Merges to android Pi release (part 6)

These are a set of CLs merged from the wv cdm repo to the android repo. * Enable Cast for Android Things build. Author: Thoren Paulson <thoren@google.com> [ Merge of http://go/wvgerrit/29941 ] Added a path to make_cast_libwvlevel3 for Android Things. Added the new system id to the preprocessor guards in android_keybox.cpp. Guarded the references to stderr in page_allocator.cpp because for some reason they don't get resolved when we link against the resulting library. BUG: 63443584 * Resolve memory leaks in use of OpenSSL. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/32700 ] Use of EVP_CIPHER_CTX requires a call to EVP_CIPHER_CTX_cleanup(). * Memory leak in OpenSSL RSA key handling. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/32621 ] This fixes a range of tests. --gtest_filter="CdmDecrypt*" runs five tests and still loses 5 objects totalling 1320 bytes (down from 6200 bytes). * Unit test and mock OEMCrypto memory leaks. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/32640 ] More memory leak cleanup. All remaining leaks are due to calls to CRYPTO_malloc() without the matching free (i.e., calls into openssl). * Clean up memory leaks in tests. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/32600 ] This is the first pass at cleaning up memory leaks. These leaks were affecting a lot of tests, making it hard to identify more serious leaks. Switch to unique_ptr<> pointers for CdmEngine in generic_crypto_unittest tests for FileSystem object in mock OEMCrypto's CryptoEngine object. * Fix broken tests - linux-only & address sanitizer failures. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/32460 ] Fix broken test: WvCdmEnginePreProvTestStaging.ServiceCertificateInitialNoneTest Fix failures found by address sanitizer: DeviceFilesUsageInfoTest.RetrieveByProviderSessionToken DeviceFilesUsageInfoTest.UpdateUsageInfo NOTE: address sanitizer cannot handle EXPECT_CALL macros containing a call with a Contains matcher as an argument, e.g.: EXPECT_CALL(file, Write(Contains(certificate, wrapped_private_key, 0), Gt(certificate.size() + wrapped_private_key.size()))) The address sanitizer reports a crash, issues a report, and stops. A temporary fix is to replace the "Contains()" argument with "_". * Usage license handling corrections Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/28540 ] Validate that offline licenses that do not contain a provider session token are not handled by the TEE. BUG: 38490468 Test: WV Unit/integration tests, GtsMediaTestCases, WvCdmRequestLicenseTest.ReleaseRetryL3OfflineKeySessionUsageDisabledTest * UsageTableEntry::CopyOldUsageEntry memcpy read out of range. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/32220 ] The function copies the pst from a variable length input vector into a 256 byte character array. But the length argument was a fixed value - MAC_KEY_SIZE. Depending on the actual PST length this can lead to memcpy reading out of bounds or the PST getting truncated. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I81a4593d7d04d0ef6069ce48d0601b6fbdd85de9
2018-01-09 22:56:21 -08:00
parent b7c9ad57c9
commit 00da44bb68
63 changed files with 977 additions and 582 deletions
--- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
+++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
@@ -8,6 +8,7 @@
 #include <stdint.h>
 #include <time.h>
 #include <map>
+#include <memory>
 #include <vector>

 #include <openssl/rsa.h>
@@ -29,9 +30,12 @@ typedef std::map<SessionId, SessionContext*> ActiveSessions;
 class CryptoEngine {
 public:
  // This is like a factory method, except we choose which version to use at
-  // compile time.  It is defined in several source files.  The build system
+  // compile time. It is defined in several source files. The build system
  // should choose which one to use by only linking in the correct one.
-  static CryptoEngine* MakeCryptoEngine(wvcdm::FileSystem* file_system);
+  // NOTE: The caller must instantiate a FileSystem object - ownership
+  // will be transferred to the new CryptoEngine object.
+  static CryptoEngine* MakeCryptoEngine(
+      std::unique_ptr<wvcdm::FileSystem> file_system);

  virtual ~CryptoEngine();

@@ -86,7 +90,7 @@ class CryptoEngine {
  virtual OEMCrypto_HDCP_Capability config_maximum_hdcp_capability();

  UsageTable& usage_table() { return usage_table_; }
-  wvcdm::FileSystem* file_system() { return file_system_; }
+  wvcdm::FileSystem* file_system() { return file_system_.get(); }

  // If config_local_display_only() returns true, we pretend we are using a
  // built-in display, instead of HDMI or WiFi output.
@@ -159,14 +163,14 @@ class CryptoEngine {
  }

 protected:
-  explicit CryptoEngine(wvcdm::FileSystem* file_system);
+  explicit CryptoEngine(std::unique_ptr<wvcdm::FileSystem> file_system);
  uint8_t* destination_;

 private:
  ActiveSessions sessions_;
  AuthenticationRoot root_of_trust_;
  wvcdm::Lock session_table_lock_;
-  wvcdm::FileSystem* file_system_;
+  std::unique_ptr<wvcdm::FileSystem> file_system_;
  UsageTable usage_table_;

  CORE_DISALLOW_COPY_AND_ASSIGN(CryptoEngine);