Merges to android Pi release (part 8)
These are a set of CLs merged from the wv cdm repo to the android repo. * Android build fixes Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36322 ] * Address android compilation errors and warnings Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36300 ] * Gyp cleanup and OpenSSL v10.1 support. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/36001 ] OpenSSL 10.1 has a small number of incompatible changes. A desktop system upgrade exposed some issue in the build scripts. Specifically, the linux build was using both third_party/protobufs (2.6.1) and the version installed on the system (3.0 in this case). The linux cdm.gyp depended on cdm/cdm.gyp which caused that plus some additional issues. These changes are necessary to support g++ version: g++ (Debian 6.3.0-18) 6.3.0 20170516 Also did some cosmetic rework on run_current_tests to make it easier to figure out what is going on when something fails. Also tweaked some of the compiler settings for g++ support (revisit this later). * Refactored Service Certificate encryption to allow encryption of arbitrary data. Author: Thomas Inskip <tinskip@google.com> [ Merge of http://go/wvgerrit/36141 ] * Send cdm test requests to UAT. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36221 ] This change resolves the all of the CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer tests. The license servers will return different keys and keyids. Sending the request to staging returned key ids and keys that were not matching what was expected in the unit tests. * Fix for building L3 OEMCrypto with clang and libc++ Author: yucliu <yucliu@google.com> [ Merge of http://go/wvgerrit/35740 ] 1. Include <time.h> for time(time_t*). 2. Create endian check union on stack. Clang may create const union somewhere else, which may cause crash. * Remove error result when a sublicense session does not exist. This is not considered an error. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36080 ] * Set default mock handler for GetSupportedCertificateTypes for all unit tests and removed the use of StrictMock from MockCryptoSession. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35922 ] The handler for this was only set for one test and resulted in a number of failures. * Set default handler for GetHdcpCapabilities. For now the default action is to call the real GetHdcpCapabilities of crypto_session. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36140 ] I also changed the mock to a NiceMock to silence responses to unexpected calls to GetHdcpCapabilities. The default handler can be overridden as needed in the individual tests. This resolves the policy engine test failures. * Finalize merge of cdm_partner_3.4 to master. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35360 ] This is the final set of updates to merge all v3.4.1 changes into master. * Embedded license: Sublicense rotation. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35360 ] Handle sublicense rotation event. * Embedded license: Initial license phase. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/34280 ] Initial license phase - key loading subsession. * Embedded license: generate session data. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33722 ] Generate session data and add it to the license request for any embedded license material. * Resolve missing symbol when building cd-cdm Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35840 ] * C++11: Replace OVERRIDE def with override keyword Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35400 ] BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c
This commit is contained in:
Rahul Frias
@@ -40,6 +40,17 @@ void PrintTo(const vector<uint8_t>& value, ostream* os) {
|
||||
}
|
||||
} // namespace std
|
||||
|
||||
namespace {
|
||||
int GetRandBytes(unsigned char* buf, int num) {
|
||||
// returns 1 on success, -1 if not supported, or 0 if other failure.
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
return RAND_pseudo_bytes(buf, num);
|
||||
#else
|
||||
return RAND_bytes(buf, num);
|
||||
#endif
|
||||
}
|
||||
} // namespace
|
||||
|
||||
namespace wvoec {
|
||||
|
||||
// Increment counter for AES-CTR. The CENC spec specifies we increment only
|
||||
@@ -293,18 +304,18 @@ void Session::SetKeyId(int index, const string& key_id) {
|
||||
void Session::FillSimpleMessage(uint32_t duration, uint32_t control,
|
||||
uint32_t nonce, const std::string& pst) {
|
||||
EXPECT_EQ(
|
||||
1, RAND_pseudo_bytes(license_.mac_key_iv, sizeof(license_.mac_key_iv)));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(license_.mac_keys, sizeof(license_.mac_keys)));
|
||||
1, GetRandBytes(license_.mac_key_iv, sizeof(license_.mac_key_iv)));
|
||||
EXPECT_EQ(1, GetRandBytes(license_.mac_keys, sizeof(license_.mac_keys)));
|
||||
for (unsigned int i = 0; i < num_keys_; i++) {
|
||||
memset(license_.keys[i].key_id, 0, kTestKeyIdMaxLength);
|
||||
license_.keys[i].key_id_length = kDefaultKeyIdLength;
|
||||
memset(license_.keys[i].key_id, i, license_.keys[i].key_id_length);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(license_.keys[i].key_data,
|
||||
EXPECT_EQ(1, GetRandBytes(license_.keys[i].key_data,
|
||||
sizeof(license_.keys[i].key_data)));
|
||||
license_.keys[i].key_data_length = wvcdm::KEY_SIZE;
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(license_.keys[i].key_iv,
|
||||
EXPECT_EQ(1, GetRandBytes(license_.keys[i].key_iv,
|
||||
sizeof(license_.keys[i].key_iv)));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(license_.keys[i].control_iv,
|
||||
EXPECT_EQ(1, GetRandBytes(license_.keys[i].control_iv,
|
||||
sizeof(license_.keys[i].control_iv)));
|
||||
if (global_features.api_version == 13) {
|
||||
// For version 13, we require OEMCrypto to handle kc13 for all licenses.
