Move CAS unit tests to the doxygen group cas
This groups the tests together on the devsite. staged at https://developers.devsite.corp.google.com/widevine/drm/client/oemcrypto/v19/oemcrypto-test/group/cas Bug: 298719677 Change-Id: I9d4303ee6397917c0f8ce53c3d591860ac29ad3d
This commit is contained in:
Fred Gylys-Colwell
committed by
Robert Shih
Robert Shih
parent
d4dae79a0e
commit
1dc4377cde
@@ -298,37 +298,6 @@ TEST_P(OEMCryptoEntitlementLicenseTest, LoadEntitlementKeysAPI17) {
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_2.LoadKeys(true));
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest, CasOnlyLoadCasKeysAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true, OEMCrypto_SUCCESS));
|
||||
EntitledMessage entitled_message_2(&license_messages_);
|
||||
entitled_message_2.FillKeyArray();
|
||||
entitled_message_2.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_2.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/false, OEMCrypto_SUCCESS));
|
||||
EntitledMessage entitled_message_3(&license_messages_);
|
||||
entitled_message_3.FillKeyArray();
|
||||
entitled_message_3.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_3.LoadCasKeys(
|
||||
/*load_even=*/false, /*load_odd=*/true, OEMCrypto_SUCCESS));
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_3.LoadCasKeys(
|
||||
/*load_even=*/false, /*load_odd=*/false, OEMCrypto_SUCCESS));
|
||||
}
|
||||
|
||||
/**
|
||||
* This verifies that entitled content keys cannot be loaded if we have not yet
|
||||
* loaded the entitlement keys.
|
||||
@@ -352,30 +321,6 @@ TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(false));
|
||||
}
|
||||
|
||||
/**
|
||||
* This verifies that entitled content keys cannot be loaded if we have loaded
|
||||
* the wrong entitlement keys.
|
||||
*/
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
CasOnlyLoadCasKeysNoEntitlementKeysAPI17) {
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true, OEMCrypto_ERROR_INVALID_CONTEXT));
|
||||
}
|
||||
|
||||
/**
|
||||
* This verifies that entitled content keys cannot be loaded if we have loaded
|
||||
* the wrong entitlement keys.
|
||||
@@ -398,28 +343,6 @@ TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(false));
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
CasOnlyLoadCasKeysWrongEntitlementKeysAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
const std::string key_id = "no_key";
|
||||
entitled_message_1.SetEntitlementKeyId(0, key_id);
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true, OEMCrypto_KEY_NOT_ENTITLED));
|
||||
}
|
||||
|
||||
/**
|
||||
* This verifies that entitled content keys cannot be loaded if we specify an
|
||||
* entitled key session that has not been created.
|
||||
@@ -441,77 +364,6 @@ TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(false));
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
CasOnlyLoadCasKeysWrongEntitledKeySessionAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
const uint32_t wrong_key_session_id = key_session_id == 0 ? 1 : 0;
|
||||
entitled_message_1.SetEntitledKeySession(wrong_key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true,
|
||||
OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION));
|
||||
}
|
||||
|
||||
/**
|
||||
* This verifies that entitled content keys cannot be loaded if we specify an
|
||||
* entitled key session that is actually an oemcrypto session.
|
||||
*/
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
LoadEntitlementKeysOemcryptoSessionAPI17) {
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
if (session_.session_id() == key_session_id) {
|
||||
GTEST_SKIP()
|
||||
<< "Skipping test because entitled and entitlement sessions are both "
|
||||
<< key_session_id << ".";
|
||||
}
|
||||
entitled_message_1.SetEntitledKeySession(session_.session_id());
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(false));
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
CasOnlyLoadCasKeysOemcryptoSessionAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(session_.session_id());
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true,
|
||||
OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION));
|
||||
}
|
||||
|
||||
INSTANTIATE_TEST_SUITE_P(TestAll, OEMCryptoEntitlementLicenseTest,
|
||||
Range<uint32_t>(kCoreMessagesAPI, kCurrentAPI + 1));
|
||||
|
||||
@@ -778,42 +630,6 @@ TEST_P(OEMCryptoLicenseTest, SelectKeyEntitledKeyNotThereAPI17) {
|
||||
strlen(content_key_id)));
|
||||
}
|
||||
|
||||
/**
|
||||
* Select key with entitlement license fails if the key id is entitlement key
|
||||
* id.
