From 0fb76d5c1b6921be08c6135a1ae1f25e6717fadf Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Tue, 29 Nov 2016 15:05:23 -0800 Subject: [PATCH] Refactor OEMCrypto Unit Tests Merge from widevine repo of http://go/wvgerrit/21681 This CL refactors some oemcrypto unit tests in preparation for adding Provisioning 3.0 tests. - The signature GenerateNonce has changed. Instead of the caller passing in a pointer for the nonce, we store the nonce in a member variable of Session. - GenerateDerivedKeys is being replaced by InstallTestSessionKeys. This sets up and calls the appropriate derive keys method. This function is in the test class, instead of the session class so that multiple sessions in a class can share the same wrapped rsa key. This will be modified for provisioning 3.0 in a future CL. - Rename tests that require a keybox. Some tests are specific for using a keybox to request a DRM cert. These tests are renamed so we can filter them out on devices that use an OEM Cert. Corresponding tests for devices using provisioning 3.0 will be in a future CL. - Some member variables and methods in the class Session were not used. They are removed. - Added openssl smart pointer. - Comments. I added comments. - clang format. Change-Id: Ib579a322858e0ef92652a42167241b35cf85a041 --- .../cdm/core/test/generic_crypto_unittest.cpp | 7 +- .../oemcrypto/test/oec_session_util.cpp | 169 +++---- .../oemcrypto/test/oec_session_util.h | 114 ++++- .../oemcrypto/test/oemcrypto_test.cpp | 440 ++++++++++-------- .../oemcrypto/test/oemcrypto_test_android.cpp | 18 +- .../oemcrypto/test/oemcrypto_test_main.cpp | 10 +- 6 files changed, 433 insertions(+), 325 deletions(-) diff --git a/libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp b/libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp index 571a2af4..ebf54879 100644 --- a/libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp +++ b/libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp @@ -33,6 +33,7 @@ class WvGenericOperationsTest : public testing::Test { virtual void SetUp() { ::testing::Test::SetUp(); + // TODO(fredgc or gmorgan): This should be updated for provisioning 3.0 // Load test keybox. This keybox will be used by any CryptoSession // created by the CDM under test. ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadTestKeybox()); @@ -72,7 +73,8 @@ class WvGenericOperationsTest : public testing::Test { void OecSessionSetup(uint32_t oec_session_id) { buffer_size_ = 160; oec_util_session_.SetSessionId(oec_session_id); - oec_util_session_.GenerateTestSessionKeys(); + // TODO(fredgc or gmorgan): This should be updated for provisioning 3.0 + oec_util_session_.GenerateDerivedKeysFromKeybox(); MakeFourKeys(); } @@ -202,7 +204,8 @@ TEST_F(WvGenericOperationsTest, NormalSessionOpenClose) { TEST_F(WvGenericOperationsTest, GenerateSessionKeys) { wvoec::Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + // TODO(fredgc or gmorgan): This should be updated for provisioning 3.0 + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); ASSERT_NO_FATAL_FAILURE(s.close()); } diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp index 26e239b2..5e4b1381 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp @@ -9,8 +9,10 @@ #include #include #include +#include #include #include +#include #include #include @@ -18,13 +20,14 @@ #include #include +#include "OEMCryptoCENC.h" #include "log.h" #include "oec_device_features.h" #include "oec_test_data.h" #include "oemcrypto_key_mock.h" -#include "OEMCryptoCENC.h" #include "string_conversions.h" #include "wv_cdm_constants.h" +#include "wv_cdm_types.h" #include "wv_keybox.h" using namespace std; @@ -69,6 +72,23 @@ void dump_openssl_error() { } } +template +class openssl_ptr { + public: + explicit openssl_ptr(T* p = NULL) : ptr_(p) {} + ~openssl_ptr() { + if (ptr_) func(ptr_); + } + T& operator*() const { return *ptr_; } + T* operator->() const { return ptr_; } + T* get() const { return ptr_; } + bool NotNull() { return ptr_; } + + private: + T* ptr_; + CORE_DISALLOW_COPY_AND_ASSIGN(openssl_ptr); +}; + Session::Session() : open_(false), forced_session_id_(false), @@ -113,8 +133,8 @@ void Session::close() { open_ = false; } -void Session::GenerateNonce(uint32_t* nonce, int* error_counter) { - if (OEMCrypto_SUCCESS == OEMCrypto_GenerateNonce(session_id(), nonce)) { +void Session::GenerateNonce(int* error_counter) { + if (OEMCrypto_SUCCESS == OEMCrypto_GenerateNonce(session_id(), &nonce_)) { return; } if (error_counter) { @@ -122,7 +142,7 @@ void Session::GenerateNonce(uint32_t* nonce, int* error_counter) { } else { sleep(1); // wait a second, then try again. ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_GenerateNonce(session_id(), nonce)); + OEMCrypto_GenerateNonce(session_id(), &nonce_)); } } @@ -148,7 +168,7 @@ void Session::FillDefaultContext(vector* mac_context, } void Session::GenerateDerivedKeysFromKeybox() { - GenerateNonce(&nonce_); + GenerateNonce(); vector mac_context; vector enc_context; FillDefaultContext(&mac_context, &enc_context); @@ -168,10 +188,11 @@ void Session::GenerateDerivedKeysFromKeybox() { void Session::GenerateDerivedKeysFromSessionKey() { // Uses test certificate. - GenerateNonce(&nonce_); + GenerateNonce(); + vector session_key; vector enc_session_key; PreparePublicKey(); - ASSERT_TRUE(GenerateRSASessionKey(&enc_session_key)); + ASSERT_TRUE(GenerateRSASessionKey(&session_key, &enc_session_key)); vector mac_context; vector enc_context; FillDefaultContext(&mac_context, &enc_context); @@ -190,14 +211,6 @@ void Session::GenerateDerivedKeysFromSessionKey() { enc_key_ = wvcdm::a2b_hex("CB477D09014D72C9B8DCE76C33EA43B3"); } -void Session::GenerateTestSessionKeys() { - if (global_features.derive_key_method == DeviceFeatures::LOAD_TEST_RSA_KEY) { - GenerateDerivedKeysFromSessionKey(); - } else { - GenerateDerivedKeysFromKeybox(); - } -} - void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) { uint8_t* pst_ptr = NULL; if (pst.length() > 0) { @@ -236,9 +249,11 @@ void Session::VerifyTestKeys() { // control duration and bits stored in network byte order. For printing // we change to host byte order. ASSERT_EQ((htonl_fnc(license_.keys[i].control.duration)), - (htonl_fnc(block.duration))) << "For key " << i; + (htonl_fnc(block.duration))) + << "For key " << i; ASSERT_EQ(htonl_fnc(license_.keys[i].control.control_bits), - htonl_fnc(block.control_bits)) << "For key " << i; + htonl_fnc(block.control_bits)) + << "For key " << i; } } } @@ -278,8 +293,8 @@ void Session::SetKeyId(int index, const string& key_id) { void Session::FillSimpleMessage(uint32_t duration, uint32_t control, uint32_t nonce, const std::string& pst) { - EXPECT_EQ(1, RAND_pseudo_bytes(license_.mac_key_iv, - sizeof(license_.mac_key_iv))); + EXPECT_EQ( + 1, RAND_pseudo_bytes(license_.mac_key_iv, sizeof(license_.mac_key_iv))); EXPECT_EQ(1, RAND_pseudo_bytes(license_.mac_keys, sizeof(license_.mac_keys))); for (unsigned int i = 0; i < num_keys_; i++) { memset(license_.keys[i].key_id, 0, kTestKeyIdMaxLength); @@ -353,8 +368,10 @@ void Session::EncryptAndSign() { FillKeyArray(encrypted_license(), key_array_); } -void Session::EncryptMessage(RSAPrivateKeyMessage* data, - RSAPrivateKeyMessage* encrypted) { +void Session::EncryptProvisioningMessage( + RSAPrivateKeyMessage* data, RSAPrivateKeyMessage* encrypted, + const vector& encryption_key) { + ASSERT_EQ(encryption_key.size(), wvcdm::KEY_SIZE); *encrypted = *data; size_t padding = wvcdm::KEY_SIZE - (data->rsa_key_length % wvcdm::KEY_SIZE); memset(data->rsa_key + data->rsa_key_length, static_cast(padding), @@ -363,7 +380,7 @@ void Session::EncryptMessage(RSAPrivateKeyMessage* data, uint8_t iv_buffer[16]; memcpy(iv_buffer, &data->rsa_key_iv[0], wvcdm::KEY_IV_SIZE); AES_KEY aes_key; - AES_set_encrypt_key(&enc_key_[0], 128, &aes_key); + AES_set_encrypt_key(&encryption_key[0], 128, &aes_key); AES_cbc_encrypt(&data->rsa_key[0], &encrypted->rsa_key[0], encrypted->rsa_key_length, &aes_key, iv_buffer, AES_ENCRYPT); } @@ -385,17 +402,15 @@ void Session::ClientSignMessage(const vector& data, &(data.front()), data.size(), &(signature->front()), &md_len); } -// This verifies the signature computed by OEMCrypto using the client mac keys. -// This is used when a device requests a license renewal. It is also used for -// a license request authenticated by a keybox. The first use case is needed -// for devices with a keybox or without. void Session::VerifyClientSignature(size_t data_length) { + // In the real world, a message should be signed by the client and + // verified by the server. This simulates that. vector data(data_length); - for(int i=0; i < data.size(); i++) data[i] = i % 0xFF; + for (int i = 