|
||||
@@ -508,9 +519,9 @@ void Session::TestDecryptCTR(bool select_key_first,
|
||||
vector<uint8_t> unencryptedData(256);
|
||||
for (size_t i = 0; i < unencryptedData.size(); i++)
|
||||
unencryptedData[i] = i % 256;
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&unencryptedData[0], unencryptedData.size()));
|
||||
EXPECT_EQ(1, GetRandBytes(&unencryptedData[0], unencryptedData.size()));
|
||||
vector<uint8_t> encryptionIv(wvcdm::KEY_IV_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], wvcdm::KEY_IV_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], wvcdm::KEY_IV_SIZE));
|
||||
vector<uint8_t> encryptedData(unencryptedData.size());
|
||||
EncryptCTR(unencryptedData, license_.keys[key_index].key_data,
|
||||
&encryptionIv[0], &encryptedData);
|
||||
@@ -622,11 +633,23 @@ void Session::LoadOEMCert(bool verify_cert) {
|
||||
X509_STORE_CTX_init(store_ctx.get(), store.get(), x509_cert, NULL);
|
||||
// TODO(fredgc): Verify cert is signed by Google.
|
||||
int result = X509_verify_cert(store_ctx.get());
|
||||
ASSERT_GE(0, result) << " OEM Cert not valid. "
|
||||
<< X509_verify_cert_error_string(store_ctx->error);
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
ASSERT_GE(0, result) << " OEM Cert not valid. " <<
|
||||
X509_verify_cert_error_string(store_ctx->error);
|
||||
#else
|
||||
ASSERT_GE(0, result) << " OEM Cert not valid. " <<
|
||||
X509_verify_cert_error_string(
|
||||
X509_STORE_CTX_get_error(store_ctx.get()));
|
||||
#endif
|
||||
if (result == 0) {
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
printf("Cert not verified: %s.\n",
|
||||
X509_verify_cert_error_string(store_ctx->error));
|
||||
#else
|
||||
printf("Cert not verified: %s.\n",
|
||||
X509_verify_cert_error_string(
|
||||
X509_STORE_CTX_get_error(store_ctx.get())));
|
||||
#endif
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -650,7 +673,7 @@ void Session::MakeRSACertificate(struct RSAPrivateKeyMessage* encrypted,
|
||||
memcpy(message.rsa_key, rsa_key.data(), rsa_key.size());
|
||||
message.rsa_key_length = rsa_key.size();
|
||||
}
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(message.rsa_key_iv, wvcdm::KEY_IV_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(message.rsa_key_iv, wvcdm::KEY_IV_SIZE));
|
||||
message.nonce = nonce_;
|
||||
|
||||
EncryptProvisioningMessage(&message, encrypted, *encryption_key);
|
||||
@@ -744,38 +767,43 @@ bool Session::VerifyPSSSignature(EVP_PKEY* pkey, const uint8_t* message,
|
||||
size_t message_length,
|
||||
const uint8_t* signature,
|
||||
size_t signature_length) {
|
||||
EVP_MD_CTX ctx;
|
||||
EVP_MD_CTX_init(&ctx);
|
||||
EVP_PKEY_CTX* pctx = NULL;
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
EVP_MD_CTX md_ctx_struct;
|
||||
EVP_MD_CTX* md_ctx = &md_ctx_struct;
|
||||
EVP_MD_CTX_init(md_ctx);
|
||||
#else
|
||||
EVP_MD_CTX* md_ctx = EVP_MD_CTX_new();
|
||||
#endif
|
||||
EVP_PKEY_CTX* pkey_ctx = NULL;
|
||||
|
||||
if (EVP_DigestVerifyInit(&ctx, &pctx, EVP_sha1(), NULL /* no ENGINE */,
|
||||
if (EVP_DigestVerifyInit(md_ctx, &pkey_ctx, EVP_sha1(), NULL /* no ENGINE */,
|
||||
pkey) != 1) {
|
||||
