widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Snap for 8547970 from f980049ef0 to tm-release

Browse Source 
Change-Id: Icaae29f48101c7555707d3db7804afb9d9a535f1
This commit is contained in:
Android Build Coastguard Worker
2022-05-05 23:20:20 +00:00
parent 5652ff5fe7 f980049ef0
commit 31231866b7
19 changed files with 171 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
libwvdrmengine/Android.bp
View File

@@ -107,10 +107,10 @@ cc_defaults {
"android.hardware.drm@1.2",
"android.hardware.drm@1.3",
"libbase",
"libbinder",
"libhidlbase",
"liblog",
"libutils",
"libbinder",
],
}
@@ -131,7 +131,6 @@ cc_defaults {
"libbase",
"libbinder_ndk",
"liblog",
"libhwbinder",
"libutils",
"libwvaidl",
],
@@ -261,7 +260,11 @@ cc_binary {
srcs: ["aidl_src/service.cpp"],
shared_libs: ["libbinder"],
include_dirs: [
"frameworks/native/libs/binder/include",
],
shared_libs: ["libbinder_ndk"],
init_rc: ["aidl_src/android.hardware.drm-service.widevine.rc"],
vintf_fragments: ["manifest_android.hardware.drm-service.widevine.xml"],
@@ -280,7 +283,11 @@ cc_binary {
srcs: ["aidl_src/serviceLazy.cpp"],
shared_libs: ["libbinder"],
include_dirs: [
"frameworks/native/libs/binder/include",
],
shared_libs: ["libbinder_ndk"],
init_rc: ["aidl_src/android.hardware.drm-service-lazy.widevine.rc"],
vintf_fragments: ["manifest_android.hardware.drm-service.widevine.xml"],
@@ -324,7 +331,7 @@ cc_library_static {
],
shared_libs: [
"libbinder",
"libbinder_ndk",
"libcrypto",
"libhidlbase",
"liblog",
@@ -358,7 +365,7 @@ cc_library_static {
],
shared_libs: [
"libbinder",
"libbinder_ndk",
"libcrypto",
"libhidlbase",
"liblog",
@@ -520,7 +527,6 @@ cc_library_shared {
shared_libs: [
"android.hardware.drm-V1-ndk",
"libbase",
"libbinder",
"libbinder_ndk",
"libcrypto",
"libcutils",

6
libwvdrmengine/aidl_src/WVDrmFactory.cpp
View File

@@ -49,8 +49,7 @@ bool WVDrmFactory::isCryptoSchemeSupported(const Uuid& in_uuid) {
const std::vector<uint8_t>& in_initData,
std::shared_ptr<::aidl::android::hardware::drm::ICryptoPlugin>*
_aidl_return) {
const auto& self = android::IPCThreadState::self();
const char* sid = self->getCallingSid();
const char* sid = AIBinder_getCallingSid();
sid = sid ? (std::strstr(sid, "mediadrmserver") ? sid : "app") : "nullptr";
ALOGI("[%s] calling %s", sid, __PRETTY_FUNCTION__);
@@ -73,8 +72,7 @@ bool WVDrmFactory::isCryptoSchemeSupported(const Uuid& in_uuid) {
::ndk::ScopedAStatus WVDrmFactory::createDrmPlugin(
const Uuid& in_uuid, const string& in_appPackageName,
std::shared_ptr<::aidl::android::hardware::drm::IDrmPlugin>* _aidl_return) {
const auto& self = ::android::IPCThreadState::self();
const char* sid = self->getCallingSid();
const char* sid = AIBinder_getCallingSid();
sid = sid ? (std::strstr(sid, "mediadrmserver") ? sid : "app") : "nullptr";
ALOGI("[%s][%s] calling %s", sid, in_appPackageName.c_str(),
__PRETTY_FUNCTION__);

