widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge changes I09cec674,Iee28fa90,I1ef35e15

Browse Source 
* changes:
  Modify Level 3 full decrypt path testing for 15.1
  Remove OEMCrypto_InitializeDecryptHash
  Update OEMCrypto documentation to 15.1
This commit is contained in:
Srujan Gaddam
2019-01-08 17:32:14 +00:00
committed by Android (Google) Code Review
parent da18d8ea6b ff307a7c0e
commit 2870210598
15 changed files with 476153 additions and 476345 deletions
Download Patch File Download Diff File Expand all files Collapse all files

124
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -1013,7 +1013,9 @@ OEMCryptoResult OEMCrypto_LoadSRM(const uint8_t* buffer, size_t buffer_length);
* < message_length) && (offset < offset+length),and offset+length does
* not cause an integer overflow. If it does not have zero length, then
* enc_mac_keys_iv must not have zero length, and must also satisfy the
* range check. If not, return OEMCrypto_ERROR_INVALID_CONTEXT.
* range check. If not, return OEMCrypto_ERROR_INVALID_CONTEXT. If the
* length is zero, then OEMCrypto may assume that the offset is also
* zero.
* 3. The API shall verify that each substring in each KeyObject points to
* a location in the message. I.e. (offset < message_length) &&
* (offset + length < message_length) && (offset < offset+length) and
@@ -1625,6 +1627,10 @@ OEMCryptoResult OEMCrypto_SelectKey(OEMCrypto_SESSION session,
* 6. If the current session has an entry in the Usage Table, and the
* status of that entry is either kInactiveUsed or kInactiveUnused, then
* return the error OEMCrypto_ERROR_LICENSE_INACTIVE.
* 7. If an Decrypt Hash has been initialized via OEMCrypto_SetDecryptHash,
* and the current key's control block does not have the
* Allow_Hash_Verification bit set, then do not compute a hash and
* return OEMCrypto_ERROR_UNKNOWN_FAILURE.
* If the flag is_encrypted is false, then no verification is performed. This
* call shall copy clear data even when there are no keys loaded, or there is
* no selected key.
@@ -2250,6 +2256,9 @@ OEMCryptoResult OEMCrypto_IsKeyboxOrOEMCertValid(void);
* should be stable -- i.e. it should not change across a device reboot or a
* system upgrade.
*
* This function is optional but recommended for Provisioning 3.0 in API v15.
* It may be required for future version of this API.
*
* Parameters:
* [out] deviceId - pointer to the buffer that receives the Device ID
* [in/out] idLength on input, size of the caller's device ID buffer. On
@@ -2259,8 +2268,7 @@ OEMCryptoResult OEMCrypto_IsKeyboxOrOEMCertValid(void);
* OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_SHORT_BUFFER if the buffer is too small to return device ID
* OEMCrypto_ERROR_NO_DEVICEID failed to return Device Id
* OEMCrypto_ERROR_NOT_IMPLEMENTED - this function is required for
* Provisioning 2.0 only.
* OEMCrypto_ERROR_NOT_IMPLEMENTED
* OEMCrypto_ERROR_SYSTEM_INVALIDATED
*
* Threading:
@@ -2856,9 +2864,8 @@ uint32_t OEMCrypto_GetAnalogOutputFlags();
* Description:
* This function returns a positive number indicating which resource rating
* it supports. This value will bubble up to the application level as a
* property in much the same way security level does. This will allow
* applications to estimate what resolution and bandwidth the device expects
* to support.
* property. This will allow applications to estimate what resolution and
* bandwidth the device expects to support.
*
* OEMCrypto unit tests and Android GTS tests will verify that devices do
* support the resource values specified in the table below at the tier
@@ -2881,7 +2888,7 @@ uint32_t OEMCrypto_GetAnalogOutputFlags();
* will break the sample into subsamples of size "Decrypt Buffer Size" as
* specified in the table below. The "Decrypt Buffer Size" means the size of
* one subsample that may be passed into DecryptCENC or CopyBuffer without
* returning error OEMCrypto_ERROR_BUFFER_TOO_LARGE.
