From 388d4949b608c6347d9cc0b660ff49a5a8bdbe7a Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Thu, 18 Nov 2021 21:41:30 +0000 Subject: [PATCH] Always generate nonce before signing license Merge from Widevine repo of http://go/wvgerrit/135467 The v16 state diagram says that a nonce should be included in all license requests. The unit tests were not honoring this requirement. This CL updates the unit tests to match the spec. Test: ran unit tests on luci Bug: 186565384 Change-Id: Ib3e03593538235e2eae3da1732109f0e9bfd97bd --- .../oemcrypto/test/oec_session_util.cpp | 4 +- .../oemcrypto/test/oec_session_util.h | 8 ++ .../oemcrypto/test/oemcrypto_test.cpp | 78 +------------------ 3 files changed, 13 insertions(+), 77 deletions(-) diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp index 6a3b85cd..76fea1de 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp @@ -204,6 +204,9 @@ RoundTrip:: size_t gen_signature_length = 0; size_t core_message_length = 0; constexpr size_t small_size = 42; // arbitrary. + if (RequestHasNonce()) { + session()->GenerateNonce(); + } uint32_t session_id = session()->session_id(); GetDefaultRequestSignatureAndCoreMessageLengths( session_id, small_size, &gen_signature_length, &core_message_length); @@ -294,7 +297,6 @@ OEMCrypto_Substring RoundTripopen()); - session_->GenerateNonce(); if (global_features.provisioning_method == OEMCrypto_Keybox) { session_->GenerateDerivedKeysFromKeybox(keybox); encryptor_ = session_->key_deriver(); diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.h b/libwvdrmengine/oemcrypto/test/oec_session_util.h index d2bde5e8..095fb8f7 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.h +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.h @@ -218,6 +218,9 @@ class RoundTrip { } protected: + // Returns true if a nonce should be generated before signing the request. + virtual bool RequestHasNonce() = 0; + // ---------------------------------------------------------------------- // Specialized functionality for each message type. @@ -281,6 +284,7 @@ class ProvisioningRoundTrip void InjectFuzzedResponseData(const uint8_t* data, size_t size); protected: + bool RequestHasNonce() override { return true; } void VerifyRequestSignature(const vector& data, const vector& generated_signature, size_t core_message_length) override; @@ -388,6 +392,7 @@ class LicenseRoundTrip void SetKeyId(size_t index, const string& key_id); protected: + bool RequestHasNonce() override { return true; } void VerifyRequestSignature(const vector& data, const vector& generated_signature, size_t core_message_length) override; @@ -451,6 +456,7 @@ class RenewalRoundTrip void set_is_release(bool is_release) { is_release_ = is_release; } protected: + bool RequestHasNonce() override { return false; } void VerifyRequestSignature(const vector& data, const vector& generated_signature, size_t core_message_length) override; @@ -508,6 +514,8 @@ class Session { // Returns the most recently generated nonce. // Valid after call to GenerateNonce. uint32_t nonce() const { return nonce_; } + // The nonce can be overridden. + void set_nonce(uint32_t nonce) { nonce_ = nonce; } // Valid after call to open(). uint32_t session_id() const { return (uint32_t)session_id_; } // Call OEMCrypto_OpenSession, with GTest ASSERTs. diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index d9f5a4f4..d610413f 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -1233,7 +1233,6 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest { Session s; s.open(); InstallTestRSAKey(&s); - s.GenerateNonce(); LicenseRoundTrip license_messages(&s); f(message_length, &license_messages); OEMCryptoResult result = @@ -1246,7 +1245,6 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest { OEMCryptoResult LoadLicense(Session& s, LicenseRoundTrip& license_messages) { InstallTestRSAKey(&s); - s.GenerateNonce(); license_messages.SignAndVerifyRequest(); license_messages.CreateDefaultResponse(); license_messages.EncryptAndSignResponse(); @@ -1261,7 +1259,6 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest { LicenseRoundTrip license_messages(&s); s.open(); InstallTestRSAKey(&s); - s.GenerateNonce(); bool verify_keys_loaded = true; license_messages.SignAndVerifyRequest(); license_messages.CreateDefaultResponse(); @@ -1294,7 +1291,6 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest { LicenseRoundTrip