3
libwvdrmengine/aidl_src/service.cpp
View File

@@ -19,7 +19,6 @@
#include <android/binder_ibinder_platform.h>
#include <android/binder_manager.h>
#include <android/binder_process.h>
#include <binder/ProcessState.h>
#include "WVCreatePluginFactories.h"
#include "WVDrmFactory.h"
@@ -31,6 +30,8 @@ int main(int /* argc */, char** /* argv */) {
ABinderProcess_setThreadPoolMaxThreadCount(8);
std::shared_ptr<WVDrmFactory> drmFactory = createDrmFactory();
AIBinder_setRequestingSid(drmFactory->asBinder().get(), true);
const std::string drmInstance =
std::string(WVDrmFactory::descriptor) + "/widevine";
binder_status_t status = AServiceManager_addService(

3
libwvdrmengine/aidl_src/serviceLazy.cpp
View File

@@ -19,7 +19,6 @@
#include <android/binder_ibinder_platform.h>
#include <android/binder_manager.h>
#include <android/binder_process.h>
#include <binder/ProcessState.h>
#include "WVCreatePluginFactories.h"
#include "WVDrmFactory.h"
@@ -31,6 +30,8 @@ int main(int /* argc */, char** /* argv */) {
ABinderProcess_setThreadPoolMaxThreadCount(8);
std::shared_ptr<WVDrmFactory> drmFactory = createDrmFactory();
AIBinder_setRequestingSid(drmFactory->asBinder().get(), true);
const std::string drmInstance =
std::string(WVDrmFactory::descriptor) + "/widevine";
binder_status_t status = AServiceManager_registerLazyService(

8
libwvdrmengine/cdm/core/include/certificate_provisioning.h
View File

@@ -82,12 +82,18 @@ class CertificateProvisioning {
const std::string& origin, const std::string& spoid,
CdmProvisioningRequest* request, std::string* default_url);
CdmResponseType GetProvisioning40RequestInternal(
wvutil::FileSystem* file_system, CdmProvisioningRequest* request,
wvutil::FileSystem* file_system, const std::string& origin,
const std::string& spoid, CdmProvisioningRequest* request,
std::string* default_url);
CdmResponseType FillEncryptedClientId(
const std::string& client_token,
video_widevine::ProvisioningRequest& provisioning_request,
const ServiceCertificate& service_certificate);
CdmResponseType FillEncryptedClientIdWithAdditionalParameter(
const std::string& client_token,
const CdmAppParameterMap& additional_parameter,
video_widevine::ProvisioningRequest& provisioning_request,
const ServiceCertificate& service_certificate);
CdmResponseType HandleProvisioning40Response(
wvutil::FileSystem* file_system, const std::string& response_message);

