widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge changes Ibd8951c7,I9a13dbae

Browse Source 
* changes:
  Add mutex lock around InstallTestRootOfTrust
  Remove Test Keybox Again
This commit is contained in:
Fred Gylys-Colwell
2019-01-26 01:09:28 +00:00
committed by Android (Google) Code Review
parent d203bea228 03c10789f9
commit 1e9c85c00d
5 changed files with 39 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
libwvdrmengine/cdm/core/test/test_base.cpp
View File

@@ -198,8 +198,16 @@ bool TestCryptoSession::GenerateNonce(uint32_t* nonce) {
class TestCryptoSessionFactory : public CryptoSessionFactory {
CryptoSession* MakeCryptoSession(metrics::CryptoMetrics* crypto_metrics) {
// We need to add extra locking here because we need to make sure that there
// are no other OEMCrypto calls between OEMCrypto_Initialize and
// InstallTestRootOfTrust. OEMCrypto_Initialize is called in the production
// CryptoSession::Init and is wrapped in crypto_lock_, but
// InstallTestRootOfTrust is only called in the constructor of the
// TestCryptoSession, above.
std::unique_lock<std::mutex> auto_lock(init_lock_);
return new TestCryptoSession(crypto_metrics);
}
std::mutex init_lock_;
};
void WvCdmTestBase::SetUp() {
@@ -226,19 +234,10 @@ void WvCdmTestBase::SetUp() {
void WvCdmTestBase::InstallTestRootOfTrust() {
switch (wvoec::global_features.derive_key_method) {
case wvoec::DeviceFeatures::LOAD_TEST_KEYBOX:
// TODO(fredgc, b/119316243): REMOVE THIS! (and the lines below)
if (wvoec::global_features.api_version < 14) {
// This should work with a production android device, but will fail with
// the keyboxless ce cdm, as shipped. We are including this bit of code
// so we can develop on Android, but plan to remove it when we have a
// few more android test devices with v14 or v15 oemcrypto.
LOGE("Attempting tests without test keybox.");
} else { // TODO(fredgc, b/119316243): END OF REMOVE THIS!
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_LoadTestKeybox(
reinterpret_cast<const uint8_t*>(&wvoec::kTestKeybox),
sizeof(wvoec::kTestKeybox)));
} // TODO(fredgc, b/119316243): yeah, yeah... remove this line, too.
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_LoadTestKeybox(
reinterpret_cast<const uint8_t*>(&wvoec::kTestKeybox),
sizeof(wvoec::kTestKeybox)));
break;
case wvoec::DeviceFeatures::LOAD_TEST_RSA_KEY:
// Rare case: used by devices with baked in DRM cert.

33
libwvdrmengine/oemcrypto/test/oec_device_features.cpp
View File

@@ -153,12 +153,33 @@ std::string DeviceFeatures::RestrictFilter(const std::string& initial_filter) {
if (provisioning_method
!= OEMCrypto_OEMCertificate) FilterOut(&filter, "*Prov30*");
if (!supports_rsa_3072) FilterOut(&filter, "*RSAKey3072*");
if (api_version < 9) FilterOut(&filter, "*API09*");
if (api_version < 10) FilterOut(&filter, "*API10*");
if (api_version < 11) FilterOut(&filter, "*API11*");
if (api_version < 12) FilterOut(&filter, "*API12*");
if (api_version < 13) FilterOut(&filter, "*API13*");
if (api_version < 14) FilterOut(&filter, "*API14*");
if (api_version < 14) {
// Because API 13 uses an old hard coded test keybox, none of these tests
// will pass. Partners who wish to test with a v13 OEMCrypto should use
// code on an older v13 branch.
printf("These unit tests are designed for OEMCrypto API 15 and above.\n");
printf("This device has an OEMCrypto with API version %d.\n", api_version);
printf("To verify correctness, please build unit tests from a "
"compatible branch.\n");
FilterOut(&filter, "*API09*");
FilterOut(&filter, "*API10*");
FilterOut(&filter, "*API11*");
FilterOut(&filter, "*API12*");
FilterOut(&filter, "*API13*");
FilterOut(&filter, "*API14*");
FilterOut(&filter, "*TestKeyboxTest*");
FilterOut(&filter, "*SessionTest*");
FilterOut(&filter, "*UsageTable*");
FilterOut(&filter, "*GenericCrypto*");
FilterOut(&filter, "*LoadsCertificate*");
FilterOut(&filter, "*UsesCertificate*");
// We also expect some CDM tests to fail without a new test keybox:
FilterOut(&filter, "*WvCdmRequestLicenseTest*");
FilterOut(&filter, "*WvGenericOperations*");
FilterOut(&filter, "*WvCdmEngine*");
FilterOut(&filter, "*Cdm/WvCdm*");
FilterOut(&filter, "*Cdm/WvHls*");
}
if (api_version < 15) FilterOut(&filter, "*API15*");
// Some tests may require root access. If user is not root, filter these tests
// out.

