Unit Test Updates for v13

Merge from widevine of http://go/wvgerrit/23042

This updates unit tests to account for key control block changes for
OEMCrypto v13.  There are two new bits, restricting SRM version and
restricting analog output.  The verification string is also updated.

Part of this is to include some simple unit tests for the SRM
functions.

b/33815454
b/28955520

Change-Id: I7cc2ce508688fded2b67fc2a4379c7a8d59d8d22

libwvdrmengine/oemcrypto/test/oec_device_features.cpp

@@ -123,6 +123,7 @@ std::string DeviceFeatures::RestrictFilter(const std::string& initial_filter) {
   if (api_version < 10)               FilterOut(&filter, "*API10*");
   if (api_version < 11)               FilterOut(&filter, "*API11*");
   if (api_version < 12)               FilterOut(&filter, "*API12*");
+  if (api_version < 13)               FilterOut(&filter, "*API13*");
   // Performance tests take a long time.  Filter them out if they are not
   // specifically requested.
   if (filter.find("Performance") == std::string::npos) {

libwvdrmengine/oemcrypto/test/oec_session_util.cpp

@@ -309,8 +309,11 @@ void Session::FillSimpleMessage(uint32_t duration, uint32_t control,
                                    sizeof(license_.keys[i].key_iv)));
     EXPECT_EQ(1, RAND_pseudo_bytes(license_.keys[i].control_iv,
                                    sizeof(license_.keys[i].control_iv)));
-    // For version 12, we require OEMCrypto to handle kc12 for all licenses.
-    if (global_features.api_version == 12) {
+    if (global_features.api_version == 13) {
+      // For version 13, we require OEMCrypto to handle kc13 for all licenses.
+      memcpy(license_.keys[i].control.verification, "kc13", 4);
+    } else if (global_features.api_version == 12) {
+      // For version 12, we require OEMCrypto to handle kc12 for all licenses.
       memcpy(license_.keys[i].control.verification, "kc12", 4);
     } else if (control & wvoec_mock::kControlSecurityPatchLevelMask) {
       // For versions before 12, we require the special key control block only
@@ -338,7 +341,10 @@ void Session::FillRefreshMessage(size_t key_count, uint32_t control_bits,
     encrypted_license().keys[i].key_id_length = license_.keys[i].key_id_length;
     memcpy(encrypted_license().keys[i].key_id, license_.keys[i].key_id,
            encrypted_license().keys[i].key_id_length);
-    if (global_features.api_version == 12) {
+    if (global_features.api_version == 13) {
+      // For version 13, we require OEMCrypto to handle kc13 for all licenses.
+      memcpy(encrypted_license().keys[i].control.verification, "kc13", 4);
+    } else if (global_features.api_version == 12) {
       // For version 12, we require OEMCrypto to handle kc12 for all licenses.
       memcpy(encrypted_license().keys[i].control.verification, "kc12", 4);
     } else {
@@ -538,6 +544,10 @@ void Session::TestDecryptCTR(bool select_key_first,
     // Report HDCP errors.
     ASSERT_EQ(OEMCrypto_ERROR_INSUFFICIENT_HDCP, sts);
     ASSERT_NE(unencryptedData, outputBuffer);
+  } else if (expected_result == OEMCrypto_ERROR_ANALOG_OUTPUT) {
+    // Report analog errors.
+    ASSERT_EQ(OEMCrypto_ERROR_ANALOG_OUTPUT, sts);
+    ASSERT_NE(unencryptedData, outputBuffer);
   } else {
     // OEM's can fine tune other error codes for debugging.
     ASSERT_NE(OEMCrypto_SUCCESS, sts);

libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp

@@ -131,6 +131,24 @@ TEST_F(OEMCryptoClientTest, CheckHDCPCapability) {
          HDCPCapabilityAsString(maximum));
 }
 
+TEST_F(OEMCryptoClientTest, CheckSRMCapabilityV13) {
+  // This just tests some trivial functionality of the SRM update functions.
+  bool supported = OEMCrypto_IsSRMUpdateSupported();
+  printf("             Update SRM Supported: %s.\n",
+         supported ? "true" : "false");
+  uint16_t version = 0;
+  OEMCryptoResult current_result = OEMCrypto_GetCurrentSRMVersion(&version);
+  if (current_result == OEMCrypto_SUCCESS) {
+    printf("             Current SRM Version: %d.\n", version);
+    EXPECT_NE(OEMCrypto_SUCCESS, OEMCrypto_GetCurrentSRMVersion(NULL));
+  } else {
+    EXPECT_EQ(OEMCrypto_ERROR_NOT_IMPLEMENTED, current_result);
+  }
+  vector<uint8_t> bad_srm(42);
+  RAND_pseudo_bytes(&bad_srm[0], bad_srm.size());
+  EXPECT_NE(OEMCrypto_SUCCESS, OEMCrypto_LoadSRM(&bad_srm[0], bad_srm.size()));
+}
+
 TEST_F(OEMCryptoClientTest, CheckMaxNumberOfSessionsAPI10) {
   size_t sessions_count;
   ASSERT_EQ(OEMCrypto_SUCCESS,
@@ -1153,7 +1171,8 @@ TEST_P(SessionTestAlternateVerification, LoadKeys) {
     ASSERT_NE(OEMCrypto_SUCCESS, sts);
   } else {
     // Otherwise, LoadKeys should succeed.
-    ASSERT_EQ(OEMCrypto_SUCCESS, sts);
+    ASSERT_EQ(OEMCrypto_SUCCESS, sts)
+        << "LoadKeys failed for key control block kc" << target_api_;
   }
 }
 
@@ -1161,7 +1180,7 @@ TEST_P(SessionTestAlternateVerification, LoadKeys) {
 // the current API + 2.  We use +2 because we want to test at least 1
 // future API, and the ::testing::Range is not inclusive.
 INSTANTIATE_TEST_CASE_P(TestAll, SessionTestAlternateVerification,
-                        Range(8, 12 + 2));
+                        Range(8, 13 + 2));
 
 TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) {
   Session s;
@@ -2104,6 +2123,18 @@ TEST_F(OEMCryptoSessionTests, DecryptSecureToClear) {
       s.TestDecryptCTR(true, OEMCrypto_ERROR_UNKNOWN_FAILURE));
 }
 
+TEST_F(OEMCryptoSessionTests, DecryptNoAnalogToClear) {
+  Session s;
+  ASSERT_NO_FATAL_FAILURE(s.open());
+  ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
+  ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(
+      kDuration, wvoec_mock::kControlDisableAnalogOutput, 0));
+  ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
+  ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys());
+  ASSERT_NO_FATAL_FAILURE(
+      s.TestDecryptCTR(true, OEMCrypto_ERROR_ANALOG_OUTPUT));
+}
+
 TEST_F(OEMCryptoSessionTests, KeyDuration) {
   Session s;
   ASSERT_NO_FATAL_FAILURE(s.open());