57
libwvdrmengine/cdm/core/src/certificate_provisioning.cpp
View File

@@ -57,6 +57,11 @@ const std::string kCpProductionServiceCertificate = wvutil::a2bs_hex(
"8598ed5751b38694419242a875d9e00d5a5832933024b934859ec8be78adccbb"
"1ec7127ae9afeef9c5cd2e15bd3048e8ce652f7d8c5d595a0323238c598a28");
// Used in provisioning 4 client identification name value pairs.
const std::string kKeyAppParameterSpoid = "spoid";
const std::string kKeyAppParameterProviderId = "provider_id";
const std::string kKeyAppParameterStableId = "stable_id";
// Retrieves |stored_oem_cert| from |file_handle|, and load the OEM private key
// to |crypto_session|. Returns true if all operations are successful.
bool RetrieveOemCertificateAndLoadPrivateKey(CryptoSession& crypto_session,
@@ -212,7 +217,8 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequestInternal(
if (crypto_session_->GetPreProvisionTokenType() ==
kClientTokenBootCertChain) {
return GetProvisioning40RequestInternal(file_system, request, default_url);
return GetProvisioning40RequestInternal(file_system, origin, spoid, request,
default_url);
}
// Prepare device provisioning request.
@@ -304,7 +310,8 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequestInternal(
}
CdmResponseType CertificateProvisioning::GetProvisioning40RequestInternal(
wvutil::FileSystem* file_system, CdmProvisioningRequest* request,
wvutil::FileSystem* file_system, const std::string& origin,
const std::string& spoid, CdmProvisioningRequest* request,
std::string* default_url) {
if (!crypto_session_->IsOpen()) {
LOGE("Crypto session is not open");
@@ -340,7 +347,27 @@ CdmResponseType CertificateProvisioning::GetProvisioning40RequestInternal(
}
}
CdmResponseType status = NO_ERROR;
// Retrieve the Spoid, but put it to the client identification instead, so it
// is encrypted.
CdmAppParameterMap additional_parameter;
CdmResponseType status =
SetSpoidParameter(origin, spoid, &provisioning_request);
if (status != NO_ERROR) return status;
if (provisioning_request.has_spoid()) {
additional_parameter[kKeyAppParameterSpoid] = provisioning_request.spoid();
provisioning_request.clear_spoid();
}
if (provisioning_request.has_provider_id()) {
additional_parameter[kKeyAppParameterProviderId] =
provisioning_request.provider_id();
provisioning_request.clear_provider_id();
}
if (provisioning_request.has_stable_id()) {
additional_parameter[kKeyAppParameterStableId] =
provisioning_request.stable_id();
provisioning_request.clear_stable_id();
}
if (stored_oem_cert.empty()) {
// This is the first stage provisioning.
default_url->assign(kProvisioningServerUrl +
@@ -354,16 +381,18 @@ CdmResponseType CertificateProvisioning::GetProvisioning40RequestInternal(
// Since |stored_oem_cert| is empty, the client identification token will be
// retrieved from OEMCrypto, which is the BCC in this case.
status = FillEncryptedClientId(stored_oem_cert, provisioning_request,
wv_service_cert);
status = FillEncryptedClientIdWithAdditionalParameter(
stored_oem_cert, additional_parameter, provisioning_request,
wv_service_cert);
if (status != NO_ERROR) return status;
} else {
// This is the second stage provisioning.
default_url->assign(kProvisioningServerUrl);
// Since |stored_oem_cert| is non-empty, it will be used as the client
// identification token.
status = FillEncryptedClientId(stored_oem_cert, provisioning_request,
*service_certificate_);
status = FillEncryptedClientIdWithAdditionalParameter(
stored_oem_cert, additional_parameter, provisioning_request,
*service_certificate_);
if (status != NO_ERROR) return status;
}
@@ -408,6 +437,17 @@ CdmResponseType CertificateProvisioning::GetProvisioning40RequestInternal(
CdmResponseType CertificateProvisioning::FillEncryptedClientId(
const std::string& client_token, ProvisioningRequest& provisioning_request,
const ServiceCertificate& service_certificate) {
CdmAppParameterMap app_parameter;
return FillEncryptedClientIdWithAdditionalParameter(
client_token, app_parameter, provisioning_request, service_certificate);
}
CdmResponseType
CertificateProvisioning::FillEncryptedClientIdWithAdditionalParameter(
const std::string& client_token,
const CdmAppParameterMap& additional_parameter,
ProvisioningRequest& provisioning_request,
const ServiceCertificate& service_certificate) {
if (!crypto_session_->IsOpen()) {
return UNKNOWN_ERROR;
}
@@ -418,8 +458,7 @@ CdmResponseType CertificateProvisioning::FillEncryptedClientId(
if (status != NO_ERROR) return status;
video_widevine::ClientIdentification client_id;
CdmAppParameterMap app_parameter;
status = id.Prepare(app_parameter, kEmptyString, &client_id);
status = id.Prepare(additional_parameter, kEmptyString, &client_id);
if (status != NO_ERROR) return status;
if (!service_certificate.has_certificate()) {