0; i < data.size(); i++) data[i] = i % 0xFF; OEMCryptoResult sts; size_t gen_signature_length = 0; - sts = OEMCrypto_GenerateSignature(session_id(), &data[0], data.size(), - NULL, &gen_signature_length); + sts = OEMCrypto_GenerateSignature(session_id(), &data[0], data.size(), NULL, + &gen_signature_length); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_EQ(static_cast(32), gen_signature_length); vector gen_signature(gen_signature_length); @@ -520,36 +535,9 @@ void Session::MakeRSACertificate(struct RSAPrivateKeyMessage* encrypted, size_t message_size, std::vector* signature, uint32_t allowed_schemes, - const vector& rsa_key) { - // Dummy context for testing signature generation. - vector context = wvcdm::a2b_hex( - "0a4c08001248000000020000101907d9ffde13aa95c122678053362136bdf840" - "8f8276e4c2d87ec52b61aa1b9f646e58734930acebe899b3e464189a14a87202" - "fb02574e70640bd22ef44b2d7e3912250a230a14080112100915007caa9b5931" - "b76a3a85f046523e10011a09393837363534333231180120002a0c3138383637" - "38373430350000"); - - OEMCryptoResult sts; - - // Generate signature - size_t gen_signature_length = 0; - sts = OEMCrypto_GenerateSignature(session_id(), &context[0], context.size(), - NULL, &gen_signature_length); - ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); - ASSERT_EQ(static_cast(32), gen_signature_length); - vector gen_signature(gen_signature_length); - sts = OEMCrypto_GenerateSignature(session_id(), &context[0], context.size(), - &gen_signature[0], &gen_signature_length); - ASSERT_EQ(OEMCrypto_SUCCESS, sts); - std::vector expected_signature; - ClientSignMessage(context, &expected_signature); - ASSERT_EQ(expected_signature, gen_signature); - - // Rewrap Canned Response - - // In the real world, the signature above would just have been used to - // contact the certificate provisioning server to get this response. - + const vector& rsa_key, + const vector* encryption_key) { + if (encryption_key == NULL) encryption_key = &enc_key_; struct RSAPrivateKeyMessage message; if (allowed_schemes != kSign_RSASSA_PSS) { uint32_t algorithm_n = htonl(allowed_schemes); @@ -564,7 +552,7 @@ void Session::MakeRSACertificate(struct RSAPrivateKeyMessage* encrypted, EXPECT_EQ(1, RAND_pseudo_bytes(message.rsa_key_iv, wvcdm::KEY_IV_SIZE)); message.nonce = nonce_; - EncryptMessage(&message, encrypted); + EncryptProvisioningMessage(&message, encrypted, *encryption_key); ServerSignBuffer(reinterpret_cast(encrypted), message_size, signature); } @@ -601,35 +589,29 @@ void Session::PreparePublicKey(const uint8_t* rsa_key, size_t rsa_key_length) { rsa_key_length = sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048); } uint8_t* p = const_cast(rsa_key); - BIO* bio = BIO_new_mem_buf(p, rsa_key_length); - ASSERT_TRUE(NULL != bio); - PKCS8_PRIV_KEY_INFO* pkcs8_pki = d2i_PKCS8_PRIV_KEY_INFO_bio(bio, NULL); - ASSERT_TRUE(NULL != pkcs8_pki); - EVP_PKEY* evp = NULL; - evp = EVP_PKCS82PKEY(pkcs8_pki); - ASSERT_TRUE(NULL != evp); + openssl_ptr bio(BIO_new_mem_buf(p, rsa_key_length)); + ASSERT_TRUE(bio.NotNull()); + openssl_ptr pkcs8_pki( + d2i_PKCS8_PRIV_KEY_INFO_bio(bio.get(), NULL)); + ASSERT_TRUE(pkcs8_pki.NotNull()); + openssl_ptr evp(EVP_PKCS82PKEY(pkcs8_pki.get())); + ASSERT_TRUE(evp.NotNull()); if (public_rsa_) RSA_free(public_rsa_); - public_rsa_ = EVP_PKEY_get1_RSA(evp); - EVP_PKEY_free(evp); - PKCS8_PRIV_KEY_INFO_free(pkcs8_pki); - BIO_free(bio); + public_rsa_ = EVP_PKEY_get1_RSA(evp.get()); if (!public_rsa_) { cout << "d2i_RSAPrivateKey failed. "; dump_openssl_error(); - ASSERT_TRUE(false); + FAIL() << "Could not parse public RSA key."; } switch (RSA_check_key(public_rsa_)) { case 1: // valid. - ASSERT_TRUE(true); return; case 0: // not valid. - cout << "[rsa key not valid] "; dump_openssl_error(); - ASSERT_TRUE(false); + FAIL() << "[rsa key not valid] "; default: // -1 == check failed. - cout << "[error checking rsa key] "; dump_openssl_error(); - ASSERT_TRUE(false); + FAIL() << "[error checking rsa key] "; } } @@ -693,14 +675,12 @@ void Session::VerifyRSASignature(const vector& message, EXPECT_EQ(static_cast(RSA_size(public_rsa_)), signature_length) << "Signature size is wrong. " << signature_length << ", should be " << RSA_size(public_rsa_) << "\n"; - if (padding_scheme == kSign_RSASSA_PSS) { - EVP_PKEY* pkey = EVP_PKEY_new(); - ASSERT_TRUE(EVP_PKEY_set1_RSA(pkey, public_rsa_) == 1); + openssl_ptr pkey(EVP_PKEY_new()); + ASSERT_EQ(1, EVP_PKEY_set1_RSA(pkey.get(), public_rsa_)); - const bool ok = VerifyPSSSignature(pkey, &message[0], message.size(), + const bool ok = VerifyPSSSignature(pkey.get(), &message[0], message.size(), signature, signature_length); - EVP_PKEY_free(pkey); EXPECT_TRUE(ok) << "PSS signature check failed."; } else if (padding_scheme == kSign_PKCS1_Block1) { vector padded_digest(signature_length); @@ -717,20 +697,20 @@ void Session::VerifyRSASignature(const vector& message, } } -bool Session::GenerateRSASessionKey(vector* enc_session_key) { +bool Session::GenerateRSASessionKey(vector* session_key, + vector* enc_session_key) { if (!public_rsa_) { cout << "No public RSA key loaded in test code.\n"; return false; } - vector session_key = - wvcdm::a2b_hex("6fa479c731d2770b6a61a5d1420bb9d1"); + *session_key = wvcdm::a2b_hex("6fa479c731d2770b6a61a5d1420bb9d1"); enc_session_key->assign(RSA_size(public_rsa_), 0); - int status = RSA_public_encrypt(session_key.size(), &session_key[0], + int status = RSA_public_encrypt(session_key->size(), &(session_key->front()), &(enc_session_key->front()), public_rsa_, RSA_PKCS1_OAEP_PADDING); int size = static_cast(RSA_size(public_rsa_)); if (status != size) { - cout << "GenerateRSASessionKey error encrypting session key. "; + cout << "GenerateRSASessionKey error encrypting session key.\n"; dump_openssl_error(); return false; } @@ -744,21 +724,6 @@ void Session::InstallRSASessionTestKey(const vector& wrapped_rsa_key) { GenerateDerivedKeysFromSessionKey(); } -void Session::DisallowDeriveKeys() { - GenerateNonce(&nonce_); - vector enc_session_key; - PreparePublicKey(); - ASSERT_TRUE(GenerateRSASessionKey(&enc_session_key)); - vector mac_context; - vector enc_context; - FillDefaultContext(&mac_context, &enc_context); - ASSERT_NE(OEMCrypto_SUCCESS, - OEMCrypto_DeriveKeysFromSessionKey( - session_id(), &enc_session_key[0], enc_session_key.size(), - &mac_context[0], mac_context.size(), &enc_context[0], - enc_context.size())); -} - void Session::GenerateReport(const std::string& pst, bool expect_success, Session* other) { if (other) { // If other is specified, copy mac keys. diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.h b/libwvdrmengine/oemcrypto/test/oec_session_util.h index b4ed6c85..a45c2d20 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.h +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.h @@ -66,10 +66,10 @@ const size_t kTestKeyIdMaxLength = 16; // Most content will use a key id that is 16 bytes long. const int kDefaultKeyIdLength = 16; -const size_t kMaxTestRSAKeyLength = 2000; // Rough estimate. -const size_t kMaxPSTLength = 255; // In specification. -const size_t kMaxMessageSize = 8 * 1024; // In specification. -const size_t kMaxDecryptSize = 100 * 1024; // In specification. +const size_t kMaxTestRSAKeyLength = 2000; // Rough estimate. +const size_t kMaxPSTLength = 255; // In specification. +const size_t kMaxMessageSize = 8 * 1024; // In specification. +const size_t kMaxDecryptSize = 100 * 1024; // In specification. typedef struct { uint8_t key_id[kTestKeyIdMaxLength]; @@ -92,6 +92,8 @@ struct MessageData { uint8_t pst[kMaxPSTLength]; }; +// This structure will be signed to simulate a provisioning response from the +// server. struct RSAPrivateKeyMessage { uint8_t rsa_key[kMaxTestRSAKeyLength]; uint8_t rsa_key_iv[wvcdm::KEY_IV_SIZE]; @@ -116,84 +118,166 @@ class Session { Session(); ~Session(); + // Returns the most recently generated nonce. + // Valid after call to GenerateNonce. uint32_t get_nonce() { return nonce_; } - + // Valid after call to open(). uint32_t session_id() { return (uint32_t)session_id_; } - + // Call OEMCrypto_OpenSession, with GTest ASSERTs. void open(); + // Call OEMCrypto_CloseSession, with GTest ASSERTs. void close(); + // Artifically set session id without calling OEMCrypto_OpenSession. This is + // used in core/test/generic_crypto_unittest.cpp. void SetSessionId(uint32_t session_id); - uint32_t GetOecSessionId() { return session_id_; } - void GenerateNonce(uint32_t* nonce, int* error_counter = NULL); + // Generates one nonce. If error_counter is null, this will sleep 1 second + // and try again if a nonce flood has been detected. If error_counter is + // not null, it will be incremented when a nonce flood is detected. + void