LOGE("EVP_DigestVerifyInit failed in VerifyPSSSignature");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (EVP_PKEY_CTX_set_signature_md(pctx,
|
||||
if (EVP_PKEY_CTX_set_signature_md(pkey_ctx,
|
||||
const_cast<EVP_MD *>(EVP_sha1())) != 1) {
|
||||
LOGE("EVP_PKEY_CTX_set_signature_md failed in VerifyPSSSignature");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) != 1) {
|
||||
if (EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) != 1) {
|
||||
LOGE("EVP_PKEY_CTX_set_rsa_padding failed in VerifyPSSSignature");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, SHA_DIGEST_LENGTH) != 1) {
|
||||
if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, SHA_DIGEST_LENGTH) != 1) {
|
||||
LOGE("EVP_PKEY_CTX_set_rsa_pss_saltlen failed in VerifyPSSSignature");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (EVP_DigestVerifyUpdate(&ctx, message, message_length) != 1) {
|
||||
if (EVP_DigestVerifyUpdate(md_ctx, message, message_length) != 1) {
|
||||
LOGE("EVP_DigestVerifyUpdate failed in VerifyPSSSignature");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (EVP_DigestVerifyFinal(&ctx, const_cast<uint8_t*>(signature),
|
||||
if (EVP_DigestVerifyFinal(md_ctx, const_cast<uint8_t*>(signature),
|
||||
signature_length) != 1) {
|
||||
LOGE(
|
||||
"EVP_DigestVerifyFinal failed in VerifyPSSSignature. (Probably a bad "
|
||||
@@ -783,12 +811,20 @@ bool Session::VerifyPSSSignature(EVP_PKEY* pkey, const uint8_t* message,
|
||||
goto err;
|
||||
}
|
||||
|
||||
EVP_MD_CTX_cleanup(&ctx);
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
EVP_MD_CTX_cleanup(md_ctx);
|
||||
#else
|
||||
EVP_MD_CTX_free(md_ctx);
|
||||
#endif
|
||||
return true;
|
||||
|
||||
err:
|
||||
dump_openssl_error();
|
||||
EVP_MD_CTX_cleanup(&ctx);
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
EVP_MD_CTX_cleanup(md_ctx);
|
||||
#else
|
||||
EVP_MD_CTX_free(md_ctx);
|
||||
#endif
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@ namespace wvoec {
|
||||
// The first keybox, kTestKeybox, with deviceID "TestKey01" is used for most of
|
||||
// the tests. It should be loaded by OEMCrypto when OEMCrypto_LoadTestKeybox
|
||||
// is called.
|
||||
const wvoec_mock::WidevineKeybox kTestKeybox = {
|
||||
static const wvoec_mock::WidevineKeybox kTestKeybox = {
|
||||
// Sample keybox used for test vectors
|
||||
{
|
||||
// deviceID
|
||||
@@ -52,7 +52,7 @@ const wvoec_mock::WidevineKeybox kTestKeybox = {
|
||||
}
|
||||
};
|
||||
|
||||
static wvoec_mock::WidevineKeybox kValidKeybox02 = {
|
||||
static const wvoec_mock::WidevineKeybox kValidKeybox02 = {
|
||||
// Sample keybox used for test vectors
|
||||
{
|
||||
// deviceID
|
||||
@@ -84,7 +84,7 @@ static wvoec_mock::WidevineKeybox kValidKeybox02 = {
|
||||
}
|
||||
};
|
||||
|
||||
static wvoec_mock::WidevineKeybox kValidKeybox03 = {
|
||||
static const wvoec_mock::WidevineKeybox kValidKeybox03 = {
|
||||
// Sample keybox used for test vectors
|
||||
{
|
||||
// deviceID
|
||||
|
||||
@@ -57,6 +57,17 @@ void PrintTo(const tuple<OEMCrypto_CENCEncryptPatternDesc, OEMCryptoCipherMode,
|
||||
}
|
||||
} // namespace std
|
||||
|
||||
namespace {
|
||||
int GetRandBytes(unsigned char* buf, int num) {
|
||||
// returns 1 on success, -1 if not supported, or 0 if other failure.