|
||||
*/
|
||||
TEST_P(OEMCryptoLicenseTest, SelectKeyEntitlementKeyAPI17) {
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, license_messages_.LoadResponse());
|
||||
|
||||
uint32_t key_session_id;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(true));
|
||||
|
||||
if (session_.session_id() == key_session_id) {
|
||||
GTEST_SKIP()
|
||||
<< "Skipping test because entitled and entitlement sessions are both "
|
||||
<< key_session_id << ".";
|
||||
}
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_ERROR_INVALID_CONTEXT, session_.session_id(),
|
||||
session_.license().keys[0].key_id,
|
||||
session_.license().keys[0].key_id_length));
|
||||
}
|
||||
|
||||
// This verifies that entitled key sessions can be created and removed.
|
||||
TEST_P(OEMCryptoLicenseTest, EntitledKeySessionsAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
@@ -867,77 +683,6 @@ TEST_P(OEMCryptoLicenseTest,
|
||||
session_.open();
|
||||
}
|
||||
|
||||
// This verifies that multiple entitled key sessions can be created. They can
|
||||
// load and select keys independently.
|
||||
TEST_P(OEMCryptoLicenseTest, EntitledKeySessionMultipleKeySessionsAPI17) {
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, license_messages_.LoadResponse());
|
||||
|
||||
uint32_t key_session_id_1;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id_1));
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id_1);
|
||||
const char* content_key_id_1 = "content_key_id_1";
|
||||
entitled_message_1.SetContentKeyId(0, content_key_id_1);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(true));
|
||||
// We can select content key 1 in entitled key session 1.
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_SUCCESS, key_session_id_1,
|
||||
reinterpret_cast<const uint8_t*>(content_key_id_1),
|
||||
strlen(content_key_id_1)));
|
||||
|
||||
// Create another entitled key session.
|
||||
uint32_t key_session_id_2;
|
||||
OEMCryptoResult status = OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id_2);
|
||||
// For DRM, but not for CAS, we allow there to be only a single entitled
|
||||
// session.
|
||||
if (!global_features.supports_cas &&
|
||||
(key_session_id_2 == key_session_id_1 ||
|
||||
status == OEMCrypto_ERROR_TOO_MANY_SESSIONS)) {
|
||||
GTEST_SKIP()
|
||||
<< "Skipping test because multiple entitled sessions not supported.";
|
||||
}
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, status);
|
||||
// Entitled key sessions should have unique ids.
|
||||
ASSERT_NE(key_session_id_1, key_session_id_2);
|
||||
|
||||
EntitledMessage entitled_message_2(&license_messages_);
|
||||
entitled_message_2.FillKeyArray();
|
||||
entitled_message_2.SetEntitledKeySession(key_session_id_2);
|
||||
const char* content_key_id_2 = "content_key_id_2";
|
||||
entitled_message_2.SetContentKeyId(0, content_key_id_2);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_2.LoadKeys(true));
|
||||
// We can select content key 2 in entitled key session 2.
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_SUCCESS, key_session_id_2,
|
||||
reinterpret_cast<const uint8_t*>(content_key_id_2),
|
||||
strlen(content_key_id_2)));
|
||||
|
||||
// Content key id 1 is not in entitled key session 2.
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_ERROR_NO_CONTENT_KEY, key_session_id_2,
|
||||
reinterpret_cast<const uint8_t*>(content_key_id_1),
|
||||
strlen(content_key_id_1)));
|
||||
|
||||
// Content key id 2 is not in entitled key session 1.
