Merge "Fix test message format for cast receiver" into vic-widevine-dev

libwvdrmengine/oemcrypto/test/oemcrypto_cast_test.cpp

@@ -5,8 +5,6 @@
 
 #include "oemcrypto_cast_test.h"
 
-#include "oemcrypto_usage_table_test.h"
-
 using ::testing::Range;
 
 namespace wvoec {
@@ -260,18 +258,8 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates {
     ASSERT_NO_FATAL_FAILURE(s.open());
     ASSERT_NO_FATAL_FAILURE(s.LoadWrappedRsaDrmKey(wrapped_drm_key_));
 
-    // The application will compute the SHA-1 Hash of the message, so this
-    // test must do that also.
-    uint8_t hash[SHA_DIGEST_LENGTH];
-    if (!SHA1(message.data(), message.size(), hash)) {
-      dump_boringssl_error();
-      FAIL() << "boringssl error creating SHA1 hash.";
-    }
-
-    // The application will prepend the digest info to the hash.
-    // SHA-1 digest info prefix = 0x30 0x21 0x30 ...
-    vector<uint8_t> digest = wvutil::a2b_hex("3021300906052b0e03021a05000414");
-    digest.insert(digest.end(), hash, hash + SHA_DIGEST_LENGTH);
+    vector<uint8_t> digest;
+    ASSERT_NO_FATAL_FAILURE(PrepareCastDigestedMessage(message, digest));
 
     // OEMCrypto will apply the padding, and encrypt to generate the
     // signature.

libwvdrmengine/oemcrypto/test/oemcrypto_cast_test.h

@@ -14,6 +14,7 @@
 #include "OEMCryptoCENC.h"
 #include "oemcrypto_provisioning_test.h"
 #include "oemcrypto_session_tests_helper.h"
+#include "oemcrypto_usage_table_test.h"
 
 namespace wvoec {
 
@@ -22,6 +23,25 @@ const char* HDCPCapabilityAsString(OEMCrypto_HDCP_Capability value);
 // This test attempts to use alternate algorithms for loaded device certs.
 class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
  protected:
+  // The message to be signed by OEMCrypto_GenerateRSASignature() starts with a
+  // constant digest info prefix followed by a SHA-1 hash of the message.
+  void PrepareCastDigestedMessage(const std::vector<uint8_t>& message,
+                                  std::vector<uint8_t>& digest) {
+    // The application will compute the SHA-1 Hash of the message, so this
+    // test must do that also.
+    uint8_t hash[SHA_DIGEST_LENGTH];
+    if (!SHA1(message.data(), message.size(), hash)) {
+      dump_boringssl_error();
+      FAIL() << "boringssl error creating SHA1 hash.";
+    }
+    // The application will prepend the digest info to the hash.
+    // SHA-1 digest info prefix = 0x30 0x21 0x30 ...
+    static const std::vector<uint8_t> prefix =
+        wvutil::a2b_hex("3021300906052b0e03021a05000414");
+    digest.insert(digest.end(), prefix.begin(), prefix.end());
+    digest.insert(digest.end(), hash, hash + SHA_DIGEST_LENGTH);
+  }
+
   void TestSignature(RSA_Padding_Scheme scheme, size_t size) {
     Session s;
     ASSERT_NO_FATAL_FAILURE(s.open());
@@ -29,16 +49,19 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
 
     vector<uint8_t> licenseRequest(size);
     GetRandBytes(licenseRequest.data(), licenseRequest.size());
+    vector<uint8_t> digested_message;
+    ASSERT_NO_FATAL_FAILURE(
+        PrepareCastDigestedMessage(licenseRequest, digested_message));
     size_t signature_length = 0;
     OEMCryptoResult sts = OEMCrypto_GenerateRSASignature(
-        s.session_id(), licenseRequest.data(), licenseRequest.size(), nullptr,
-        &signature_length, scheme);
+        s.session_id(), digested_message.data(), digested_message.size(),
+        nullptr, &signature_length, scheme);
     ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
     ASSERT_NE(static_cast<size_t>(0), signature_length);
 
     std::vector<uint8_t> signature(signature_length, 0);
     sts = OEMCrypto_GenerateRSASignature(
-        s.session_id(), licenseRequest.data(), licenseRequest.size(),
+        s.session_id(), digested_message.data(), digested_message.size(),
         signature.data(), &signature_length, scheme);
 
     ASSERT_EQ(OEMCrypto_SUCCESS, sts)
@@ -48,7 +71,7 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
     ASSERT_NO_FATAL_FAILURE(s.SetRsaPublicKeyFromPrivateKeyInfo(
         encoded_rsa_key_.data(), encoded_rsa_key_.size()));
     ASSERT_NO_FATAL_FAILURE(s.VerifyRsaSignature(
-        licenseRequest, signature.data(), signature_length, scheme));
+        digested_message, signature.data(), signature_length, scheme));
   }
 
   // If force is true, we assert that the key loads successfully.