From 8bd1a40cd2e3de3aee1efeb861f77c6b69795a71 Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Tue, 16 Jun 2015 11:15:13 -0700 Subject: [PATCH] Verify Key Rewrapping Does Not Leave Key in Clear Merge from widevine repo of http:/go/wvgerrit/14707 This CL adds a check to oemcrypto_test to verify that when a certificate is rewrapped, it does not show up in the clear. We can't really verify that it is encrypted well, but we can check this. bug: 21871738 Change-Id: I07c87c38a1e2a099a90a5be4e3350e91e09f6722 --- libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index a3a4304b..42d1a369 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -2753,6 +2753,9 @@ class OEMCryptoLoadsCertificate : public OEMCryptoSessionTestKeyboxTest { s.MakeRSACertificate(&encrypted, &signature, allowed_schemes, encoded_rsa_key_); s.RewrapRSAKey(encrypted, signature, wrapped_key, force); + // Verify that the clear key is not contained in the wrapped key. + // It should be encrypted. + ASSERT_EQ(NULL, find(*wrapped_key, encoded_rsa_key_)); } std::vector encoded_rsa_key_; @@ -4119,7 +4122,7 @@ class GenericCryptoTest : public OEMCryptoSessionTests { memcpy(iv_buffer, iv_, wvcdm::KEY_IV_SIZE); out_buffer->resize(in_buffer.size()); ASSERT_GT(in_buffer.size(), 0u); - ASSERT_EQ(0, in_buffer.size() % AES_BLOCK_SIZE); + ASSERT_EQ(0u, in_buffer.size() % AES_BLOCK_SIZE); AES_cbc_encrypt(&in_buffer[0], out_buffer->data(), in_buffer.size(), &aes_key, iv_buffer, AES_ENCRYPT); }