widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Multiple RSA keys unit test

Browse Source 
Merge from Widevine repo of http://go/wvgerrit/55460

This test ensures that different oemcrypto sessions can use different RSA keys.

bug: 110319198 Test concurrent sessions can use different DRM certificates
test: unit tests on taimen
Change-Id: Id75eedea347d453987dfe42894a8a7301e345674
This commit is contained in:
Fred Gylys-Colwell
2018-08-03 16:57:38 -07:00
parent f4258cc628
commit 20e85635a2
2 changed files with 141 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -2528,6 +2528,41 @@ TEST_F(OEMCryptoLoadsCertificate, TestCarmichaelRSAKey) {
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR());
}
// This tests that two sessions can use different RSA keys simultaneously.
TEST_F(OEMCryptoLoadsCertificate, TestMultipleRSAKeys) {
CreateWrappedRSAKey(kSign_RSASSA_PSS, true);
Session s1; // Session s1 loads the default rsa key, but doesn't use it
// until after s2 uses its key.
ASSERT_NO_FATAL_FAILURE(s1.open());
ASSERT_NO_FATAL_FAILURE(s1.PreparePublicKey(&encoded_rsa_key_[0],
encoded_rsa_key_.size()));
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_LoadDeviceRSAKey(s1.session_id(), &wrapped_rsa_key_[0],
wrapped_rsa_key_.size()));
Session s2; // Session s2 uses a different rsa key.
encoded_rsa_key_.assign(kTestRSAPKCS8PrivateKeyInfo4_2048,
kTestRSAPKCS8PrivateKeyInfo4_2048 +
sizeof(kTestRSAPKCS8PrivateKeyInfo4_2048));
CreateWrappedRSAKey(kSign_RSASSA_PSS, true);
ASSERT_NO_FATAL_FAILURE(s2.open());
ASSERT_NO_FATAL_FAILURE(s2.PreparePublicKey(&encoded_rsa_key_[0],
encoded_rsa_key_.size()));
ASSERT_NO_FATAL_FAILURE(s2.InstallRSASessionTestKey(wrapped_rsa_key_));
ASSERT_NO_FATAL_FAILURE(s2.FillSimpleMessage(kDuration, 0, 0));
ASSERT_NO_FATAL_FAILURE(s2.EncryptAndSign());
ASSERT_NO_FATAL_FAILURE(s2.LoadTestKeys());
ASSERT_NO_FATAL_FAILURE(s2.TestDecryptCTR());
s2.close();
// After s2 has loaded its rsa key, we continue using s1's key.
ASSERT_NO_FATAL_FAILURE(s1.GenerateDerivedKeysFromSessionKey());
ASSERT_NO_FATAL_FAILURE(s1.FillSimpleMessage(kDuration, 0, 0));
ASSERT_NO_FATAL_FAILURE(s1.EncryptAndSign());
ASSERT_NO_FATAL_FAILURE(s1.LoadTestKeys());
ASSERT_NO_FATAL_FAILURE(s1.TestDecryptCTR());
}
// Devices that load certificates, should at least support RSA 2048 keys.
TEST_F(OEMCryptoLoadsCertificate, SupportsCertificatesAPI13) {
ASSERT_NE(0u,