7 files changed, 146 insertions, 15 deletions

diff --git a/src/components/application_manager/test/include/application_manager/mock_message_helper.h b/src/components/application_manager/test/include/application_manager/mock_message_helper.h
index 6cbe46f9ec..79718983ee 100644
--- a/src/components/application_manager/test/include/application_manager/mock_message_helper.h
+++ b/src/components/application_manager/test/include/application_manager/mock_message_helper.h
@@ -155,10 +155,11 @@ class MockMessageHelper {
            uint32_t correlation_id,
            ApplicationManager& app_mngr));
 #endif  // #ifdef EXTERNAL_PROPRIETARY_MODE
-  MOCK_METHOD3(SendOnPermissionsChangeNotification,
+  MOCK_METHOD4(SendOnPermissionsChangeNotification,
                void(uint32_t connection_key,
                     const policy::Permissions& permissions,
-                    ApplicationManager& app_mngr));
+                    ApplicationManager& app_mngr,
+                    const bool require_encryption));
   MOCK_METHOD4(SendPolicySnapshotNotification,
                void(uint32_t connection_key,
                     const std::vector<uint8_t>& policy_data,
diff --git a/src/components/application_manager/test/include/application_manager/mock_rpc_protection_manager.h b/src/components/application_manager/test/include/application_manager/mock_rpc_protection_manager.h
new file mode 100644
index 0000000000..112de0fea5
--- /dev/null
+++ b/src/components/application_manager/test/include/application_manager/mock_rpc_protection_manager.h
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2019, Ford Motor Company
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of the Ford Motor Company nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef SRC_COMPONENTS_APPLICATION_MANAGER_TEST_INCLUDE_APPLICATION_MANAGER_MOCK_RPC_PROTECTION_MANAGER_H_
+#define SRC_COMPONENTS_APPLICATION_MANAGER_TEST_INCLUDE_APPLICATION_MANAGER_MOCK_RPC_PROTECTION_MANAGER_H_
+
+#include "application_manager/rpc_protection_manager.h"
+#include "gmock/gmock.h"
+
+namespace application_manager {
+class MockRPCProtectionManager : public RPCProtectionManager {
+ public:
+  MOCK_CONST_METHOD3(CheckPolicyEncryptionFlag,
+                     bool(const uint32_t function_id,
+                          const ApplicationSharedPtr app,
+                          const bool is_rpc_service_secure));
+
+  MOCK_METHOD3(CreateEncryptionNeededResponse,
+               std::shared_ptr<smart_objects::SmartObject>(
+                   const uint32_t connection_key,
+                   const uint32_t function_id,
+                   const uint32_t conrrelation_id));
+
+  MOCK_CONST_METHOD2(IsInEncryptionNeededCache,
+                     bool(const uint32_t app_id,
+                          const uint32_t conrrelation_id));
+
+  MOCK_METHOD2(AddToEncryptionNeededCache,
+               void(const uint32_t app_id, const uint32_t correlation_id));
+
+  MOCK_METHOD2(RemoveFromEncryptionNeededCache,
+               void(const uint32_t app_id, const uint32_t correlation_id));
+};
+}  // namespace application_manager
+
+#endif  // SRC_COMPONENTS_APPLICATION_MANAGER_TEST_INCLUDE_APPLICATION_MANAGER_MOCK_RPC_PROTECTION_MANAGER_H_
diff --git a/src/components/application_manager/test/include/application_manager/mock_rpc_protection_mediator.h b/src/components/application_manager/test/include/application_manager/mock_rpc_protection_mediator.h
new file mode 100644
index 0000000000..858673e3b3
--- /dev/null
+++ b/src/components/application_manager/test/include/application_manager/mock_rpc_protection_mediator.h
@@ -0,0 +1,22 @@
+#pragma once
+
+#include "application_manager/rpc_protection_mediator.h"
+#include "gmock/gmock.h"
+
+namespace application_manager {
+class MockRPCProtectionMediator : public RPCProtectionMediator {
+ public:
+  MOCK_METHOD4(DoesRPCNeedEncryption,
+               bool(const uint32_t function_id,
+                    std::shared_ptr<Application> app,
+                    const uint32_t conrrelation_id,
+                    const bool is_rpc_service_secure));
+  MOCK_METHOD1(DoesRPCNeedEncryption, bool(const uint32_t conrrelation_id));
+  MOCK_METHOD1(EncryptResponseByForce, void(const uint32_t conrrelation_id));
+  MOCK_METHOD3(CreateNegativeResponse,
+               std::shared_ptr<smart_objects::SmartObject>(
+                   const uint32_t connection_key,
+                   const uint32_t function_id,
+                   const uint32_t conrrelation_id));
+};
+}  // namespace application_manager
diff --git a/src/components/application_manager/test/mobile_message_handler_test.cc b/src/components/application_manager/test/mobile_message_handler_test.cc
index cac04d4508..3ae79ce8ce 100644
--- a/src/components/application_manager/test/mobile_message_handler_test.cc
+++ b/src/components/application_manager/test/mobile_message_handler_test.cc
@@ -109,6 +109,7 @@ class MobileMessageHandlerTest : public testing::Test {
                                                 protocol_version,
                                                 &full_data[0],
                                                 full_size,
+                                                false,
                                                 ServiceType::kRpc,
                                                 payload_size);
 