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
return RAND_pseudo_bytes(buf, num);
|
||||
#else
|
||||
return RAND_bytes(buf, num);
|
||||
#endif
|
||||
}
|
||||
} // namespace
|
||||
|
||||
namespace wvoec {
|
||||
|
||||
class OEMCryptoClientTest : public ::testing::Test {
|
||||
@@ -163,7 +174,7 @@ TEST_F(OEMCryptoClientTest, CheckSRMCapabilityV13) {
|
||||
EXPECT_EQ(OEMCrypto_ERROR_NOT_IMPLEMENTED, current_result);
|
||||
}
|
||||
vector<uint8_t> bad_srm(42);
|
||||
RAND_pseudo_bytes(&bad_srm[0], bad_srm.size());
|
||||
GetRandBytes(&bad_srm[0], bad_srm.size());
|
||||
EXPECT_NE(OEMCrypto_SUCCESS, OEMCrypto_LoadSRM(&bad_srm[0], bad_srm.size()));
|
||||
}
|
||||
|
||||
@@ -386,7 +397,7 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood3API09) {
|
||||
TEST_F(OEMCryptoClientTest, ClearCopyTestAPI10) {
|
||||
const int kDataSize = 256;
|
||||
vector<uint8_t> input_buffer(kDataSize);
|
||||
RAND_pseudo_bytes(&input_buffer[0], input_buffer.size());
|
||||
GetRandBytes(&input_buffer[0], input_buffer.size());
|
||||
vector<uint8_t> output_buffer(kDataSize);
|
||||
OEMCrypto_DestBufferDesc dest_buffer;
|
||||
dest_buffer.type = OEMCrypto_BufferType_Clear;
|
||||
@@ -420,7 +431,7 @@ TEST_F(OEMCryptoClientTest, ClearCopyTestAPI10) {
|
||||
|
||||
TEST_F(OEMCryptoClientTest, ClearCopyTestLargeBufferAPI10) {
|
||||
vector<uint8_t> input_buffer(kMaxDecryptSize);
|
||||
RAND_pseudo_bytes(&input_buffer[0], input_buffer.size());
|
||||
GetRandBytes(&input_buffer[0], input_buffer.size());
|
||||
vector<uint8_t> output_buffer(kMaxDecryptSize);
|
||||
OEMCrypto_DestBufferDesc dest_buffer;
|
||||
dest_buffer.type = OEMCrypto_BufferType_Clear;
|
||||
@@ -537,7 +548,7 @@ TEST_F(OEMCryptoProv30Test, OEMCertSignature) {
|
||||
OEMCryptoResult sts;
|
||||
// Sign a Message
|
||||
vector<uint8_t> data(500);
|
||||
RAND_pseudo_bytes(&data[0], data.size());
|
||||
GetRandBytes(&data[0], data.size());
|
||||
size_t signature_length = 0;
|
||||
vector<uint8_t> signature(1);
|
||||
|
||||
@@ -565,7 +576,7 @@ TEST_F(OEMCryptoProv30Test, OEMCertForbiddenPaddingScheme) {
|
||||
OEMCryptoResult sts;
|
||||
// Sign a Message
|
||||
vector<uint8_t> data(500);
|
||||
RAND_pseudo_bytes(&data[0], data.size());
|
||||
GetRandBytes(&data[0], data.size());
|
||||
size_t signature_length = 0;
|
||||
vector<uint8_t> signature(1);
|
||||
|
||||
@@ -591,7 +602,7 @@ TEST_F(OEMCryptoProv30Test, OEMCertSignatureLargeBuffer) {
|
||||
OEMCryptoResult sts;
|
||||
// Sign a Message
|
||||
vector<uint8_t> data(kMaxMessageSize);
|
||||
RAND_pseudo_bytes(&data[0], data.size());
|
||||
GetRandBytes(&data[0], data.size());
|
||||
size_t signature_length = 0;
|
||||
vector<uint8_t> signature(1);
|
||||
|
||||
@@ -1884,8 +1895,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, SingleLargeSubsample) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData);
|
||||
@@ -1902,8 +1913,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, PatternPlusOneBlock) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData);
|
||||
@@ -1916,8 +1927,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, OneBlock) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData);
|
||||
@@ -1935,8 +1946,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, NoOffset) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData);
|
||||
@@ -1956,7 +1967,7 @@ TEST_P(OEMCryptoSessionTestsPartialBlockTests, EvenOffset) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
// CTR Mode is self-inverse -- i.e. We can pick the encrypted data and
|
||||
// compute the unencrypted data. By picking the encrypted data to be all 0,
|
||||
// it is easier to re-encrypt the data and debug problems. Similarly, we
|
||||
@@ -1984,8 +1995,8 @@ TEST_P(OEMCryptoSessionTestsPartialBlockTests, OddOffset) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData);