* returning error OEMCrypto_ERROR_BUFFER_TOO_LARGE.
*
* The number of keys per session is an indication of how many different
* track types there can be for a piece of content. Typically, content will
@@ -3645,6 +3652,10 @@ OEMCryptoResult OEMCrypto_UpdateUsageEntry(OEMCrypto_SESSION session,
* from generating a report of a deactivated license without first saving the
* entry.
*
* It is allowed to call this function multiple times. If the state is
* already InactiveUsed or InactiveUnused, then this function does not change
* the entry or its state.
*
* Parameters:
* [in] session: handle for the session to be used.
* [in] pst: pointer to memory containing Provider Session Token.
@@ -4012,23 +4023,23 @@ OEMCryptoResult OEMCrypto_CreateOldUsageEntry(uint64_t time_since_license_receiv
*
* Description:
* Returns the type of hash function supported for Full Decrypt Path Testing.
* A hash type of 0 means this feature is not supported. OEMCrypto is not
* required by Google to support this feature, but support will greatly
* improve automated testing. A hash type of 1 means the device will be able
* to compute the CRC32 checksum of the decrypted content in the secure
* buffer after a call to OEMCrypto_DecryptCENC. Google intends to provide
* test applications on some platforms, such as Android, that will automate
* decryption testing using the CRC 32 checksum of all frames in some test
* content.
* A hash type of OEMCrypto_Hash_Not_Supported = 0 means this feature is not
* supported. OEMCrypto is not required by Google to support this feature,
* but support will greatly improve automated testing. A hash type of
* OEMCrypto_CRC_Clear_Buffer = 1 means the device will be able to compute
* the CRC32 checksum of the decrypted content in the secure buffer after a
* call to OEMCrypto_DecryptCENC. Google intends to provide test applications
* on some platforms, such as Android, that will automate decryption testing
* using the CRC 32 checksum of all frames in some test content.
*
* If an SOC vendor cannot support CRC 32 checksums of decrypted output, but
* can support some other hash or checksum, then the function should return
* OEMCrypto_Partner_Defined_Hash and those partners should provide files
* containing hashes of test content. An application that computes the CRC 32
* hashes of test content and builds a hash file in the correct format will
* be provided by Widevine. The source of this application will be provided
* so that partners may modify it to compute their own hash format and
* generate their own hash files.
* OEMCrypto_Partner_Defined_Hash = 2 and those partners should modify the
* test application to compute the appropriate hash. An application that
* computes the CRC 32 hashes of test content and builds a hash file in the
* correct format will be provided by Widevine. The source of this
* application will be provided so that partners may modify it to compute
* their own hash format and generate their own hashes.
*
* Returns:
* OEMCrypto_Hash_Not_Supported = 0;
@@ -4046,57 +4057,29 @@ OEMCryptoResult OEMCrypto_CreateOldUsageEntry(uint64_t time_since_license_receiv
*/
uint32_t OEMCrypto_SupportsDecryptHash();
/*
* OEMCrypto_InitializeDecryptHash
*
* Description:
* This function is called before the first subsample is passed to
* OEMCrypto_DecryptCENC, when the subsample_flag has the bit
* OEMCrytpo_FirstSubsample set. OEMCrypto should expect to compute a hash
* over the whole sample.
*
* This function returns OEMCrypto_ERROR_UNKNOWN_FAILURE if the current key
* does not have the bit Allow_Hash_Verification set in its key control block.
*
* Parameters:
* [in] session: session id for current decrypt operation
*
* Returns:
* OEMCrypto_SUCCESS - if the hash was set
* OEMCrypto_ERROR_NOT_IMPLEMENTED - function not implemented
* OEMCrypto_ERROR_INVALID_SESSION - session not open
* OEMCrypto_ERROR_UNKNOWN_FAILURE - other error