37
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -2099,6 +2099,11 @@ CdmResponseType CryptoSession::LoadProvisioning(
metrics_, oemcrypto_load_provisioning_, status);
});
if (status == OEMCrypto_SUCCESS) {
wrapped_private_key->resize(wrapped_private_key_length);
return NO_ERROR;
}
wrapped_private_key->clear();
return MapOEMCryptoResult(status, LOAD_PROVISIONING_ERROR,
"LoadProvisioning");
}
@@ -2283,29 +2288,25 @@ bool CryptoSession::GetBuildInformation(RequestedSecurityLevel security_level,
RequestedSecurityLevelToString(security_level));
RETURN_IF_UNINITIALIZED(false);
RETURN_IF_NULL(info, false);
OEMCryptoResult build_information;
std::string buf;
size_t buf_length = 0;
WithOecReadLock("GetBuildInformation", [&] {
build_information =
OEMCrypto_BuildInformation(&buf[0], &buf_length, security_level);
size_t info_length = 128;
info->assign(info_length, '\0');
OEMCryptoResult result = WithOecReadLock("GetBuildInformation", [&] {
return OEMCrypto_BuildInformation(&info->front(), &info_length,
security_level);
});
if (build_information == OEMCrypto_ERROR_SHORT_BUFFER) {
buf.resize(buf_length);
WithOecReadLock("GetBuildInformation Attempt 2", [&] {
build_information =
OEMCrypto_BuildInformation(&buf[0], &buf_length, security_level);
if (result == OEMCrypto_ERROR_SHORT_BUFFER) {
info->assign(info_length, '\0');
result = WithOecReadLock("GetBuildInformation Attempt 2", [&] {
return OEMCrypto_BuildInformation(&info->front(), &info_length,
security_level);
});
}
if (build_information == OEMCrypto_SUCCESS) {
*info = buf;
} else {
LOGE("Unexpected return value");
if (result != OEMCrypto_SUCCESS) {
LOGE("GetBuildInformation failed: result = %d", result);
info->clear();
return false;
}
info->resize(info_length);
return true;
}

15
libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
View File

@@ -1737,14 +1737,19 @@ OEMCryptoResult OEMCrypto_BuildInformation(
if (fcn->BuildInformation_V16 == nullptr) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
if (buffer_length == nullptr) return OEMCrypto_ERROR_INVALID_CONTEXT;
if (buffer == nullptr && *buffer_length > 0)
return OEMCrypto_ERROR_INVALID_CONTEXT;
constexpr size_t kMaxBuildInfoLength = 128;
const char* build_info = fcn->BuildInformation_V16();
size_t max_length = strnlen(build_info, 128);
if (*buffer_length < max_length) {
*buffer_length = max_length;
if (build_info == nullptr) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
const size_t build_info_length = strnlen(build_info, kMaxBuildInfoLength);
if (*buffer_length < build_info_length) {
*buffer_length = build_info_length;
return OEMCrypto_ERROR_SHORT_BUFFER;
}
*buffer_length = max_length;
memcpy(buffer, build_info, *buffer_length);
*buffer_length = build_info_length;
memcpy(buffer, build_info, build_info_length);
return OEMCrypto_SUCCESS;
}
return fcn->BuildInformation(buffer, buffer_length);

2
libwvdrmengine/cdm/test/coverage-test.mk
View File

@@ -9,7 +9,7 @@ HIDL_EXTENSION := _hidl
LIB_BINDER := libhidlbase
else
HIDL_EXTENSION :=
LIB_BINDER := libbinder
LIB_BINDER := libbinder_ndk
endif
LOCAL_LICENSE_CONDITIONS := by_exception_only

2
libwvdrmengine/cdm/test/integration-test.mk
View File

@@ -12,7 +12,7 @@ HIDL_EXTENSION := _hidl
LIB_BINDER := libhidlbase
else
HIDL_EXTENSION :=
LIB_BINDER := libbinder
LIB_BINDER := libbinder_ndk
endif
LOCAL_MODULE := $(test_name)

2
libwvdrmengine/cdm/test/unit-test.mk
View File

@@ -12,7 +12,7 @@ HIDL_EXTENSION := _hidl
LIB_BINDER := libhidlbase
else
HIDL_EXTENSION :=
LIB_BINDER := libbinder
LIB_BINDER := libbinder_ndk
endif
LOCAL_MODULE := $(test_name)