license_messages(&s); s.open(); InstallTestRSAKey(&s); - s.GenerateNonce(); license_messages.SignAndVerifyRequest(); license_messages.CreateDefaultResponse(); size_t message_length = sizeof(license_messages.response_data()); @@ -1393,7 +1389,6 @@ class OEMCryptoMemoryLicenseTest : public OEMCryptoLicenseTestAPI16 { } void LoadLicense() { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -1446,7 +1441,6 @@ class OEMCryptoLicenseTest : public OEMCryptoLicenseTestAPI16, } void LoadLicense() { - session_.GenerateNonce(); license_messages_.SignAndVerifyRequest(); license_messages_.CreateDefaultResponse(); license_messages_.EncryptAndSignResponse(); @@ -1566,11 +1560,6 @@ class OEMCryptoLicenseTestRangeAPI : public OEMCryptoLicenseTest {}; // Verify that a license may be signed. TEST_P(OEMCryptoLicenseTest, SignLicenseRequest) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); - ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); -} - -TEST_P(OEMCryptoLicenseTest, SignLicenseRequestNoNonce) { ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); } @@ -1648,7 +1637,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNoRequestRentalDuration) { // Verify that a license may be loaded with a nonce. TEST_P(OEMCryptoLicenseTest, LoadKeyWithNonce) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -1660,6 +1648,7 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNonce) { TEST_P(OEMCryptoLicenseTest, LoadKeyNoNonceTwiceAPI16) { ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); license_messages_.set_control(0); + license_messages_.skip_nonce_check(); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); ASSERT_EQ(OEMCrypto_SUCCESS, license_messages_.LoadResponse()); @@ -1669,7 +1658,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyNoNonceTwiceAPI16) { // Verify that a second license may not be loaded in a session. TEST_P(OEMCryptoLicenseTest, LoadKeyWithNonceTwiceAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -1680,7 +1668,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNonceTwiceAPI16) { // This verifies that entitlement keys and entitled content keys can be loaded. TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysAPI14) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); license_messages_.set_license_type(OEMCrypto_EntitlementLicense); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); @@ -1697,7 +1684,6 @@ TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysAPI14) { // This verifies that entitled content keys cannot be loaded if we have not yet // loaded the entitlement keys. TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysNoEntitlementKeysAPI14) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); license_messages_.set_license_type(OEMCrypto_EntitlementLicense); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); @@ -1711,7 +1697,6 @@ TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysNoEntitlementKeysAPI14) { // This verifies that entitled content keys cannot be loaded if we have loaded // the wrong entitlement keys. TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysWrongEntitlementKeysAPI14) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); license_messages_.set_license_type(OEMCrypto_EntitlementLicense); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); @@ -1960,7 +1945,6 @@ TEST_F(OEMCryptoMemoryLicenseTest, // This tests load license with an 8k license response. TEST_P(OEMCryptoLicenseTest, LoadKeyLargeBuffer) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); const size_t max_size = GetResourceValue(kLargeMessageSize); license_messages_.set_message_size(max_size); @@ -1971,7 +1955,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyLargeBuffer) { // Verify that you can't use LoadKeys on a v16 license. TEST_F(OEMCryptoLicenseTestAPI16, UseWrongLoadAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -1992,7 +1975,6 @@ TEST_F(OEMCryptoLicenseTestAPI16, UseWrongLoadAPI16) { //---------------------------------------------------------------------------// //---------------------------------------------------------------------------// TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_enc_mac_keys) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); // See the comment in LicenseRoundTrip::LoadResponse for why we increment by @@ -2004,7 +1986,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_enc_mac_keys) { } TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_enc_mac_keys_iv) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); // See