diff --git a/src/components/application_manager/test/mobile_message_handler_v1_test.cc b/src/components/application_manager/test/mobile_message_handler_v1_test.cc
index 7801798705..ab37694c28 100644
--- a/src/components/application_manager/test/mobile_message_handler_v1_test.cc
+++ b/src/components/application_manager/test/mobile_message_handler_v1_test.cc
@@ -69,8 +69,11 @@ const unsigned char* data_v1 =
 
 TEST(MobileMessageHandlerTestV1Test,
      HandleIncomingMessageProtocolV1_SendJSONData_ExpectEqual) {
-  RawMessagePtr message = std::make_shared<RawMessage>(
-      connection_key_p1, protocol_version_1, data_v1, data_json.length());
+  RawMessagePtr message = std::make_shared<RawMessage>(connection_key_p1,
+                                                       protocol_version_1,
+                                                       data_v1,
+                                                       data_json.length(),
+                                                       false);
 
   application_manager::Message* ptr =
       MobileMessageHandler::HandleIncomingMessageProtocol(message);
@@ -89,8 +92,11 @@ TEST(MobileMessageHandlerTestV1Test,
   const unsigned char* data_v1 =
       reinterpret_cast<const unsigned char*>(full_data.c_str());
 
-  RawMessagePtr message = std::make_shared<RawMessage>(
-      connection_key_p1, protocol_version_1, data_v1, full_data.length());
+  RawMessagePtr message = std::make_shared<RawMessage>(connection_key_p1,
+                                                       protocol_version_1,
+                                                       data_v1,
+                                                       full_data.length(),
+                                                       false);
 
   application_manager::Message* ptr =
       MobileMessageHandler::HandleIncomingMessageProtocol(message);
diff --git a/src/components/application_manager/test/mock_message_helper.cc b/src/components/application_manager/test/mock_message_helper.cc
index cccadc5a9d..7002bb0157 100644
--- a/src/components/application_manager/test/mock_message_helper.cc
+++ b/src/components/application_manager/test/mock_message_helper.cc
@@ -212,9 +212,10 @@ void MessageHelper::SendGetListOfPermissionsResponse(
 void MessageHelper::SendOnPermissionsChangeNotification(
     uint32_t connection_key,
     const policy::Permissions& permissions,
-    ApplicationManager& app_mngr) {
+    ApplicationManager& app_mngr,
+    const policy::EncryptionRequired require_encryption) {
   MockMessageHelper::message_helper_mock()->SendOnPermissionsChangeNotification(
-      connection_key, permissions, app_mngr);
+      connection_key, permissions, app_mngr, require_encryption);
 }
 
 void MessageHelper::SendPolicySnapshotNotification(
diff --git a/src/components/application_manager/test/policy_handler_test.cc b/src/components/application_manager/test/policy_handler_test.cc
index 6af4c4f018..94567e893d 100644
--- a/src/components/application_manager/test/policy_handler_test.cc
+++ b/src/components/application_manager/test/policy_handler_test.cc
@@ -243,8 +243,12 @@ class PolicyHandlerTest : public ::testing::Test {
 