8
libwvdrmengine/cdm/util/src/log.cpp
View File

@@ -26,7 +26,7 @@
#ifdef IS_HIDL
# include <hwbinder/IPCThreadState.h>
#else // AIDL is the default
# include <binder/IPCThreadState.h>
# include <android/binder_ibinder.h>
#endif
#include <stdarg.h>
#include <stdio.h>
@@ -82,10 +82,10 @@ uint32_t GetLoggingUid() { return tl_logging_uid_; }
uint32_t GetIpcCallingUid() {
#ifdef IS_HIDL
const auto self = android::hardware::IPCThreadState::selfOrNull();
#else // AIDL is the default
const auto self = android::IPCThreadState::selfOrNull();
#endif
return self ? self->getCallingUid() : UNKNOWN_UID;
#else // AIDL is the default
return AIBinder_getCallingUid();
#endif
}
void InitLogging() {}

1
libwvdrmengine/mediadrm/Android.bp
View File

@@ -102,7 +102,6 @@ cc_library_static {
shared_libs: [
"libbase",
"libbinder",
"libbinder_ndk",
"libcrypto",
"liblog",

4
libwvdrmengine/mediadrm/aidl_src/WVDrmPlugin.cpp
View File

@@ -10,6 +10,7 @@
#include "WVDrmPlugin.h"
#include <aidl/android/hardware/drm/DrmMetric.h>
#include <android/binder_ibinder_platform.h>
#include <binder/IPCThreadState.h>
#include <stdlib.h>
#include <utils/Log.h>
@@ -1634,8 +1635,7 @@ Status WVDrmPlugin::unprovisionDevice() {
return toNdkScopedAStatus(Status::BAD_VALUE);
}
const auto& self = android::IPCThreadState::self();
const char* sid = self->getCallingSid();
const char* sid = AIBinder_getCallingSid();
if (!sid ||
(!strstr(sid, ":mediashell_app:") && !strstr(sid, ":mediadrmserver:") &&
!strstr(sid, ":setupwraith_app:"))) {

2
libwvdrmengine/mediadrm/test/Android.mk
View File

@@ -39,7 +39,7 @@ LOCAL_SHARED_LIBRARIES := \
android.hardware.drm@1.3 \
android.hardware.drm@1.4 \
android.hidl.memory@1.0 \
libbinder \
libbinder_ndk \
libbase \
libcrypto \
libdl \

2
libwvdrmengine/oemcrypto/test/common.mk
View File

@@ -6,7 +6,7 @@ HIDL_EXTENSION := _hidl
LIB_BINDER := libhidlbase
else
HIDL_EXTENSION :=
LIB_BINDER := libbinder
LIB_BINDER := libbinder_ndk
endif
ifeq ($(filter mips mips64, $(TARGET_ARCH)),)

16
libwvdrmengine/oemcrypto/test/oec_session_util.cpp
View File

@@ -237,6 +237,9 @@ RoundTrip<CoreRequest, PrepAndSignRequest, CoreResponse, ResponseData>::
// We need to fill in core request and verify signature only for calls other
// than OEMCryptoMemory buffer overflow test. Any test other than buffer
// overflow will pass true.
if (result == OEMCrypto_SUCCESS) {
gen_signature.resize(gen_signature_length);
}
if (!verify_request || result != OEMCrypto_SUCCESS) return result;
if (global_features.api_version >= kCoreMessagesAPI) {
std::string core_message(reinterpret_cast<char*>(data.data()),
@@ -466,11 +469,14 @@ OEMCryptoResult ProvisioningRoundTrip::LoadResponse(Session* session) {
sizeof(response_data_));
}
size_t wrapped_key_length = 0;
const OEMCryptoResult sts = LoadResponseNoRetry(session, &wrapped_key_length);
OEMCryptoResult sts = LoadResponseNoRetry(session, &wrapped_key_length);
if (sts != OEMCrypto_ERROR_SHORT_BUFFER) return sts;
wrapped_rsa_key_.clear();
wrapped_rsa_key_.assign(wrapped_key_length, 0);
return LoadResponseNoRetry(session, &wrapped_key_length);
sts = LoadResponseNoRetry(session, &wrapped_key_length);
if (sts == OEMCrypto_SUCCESS) {
wrapped_rsa_key_.resize(wrapped_key_length);
}
return sts;
}
#ifdef TEST_OEMCRYPTO_V15
@@ -1589,6 +1595,7 @@ void Session::LoadOEMCert(bool verify_cert) {
public_cert.resize(public_cert_length);
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_GetOEMPublicCertificate(
public_cert.data(), &public_cert_length));
public_cert.resize(public_cert_length);
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadOEMPrivateKey(session_id()));
// The cert is a PKCS7 signed data type. First, parse it into an OpenSSL
@@ -1871,6 +1878,8 @@ void Session::UpdateUsageEntry(std::vector<uint8_t>* header_buffer) {
OEMCrypto_UpdateUsageEntry(
session_id(), header_buffer->data(), &header_buffer_length,
encrypted_usage_entry_.data(), &entry_buffer_length));
header_buffer->resize(header_buffer_length);
encrypted_usage_entry_.resize(entry_buffer_length);
}
void Session::LoadUsageEntry(uint32_t index, const vector<uint8_t>& buffer) {
@@ -1915,6 +1924,7 @@ void Session::GenerateReport(const std::string& pst,
if (expected_result != OEMCrypto_SUCCESS) {
return;
}
pst_report_buffer_.resize(length);
EXPECT_EQ(wvutil::Unpacked_PST_Report::report_size(pst.length()), length);
vector<uint8_t> computed_signature(SHA_DIGEST_LENGTH);
key_deriver_.ClientSignPstReport(pst_report_buffer_, &computed_signature);