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_ERROR_NO_CONTENT_KEY, key_session_id_1,
|
||||
reinterpret_cast<const uint8_t*>(content_key_id_2),
|
||||
strlen(content_key_id_2)));
|
||||
}
|
||||
|
||||
// This verifies that within an entitled key session, each entitlement key can
|
||||
// corresponds to only one content key at most.
|
||||
TEST_P(OEMCryptoLicenseTest,
|
||||
@@ -1536,7 +1281,260 @@ INSTANTIATE_TEST_SUITE_P(TestAll, OEMCryptoLicenseOverflowTest,
|
||||
|
||||
/// @addtogroup cas
|
||||
/// @{
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest, CasOnlyLoadCasKeysAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true, OEMCrypto_SUCCESS));
|
||||
EntitledMessage entitled_message_2(&license_messages_);
|
||||
entitled_message_2.FillKeyArray();
|
||||
entitled_message_2.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_2.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/false, OEMCrypto_SUCCESS));
|
||||
EntitledMessage entitled_message_3(&license_messages_);
|
||||
entitled_message_3.FillKeyArray();
|
||||
entitled_message_3.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_3.LoadCasKeys(
|
||||
/*load_even=*/false, /*load_odd=*/true, OEMCrypto_SUCCESS));
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_3.LoadCasKeys(
|
||||
/*load_even=*/false, /*load_odd=*/false, OEMCrypto_SUCCESS));
|
||||
}
|
||||
|
||||
/**
|
||||
* This verifies that entitled content keys cannot be loaded if we have loaded
|
||||
* the wrong entitlement keys.
|
||||
*/
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
CasOnlyLoadCasKeysNoEntitlementKeysAPI17) {
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true, OEMCrypto_ERROR_INVALID_CONTEXT));
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
CasOnlyLoadCasKeysWrongEntitlementKeysAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
const std::string key_id = "no_key";
|
||||
entitled_message_1.SetEntitlementKeyId(0, key_id);
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true, OEMCrypto_KEY_NOT_ENTITLED));
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
CasOnlyLoadCasKeysWrongEntitledKeySessionAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
const uint32_t wrong_key_session_id = key_session_id == 0 ? 1 : 0;
|
||||
entitled_message_1.SetEntitledKeySession(wrong_key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true,
|
||||
OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION));
|
||||
}
|
||||
|
||||
/**
|
||||
* This verifies that entitled content keys cannot be loaded if we specify an
|
||||
* entitled key session that is actually an oemcrypto session.
|
||||
*/
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
LoadEntitlementKeysOemcryptoSessionAPI17) {
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
if (session_.session_id() == key_session_id) {
|
||||
GTEST_SKIP()
|
||||
<< "Skipping test because entitled and entitlement sessions are both "
|
||||
<< key_session_id << ".";
|
||||
}
|
||||
entitled_message_1.SetEntitledKeySession(session_.session_id());
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(false));
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoEntitlementLicenseTest,
|
||||
CasOnlyLoadCasKeysOemcryptoSessionAPI17) {
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
LoadEntitlementLicense();
|
||||
uint32_t key_session_id = 0;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(session_.session_id());
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadCasKeys(
|
||||
/*load_even=*/true, /*load_odd=*/true,
|
||||
OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION));
|
||||
}
|
||||
|
||||
/**
|
||||
* Select key with entitlement license fails if the key id is entitlement key
|
||||
* id.
|
||||
*/
|
||||
TEST_P(OEMCryptoLicenseTest, SelectKeyEntitlementKeyAPI17) {
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, license_messages_.LoadResponse());
|
||||
|
||||
uint32_t key_session_id;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id));
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(true));
|
||||
|
||||
if (session_.session_id() == key_session_id) {
|
||||
GTEST_SKIP()
|
||||
<< "Skipping test because entitled and entitlement sessions are both "
|
||||
<< key_session_id << ".";
|
||||
}
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_ERROR_INVALID_CONTEXT, session_.session_id(),
|
||||
session_.license().keys[0].key_id,
|
||||
session_.license().keys[0].key_id_length));
|
||||
}
|
||||
|
||||
// This verifies that multiple entitled key sessions can be created. They can
|
||||
// load and select keys independently.