GenerateNonce(int* error_counter = NULL); + // Fill the vectors with test context which generate known mac and enc keys. void FillDefaultContext(vector* mac_context, vector* enc_context); + // Generate known mac and enc keys using OEMCrypto_GenerateDerivedKeys and + // also fill out enc_key_, mac_key_server_, and mac_key_client_. void GenerateDerivedKeysFromKeybox(); + // Generate known mac and enc keys using OEMCrypto_DeriveKeysFromSessionKey + // and also fill out enc_key_, mac_key_server_, and mac_key_client_. void GenerateDerivedKeysFromSessionKey(); - void GenerateTestSessionKeys(); + // Loads and verifies the keys in the message pointed to by message_ptr() + // using OEMCrypto_LoadKeys. This message should have already been created + // by FillSimpleMessage, modified if needed, and then encrypted and signed by + // the server's mac key in EncryptAndSign. void LoadTestKeys(const std::string& pst = "", bool new_mac_keys = true); + // This uses OEMCrypto_QueryKeyControl to check that the keys in OEMCrypto + // have the correct key control data. void VerifyTestKeys(); + // This creates a refresh key or license renewal message, signs it with the + // server's mac key, and calls OEMCrypto_RefreshKeys. void RefreshTestKeys(const size_t key_count, uint32_t control_bits, uint32_t nonce, OEMCryptoResult expected_result); + // This sets the key id in the current message data to the specified string. + // This is used to test with different key id lengths. void SetKeyId(int index, const string& key_id); + // This fills the data structure license_ with key information. This data + // can be modified, and then should be encrypted and signed in EncryptAndSign + // before being loaded in LoadTestKeys. void FillSimpleMessage(uint32_t duration, uint32_t control, uint32_t nonce, const std::string& pst = ""); - + // Like FillSimpleMessage, this fills encrypted_license_ with data. The name + // is a little misleading: the license renewal message is not encrypted, it + // is just signed. The signature is computed in RefreshTestKeys, above. void FillRefreshMessage(size_t key_count, uint32_t control_bits, uint32_t nonce); + // This copies data from license_ to encrypted_license_, and then encrypts + // each field in the key array appropriately. It then signes the buffer with + // the server mac keys. It then fills out the key_array_ so that pointers in + // that array point to the locations in the encrypted message. void EncryptAndSign(); - void EncryptMessage(RSAPrivateKeyMessage* data, - RSAPrivateKeyMessage* encrypted); + // This encrypts an RSAPrivateKeyMessage with encryption_key so that it may be + // loaded with OEMCrypto_RewrapDeviceRSAKey. + void EncryptProvisioningMessage(RSAPrivateKeyMessage* data, + RSAPrivateKeyMessage* encrypted, + const vector& encryption_key); + // Sign the buffer with server's mac key. void ServerSignBuffer(const uint8_t* data, size_t data_length, std::vector* signature); + // Sign the buffer with client's known mac key. Known test keys must be + // installed first. void ClientSignMessage(const vector& data, std::vector* signature); + // This checks the signature generated by OEMCrypto_GenerateSignature against + // that generaged by ClientSignMessage. void VerifyClientSignature(size_t data_length = 400); + // Set the pointers in key_array[*] to point values inside data. This is + // needed to satisfy range checks in OEMCrypto_LoadKeys. void FillKeyArray(const MessageData& data, OEMCrypto_KeyObject* key_array); + // As in FillKeyArray but for the license renewal message passed to + // OEMCrypto_RefreshKeys. void FillRefreshArray(OEMCrypto_KeyRefreshObject* key_array, size_t key_count); + // Encrypt a block of data using CTR mode. void EncryptCTR(const vector& in_buffer, const uint8_t* key, const uint8_t* starting_iv, vector* out_buffer); + // Encrypt some data and pass to OEMCrypto_DecryptCENC to verify decryption. void TestDecryptCTR(bool select_key_first = true, OEMCryptoResult expected_result = OEMCrypto_SUCCESS, int key_index = 0); + // Creates RSAPrivateKeyMessage for the specified rsa_key, encrypts it with + // the specified encryption key, and then signs it with the server's mac key. + // If encryption_key is null, use the session's enc_key_. void MakeRSACertificate(struct RSAPrivateKeyMessage* encrypted, size_t message_size, std::vector* signature, uint32_t allowed_schemes, - const vector& rsa_key); + const vector& rsa_key, + const vector* encryption_key = NULL); + // Calls OEMCrypto_RewrapDeviceRSAKey with the given provisioning response + // message. void RewrapRSAKey(const struct RSAPrivateKeyMessage& encrypted, size_t message_size, const std::vector& signature, vector* wrapped_key, bool force); + // Loads the specified RSA public key into public_rsa_. If rsa_key is null, + // the default test key is loaded. void PreparePublicKey(const uint8_t* rsa_key = NULL, size_t rsa_key_length = 0); + // Verifies the given signature is from the given message and RSA key, pkey. static bool VerifyPSSSignature(EVP_PKEY* pkey, const uint8_t* message, size_t message_length, const uint8_t* signature, size_t signature_length); + // Verify that the message was signed by the private key associated with + // |public_rsa_| using the specified padding scheme. void VerifyRSASignature(const vector& message, const uint8_t* signature, size_t signature_length, RSA_Padding_Scheme padding_scheme); - bool GenerateRSASessionKey(vector* enc_session_key); + // Encrypts a known session key with public_rsa_ for use in future calls to + // OEMCrypto_DeriveKeysFromSessionKey or OEMCrypto_RewrapDeviceRSAKey30. + // The unencrypted session key is stored in session_key. + bool GenerateRSASessionKey(vector* session_key, + vector* enc_session_key); + // Loads the specified wrapped_rsa_key into OEMCrypto, and then runs + // GenerateDerivedKeysFromSessionKey to install known encryption and mac keys. void InstallRSASessionTestKey(const vector& wrapped_rsa_key); - void DisallowDeriveKeys(); + // Generates a usage report for the specified pst. If expect_success is true, + // the report's signature is verified, and several fields are given sanity + // checks. If other is not null, then the mac keys are copied from other in + // order to verify signatures. void GenerateReport(const std::string& pst, bool expect_success = true, Session* other = 0); + // Returns a pointer to the usage report generated by the previous call to + // GenerateReport. OEMCrypto_PST_Report* pst_report(); + // Creates a signed delete usage table entry message and calls + // OEMCrypto_DeleteUsageEntry on it. void DeleteEntry(const std::string& pst); + // Calls OEMCrypto_ForceDeleteUsageEntry to delete a usage table entry without + // a signed message. void ForceDeleteEntry(const std::string& pst); + // The unencrypted license response or license renewal response. MessageData& license() { return license_; } + // The encrypted license response or license renewal response. MessageData& encrypted_license() { return padded_message_; } + // A pointer to the buffer holding encrypted_license. const uint8_t* message_ptr(); + // An array of key objects for use in LoadKeys. OEMCrypto_KeyObject* key_array() { return key_array_; } + // The last signature generated with the server's mac key. std::vector& signature() { return signature_; } + // Set the number of keys to use in the license(), encrypted_license() + // and key_array(). void set_num_keys(int num_keys) { num_keys_ = num_keys; } + // The current number of keys to use in the license(), encrypted_license() + // and key_array(). int num_keys() const { return num_keys_; } + // Set the size of the buffer used the encrypted license. + // Must be between sizeof(MessageData) and kMaxMessageSize. void set_message_size(size_t size); + // The size of the encrypted message. size_t message_size() { return message_size_; } private: diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index 4e4ba63a..9170fb5a 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -275,31 +275,29 @@ TEST_F(OEMCryptoClientTest, GetRandomLargeBuffer) { TEST_F(OEMCryptoClientTest, GenerateNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - uint32_t nonce; - s.GenerateNonce(&nonce); + s.GenerateNonce(); } TEST_F(OEMCryptoClientTest, GenerateTwoNonces) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - uint32_t nonce1; - uint32_t nonce2; - s.GenerateNonce(&nonce1); - s.GenerateNonce(&nonce2); - ASSERT_TRUE(nonce1 != nonce2); + s.GenerateNonce(); + uint32_t nonce1 = s.get_nonce(); + s.GenerateNonce(); + uint32_t nonce2 = s.get_nonce(); + ASSERT_TRUE(nonce1 != nonce2); // Very unlikely to be