Certificate>
-</X509Data>
- </KeyInfo>
- <Object Id="prop">
- <SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties">
- <SignatureProperty Id="profile" Target="#DistributorSignature">
- <dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"/>
- </SignatureProperty>
- <SignatureProperty Id="role" Target="#DistributorSignature">
- <dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-distributor"/>
- </SignatureProperty>
- <SignatureProperty Id="identifier" Target="#DistributorSignature">
- <dsp:Identifier/>
- </SignatureProperty>
- </SignatureProperties>
- </Object>
-</Signature>
+++ /dev/null
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * @file main.cpp
- * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief This file is the implementation file of main
- */
-#include <dpl/test/test_runner.h>
-#include <vcore/VCore.h>
-
-#include <libsoup/soup.h> // includes headers with g_type_init
-
-int main (int argc, char *argv[])
-{
- g_type_init();
- g_thread_init(NULL);
- ValidationCore::AttachToThread();
- int status = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
- ValidationCore::DetachFromThread();
-
- return status;
-}
-
projects / framework / web / wrt-commons.git / commitdiff