|
||||
TEST_P(OEMCryptoLicenseTest, EntitledKeySessionMultipleKeySessionsAPI17) {
|
||||
if (!global_features.supports_cas) {
|
||||
GTEST_SKIP() << "OEMCrypto does not support CAS";
|
||||
}
|
||||
if (wvoec::global_features.api_version < 17) {
|
||||
GTEST_SKIP() << "Test for versions 17 and up only.";
|
||||
}
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, license_messages_.LoadResponse());
|
||||
|
||||
uint32_t key_session_id_1;
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id_1));
|
||||
EntitledMessage entitled_message_1(&license_messages_);
|
||||
entitled_message_1.FillKeyArray();
|
||||
entitled_message_1.SetEntitledKeySession(key_session_id_1);
|
||||
const char* content_key_id_1 = "content_key_id_1";
|
||||
entitled_message_1.SetContentKeyId(0, content_key_id_1);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_1.LoadKeys(true));
|
||||
// We can select content key 1 in entitled key session 1.
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_SUCCESS, key_session_id_1,
|
||||
reinterpret_cast<const uint8_t*>(content_key_id_1),
|
||||
strlen(content_key_id_1)));
|
||||
|
||||
// Create another entitled key session.
|
||||
uint32_t key_session_id_2;
|
||||
OEMCryptoResult status = OEMCrypto_CreateEntitledKeySession(
|
||||
session_.session_id(), &key_session_id_2);
|
||||
// For DRM, but not for CAS, we allow there to be only a single entitled
|
||||
// session.
|
||||
if (!global_features.supports_cas &&
|
||||
(key_session_id_2 == key_session_id_1 ||
|
||||
status == OEMCrypto_ERROR_TOO_MANY_SESSIONS)) {
|
||||
GTEST_SKIP()
|
||||
<< "Skipping test because multiple entitled sessions not supported.";
|
||||
}
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, status);
|
||||
// Entitled key sessions should have unique ids.
|
||||
ASSERT_NE(key_session_id_1, key_session_id_2);
|
||||
|
||||
EntitledMessage entitled_message_2(&license_messages_);
|
||||
entitled_message_2.FillKeyArray();
|
||||
entitled_message_2.SetEntitledKeySession(key_session_id_2);
|
||||
const char* content_key_id_2 = "content_key_id_2";
|
||||
entitled_message_2.SetContentKeyId(0, content_key_id_2);
|
||||
ASSERT_NO_FATAL_FAILURE(entitled_message_2.LoadKeys(true));
|
||||
// We can select content key 2 in entitled key session 2.
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_SUCCESS, key_session_id_2,
|
||||
reinterpret_cast<const uint8_t*>(content_key_id_2),
|
||||
strlen(content_key_id_2)));
|
||||
|
||||
// Content key id 1 is not in entitled key session 2.
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_ERROR_NO_CONTENT_KEY, key_session_id_2,
|
||||
reinterpret_cast<const uint8_t*>(content_key_id_1),
|
||||
strlen(content_key_id_1)));
|
||||
|
||||
// Content key id 2 is not in entitled key session 1.
|
||||
ASSERT_NO_FATAL_FAILURE(session_.TestDecryptEntitled(
|
||||
OEMCrypto_ERROR_NO_CONTENT_KEY, key_session_id_1,
|
||||
reinterpret_cast<const uint8_t*>(content_key_id_2),
|
||||
strlen(content_key_id_2)));
|
||||
}
|
||||
/// @}
|
||||
|
||||
/// @addtogroup security
|
||||
|
||||
Reference in New Issue
Block a user