61
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -308,6 +308,9 @@ TEST_F(OEMCryptoClientTest, VersionNumber) {
sts = OEMCrypto_BuildInformation(&build_info[0], &buf_length);
}
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
if (build_info.size() != buf_length) {
build_info.resize(buf_length);
}
cout << " BuildInformation: " << build_info << endl;
OEMCrypto_WatermarkingSupport support = OEMCrypto_GetWatermarkingSupport();
cout << " WatermarkingSupport: " << support << endl;
@@ -484,7 +487,23 @@ TEST_F(OEMCryptoClientTest, CheckNullBuildInformationAPI17) {
ASSERT_EQ(OEMCrypto_ERROR_INVALID_CONTEXT, sts);
size_t buf_length = 0;
sts = OEMCrypto_BuildInformation(nullptr, &buf_length);
ASSERT_EQ(OEMCrypto_ERROR_INVALID_CONTEXT, sts);
// Previous versions of the test expected the wrong error code.
// Although OEMCrypto_ERROR_INVALID_CONTEXT is still accepted by
// the tests, vendors should return OEMCrypto_ERROR_SHORT_BUFFER if
// |buffer| is null and |buf_length| is zero, assigning
// the correct length to |buf_length|.
// TODO(231514699): Remove case for ERROR_INVALID_CONTEXT.
ASSERT_TRUE(OEMCrypto_ERROR_SHORT_BUFFER == sts ||
OEMCrypto_ERROR_INVALID_CONTEXT == sts);
if (sts == OEMCrypto_ERROR_INVALID_CONTEXT) {
printf(
"Warning: OEMCrypto_BuildInformation should return "
"ERROR_SHORT_BUFFER.\n");
}
if (sts == OEMCrypto_ERROR_SHORT_BUFFER) {
constexpr size_t kZero = 0;
ASSERT_GT(buf_length, kZero);
}
}
TEST_F(OEMCryptoClientTest, CheckMaxNumberOfSessionsAPI10) {
@@ -988,9 +1007,9 @@ TEST_F(OEMCryptoKeyboxTest, NormalGetDeviceId) {
uint8_t dev_id[128] = {0};
size_t dev_id_len = 128;
sts = OEMCrypto_GetDeviceID(dev_id, &dev_id_len);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
cout << " NormalGetDeviceId: dev_id = "
<< MaybeHex(dev_id, dev_id_len) << " len = " << dev_id_len << endl;
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
}
TEST_F(OEMCryptoKeyboxTest, OEMCryptoMemoryGetDeviceIdForHugeIdLength) {
@@ -1133,7 +1152,6 @@ TEST_F(OEMCryptoProv30Test, GetDeviceId) {
dev_id.resize(dev_id_len);
cout << " NormalGetDeviceId: dev_id = " << MaybeHex(dev_id)
<< " len = " << dev_id_len << endl;
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
}
// The OEM certificate must be valid.
@@ -1333,6 +1351,9 @@ TEST_F(OEMCryptoProv40Test, GenerateCertificateKeyPairSuccess) {
public_key_signature.data(), &public_key_signature_size,
wrapped_private_key.data(), &wrapped_private_key_size, &key_type),
OEMCrypto_SUCCESS);
public_key.resize(public_key_size);
public_key_signature.resize(public_key_signature_size);
wrapped_private_key.resize(wrapped_private_key_size);
// Parse the public key generated to make sure it is correctly formatted.
if (key_type == OEMCrypto_PrivateKeyType::OEMCrypto_RSA_Private_Key) {
ASSERT_NO_FATAL_FAILURE(
@@ -1543,6 +1564,7 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest {
&header_buffer_length);
if (expect_success) {
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