the comment in LicenseRoundTrip::LoadResponse for why we increment by @@ -2016,7 +1997,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_enc_mac_keys_iv) { } TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_id) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); // See the comment in LicenseRoundTrip::LoadResponse for why we increment by @@ -2028,7 +2008,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_id) { } TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_data) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); // See the comment in LicenseRoundTrip::LoadResponse for why we increment by @@ -2040,7 +2019,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_data) { } TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_data_iv) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); // See the comment in LicenseRoundTrip::LoadResponse for why we increment by @@ -2052,7 +2030,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_data_iv) { } TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_control) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); // See the comment in LicenseRoundTrip::LoadResponse for why we increment by @@ -2064,7 +2041,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_control) { } TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_control_iv) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); // See the comment in LicenseRoundTrip::LoadResponse for why we increment by @@ -2078,7 +2054,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_control_iv) { TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_pst) { license_messages_.set_control(wvoec::kControlNonceOrEntry); license_messages_.set_pst("my_pst"); - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); // See the comment in LicenseRoundTrip::LoadResponse for why we increment by @@ -2099,7 +2074,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_pst) { // This test is being restricted to v16 devices on rvc-dev branch because we // only required v15.1 on Android for Q. TEST_F(OEMCryptoLicenseTestAPI15, LoadKeyWithSuspiciousIVAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); @@ -2115,7 +2089,6 @@ TEST_F(OEMCryptoLicenseTestAPI15, LoadKeyWithSuspiciousIVAPI16) { // Test that LoadKeys fails when a key is loaded with no key control block. TEST_P(OEMCryptoLicenseTest, LoadKeyWithNullKeyControl) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); license_messages_.core_response().key_array[2].key_control.offset = 0; @@ -2126,7 +2099,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNullKeyControl) { // Test that LoadKeys fails when the key control block encryption has a null IV. TEST_P(OEMCryptoLicenseTest, LoadKeyWithNullKeyControlIv) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); license_messages_.core_response().key_array[2].key_control_iv.offset = 0; @@ -2137,7 +2109,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNullKeyControlIv) { // Verify that LoadKeys fails when a key's nonce is wrong. TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadNonce) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); for (unsigned int i = 0; i < license_messages_.num_keys(); i++) @@ -2148,7 +2119,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadNonce) { // Verify that LoadKeys fails when the core message's nonce is wrong. TEST_F(OEMCryptoLicenseTestAPI16, LoadKeyWithBadNonce2) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); license_messages_.core_request().nonce ^= 42; @@ -2158,7 +2128,6 @@ TEST_F(OEMCryptoLicenseTestAPI16, LoadKeyWithBadNonce2) { // Verify that LoadKeys fails when the core message's session is wrong. TEST_F(OEMCryptoLicenseTestAPI16, LoadKeyWithBadNonce3) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); license_messages_.core_request().session_id++; @@ -2168,9 +2137,8 @@ TEST_F(OEMCryptoLicenseTestAPI16, LoadKeyWithBadNonce3) { // Verify that LoadKeys fails when an attempt is made to use a nonce twice. TEST_P(OEMCryptoLicenseTest, LoadKeyWithRepeatNonce) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); - const uint32_t nonce = session_.nonce(); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); + const uint32_t nonce = session_.nonce(); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); // This is the first attempt. It should succeed. @@ -2242,7 +2210,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyNonceWrongSession) { // LoadKeys should fail