equal. } TEST_F(OEMCryptoClientTest, PreventNonceFlood) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); int error_counter = 0; - uint32_t nonce; time_t test_start = time(NULL); // More than 20 nonces per second should generate an error. // To allow for some slop, we actually test for more. const int kFloodCount = 80; for (int i = 0; i < kFloodCount; i++) { - s.GenerateNonce(&nonce, &error_counter); + s.GenerateNonce(&error_counter); } time_t test_end = time(NULL); int valid_counter = kFloodCount - error_counter; @@ -310,14 +308,13 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood) { EXPECT_LE(valid_counter, 20 * (test_end - test_start + 2)); error_counter = 0; sleep(2); // After a pause, we should be able to regenerate nonces. - s.GenerateNonce(&nonce, &error_counter); + s.GenerateNonce(&error_counter); EXPECT_EQ(0, error_counter); } // Prevent a nonce flood even if each nonce is in a different session. TEST_F(OEMCryptoClientTest, PreventNonceFlood2) { int error_counter = 0; - uint32_t nonce; time_t test_start = time(NULL); // More than 20 nonces per second should generate an error. // To allow for some slop, we actually test for more. @@ -325,7 +322,7 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood2) { for (int i = 0; i < kFloodCount; i++) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateNonce(&nonce, &error_counter); + s.GenerateNonce(&error_counter); } time_t test_end = time(NULL); int valid_counter = kFloodCount - error_counter; @@ -338,7 +335,7 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood2) { sleep(2); // After a pause, we should be able to regenerate nonces. Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateNonce(&nonce, &error_counter); + s.GenerateNonce(&error_counter); EXPECT_EQ(0, error_counter); } @@ -349,7 +346,6 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood2) { TEST_F(OEMCryptoClientTest, PreventNonceFlood3) { int request_counter = 0; int error_counter = 0; - uint32_t nonce; time_t test_start = time(NULL); // More than 20 nonces per second should generate an error. // To allow for some slop, we actually test for more. @@ -358,7 +354,7 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood3) { ASSERT_NO_FATAL_FAILURE(s[i].open()); for (int j = 0; j < 10; j++) { request_counter++; - s[i].GenerateNonce(&nonce, &error_counter); + s[i].GenerateNonce(&error_counter); } } time_t test_end = time(NULL); @@ -370,7 +366,7 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood3) { EXPECT_LE(valid_counter, 20 * (test_end - test_start + 2)); error_counter = 0; sleep(2); // After a pause, we should be able to regenerate nonces. - s[0].GenerateNonce(&nonce, &error_counter); + s[0].GenerateNonce(&error_counter); EXPECT_EQ(0, error_counter); } @@ -467,7 +463,7 @@ TEST_F(OEMCryptoKeyboxTest, GenerateDerivedKeysFromKeyboxLargeBuffer) { vector mac_context(kMaxMessageSize); vector enc_context(kMaxMessageSize); // Stripe the data so the two vectors are not identical, and not all zeroes. - for(int i=0; i < kMaxMessageSize; i++) { + for (int i = 0; i < kMaxMessageSize; i++) { mac_context[i] = i % 0x100; enc_context[i] = (3 * i) % 0x100; } @@ -484,7 +480,10 @@ TEST_F(OEMCryptoKeyboxTest, GenerateDerivedKeysFromKeyboxLargeBuffer) { // session keys. class OEMCryptoSessionTests : public OEMCryptoClientTest { protected: - OEMCryptoSessionTests() {} + OEMCryptoSessionTests() + : encoded_rsa_key_(kTestRSAPKCS8PrivateKeyInfo2_2048, + kTestRSAPKCS8PrivateKeyInfo2_2048 + + sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048)) {} virtual void SetUp() { OEMCryptoClientTest::SetUp(); @@ -531,6 +530,49 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest { // Can return error now, or return error on IsKeyboxValid. } } + + // This makes sure that the derived keys (encryption key and two mac keys) + // are installed in OEMCrypto and in the test session. + void InstallTestSessionKeys(Session* s) { + if (global_features.uses_certificate) { + if (global_features.loads_certificate) { + if (wrapped_rsa_key_.size() == 0) { + // If we don't have a wrapped key yet, create one. + // This wrapped key will be shared by all sessions in the test. + ASSERT_NO_FATAL_FAILURE(CreateWrappedRSAKey(kSign_RSASSA_PSS, true)); + } + // Load the wrapped rsa test key. + ASSERT_NO_FATAL_FAILURE(s->InstallRSASessionTestKey(wrapped_rsa_key_)); + } + // Test RSA key should be loaded. + ASSERT_NO_FATAL_FAILURE(s->GenerateDerivedKeysFromSessionKey()); + } else { // Just uses keybox. Test keybox should already be installed. + ASSERT_NO_FATAL_FAILURE(s->GenerateDerivedKeysFromKeybox()); + } + } + + // TODO(fredgc): CreateWrappedRSAKeyFromOEMCert in next CL. + void CreateWrappedRSAKey(uint32_t allowed_schemes, bool force) { + Session s; + ASSERT_NO_FATAL_FAILURE(s.open()); + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); + // Provisioning request would be signed by the client and verified by the + // server. + ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); + struct RSAPrivateKeyMessage encrypted; + std::vector signature; + ASSERT_NO_FATAL_FAILURE(s.MakeRSACertificate(&encrypted, sizeof(encrypted), + &signature, allowed_schemes, + encoded_rsa_key_)); + ASSERT_NO_FATAL_FAILURE(s.RewrapRSAKey(encrypted, sizeof(encrypted), + signature, &wrapped_rsa_key_, force)); + // Verify that the clear key is not contained in the wrapped key. + // It should be encrypted. + ASSERT_EQ(NULL, find(wrapped_rsa_key_, encoded_rsa_key_)); + } + + std::vector encoded_rsa_key_; + std::vector wrapped_rsa_key_; }; class OEMCryptoSessionTestKeyboxTest : public OEMCryptoSessionTests {}; @@ -594,7 +636,6 @@ TEST_F(OEMCryptoSessionTestKeyboxTest, BadDataForceKeybox) { TEST_F(OEMCryptoSessionTestKeyboxTest, GenerateSignature) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); // Dummy context for testing signature generation. @@ -626,7 +667,7 @@ TEST_F(OEMCryptoSessionTestKeyboxTest, GenerateSignature) { TEST_F(OEMCryptoSessionTests, LoadKeyNoNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 42)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); @@ -635,17 +676,34 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoNonce) { TEST_F(OEMCryptoSessionTests, LoadKeyWithNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE( s.FillSimpleMessage(0, wvoec_mock::kControlNonceEnabled, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); } +// This asks for several nonce. This simulates several license requests being +// lost. OEMCrypto is required to keep up to four nonce in the nonce table. +TEST_F(OEMCryptoSessionTests, LoadKeySeveralNonce) { + Session s; + ASSERT_NO_FATAL_FAILURE(s.open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); + uint32_t first_nonce = + s.get_nonce(); // Nonce generated when installing keys. + s.GenerateNonce(); // two. + s.GenerateNonce(); // three. + s.GenerateNonce(); // four. + ASSERT_NO_FATAL_FAILURE( + s.FillSimpleMessage(0, wvoec_mock::kControlNonceEnabled, first_nonce)); + ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); + ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); +} + TEST_F(OEMCryptoSessionTests, LoadKeyWithNoMAC) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys("", false)); @@ -680,7 +738,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithNoMAC) { TEST_F(OEMCryptoSessionTests, ClientSignatureLargeBuffer) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys("", false)); @@ -711,8 +769,8 @@ TEST_F(OEMCryptoSessionTests, ClientSignatureLargeBuffer) { TEST_F(OEMCryptoSessionTests, LoadKeyLargeBuffer) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); s.set_message_size(kMaxMessageSize); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); @@ -724,7 +782,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyLargeBuffer) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange1) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); vector mac_keys( @@ -742,7 +800,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange1) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); vector mac_key_iv(s.encrypted_license().mac_key_iv, @@ -760,7 +818,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange3) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); vector bad_buffer(s.encrypted_license().keys[0].key_id, @@ -778,7 +836,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange3) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange4) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -797,7 +855,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange4) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange5) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); vector bad_buffer(s.encrypted_license().keys[1].key_iv, @@ -814,8 +872,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange5) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange6) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -834,8 +891,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange6) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange7) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); vector bad_buffer( @@ -854,7 +910,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange7) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, wvoec_mock::kControlNonceEnabled, 42)); // bad nonce. @@ -870,7 +926,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadNonce) { TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); uint32_t nonce = s.get_nonce(); ASSERT_NO_FATAL_FAILURE( s.FillSimpleMessage(0, wvoec_mock::kControlNonceEnabled, nonce)); @@ -879,7 +935,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) { ASSERT_NO_FATAL_FAILURE(s.close()); ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, wvoec_mock::kControlNonceEnabled, nonce)); // same old nonce. @@ -895,8 +951,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) { TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); s.license().keys[1].control.verification[2] = 'Z'; ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -911,8 +966,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) { TEST_F(OEMCryptoSessionTests, LoadKeyWithFutureVerification) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); // OEMCrypto should reject API12 until the spec has been defined. memcpy(s.license().keys[1].control.verification, "kc12", 4); @@ -927,7 +981,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithFutureVerification) { TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); s.signature()[0] ^= 42; // Bad signature. @@ -941,7 +995,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) { TEST_F(OEMCryptoSessionTests, LoadKeysWithNoDerivedKeys) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - // ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys())); + // don't do this: InstallTestSessionKeys(&s). ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( @@ -956,7 +1010,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysWithNoDerivedKeys) { TEST_F(OEMCryptoSessionTests, LoadKeyNoKeys) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 42)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); int kNoKeys = 0; @@ -970,7 +1024,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeys) { TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE( s.FillSimpleMessage(0, wvoec_mock::kControlNonceEnabled, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -985,7 +1039,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) { TEST_F(OEMCryptoSessionTests, QueryKeyControl) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE( s.FillSimpleMessage(0, wvoec_mock::kControlNonceEnabled, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -1012,7 +1066,7 @@ TEST_F(OEMCryptoSessionTests, QueryKeyControl) { TEST_F(OEMCryptoSessionTests, AntiRollbackHardwareRequired) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlRequireAntiRollbackHardware, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -1032,7 +1086,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { printf(" Current Patch Level: %u.\n", patch_level); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, patch_level << wvoec_mock::kControlSecurityPatchLevelShift, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -1046,7 +1100,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { if (patch_level < 0x3F) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, (patch_level + 1) << wvoec_mock::kControlSecurityPatchLevelShift, 0)); @@ -1062,7 +1116,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { if (patch_level > 0) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, (patch_level - 1) << wvoec_mock::kControlSecurityPatchLevelShift, 0)); @@ -1080,8 +1134,8 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { TEST_F(OEMCryptoSessionTests, Minimum20Keys) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); s.set_num_keys(kMaxNumKeys); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); @@ -1102,7 +1156,7 @@ class SessionTestDecryptWithHDCP : public OEMCryptoSessionTests, ASSERT_EQ(OEMCrypto_SUCCESS, sts); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, (version << wvoec_mock::kControlHDCPVersionShift) | @@ -1148,27 +1202,27 @@ class SessionTestRefreshKeyTest TEST_P(SessionTestRefreshKeyTest, RefreshWithNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( kDuration, wvoec_mock::kControlNonceEnabled, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys("", new_mac_keys_)); - uint32_t nonce; - s.GenerateNonce(&nonce); + s.GenerateNonce(); + // License renewal message is signed by client and verified by the server. ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); - ASSERT_NO_FATAL_FAILURE(s.RefreshTestKeys( - num_keys_, wvoec_mock::kControlNonceEnabled, nonce, OEMCrypto_SUCCESS)); + ASSERT_NO_FATAL_FAILURE(s.RefreshTestKeys(num_keys_, + wvoec_mock::kControlNonceEnabled, + s.get_nonce(), OEMCrypto_SUCCESS)); } TEST_P(SessionTestRefreshKeyTest, RefreshNoNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys("", new_mac_keys_)); - uint32_t nonce; - s.GenerateNonce(&nonce); + // License renewal message is signed by client and verified by the server. ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); ASSERT_NO_FATAL_FAILURE( s.RefreshTestKeys(num_keys_, 0, 0, OEMCrypto_SUCCESS)); @@ -1177,13 +1231,15 @@ TEST_P(SessionTestRefreshKeyTest, RefreshNoNonce) { TEST_P(SessionTestRefreshKeyTest, RefreshOldNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); - ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( - kDuration, wvoec_mock::kControlNonceEnabled, s.get_nonce())); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); + uint32_t nonce = s.get_nonce(); + ASSERT_NO_FATAL_FAILURE( + s.FillSimpleMessage(kDuration, wvoec_mock::kControlNonceEnabled, nonce)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys("", new_mac_keys_)); - uint32_t nonce = s.get_nonce(); + // License renewal message is signed by client and verified by the server. ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); + // Tryinng to reuse the same nonce. ASSERT_NO_FATAL_FAILURE( s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce, OEMCrypto_ERROR_INVALID_NONCE)); @@ -1192,15 +1248,15 @@ TEST_P(SessionTestRefreshKeyTest, RefreshOldNonce) { TEST_P(SessionTestRefreshKeyTest, RefreshBadNonce) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( kDuration, wvoec_mock::kControlNonceEnabled, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys("", new_mac_keys_)); - uint32_t nonce; - s.GenerateNonce(&nonce); + s.GenerateNonce(); + // License renewal message is signed by client and verified by the server. ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); - nonce ^= 42; + uint32_t nonce = s.get_nonce() ^ 42; ASSERT_NO_FATAL_FAILURE( s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce, OEMCrypto_ERROR_INVALID_NONCE)); @@ -1210,16 +1266,18 @@ TEST_P(SessionTestRefreshKeyTest, RefreshLargeBuffer) { Session s; s.set_message_size(kMaxMessageSize); ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( kDuration, wvoec_mock::kControlNonceEnabled, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys("", new_mac_keys_)); - uint32_t nonce; - s.GenerateNonce(&nonce); + s.GenerateNonce(); + // License renewal message is signed by client and verified by the server. + // This uses a large buffer for the renewal message. ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature(kMaxMessageSize)); - ASSERT_NO_FATAL_FAILURE(s.RefreshTestKeys( - num_keys_, wvoec_mock::kControlNonceEnabled, nonce, OEMCrypto_SUCCESS)); + ASSERT_NO_FATAL_FAILURE(s.RefreshTestKeys(num_keys_, + wvoec_mock::kControlNonceEnabled, + s.get_nonce(), OEMCrypto_SUCCESS)); } // Of only one key control block in the refesh, we update all the keys. @@ -1238,7 +1296,7 @@ INSTANTIATE_TEST_CASE_P(TestRefreshEachKeys, SessionTestRefreshKeyTest, TEST_F(OEMCryptoSessionTests, Decrypt) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); @@ -1248,7 +1306,7 @@ TEST_F(OEMCryptoSessionTests, Decrypt) { TEST_F(OEMCryptoSessionTests, DecryptZeroDuration) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); @@ -1259,9 +1317,9 @@ TEST_F(OEMCryptoSessionTests, SimultaneousDecrypt) { vector s(8); for (int i = 0; i < 8; i++) { ASSERT_NO_FATAL_FAILURE(s[i].open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s[i])); } for (int i = 0; i < 8; i++) { - ASSERT_NO_FATAL_FAILURE(s[i].GenerateTestSessionKeys()); ASSERT_NO_FATAL_FAILURE( s[i].FillSimpleMessage(kLongDuration, 0, s[i].get_nonce())); ASSERT_NO_FATAL_FAILURE(s[i].EncryptAndSign()); @@ -1278,20 +1336,24 @@ TEST_F(OEMCryptoSessionTests, SimultaneousDecrypt) { } } -TEST_F(OEMCryptoSessionTests, SimultaneousDecryptWithLostMessage) { +// This test generates several test keys, as if a license request was lost. +// This is only valid for (obsolete) devices that use a keybox to talk to a +// license server. +TEST_F(OEMCryptoSessionTests, SimultaneousDecryptWithLostMessageKeyboxTest) { vector s(8); for (int i = 0; i < 8; i++) { ASSERT_NO_FATAL_FAILURE(s[i].open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s[i])); } for (int i = 0; i < 8; i++) { - ASSERT_NO_FATAL_FAILURE(s[i].GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(s[i].GenerateDerivedKeysFromKeybox()); ASSERT_NO_FATAL_FAILURE( s[i].FillSimpleMessage(kLongDuration, 0, s[i].get_nonce())); ASSERT_NO_FATAL_FAILURE(s[i].EncryptAndSign()); } // First set of messages are lost. Generate second set. for (int i = 0; i < 8; i++) { - ASSERT_NO_FATAL_FAILURE(s[i].GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(s[i].GenerateDerivedKeysFromKeybox()); ASSERT_NO_FATAL_FAILURE( s[i].FillSimpleMessage(kLongDuration, 0, s[i].get_nonce())); ASSERT_NO_FATAL_FAILURE(s[i].EncryptAndSign()); @@ -1369,8 +1431,8 @@ class OEMCryptoSessionTestsDecryptTests size_t subsample_end = buffer_index + subsample_size_[i].encrypted_size; while (buffer_index < subsample_end) { - size_t size = min(subsample_end - buffer_index, - AES_BLOCK_SIZE - block_offset); + size_t size = + min(subsample_end - buffer_index, AES_BLOCK_SIZE - block_offset); size_t pattern_length = pattern_.encrypt + pattern_.skip; bool skip_block = (pattern_offset >= pattern_.encrypt) && (pattern_length > 0); @@ -1424,7 +1486,7 @@ class OEMCryptoSessionTestsDecryptTests OEMCryptoResult sts; Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 0)); memcpy(s.license().keys[0].key_data, &key[0], key.size()); s.license().keys[0].cipher_mode = cipher_mode_; @@ -1740,7 +1802,7 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptCENCPerformance) { OEMCryptoResult sts; Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); const time_t TestDuration = 5; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(600, 0, 0)); s.license().keys[0].cipher_mode = GetParam().mode; @@ -1838,7 +1900,7 @@ INSTANTIATE_TEST_CASE_P( TEST_F(OEMCryptoSessionTests, DecryptSecureToClear) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( kDuration, wvoec_mock::kControlObserveDataPath | wvoec_mock::kControlDataPathSecure, @@ -1852,7 +1914,7 @@ TEST_F(OEMCryptoSessionTests, DecryptSecureToClear) { TEST_F(OEMCryptoSessionTests, KeyDuration) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( kDuration, wvoec_mock::kControlNonceEnabled, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -1870,53 +1932,27 @@ TEST_F(OEMCryptoSessionTests, KeyDuration) { // // Certificate Root of Trust Tests // -class OEMCryptoLoadsCertificate : public OEMCryptoSessionTestKeyboxTest { - protected: - OEMCryptoLoadsCertificate() - : encoded_rsa_key_(kTestRSAPKCS8PrivateKeyInfo2_2048, - kTestRSAPKCS8PrivateKeyInfo2_2048 + - sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048)) {} - - void CreateWrappedRSAKey(vector* wrapped_key, - uint32_t allowed_schemes, bool force) { - Session s; - ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateDerivedKeysFromKeybox(); - struct RSAPrivateKeyMessage encrypted; - std::vector signature; - ASSERT_NO_FATAL_FAILURE(s.MakeRSACertificate(&encrypted, sizeof(encrypted), - &signature, allowed_schemes, - encoded_rsa_key_)); - ASSERT_NO_FATAL_FAILURE(s.RewrapRSAKey(encrypted, sizeof(encrypted), - signature, wrapped_key, force)); - // Verify that the clear key is not contained in the wrapped key. - // It should be encrypted. - ASSERT_EQ(NULL, find(*wrapped_key, encoded_rsa_key_)); - } - - std::vector encoded_rsa_key_; -}; +class OEMCryptoLoadsCertificate : public OEMCryptoSessionTestKeyboxTest {}; TEST_F(OEMCryptoLoadsCertificate, LoadRSASessionKey) { - std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); + CreateWrappedRSAKey(kSign_RSASSA_PSS, true); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.InstallRSASessionTestKey(wrapped_rsa_key)); + ASSERT_NO_FATAL_FAILURE(s.InstallRSASessionTestKey(wrapped_rsa_key_)); } TEST_F(OEMCryptoLoadsCertificate, CertificateProvision) { - std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); + CreateWrappedRSAKey(kSign_RSASSA_PSS, true); // We should not be able to find the rsa key in the wrapped key. It should // be encrypted. - ASSERT_EQ(NULL, find(wrapped_rsa_key, encoded_rsa_key_)); + ASSERT_EQ(NULL, find(wrapped_rsa_key_, encoded_rsa_key_)); } -TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange1) { +TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange1KeyboxTest) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateDerivedKeysFromKeybox(); + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); + ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); struct RSAPrivateKeyMessage encrypted; std::vector signature; ASSERT_NO_FATAL_FAILURE(s.MakeRSACertificate(&encrypted, sizeof(encrypted), @@ -1942,10 +1978,12 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange1) { encrypted.rsa_key_iv, &(wrapped_key.front()), &wrapped_key_length)); } -TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange2) { +TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange2KeyboxTest) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateDerivedKeysFromKeybox(); + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); + // Provisioning request would be signed by client and verified by server. + ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); struct RSAPrivateKeyMessage encrypted; std::vector signature; s.MakeRSACertificate(&encrypted, sizeof(encrypted), &signature, @@ -1972,10 +2010,12 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange2) { &(wrapped_key.front()), &wrapped_key_length)); } -TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange3) { +TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange3KeyboxTest) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateDerivedKeysFromKeybox(); + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); + // Provisioning request would be signed by client and verified by server. + ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); struct RSAPrivateKeyMessage encrypted; std::vector signature; s.MakeRSACertificate(&encrypted, sizeof(encrypted), &signature, @@ -2003,10 +2043,12 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange3) { &(wrapped_key.front()), &wrapped_key_length)); } -TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadSignature) { +TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadSignatureKeyboxTest) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateDerivedKeysFromKeybox(); + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); + // Provisioning request would be signed by client and verified by server. + ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); struct RSAPrivateKeyMessage encrypted; std::vector signature; s.MakeRSACertificate(&encrypted, sizeof(encrypted), &signature, @@ -2032,10 +2074,12 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadSignature) { &(wrapped_key.front()), &wrapped_key_length)); } -TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadNonce) { +TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadNonceKeyboxTest) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateDerivedKeysFromKeybox(); + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); + // Provisioning request would be signed by client and verified by server. + ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); struct RSAPrivateKeyMessage encrypted; std::vector signature; s.MakeRSACertificate(&encrypted, sizeof(encrypted), &signature, @@ -2061,10 +2105,12 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadNonce) { &(wrapped_key.front()), &wrapped_key_length)); } -TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKey) { +TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKeyKeyboxTest) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateDerivedKeysFromKeybox(); + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); + // Provisioning request would be signed by client and verified by server. + ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); struct RSAPrivateKeyMessage encrypted; std::vector signature; s.MakeRSACertificate(&encrypted, sizeof(encrypted), &signature, @@ -2090,10 +2136,12 