encrypted_usage_header_.resize(header_buffer_length);
} else {
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -6065,11 +6087,10 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) {
licenseRequest.size());
}
uint8_t* signature = new uint8_t[signature_length];
sts = OEMCrypto_GenerateRSASignature(s.session_id(), licenseRequest.data(),
licenseRequest.size(), signature,
&signature_length, kSign_RSASSA_PSS);
delete[] signature;
std::vector<uint8_t> signature(signature_length, 0);
sts = OEMCrypto_GenerateRSASignature(
s.session_id(), licenseRequest.data(), licenseRequest.size(),
signature.data(), &signature_length, kSign_RSASSA_PSS);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
count++;
}
@@ -6243,7 +6264,7 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
EXPECT_NE(OEMCrypto_SUCCESS, sts)
<< "Signed with forbidden padding scheme=" << (int)scheme
<< ", size=" << (int)size;
vector<uint8_t> zero(signature_length, 0);
const vector<uint8_t> zero(signature.size(), 0);
ASSERT_EQ(zero, signature); // signature should not be computed.
}
@@ -6265,19 +6286,19 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
ASSERT_NE(static_cast<size_t>(0), signature_length);
uint8_t* signature = new uint8_t[signature_length];
sts = OEMCrypto_GenerateRSASignature(s.session_id(), licenseRequest.data(),
licenseRequest.size(), signature,
&signature_length, scheme);
std::vector<uint8_t> signature(signature_length, 0);
sts = OEMCrypto_GenerateRSASignature(
s.session_id(), licenseRequest.data(), licenseRequest.size(),
signature.data(), &signature_length, scheme);
ASSERT_EQ(OEMCrypto_SUCCESS, sts)
<< "Failed to sign with padding scheme=" << (int)scheme
<< ", size=" << (int)size;
<< ", size=" << size;
signature.resize(signature_length);
ASSERT_NO_FATAL_FAILURE(
s.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size()));
ASSERT_NO_FATAL_FAILURE(s.VerifyRSASignature(licenseRequest, signature,
signature_length, scheme));
delete[] signature;
ASSERT_NO_FATAL_FAILURE(s.VerifyRSASignature(
licenseRequest, signature.data(), signature_length, scheme));
}
void DisallowDeriveKeys() {
@@ -6622,7 +6643,8 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates {
ASSERT_EQ(OEMCrypto_SUCCESS, sts)
<< "Failed to sign with padding scheme=" << (int)scheme
<< ", size=" << (int)message.size();
<< ", size=" << message.size();
signature.resize(signature_length);
ASSERT_NO_FATAL_FAILURE(
s.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size()));
@@ -9393,6 +9415,9 @@ class OEMCryptoUsageTableDefragTest : public OEMCryptoUsageTableTest {
new_size, encrypted_usage_header_.data(), &header_buffer_length);
// For the second call, we always demand the expected result.
ASSERT_EQ(expected_result, sts);
if (sts == OEMCrypto_SUCCESS) {
encrypted_usage_header_.resize(header_buffer_length);
}
}
};

2
libwvdrmengine/vts/vendor_module/Android.bp
View File

@@ -57,7 +57,7 @@ cc_library_shared {
shared_libs: [
"libbase",
"libbinder",
"libbinder_ndk",
"libcrypto",
"liblog",
"libssl",