     EXPECT_CALL(mock_message_helper_, StringToHMILevel(default_hmi_level))
         .WillOnce(Return(hmi_level));
+    ChangePolicyManagerToMock();
+    const policy::EncryptionRequired require_encryption;
+    EXPECT_CALL(*mock_policy_manager_, GetAppEncryptionRequired(kPolicyAppId_))
+        .WillOnce(Return(require_encryption));
     EXPECT_CALL(mock_message_helper_,
-                SendOnPermissionsChangeNotification(kAppId1_, _, _));
+                SendOnPermissionsChangeNotification(kAppId1_, _, _, _));
     EXPECT_CALL(app_manager_, state_controller()).Times(0);
 
     Permissions permissions;
@@ -496,11 +500,15 @@ TEST_F(PolicyHandlerTest, UnloadPolicyLibrary_method_ExpectLibraryUnloaded) {
 
 TEST_F(PolicyHandlerTest, OnPermissionsUpdated_method_With2Parameters) {
   // Check expectations
+  ChangePolicyManagerToMock();
+  const policy::EncryptionRequired require_encryption;
+  EXPECT_CALL(*mock_policy_manager_, GetAppEncryptionRequired(kPolicyAppId_))
+      .WillOnce(Return(require_encryption));
   EXPECT_CALL(app_manager_, application(kDeviceId, kPolicyAppId_))
       .WillOnce(Return(mock_app_));
   EXPECT_CALL(*mock_app_, app_id()).WillOnce(Return(kAppId1_));
   EXPECT_CALL(mock_message_helper_,
-              SendOnPermissionsChangeNotification(kAppId1_, _, _));
+              SendOnPermissionsChangeNotification(kAppId1_, _, _, _));
   // Act
   Permissions perms;
   policy_handler_.OnPermissionsUpdated(kDeviceId, kPolicyAppId_, perms);
@@ -510,8 +518,12 @@ TEST_F(PolicyHandlerTest, OnPermissionsUpdated_TwoParams_InvalidApp_UNSUCCESS) {
   std::shared_ptr<application_manager_test::MockApplication> invalid_app;
   EXPECT_CALL(app_manager_, application(kDeviceId, kPolicyAppId_))
       .WillOnce(Return(invalid_app));
+  ChangePolicyManagerToMock();
+  const policy::EncryptionRequired require_encryption;
+  EXPECT_CALL(*mock_policy_manager_, GetAppEncryptionRequired(kPolicyAppId_))
+      .Times(0);
   EXPECT_CALL(mock_message_helper_,
-              SendOnPermissionsChangeNotification(_, _, _))
+              SendOnPermissionsChangeNotification(_, _, _, _))
       .Times(0);
 
   Permissions permissions;
@@ -524,8 +536,12 @@ TEST_F(PolicyHandlerTest, OnPermissionsUpdated_InvalidApp_UNSUCCESS) {
       .WillOnce(Return(mock_app_))
       .WillOnce(Return(invalid_app));
   EXPECT_CALL(*mock_app_, app_id()).WillOnce(Return(kAppId1_));
+  ChangePolicyManagerToMock();
+  const policy::EncryptionRequired require_encryption;
+  EXPECT_CALL(*mock_policy_manager_, GetAppEncryptionRequired(kPolicyAppId_))
+      .WillOnce(Return(require_encryption));
   EXPECT_CALL(mock_message_helper_,
-              SendOnPermissionsChangeNotification(kAppId1_, _, _));
+              SendOnPermissionsChangeNotification(kAppId1_, _, _, _));
 
