widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Fix test message format for cast receiver" into vic-widevine-dev

Browse Source
This commit is contained in:
Cong Lin
2024-09-25 17:10:24 +00:00
committed by Android (Google) Code Review
parent 6c9eb3f981 0ea1b8f8fd
commit 22256e145c
2 changed files with 29 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
libwvdrmengine/oemcrypto/test/oemcrypto_cast_test.cpp
View File

@@ -5,8 +5,6 @@
#include "oemcrypto_cast_test.h" #include "oemcrypto_cast_test.h"
#include "oemcrypto_usage_table_test.h"
using ::testing::Range; using ::testing::Range;
namespace wvoec { namespace wvoec {
@@ -260,18 +258,8 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates {
ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(s.open());
ASSERT_NO_FATAL_FAILURE(s.LoadWrappedRsaDrmKey(wrapped_drm_key_)); ASSERT_NO_FATAL_FAILURE(s.LoadWrappedRsaDrmKey(wrapped_drm_key_));
// The application will compute the SHA-1 Hash of the message, so this vector<uint8_t> digest;
// test must do that also. ASSERT_NO_FATAL_FAILURE(PrepareCastDigestedMessage(message, digest));
uint8_t hash[SHA_DIGEST_LENGTH];
if (!SHA1(message.data(), message.size(), hash)) {
dump_boringssl_error();
FAIL() << "boringssl error creating SHA1 hash.";
}
// The application will prepend the digest info to the hash.
// SHA-1 digest info prefix = 0x30 0x21 0x30 ...
vector<uint8_t> digest = wvutil::a2b_hex("3021300906052b0e03021a05000414");
digest.insert(digest.end(), hash, hash + SHA_DIGEST_LENGTH);
// OEMCrypto will apply the padding, and encrypt to generate the // OEMCrypto will apply the padding, and encrypt to generate the
// signature. // signature.

31
libwvdrmengine/oemcrypto/test/oemcrypto_cast_test.h
View File

@@ -14,6 +14,7 @@
#include "OEMCryptoCENC.h" #include "OEMCryptoCENC.h"
#include "oemcrypto_provisioning_test.h" #include "oemcrypto_provisioning_test.h"
#include "oemcrypto_session_tests_helper.h" #include "oemcrypto_session_tests_helper.h"
#include "oemcrypto_usage_table_test.h"
namespace wvoec { namespace wvoec {
@@ -22,6 +23,25 @@ const char* HDCPCapabilityAsString(OEMCrypto_HDCP_Capability value);
// This test attempts to use alternate algorithms for loaded device certs. // This test attempts to use alternate algorithms for loaded device certs.
class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate { class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
protected: protected:
// The message to be signed by OEMCrypto_GenerateRSASignature() starts with a
// constant digest info prefix followed by a SHA-1 hash of the message.
void PrepareCastDigestedMessage(const std::vector<uint8_t>& message,
std::vector<uint8_t>& digest) {
// The application will compute the SHA-1 Hash of the message, so this
// test must do that also.
uint8_t hash[SHA_DIGEST_LENGTH];
if (!SHA1(message.data(), message.size(), hash)) {
dump_boringssl_error();
FAIL() << "boringssl error creating SHA1 hash.";
}
// The application will prepend the digest info to the hash.
// SHA-1 digest info prefix = 0x30 0x21 0x30 ...
static const std::vector<uint8_t> prefix =
wvutil::a2b_hex("3021300906052b0e03021a05000414");
digest.insert(digest.end(), prefix.begin(), prefix.end());
digest.insert(digest.end(), hash, hash + SHA_DIGEST_LENGTH);
}
void TestSignature(RSA_Padding_Scheme scheme, size_t size) { void TestSignature(RSA_Padding_Scheme scheme, size_t size) {
Session s; Session s;
ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(s.open());
@@ -29,16 +49,19 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
vector<uint8_t> licenseRequest(size); vector<uint8_t> licenseRequest(size);
GetRandBytes(licenseRequest.data(), licenseRequest.size()); GetRandBytes(licenseRequest.data(), licenseRequest.size());
vector<uint8_t> digested_message;
ASSERT_NO_FATAL_FAILURE(
PrepareCastDigestedMessage(licenseRequest, digested_message));
size_t signature_length = 0; size_t signature_length = 0;
OEMCryptoResult sts = OEMCrypto_GenerateRSASignature( OEMCryptoResult sts = OEMCrypto_GenerateRSASignature(
s.session_id(), licenseRequest.data(), licenseRequest.size(), nullptr, s.session_id(), digested_message.data(), digested_message.size(),
&signature_length, scheme); nullptr, &signature_length, scheme);
ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
ASSERT_NE(static_cast<size_t>(0), signature_length); ASSERT_NE(static_cast<size_t>(0), signature_length);
std::vector<uint8_t> signature(signature_length, 0); std::vector<uint8_t> signature(signature_length, 0);
sts = OEMCrypto_GenerateRSASignature( sts = OEMCrypto_GenerateRSASignature(
s.session_id(), licenseRequest.data(), licenseRequest.size(), s.session_id(), digested_message.data(), digested_message.size(),
signature.data(), &signature_length, scheme); signature.data(), &signature_length, scheme);
ASSERT_EQ(OEMCrypto_SUCCESS, sts) ASSERT_EQ(OEMCrypto_SUCCESS, sts)
@@ -48,7 +71,7 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
ASSERT_NO_FATAL_FAILURE(s.SetRsaPublicKeyFromPrivateKeyInfo( ASSERT_NO_FATAL_FAILURE(s.SetRsaPublicKeyFromPrivateKeyInfo(
encoded_rsa_key_.data(), encoded_rsa_key_.size())); encoded_rsa_key_.data(), encoded_rsa_key_.size()));
ASSERT_NO_FATAL_FAILURE(s.VerifyRsaSignature( ASSERT_NO_FATAL_FAILURE(s.VerifyRsaSignature(
licenseRequest, signature.data(), signature_length, scheme)); digested_message, signature.data(), signature_length, scheme));
} }
// If force is true, we assert that the key loads successfully. // If force is true, we assert that the key loads successfully.