* OEMCrypto_ERROR_SESSION_LOST_STATE
* OEMCrypto_ERROR_SYSTEM_INVALIDATED
*
* Threading:
* This is a "Session Function" and may be called simultaneously with session
* functions for other sessions but not simultaneously with other functions
* for this session. It will not be called simultaneously with initialization
* or usage table functions. It is as if the CDM holds a write lock for this
* session, and a read lock on the OEMCrypto system.
*
* Version:
* This method is new in API version 15.
*/
OEMCryptoResult OEMCrypto_InitializeDecryptHash(OEMCrypto_SESSION session);
/*
* OEMCrypto_SetDecryptHash
*
* Description:
* Set the hash value for the frame that was just decrypted. The hash is over
* all of the frame: encrypted and clear subsamples concatenated together. If
* hashing the output is not supported, then this will return
* Set the hash value for the next frame to be decrypted. This function is
* called before the first subsample is passed to OEMCrypto_DecryptCENC, when
* the subsample_flag has the bit OEMCrytpo_FirstSubsample set. The hash is
* over all of the frame or sample: encrypted and clear subsamples
* concatenated together, up to, and including the subsample with the
* subsample_flag having the bit OEMCrypto_LastSubsample set. If hashing the
* output is not supported, then this will return
* OEMCrypto_ERROR_NOT_IMPLEMENTED. If the hash is ill formed or there are
* other error conditions, this could return OEMCrypto_ERROR_UNKNOWN_FAILURE.
* The length of the hash will be at most 128 bytes. This function is called
* just after the last subsample in the frame, when the subsample_flag has
* the bit OEMCrypto_LastSubsample set. The hash only applies to the previous
* frame.
* other error conditions, this returns OEMCrypto_ERROR_UNKNOWN_FAILURE. The
* length of the hash will be at most 128 bytes.
*
* This function returns OEMCrypto_ERROR_UNKNOWN_FAILURE if the current key
* does not have the bit Allow_Hash_Verification set in its key control block.
* This may be called before the first call to SelectKey. In that case, this
* function cannot verify that the key control block allows hash
* verification. The function DecryptCENC should verify that the key control
* bit allows hash verification when it is called. If an attempt is made to
* compute a hash when the selected key does not have the bit
* Allow_Hash_Verification set, then a hash should not be computed, and
* OEMCrypto_GetHashErrorCode should return the error
* OEMCrypto_ERROR_UNKNOWN_FAILURE.
*
* OEMCrypto should compute the hash of the frame and then compare it with
* the correct value. If the values differ, then OEMCrypto should latch in an
@@ -4147,13 +4130,18 @@ OEMCryptoResult OEMCrypto_SetDecryptHash(OEMCrypto_SESSION session,
* If the hash set in OEMCrypto_SetDecryptHash did not match the computed
* hash, then an error code was saved internally. This function returns that
* error and the frame number of the bad hash. This will be called
* periodically, but not exactly in sync with the decrypt loop. OEMCrypto
* shall not reset the error state to "no error" once a frame has failed
* periodically, but might not be in sync with the decrypt loop. OEMCrypto
* shall not reset the error state to "no error" once any frame has failed
* verification. It should be initialized to "no error" when the session is
* first opened. If there is more than one bad frame, it is the implementer's
* choice if it is more useful to return the number of the first bad frame,
* or the most recent bad frame.
*
* If the hash could not be computed -- either because the
* Allow_Hash_Verification was not set in the key control block, or because
* there were other issues -- this function should return
* OEMCrypto_ERROR_UNKNOWN_FAILURE.
*
* Parameters:
* [in] session: session id for operation.
* [out] failed_frame_number: frame number for sample with incorrect hash.