   Permissions permissions;
   policy_handler_.OnPermissionsUpdated(
@@ -556,8 +572,12 @@ TEST_F(PolicyHandlerTest,
 
   EXPECT_CALL(*mock_app_, hmi_level(kDefaultWindowId))
       .WillOnce(Return(mobile_apis::HMILevel::HMI_NONE));
+  ChangePolicyManagerToMock();
+  const policy::EncryptionRequired require_encryption;
+  EXPECT_CALL(*mock_policy_manager_, GetAppEncryptionRequired(kPolicyAppId_))
+      .WillOnce(Return(require_encryption));
   EXPECT_CALL(mock_message_helper_,
-              SendOnPermissionsChangeNotification(kAppId1_, _, _));
+              SendOnPermissionsChangeNotification(kAppId1_, _, _, _));
 
   EXPECT_CALL(app_manager_, state_controller())
       .WillRepeatedly(ReturnRef(mock_state_controller));
@@ -585,8 +605,12 @@ TEST_F(PolicyHandlerTest,
 
   EXPECT_CALL(*mock_app_, hmi_level(kDefaultWindowId))
       .WillOnce(Return(mobile_apis::HMILevel::HMI_NONE));
+  ChangePolicyManagerToMock();
+  const policy::EncryptionRequired require_encryption;
+  EXPECT_CALL(*mock_policy_manager_, GetAppEncryptionRequired(kPolicyAppId_))
+      .WillOnce(Return(require_encryption));
   EXPECT_CALL(mock_message_helper_,
-              SendOnPermissionsChangeNotification(kAppId1_, _, _));
+              SendOnPermissionsChangeNotification(kAppId1_, _, _, _));
 
   EXPECT_CALL(app_manager_, state_controller())
       .WillRepeatedly(ReturnRef(mock_state_controller));
@@ -613,8 +637,12 @@ TEST_F(PolicyHandlerTest,
 
   EXPECT_CALL(*mock_app_, hmi_level(kDefaultWindowId))
       .WillOnce(Return(mobile_apis::HMILevel::HMI_LIMITED));
+  ChangePolicyManagerToMock();
+  const policy::EncryptionRequired require_encryption;
+  EXPECT_CALL(*mock_policy_manager_, GetAppEncryptionRequired(kPolicyAppId_))
+      .WillOnce(Return(require_encryption));
   EXPECT_CALL(mock_message_helper_,
-              SendOnPermissionsChangeNotification(kAppId1_, _, _));
+              SendOnPermissionsChangeNotification(kAppId1_, _, _, _));
 
   EXPECT_CALL(app_manager_, state_controller()).Times(0);
   // Act
@@ -645,9 +673,16 @@ TEST_F(PolicyHandlerTest, CheckPermissions) {
       .WillOnce(Return(hmi_level));
   EXPECT_CALL(*mock_app_, device()).WillOnce(Return(device));
   EXPECT_CALL(*mock_app_, policy_app_id()).WillOnce(Return(kPolicyAppId_));
+#ifdef EXTERNAL_PROPRIETARY_MODE
   EXPECT_CALL(*mock_policy_manager_,
               CheckPermissions(
                   kDeviceId, kPolicyAppId_, kHmiLevel_, kRpc_, kRpc_params, _));
+
+#else   // EXTERNAL_PROPRIETARY_MODE
+  EXPECT_CALL(*mock_policy_manager_,
+              CheckPermissions(
+                  kDeviceId, kPolicyAppId_, kHmiLevel_, kRpc_, kRpc_params, _));
+#endif  // EXTERNAL_PROPRIETARY_MODE
   EXPECT_CALL(mock_message_helper_, StringifiedHMILevel(hmi_level))
       .WillOnce(Return(kHmiLevel_));
   EXPECT_CALL(mock_message_helper_, GetDeviceMacAddressForHandle(device, _))