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKey) { &(wrapped_key.front()), &wrapped_key_length)); } -TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionLargeBuffer) { +TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionLargeBufferKeyboxTest) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - s.GenerateDerivedKeysFromKeybox(); + ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox()); + // Provisioning request would be signed by client and verified by server. + ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature()); struct LargeRSAPrivateKeyMessage : public RSAPrivateKeyMessage { uint8_t padding[kMaxMessageSize - sizeof(RSAPrivateKeyMessage)]; } encrypted; @@ -2110,24 +2158,22 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionLargeBuffer) { TEST_F(OEMCryptoLoadsCertificate, LoadWrappedRSAKey) { OEMCryptoResult sts; - std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); + CreateWrappedRSAKey(kSign_RSASSA_PSS, true); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key[0], - wrapped_rsa_key.size()); + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); } // This tests that a device with a keybox can also decrypt with a cert. // Decrypt for devices that only use a cert are tested in the session tests. TEST_F(OEMCryptoLoadsCertificate, CertificateDecrypt) { - std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); + CreateWrappedRSAKey(kSign_RSASSA_PSS, true); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.InstallRSASessionTestKey(wrapped_rsa_key)); + ASSERT_NO_FATAL_FAILURE(s.InstallRSASessionTestKey(wrapped_rsa_key_)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); @@ -2141,12 +2187,11 @@ class OEMCryptoUsesCertificate : public OEMCryptoLoadsCertificate { ASSERT_NO_FATAL_FAILURE(session_.open()); if (global_features.derive_key_method != DeviceFeatures::LOAD_TEST_RSA_KEY) { - std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); - ASSERT_EQ( - OEMCrypto_SUCCESS, - OEMCrypto_LoadDeviceRSAKey(session_.session_id(), &wrapped_rsa_key[0], - wrapped_rsa_key.size())); + CreateWrappedRSAKey(kSign_RSASSA_PSS, true); + ASSERT_EQ(OEMCrypto_SUCCESS, + OEMCrypto_LoadDeviceRSAKey(session_.session_id(), + &wrapped_rsa_key_[0], + wrapped_rsa_key_.size())); } } @@ -2171,8 +2216,7 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) { double mtime = 0; long count = 0; for (int i = 0; i < 15; i++) { // Only 20 nonce available. - vector wrapped_key; - CreateWrappedRSAKey(&wrapped_key, kSign_RSASSA_PSS, true); + CreateWrappedRSAKey(kSign_RSASSA_PSS, true); count++; gettimeofday(&end_time, NULL); long seconds = end_time.tv_sec - start_time.tv_sec; @@ -2181,9 +2225,8 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) { } double provision_time = mtime / count; - std::vector wrapped_rsa_key; Session session; - CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); + CreateWrappedRSAKey(kSign_RSASSA_PSS, true); gettimeofday(&start_time, NULL); gettimeofday(&end_time, NULL); mtime = 0; @@ -2191,8 +2234,8 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) { do { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key[0], - wrapped_rsa_key.size()); + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); const size_t size = 50; vector licenseRequest(size); @@ -2219,11 +2262,12 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key[0], - wrapped_rsa_key.size())); + OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + wrapped_rsa_key_.size())); + vector session_key; vector enc_session_key; s.PreparePublicKey(); - ASSERT_TRUE(s.GenerateRSASessionKey(&enc_session_key)); + ASSERT_TRUE(s.GenerateRSASessionKey(&session_key, &enc_session_key)); vector mac_context; vector enc_context; s.FillDefaultContext(&mac_context, &enc_context); @@ -2327,9 +2371,10 @@ TEST_F(OEMCryptoUsesCertificate, RSASignatureLargeBuffer) { } TEST_F(OEMCryptoUsesCertificate, GenerateDerivedKeysLargeBuffer) { + vector session_key; vector enc_session_key; session_.PreparePublicKey(); - ASSERT_TRUE(session_.GenerateRSASessionKey(&enc_session_key)); + ASSERT_TRUE(session_.GenerateRSASessionKey(&session_key, &enc_session_key)); vector mac_context(kMaxMessageSize); vector enc_context(kMaxMessageSize); // Stripe the data so the two vectors are not identical, and not all zeroes. @@ -2417,16 +2462,27 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate { sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); - s.DisallowDeriveKeys(); + s.GenerateNonce(); + vector session_key; + vector enc_session_key; + s.PreparePublicKey(); + ASSERT_TRUE(s.GenerateRSASessionKey(&session_key, &enc_session_key)); + vector mac_context; + vector enc_context; + s.FillDefaultContext(&mac_context, &enc_context); + ASSERT_NE(OEMCrypto_SUCCESS, + OEMCrypto_DeriveKeysFromSessionKey( + s.session_id(), &enc_session_key[0], enc_session_key.size(), + &mac_context[0], mac_context.size(), &enc_context[0], + enc_context.size())); } void LoadWithAllowedSchemes(uint32_t schemes, bool force) { - CreateWrappedRSAKey(&wrapped_rsa_key_, schemes, force); + CreateWrappedRSAKey(schemes, force); key_loaded_ = (wrapped_rsa_key_.size() > 0); if (force) ASSERT_TRUE(key_loaded_); } - std::vector wrapped_rsa_key_; bool key_loaded_; }; @@ -2651,7 +2707,7 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates { uint8_t hash[SHA_DIGEST_LENGTH]; if (!SHA1(&message[0], message.size(), hash)) { dump_openssl_error(); - ASSERT_TRUE(false) << "openssl error creating SHA1 hash."; + FAIL() << "openssl error creating SHA1 hash."; } // The application will prepend the digest info to the hash. @@ -3393,7 +3449,7 @@ class GenericCryptoTest : public OEMCryptoSessionTests { virtual void SetUp() { OEMCryptoSessionTests::SetUp(); ASSERT_NO_FATAL_FAILURE(session_.open()); - ASSERT_NO_FATAL_FAILURE(session_.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&session_)); ASSERT_NO_FATAL_FAILURE(MakeFourKeys()); } @@ -3993,7 +4049,7 @@ class UsageTableTest : public GenericCryptoTest { void LoadOfflineLicense(Session& s, const std::string& pst) { ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceOrEntry, s.get_nonce(), pst)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -4066,7 +4122,7 @@ TEST_P(UsageTableTestWithMAC, OnlineLicense) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, s.get_nonce(), pst)); @@ -4107,7 +4163,7 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, s.get_nonce(), pst)); @@ -4117,7 +4173,7 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) { ASSERT_NO_FATAL_FAILURE(s.close()); Session s2; ASSERT_NO_FATAL_FAILURE(s2.open()); - ASSERT_NO_FATAL_FAILURE(s2.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2)); uint8_t* pst_ptr = s.encrypted_license().pst; // Trying to reuse a PST is bad. We use session ID for s2, everything else // reused from s. @@ -4136,7 +4192,7 @@ TEST_F(UsageTableTest, OnlineEmptyPST) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, s.get_nonce())); @@ -4153,7 +4209,7 @@ TEST_F(UsageTableTest, EmptyTable) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); std::string pst = "no_pst"; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4173,7 +4229,7 @@ TEST_F(UsageTableTest, FiftyEntries) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s1; ASSERT_NO_FATAL_FAILURE(s1.open()); - ASSERT_NO_FATAL_FAILURE(s1.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s1)); std::string pst1 = "pst saved"; ASSERT_NO_FATAL_FAILURE(s1.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4186,7 +4242,7 @@ TEST_F(UsageTableTest, FiftyEntries) { vector sessions(ENTRY_COUNT); for (size_t i = 0; i < ENTRY_COUNT; i++) { ASSERT_NO_FATAL_FAILURE(sessions[i].open()); - ASSERT_NO_FATAL_FAILURE(sessions[i].GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&sessions[i])); std::string pst = "pst "; char c = 'A' + i; pst = pst + c; @@ -4213,7 +4269,7 @@ TEST_F(UsageTableTest, FiftyEntries) { // it shouldn't delete the one attached to an open session. (s1) for (size_t i = 0; i < ENTRY_COUNT; i++) { ASSERT_NO_FATAL_FAILURE(sessions[i].open()); - ASSERT_NO_FATAL_FAILURE(sessions[i].GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&sessions[i])); std::string pst = "newer pst "; char c = 'A' + i; pst = pst + c; @@ -4247,7 +4303,7 @@ TEST_P(UsageTableTestWithMAC, DeleteUnusedEntry) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); std::string pst = "my pst"; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4276,7 +4332,7 @@ TEST_P(UsageTableTestWithMAC, DeleteActiveEntry) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); std::string pst = "my pst"; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4306,7 +4362,7 @@ TEST_P(UsageTableTestWithMAC, ForceDeleteActiveEntry) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); std::string pst = "my pst"; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4330,7 +4386,7 @@ TEST_P(UsageTableTestWithMAC, DeleteInactiveEntry) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); std::string pst = "my pst"; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4361,7 +4417,7 @@ TEST_P(UsageTableTestWithMAC, DeleteEntryBadSignature) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); std::string pst = "my pst"; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4398,7 +4454,7 @@ TEST_P(UsageTableTestWithMAC, DeleteEntryWrongSession) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); std::string pst = "my pst"; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4436,7 +4492,7 @@ TEST_P(UsageTableTestWithMAC, DeleteEntryBadRange) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); std::string pst = "my pst"; ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, @@ -4698,8 +4754,8 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicense) { Session s; ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst)); - ASSERT_NO_FATAL_FAILURE(s.open()); // Offline license can be reused. - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(s.open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); // We will reuse the encrypted and signed message, so we don't call // FillSimpleMessage again. ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_)); @@ -4731,7 +4787,7 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) { // Offline license with new mac keys should fail. Session s2; ASSERT_NO_FATAL_FAILURE(s2.open()); - ASSERT_NO_FATAL_FAILURE(s2.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2)); ASSERT_NO_FATAL_FAILURE(s2.FillSimpleMessage( 0, wvoec_mock::kControlNonceOrEntry, s2.get_nonce(), pst)); ASSERT_NO_FATAL_FAILURE(s2.EncryptAndSign()); @@ -4747,7 +4803,7 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) { // Offline license with same mac keys should still be OK. ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_)); s.GenerateReport(pst); EXPECT_EQ(kUnused, s.pst_report()->status); @@ -4759,7 +4815,7 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE( s.FillSimpleMessage(0, wvoec_mock::kControlNonceOrEntry, 42, pst)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -4778,7 +4834,7 @@ TEST_P(UsageTableTestWithMAC, OfflineEmptyPST) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE( s.FillSimpleMessage(0, wvoec_mock::kControlNonceOrEntry, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -4797,7 +4853,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) { ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst)); ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE( s.LoadTestKeys(pst, new_mac_keys_)); // Reload the license ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR()); // Should be able to decrypt. @@ -4814,7 +4870,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) { Session s2; ASSERT_NO_FATAL_FAILURE(s2.open()); - ASSERT_NO_FATAL_FAILURE(s2.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2)); // Offile license can not be reused if it has been deactivated. uint8_t* pst_ptr = s.encrypted_license().pst; EXPECT_NE( @@ -4836,7 +4892,7 @@ TEST_P(UsageTableTestWithMAC, BadRange) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceOrEntry, s.get_nonce(), pst)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); @@ -4867,13 +4923,13 @@ TEST_F(UsageTableTest, TimingTest) { sleep(kLongSleep); ASSERT_NO_FATAL_FAILURE(s1.open()); - ASSERT_NO_FATAL_FAILURE(s1.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s1)); ASSERT_NO_FATAL_FAILURE(s1.LoadTestKeys(pst1, new_mac_keys_)); time_t first_decrypt1 = time(NULL); ASSERT_NO_FATAL_FAILURE(s1.TestDecryptCTR()); ASSERT_NO_FATAL_FAILURE(s2.open()); - ASSERT_NO_FATAL_FAILURE(s2.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2)); ASSERT_NO_FATAL_FAILURE(s2.LoadTestKeys(pst2, new_mac_keys_)); time_t first_decrypt2 = time(NULL); ASSERT_NO_FATAL_FAILURE(s2.TestDecryptCTR()); @@ -4903,7 +4959,7 @@ TEST_F(UsageTableTest, TimingTest) { sleep(kLongSleep); time_t third_decrypt = time(NULL); ASSERT_NO_FATAL_FAILURE(s2.open()); - ASSERT_NO_FATAL_FAILURE(s2.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2)); ASSERT_NO_FATAL_FAILURE(s2.LoadTestKeys(pst2, new_mac_keys_)); ASSERT_NO_FATAL_FAILURE(s2.TestDecryptCTR()); ASSERT_NO_FATAL_FAILURE(s2.close()); @@ -4953,7 +5009,7 @@ TEST_F(UsageTableTest, VerifyUsageTimes) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, s.get_nonce(), pst)); @@ -5063,7 +5119,7 @@ TEST_F(UsageTableTest, LoadSharedLicense) { ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst)); ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, true)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); // The second set of keys are not loaded. @@ -5086,7 +5142,7 @@ TEST_F(UsageTableTest, PSTLargeBuffer) { ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst)); ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE( s.LoadTestKeys(pst, new_mac_keys_)); // Reload the license ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR()); // Should be able to decrypt. @@ -5103,7 +5159,7 @@ TEST_F(UsageTableTest, PSTLargeBuffer) { Session s2; ASSERT_NO_FATAL_FAILURE(s2.open()); - ASSERT_NO_FATAL_FAILURE(s2.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2)); // Offile license can not be reused if it has been deactivated. uint8_t* pst_ptr = s.encrypted_license().pst; EXPECT_NE( @@ -5125,7 +5181,7 @@ TEST_F(UsageTableTest, DeleteEntryLargeBuffer) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, s.get_nonce(), pst)); @@ -5155,7 +5211,7 @@ TEST_F(UsageTableTest, ForceDeleteLargeBuffer) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable()); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage( 0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceRequired, s.get_nonce(), pst)); diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test_android.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test_android.cpp index d08f3eb6..d00cf419 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test_android.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test_android.cpp @@ -54,9 +54,9 @@ TEST_F(OEMCryptoAndroidLMPTest, RewrapDeviceRSAKeyImplemented) { } TEST_F(OEMCryptoAndroidLMPTest, RSASignatureImplemented) { - ASSERT_NE(OEMCrypto_ERROR_NOT_IMPLEMENTED, - OEMCrypto_GenerateRSASignature(0, NULL, 0, NULL, NULL, - kSign_RSASSA_PSS)); + ASSERT_NE( + OEMCrypto_ERROR_NOT_IMPLEMENTED, + OEMCrypto_GenerateRSASignature(0, NULL, 0, NULL, NULL, kSign_RSASSA_PSS)); } TEST_F(OEMCryptoAndroidLMPTest, GenericCryptoImplemented) { @@ -66,12 +66,12 @@ TEST_F(OEMCryptoAndroidLMPTest, GenericCryptoImplemented) { ASSERT_NE(OEMCrypto_ERROR_NOT_IMPLEMENTED, OEMCrypto_Generic_Decrypt(0, NULL, 0, NULL, OEMCrypto_AES_CBC_128_NO_PADDING, NULL)); - ASSERT_NE(OEMCrypto_ERROR_NOT_IMPLEMENTED, - OEMCrypto_Generic_Sign(0, NULL, 0, - OEMCrypto_HMAC_SHA256, NULL, NULL)); - ASSERT_NE(OEMCrypto_ERROR_NOT_IMPLEMENTED, - OEMCrypto_Generic_Verify(0, NULL, 0, - OEMCrypto_HMAC_SHA256, NULL, 0)); + ASSERT_NE( + OEMCrypto_ERROR_NOT_IMPLEMENTED, + OEMCrypto_Generic_Sign(0, NULL, 0, OEMCrypto_HMAC_SHA256, NULL, NULL)); + ASSERT_NE( + OEMCrypto_ERROR_NOT_IMPLEMENTED, + OEMCrypto_Generic_Verify(0, NULL, 0, OEMCrypto_HMAC_SHA256, NULL, 0)); } TEST_F(OEMCryptoAndroidLMPTest, SupportsUsageTable) { diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test_main.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test_main.cpp index e989bd90..631fbfc7 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test_main.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test_main.cpp @@ -1,9 +1,9 @@ #include #include +#include "OEMCryptoCENC.h" #include "log.h" #include "oec_device_features.h" -#include "OEMCryptoCENC.h" #include "properties.h" static void acknowledge_cast() { @@ -20,7 +20,7 @@ int main(int argc, char** argv) { bool is_cast_receiver = false; bool force_load_test_keybox = false; bool filter_tests = true; - for(int i=0; i < argc; i++) { + for (int i = 0; i < argc; i++) { if (!strcmp(argv[i], "--cast")) { acknowledge_cast(); is_cast_receiver = true; @@ -29,15 +29,15 @@ int main(int argc, char** argv) { force_load_test_keybox = true; } if (!strcmp(argv[i], "--no_filter")) { - filter_tests = false; + filter_tests = false; } } wvoec::global_features.Initialize(is_cast_receiver, force_load_test_keybox); // If the user requests --no_filter, we don't change the filter, otherwise, we // filter out features that are not supported. if (filter_tests) { - ::testing::GTEST_FLAG(filter) - = wvoec::global_features.RestrictFilter(::testing::GTEST_FLAG(filter)); + ::testing::GTEST_FLAG(filter) = + wvoec::global_features.RestrictFilter(::testing::GTEST_FLAG(filter)); } return RUN_ALL_TESTS(); }