35
libwvdrmengine/oemcrypto/test/oec_test_data.h
View File

@@ -15,41 +15,6 @@
namespace wvoec {
// TODO(fredgc, b/119316243): REMOVE THIS KEYBOX!
// This test keybox is used for testing with OEMCrypto v13.
// It should be removed before release!
static const WidevineKeybox kTestKeyboxForV13 = {
// Sample keybox used for test vectors
{
// deviceID
0x54, 0x65, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x30, // TestKey01
0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
}, {
// key
0xfb, 0xda, 0x04, 0x89, 0xa1, 0x58, 0x16, 0x0e,
0xa4, 0x02, 0xe9, 0x29, 0xe3, 0xb6, 0x8f, 0x04,
}, {
// data
0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x10, 0x19,
0x07, 0xd9, 0xff, 0xde, 0x13, 0xaa, 0x95, 0xc1,
0x22, 0x67, 0x80, 0x53, 0x36, 0x21, 0x36, 0xbd,
0xf8, 0x40, 0x8f, 0x82, 0x76, 0xe4, 0xc2, 0xd8,
0x7e, 0xc5, 0x2b, 0x61, 0xaa, 0x1b, 0x9f, 0x64,
0x6e, 0x58, 0x73, 0x49, 0x30, 0xac, 0xeb, 0xe8,
0x99, 0xb3, 0xe4, 0x64, 0x18, 0x9a, 0x14, 0xa8,
0x72, 0x02, 0xfb, 0x02, 0x57, 0x4e, 0x70, 0x64,
0x0b, 0xd2, 0x2e, 0xf4, 0x4b, 0x2d, 0x7e, 0x39,
}, {
// magic
0x6b, 0x62, 0x6f, 0x78,
}, {
// Crc
0x0a, 0x7a, 0x2c, 0x35,
}
};
// This is a test keybox. It will not be accepted by production systems. By
// using a known keybox for these tests, the results for a given set of inputs
// to a test are predictable and can be compared to the actual results.

2
libwvdrmengine/oemcrypto/test/oemcrypto_session_tests_helper.cpp
View File

@@ -103,8 +103,6 @@ void SessionUtil::EnsureTestKeys() {
switch (global_features.derive_key_method) {
case DeviceFeatures::LOAD_TEST_KEYBOX:
keybox_ = kTestKeybox;
// TODO(fredgc, b/119316243): REMOVE FOLLOWING LINE:
if (global_features.api_version < 14) keybox_ = kTestKeyboxForV13;
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_LoadTestKeybox(
reinterpret_cast<const uint8_t*>(&keybox_),

34
libwvdrmengine/oemcrypto/test/oemcrypto_test_android.cpp
View File

@@ -49,11 +49,6 @@ TEST_F(OEMCryptoAndroidLMPTest, ValidKeybox) {
}
}
TEST_F(OEMCryptoAndroidLMPTest, MinVersionNumber9) {
uint32_t version = OEMCrypto_APIVersion();
ASSERT_LE(9u, version);
}
TEST_F(OEMCryptoAndroidLMPTest, ValidKeyboxTest) {
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_IsKeyboxValid());
}
@@ -107,11 +102,6 @@ TEST_F(OEMCryptoAndroidLMPTest, Level1Required) {
// These tests are required for M Android devices.
class OEMCryptoAndroidMNCTest : public OEMCryptoAndroidLMPTest {};
TEST_F(OEMCryptoAndroidMNCTest, MinVersionNumber10) {
uint32_t version = OEMCrypto_APIVersion();
ASSERT_GE(version, 10u);
}
TEST_F(OEMCryptoAndroidMNCTest, LoadsTestKeyboxImplemented) {
if (OEMCrypto_Keybox == OEMCrypto_GetProvisioningMethod()) {
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadTestKeybox(
@@ -135,28 +125,4 @@ TEST_F(OEMCryptoAndroidMNCTest, QueryKeyControlImplemented) {
OEMCrypto_QueryKeyControl(0, NULL, 0, NULL, NULL));
}
// These tests are required for N Android devices.
class OEMCryptoAndroidNYCTest : public OEMCryptoAndroidMNCTest {};
TEST_F(OEMCryptoAndroidNYCTest, MinVersionNumber11) {
uint32_t version = OEMCrypto_APIVersion();
ASSERT_GE(version, 11u);
}
// These tests are required for O MR1 Android devices.
class OEMCryptoAndroidOCTest : public OEMCryptoAndroidNYCTest {};
TEST_F(OEMCryptoAndroidOCTest, MinVersionNumber13) {
uint32_t version = OEMCrypto_APIVersion();
ASSERT_GE(version, 13u);
}
// These tests are required for Q Android devices.
class OEMCryptoAndroidQTest : public OEMCryptoAndroidOCTest {};
TEST_F(OEMCryptoAndroidQTest, MinVersionNumber14) {
uint32_t version = OEMCrypto_APIVersion();
ASSERT_GE(version, 15u);
}
} // namespace wvoec