3
libwvdrmengine/oemcrypto/include/level3.h
View File

@@ -84,7 +84,6 @@ namespace wvoec3 {
#define Level3_SetSandbox _lcc84
#define Level3_ResourceRatingTier _lcc85
#define Level3_SupportsDecryptHash _lcc86
#define Level3_InitializeDecryptHash _lcc87
#define Level3_SetDecryptHash _lcc88
#define Level3_GetHashErrorCode _lcc89
#define Level3_BuildInformation _lcc90
@@ -154,7 +153,6 @@ namespace wvoec3 {
#define Level3_SetSandbox _oecc84
#define Level3_ResourceRatingTier _oecc85
#define Level3_SupportsDecryptHash _oecc86
#define Level3_InitializeDecryptHash _oecc87
#define Level3_SetDecryptHash _oecc88
#define Level3_GetHashErrorCode _oecc89
#define Level3_BuildInformation _oecc90
@@ -359,7 +357,6 @@ OEMCryptoResult Level3_SetSandbox(const uint8_t* sandbox_id,
size_t sandbox_id_length);
uint32_t Level3_ResourceRatingTier();
uint32_t Level3_SupportsDecryptHash();
OEMCryptoResult Level3_InitializeDecryptHash(OEMCrypto_SESSION session);
OEMCryptoResult Level3_SetDecryptHash(OEMCrypto_SESSION session,
uint32_t frame_number,

16
libwvdrmengine/oemcrypto/ref/src/oemcrypto_ref.cpp
View File

@@ -535,7 +535,7 @@ OEMCRYPTO_API OEMCryptoResult OEMCrypto_DecryptCENC(
OEMCryptoResult result = session_ctx->DecryptCENC(
iv, block_offset, pattern, data_addr, data_length, is_encrypted,
crypto_engine->destination(), out_buffer->type);
crypto_engine->destination(), out_buffer->type, subsample_flags);
if (result != OEMCrypto_SUCCESS) return result;
return crypto_engine->PushDestination(out_buffer, subsample_flags);
}
@@ -1621,20 +1621,6 @@ OEMCRYPTO_API uint32_t OEMCrypto_SupportsDecryptHash() {
return OEMCrypto_CRC_Clear_Buffer;
}
OEMCRYPTO_API OEMCryptoResult OEMCrypto_InitializeDecryptHash(
OEMCrypto_SESSION session) {
if (!crypto_engine) {
LOGE("OEMCrypto_InitializeDecryptHash: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
SessionContext* session_ctx = crypto_engine->FindSession(session);
if (!session_ctx || !session_ctx->isValid()) {
LOGE("[OEMCrypto_InitializeDecryptHash(): ERROR_INVALID_SESSION]");
return OEMCrypto_ERROR_INVALID_SESSION;
}
return session_ctx->InitializeDecryptHash();
}
OEMCRYPTO_API OEMCryptoResult OEMCrypto_SetDecryptHash(
OEMCrypto_SESSION session, uint32_t frame_number, const uint8_t* hash,
size_t hash_length) {