|
||||
@@ -2008,7 +2019,7 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptWithNearWrap) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
encryptionIv = wvcdm::a2b_hex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE");
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
@@ -2028,8 +2039,8 @@ TEST_P(OEMCryptoSessionTestsPartialBlockTests, PartialBlock) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData);
|
||||
@@ -2049,8 +2060,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptLargeBuffer) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData);
|
||||
@@ -2063,8 +2074,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptUnencrypted) {
|
||||
vector<uint8_t> encryptedData(total_size_);
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
vector<uint8_t> key(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&key[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE));
|
||||
for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256;
|
||||
EncryptData(key, encryptionIv, unencryptedData, &encryptedData);
|
||||
TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData);
|
||||
@@ -2080,7 +2091,7 @@ TEST_F(OEMCryptoSessionTests, DecryptUnencryptedNoKey) {
|
||||
vector<uint8_t> in_buffer(256);
|
||||
for (size_t i = 0; i < in_buffer.size(); i++) in_buffer[i] = i % 256;
|
||||
vector<uint8_t> encryptionIv(AES_BLOCK_SIZE);
|
||||
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE));
|
||||
// Describe the output
|
||||
vector<uint8_t> out_buffer(in_buffer.size());
|
||||
OEMCrypto_DestBufferDesc destBuffer;
|
||||
@@ -2589,7 +2600,7 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) {
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
|
||||
const size_t size = 50;
|
||||
vector<uint8_t> licenseRequest(size);
|
||||
RAND_pseudo_bytes(&licenseRequest[0], licenseRequest.size());
|
||||
GetRandBytes(&licenseRequest[0], licenseRequest.size());
|
||||
size_t signature_length = 0;
|
||||
sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0],
|
||||
licenseRequest.size(), NULL,
|
||||
@@ -2670,7 +2681,7 @@ TEST_F(OEMCryptoUsesCertificate, RSASignature) {
|
||||
OEMCryptoResult sts;
|
||||
// Sign a Message
|
||||
vector<uint8_t> licenseRequest(500);
|
||||
RAND_pseudo_bytes(&licenseRequest[0], licenseRequest.size());
|
||||
GetRandBytes(&licenseRequest[0], licenseRequest.size());
|
||||
size_t signature_length = 0;
|
||||
uint8_t signature[500];
|
||||
|
||||
@@ -2699,7 +2710,7 @@ TEST_F(OEMCryptoUsesCertificate, RSASignatureLargeBuffer) {
|
||||
OEMCryptoResult sts;
|
||||
// Sign a Message
|
||||
vector<uint8_t> licenseRequest(kMaxMessageSize);
|
||||
RAND_pseudo_bytes(&licenseRequest[0], licenseRequest.size());
|
||||
GetRandBytes(&licenseRequest[0], licenseRequest.size());
|
||||
size_t signature_length = 0;
|
||||
uint8_t signature[500];
|
||||
|
||||
@@ -2757,7 +2768,7 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
|
||||
|
||||
// Sign a Message
|
||||
vector<uint8_t> licenseRequest(size);
|
||||
RAND_pseudo_bytes(&licenseRequest[0], licenseRequest.size());
|
||||
GetRandBytes(&licenseRequest[0], licenseRequest.size());
|
||||
size_t signature_length = 256;
|
||||
vector<uint8_t> signature(signature_length);
|
||||
sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0],
|
||||
@@ -2788,7 +2799,7 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
|
||||
|
||||
vector<uint8_t> licenseRequest(size);
|
||||
RAND_pseudo_bytes(&licenseRequest[0], licenseRequest.size());
|
||||
GetRandBytes(&licenseRequest[0], licenseRequest.size());
|
||||
size_t signature_length = 0;
|
||||
sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0],
|
||||
licenseRequest.size(), NULL,
|
||||
|
||||
Reference in New Issue
Block a user