69
libwvdrmengine/oemcrypto/ref/src/oemcrypto_session.cpp
View File

@@ -1168,7 +1168,6 @@ OEMCryptoResult SessionContext::SelectContentKey(
LOGE("No key matches key id");
return OEMCrypto_ERROR_NO_CONTENT_KEY;
}
compute_hash_ = false;
content_key->set_ctr_mode(cipher_mode == OEMCrypto_CipherMode_CTR);
current_content_key_ = content_key;
const KeyControlBlock& control = current_content_key()->control();
@@ -1285,7 +1284,7 @@ OEMCryptoResult SessionContext::DecryptCENC(
const uint8_t* iv, size_t block_offset,
const OEMCrypto_CENCEncryptPatternDesc* pattern, const uint8_t* cipher_data,
size_t cipher_data_length, bool is_encrypted, uint8_t* clear_data,
OEMCryptoBufferType buffer_type) {
OEMCryptoBufferType buffer_type, uint8_t subsample_flags) {
OEMCryptoResult result =
ChooseDecrypt(iv, block_offset, pattern, cipher_data, cipher_data_length,
is_encrypted, clear_data, buffer_type);
@@ -1293,13 +1292,30 @@ OEMCryptoResult SessionContext::DecryptCENC(
if (current_content_key() == NULL ||
(current_content_key()->control().control_bits() &
wvoec::kControlAllowHashVerification) == 0) {
// This should not happen: this check should already have occured in
// InitializeDecryptHash or the hash should have been discarded in
// SelectContentKey. But it doesn't hurt to double check.
LOGE("[DecryptCENC(): OEMCrypto_ERROR_UNKNOWN_FAILURE]");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
hash_error_ = OEMCrypto_ERROR_UNKNOWN_FAILURE;
compute_hash_ = false;
current_hash_ = 0;
current_frame_number_ = 0;
} else {
if (OEMCrypto_FirstSubsample & subsample_flags) {
current_hash_ = wvcrc32Init();
}
current_hash_ =
wvcrc32Cont(clear_data, cipher_data_length, current_hash_);
if (OEMCrypto_LastSubsample & subsample_flags) {
if (current_hash_ != given_hash_) {
LOGE("CRC for frame %d is %08x, should be %08x\n",
current_frame_number_, current_hash_, given_hash_);
// Update bad_frame_number_ only if this is the first bad frame.
if (hash_error_ == OEMCrypto_SUCCESS) {
bad_frame_number_ = current_frame_number_;
hash_error_ = OEMCrypto_ERROR_BAD_HASH;
}
}
compute_hash_ = false;
}
}
current_hash_ = wvcrc32Cont(clear_data, cipher_data_length, current_hash_);
}
return result;
}
@@ -1526,36 +1542,9 @@ OEMCryptoResult SessionContext::DecryptCTR(const uint8_t* key_u8,
return OEMCrypto_SUCCESS;
}
OEMCryptoResult SessionContext::InitializeDecryptHash() {
// Check there is a content key, and it is allowed.
if (current_content_key() == NULL ||
(current_content_key()->control().control_bits() &
wvoec::kControlAllowHashVerification) == 0) {
LOGE("[InitializeDecryptHash(): OEMCrypto_ERROR_UNKNOWN_FAILURE]");
compute_hash_ = false;
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
compute_hash_ = true;
current_hash_ = wvcrc32Init();
return OEMCrypto_SUCCESS;
}
OEMCryptoResult SessionContext::SetDecryptHash(uint32_t frame_number,
const uint8_t* hash,
size_t hash_length) {
// Check there is a content key, and it is allowed.
if (current_content_key() == NULL ||
(current_content_key()->control().control_bits() &
wvoec::kControlAllowHashVerification) == 0) {
LOGE("[SetDecryptHash(): OEMCrypto_ERROR_UNKNOWN_FAILURE]");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
if (!compute_hash_) {
// This would happen if somebody computes the hash, and then changes keys.
LOGE("[SetDecryptHash(): OEMCrypto_ERROR_UNKNOWN_FAILURE]");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
compute_hash_ = false;
if (hash_length < sizeof(uint32_t)) {
LOGE("[SetDecryptHash(): short buffer]");
return OEMCrypto_ERROR_SHORT_BUFFER;
@@ -1564,15 +1553,9 @@ OEMCryptoResult SessionContext::SetDecryptHash(uint32_t frame_number,
LOGE("[SetDecryptHash(): long buffer]");
return OEMCrypto_ERROR_BUFFER_TOO_LARGE;
}
uint32_t given_hash = *reinterpret_cast<const uint32_t*>(hash);
if (current_hash_ != given_hash) {
LOGE("CRC for frame %d is %08x, should be %08x\n", frame_number,
current_hash_, given_hash);
// Update bad_frame_number_ only if this is the first bad frame.
if (hash_error_ == OEMCrypto_SUCCESS) bad_frame_number_ = frame_number;
hash_error_ = OEMCrypto_ERROR_BAD_HASH;
}
// Return success if the hash was compared, even if there was an error.
compute_hash_ = true;
current_frame_number_ = frame_number;
given_hash_ = *reinterpret_cast<const uint32_t*>(hash);
return OEMCrypto_SUCCESS;
}

8
libwvdrmengine/oemcrypto/ref/src/oemcrypto_session.h
View File

@@ -102,7 +102,8 @@ class SessionContext {
const uint8_t* cipher_data,
size_t cipher_data_length, bool is_encrypted,
uint8_t* clear_data,
OEMCryptoBufferType buffer_type);
OEMCryptoBufferType buffer_type,
uint8_t subsample_flags);
OEMCryptoResult Generic_Encrypt(const uint8_t* in_buffer,
size_t buffer_length, const uint8_t* iv,
@@ -152,7 +153,6 @@ class SessionContext {
virtual bool QueryKeyControlBlock(const KeyId& key_id, uint32_t* data);
virtual OEMCryptoResult SelectContentKey(const KeyId& key_id,
OEMCryptoCipherMode cipher_mode);
virtual OEMCryptoResult InitializeDecryptHash();
virtual OEMCryptoResult SetDecryptHash(uint32_t frame_number,
const uint8_t* hash,
size_t hash_length);
@@ -258,7 +258,9 @@ class SessionContext {
// These are used when doing full decrypt path testing.
bool compute_hash_; // True if the current frame needs a hash.
uint32_t current_hash_; // Running CRC hash of frame.
uint32_t bad_frame_number_; // Frame number with bad hash.
uint32_t given_hash_; // True CRC hash of frame.
uint32_t current_frame_number_; // Current frame for CRC hash.
uint32_t bad_frame_number_; // Frame number with bad hash.
OEMCryptoResult hash_error_; // Error code for first bad frame.
CORE_DISALLOW_COPY_AND_ASSIGN(SessionContext);

42
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -1721,21 +1721,27 @@ INSTANTIATE_TEST_CASE_P(TestRefreshEachKeys, SessionTestRefreshKeyTest,
// If the license does not allow a hash, then we should not compute one.
TEST_F(OEMCryptoSessionTests, HashForbiddenAPI15) {
uint32_t hash_type = OEMCrypto_SupportsDecryptHash();
// If hash is not supported, or is vendor defined, don't try to test it.
if (hash_type != OEMCrypto_CRC_Clear_Buffer) return;
Session s;
ASSERT_NO_FATAL_FAILURE(s.open());
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 0));
ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys());
// Either failure, or not supported is allowed.
ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_InitializeDecryptHash(s.session_id()));
ASSERT_EQ(
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(s.session_id(), s.license().keys[0].key_id,
s.license().keys[0].key_id_length,
OEMCrypto_CipherMode_CTR));
// Still not allowed.
ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_InitializeDecryptHash(s.session_id()));
uint32_t frame_number = 1;
uint32_t hash = 42;
// It is OK to set the hash before loading the keys
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_SetDecryptHash(s.session_id(), frame_number,
reinterpret_cast<const uint8_t*>(&hash),
sizeof(hash)));
// It is OK to select the key and decrypt.
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR());
// But the error code should be bad.
ASSERT_EQ(OEMCrypto_ERROR_UNKNOWN_FAILURE,
OEMCrypto_GetHashErrorCode(s.session_id(), &frame_number));
}
//
@@ -1944,14 +1950,18 @@ class OEMCryptoSessionTestsDecryptTests
s.license().keys[0].cipher_mode = cipher_mode_;
ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys());
if (global_features.supports_crc) {
uint32_t hash =
wvcrc32(unencryptedData.data(), unencryptedData.size());
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_SetDecryptHash(
s.session_id(), 1, reinterpret_cast<const uint8_t*>(&hash),
sizeof(hash)));
}
sts = OEMCrypto_SelectKey(s.session_id(), s.license().keys[0].key_id,
s.license().keys[0].key_id_length,
cipher_mode_);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
if (global_features.supports_crc) {
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_InitializeDecryptHash(s.session_id()));
}
// We decrypt each subsample.
vector<uint8_t> output_buffer(total_size_ + 16, 0xaa);
const uint8_t *input_buffer = NULL;
@@ -2021,12 +2031,6 @@ class OEMCryptoSessionTestsDecryptTests
output_buffer.resize(total_size_);
EXPECT_EQ(unencryptedData, output_buffer);
if (global_features.supports_crc) {
uint32_t hash =
wvoec::wvcrc32(unencryptedData.data(), unencryptedData.size());
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_SetDecryptHash(
s.session_id(), 1, reinterpret_cast<const uint8_t*>(&hash),
sizeof(hash)));
uint32_t frame;
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_GetHashErrorCode(s.session_id(), &frame));