if the key control block as a bad verification string. TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadVerification) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); license_messages_.response_data().keys[1].control.verification[2] = 'Z'; @@ -2253,7 +2220,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadVerification) { // This test verifies that LoadKeys still works when the message is not aligned // in memory on a word (2 or 4 byte) boundary. TEST_P(OEMCryptoLicenseTest, LoadKeyUnalignedMessageAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2298,7 +2264,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyUnalignedMessageAPI16) { // Verifies that a session can't reload a license without being closed and // reopened. TEST_P(OEMCryptoLicenseTest, LoadLicenseAgainFailureAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2307,7 +2272,6 @@ TEST_P(OEMCryptoLicenseTest, LoadLicenseAgainFailureAPI16) { } TEST_P(OEMCryptoLicenseTestRangeAPI, LoadKeys) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); // Re-set the API version. The function VerifyRequestSignature sets the api to // be a sane value. But in this test, we want to verify an unsupported version @@ -2335,7 +2299,6 @@ INSTANTIATE_TEST_CASE_P(TestAll, OEMCryptoLicenseTestRangeAPI, Range(10, kCurrentAPI + 2)); TEST_P(OEMCryptoLicenseTest, LoadKeysBadSignatureAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2345,7 +2308,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeysBadSignatureAPI16) { } TEST_F(OEMCryptoLicenseTestAPI16, BadCoreHashAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); license_messages_.BreakRequestHash(); @@ -2369,7 +2331,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyNoKeys) { // Like the previous test, except we ask for a nonce first. TEST_P(OEMCryptoLicenseTest, LoadKeyNoKeyWithNonce) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); license_messages_.set_num_keys(0); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); @@ -2499,7 +2460,6 @@ TEST_P(OEMCryptoLicenseTest, // This test should pass for v15 devices, except that the exact error code was // not specified until v16. TEST_P(OEMCryptoLicenseTest, SelectKeyNotThereAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2537,7 +2497,6 @@ TEST_P(OEMCryptoLicenseTest, SelectKeyNotThereAPI16) { // 'cens' mode is no longer supported in v16 TEST_P(OEMCryptoLicenseTest, RejectCensAPI16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2568,7 +2527,6 @@ TEST_P(OEMCryptoLicenseTest, RejectCensAPI16) { // 'cbc1' mode is no longer supported in v16 TEST_P(OEMCryptoLicenseTest, RejectCbc1API16) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2598,7 +2556,6 @@ TEST_P(OEMCryptoLicenseTest, RejectCbc1API16) { } TEST_P(OEMCryptoLicenseTest, RejectCbcsWithBlockOffset) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2629,7 +2586,6 @@ TEST_P(OEMCryptoLicenseTest, RejectCbcsWithBlockOffset) { } TEST_P(OEMCryptoLicenseTest, RejectOversizedBlockOffset) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2669,7 +2625,6 @@ TEST_P(OEMCryptoLicenseTest, RejectOversizedBlockOffset) { // attempt to query a key that has not been loaded, the error should be // NO_CONTENT_KEY. TEST_P(OEMCryptoLicenseTest, QueryKeyControl) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -2701,7 +2656,6 @@ TEST_F(OEMCryptoSessionTests, LicenseRoundTrip license_messages(&s); s.open(); InstallTestRSAKey(&s); - s.GenerateNonce(); license_messages.SignAndVerifyRequest(); license_messages.CreateDefaultResponse(); license_messages.EncryptAndSignResponse(); @@ -3216,7 +3170,6 @@ TEST_F(OEMCryptoSessionTests, // accept a key control block with the anti-rollback hardware bit set. // Otherwise, it should reject that key control block. TEST_P(OEMCryptoLicenseTest, AntiRollbackHardwareRequired) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); license_messages_.set_control(wvoec::kControlRequireAntiRollbackHardware); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); @@ -3235,7 +3188,6 @@ TEST_P(OEMCryptoLicenseTest, MinimumKeys) { const size_t num_keys = GetResourceValue(kMaxKeysPerSession); ASSERT_LE(num_keys, kMaxNumKeys) << "Test constants need updating."; license_messages_.set_num_keys(num_keys); - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -3266,7 +3218,6 @@ void TestMaxKeys(SessionUtil* util, size_t num_keys_per_session) { total_keys += num_keys; ASSERT_NO_FATAL_FAILURE(sessions[i]->open()); ASSERT_NO_FATAL_FAILURE(util->InstallTestRSAKey(sessions[i].get())); - ASSERT_NO_FATAL_FAILURE(sessions[i]->GenerateNonce()); ASSERT_NO_FATAL_FAILURE(licenses[i]->SignAndVerifyRequest()); } for (size_t i = 0; i < licenses.size(); i++) { @@ -3439,12 +3390,6 @@ class OEMCryptoRefreshTest : public OEMCryptoLicenseTest { } void LoadLicense() { - // If we require a nonce, then generate one. - if (license_messages_.control() & - (wvoec::kControlNonceEnabled | wvoec::kControlNonceOrEntry | - wvoec::kControlNonceRequired)) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); - } license_messages_.core_response().timer_limits = timer_limits_; ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); @@ -3580,7 +3525,6 @@ TEST_P(OEMCryptoLicenseTest, HashForbiddenAPI15) { // If hash is not supported, or is vendor defined, don't try to test it. if (hash_type != OEMCrypto_CRC_Clear_Buffer) return; - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse()); @@ -3627,7 +3571,6 @@ TEST_P(OEMCryptoLicenseTest, DecryptHashForOutOfRangeFrameNumber) { // Decrypt Tests -- these test Decrypt CTR mode only. // TEST_P(OEMCryptoLicenseTest, Decrypt) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); license_messages_.core_response() .timer_limits.total_playback_duration_seconds = kDuration; @@ -3639,7 +3582,6 @@ TEST_P(OEMCryptoLicenseTest, Decrypt) { // Verify that a zero duration means infinite license duration. TEST_P(OEMCryptoLicenseTest, DecryptZeroDuration) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); license_messages_.core_response() .timer_limits.total_playback_duration_seconds = 0; @@ -3898,7 +3840,6 @@ class OEMCryptoSessionTestsDecryptTests } void LoadLicense() { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); uint32_t control = wvoec::kControlNonceEnabled; if (verify_crc_) control |= kControlAllowHashVerification; if (output_buffer_type_ == OEMCrypto_BufferType_Secure) @@ -4389,7 +4330,6 @@ INSTANTIATE_TEST_CASE_P( // A request to decrypt data to a clear buffer when the key control block // requires a secure data path. TEST_P(OEMCryptoLicenseTest, DecryptSecureToClear) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); license_messages_.set_control(wvoec::kControlObserveDataPath | wvoec::kControlDataPathSecure); @@ -4402,7 +4342,6 @@ TEST_P(OEMCryptoLicenseTest, DecryptSecureToClear) { // Test that key duration is honored. TEST_P(OEMCryptoLicenseTest, KeyDuration) { - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); license_messages_.core_response() .timer_limits.total_playback_duration_seconds = kDuration; @@ -4433,7 +4372,6 @@ class OEMCryptoLoadsCertificate : public OEMCryptoSessionTestKeyboxTest { auto oemcrypto_function = [&](size_t message_length) { Session s; s.open(); - s.GenerateNonce(); if (global_features.provisioning_method == OEMCrypto_OEMCertificate) { s.LoadOEMCert(true); } else { @@ -4511,7 +4449,6 @@ TEST_F(OEMCryptoLoadsCertificate, SignProvisioningRequest) { EXPECT_EQ(global_features.provisioning_method, OEMCrypto_Keybox); s.GenerateDerivedKeysFromKeybox(keybox_); } - s.GenerateNonce(); ProvisioningRoundTrip provisioning_messages(&s, encoded_rsa_key_); ASSERT_NO_FATAL_FAILURE(provisioning_messages.SignAndVerifyRequest()); } @@ -4526,7 +4463,6 @@ TEST_F(OEMCryptoLoadsCertificate, SignLargeProvisioningRequestAPI16) { EXPECT_EQ(global_features.provisioning_method, OEMCrypto_Keybox); s.GenerateDerivedKeysFromKeybox(keybox_); } - s.GenerateNonce(); ProvisioningRoundTrip provisioning_messages(&s, encoded_rsa_key_); const size_t max_size = GetResourceValue(kLargeMessageSize); provisioning_messages.set_message_size(max_size); @@ -4999,7 +4935,6 @@ class OEMCryptoLoadsCertVariousKeys : public OEMCryptoLoadsCertificate { ASSERT_NO_FATAL_FAILURE(s.InstallRSASessionTestKey(wrapped_rsa_key_)); LicenseRoundTrip license_messages(&s); - ASSERT_NO_FATAL_FAILURE(s.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages.EncryptAndSignResponse()); @@ -5083,7 +5018,6 @@ TEST_F(OEMCryptoLoadsCertificate, TestMultipleRSAKeys) { s2.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_NO_FATAL_FAILURE(s2.InstallRSASessionTestKey(wrapped_rsa_key_)); LicenseRoundTrip license_messages2(&s2); - ASSERT_NO_FATAL_FAILURE(s2.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages2.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages2.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages2.EncryptAndSignResponse()); @@ -5093,7 +5027,6 @@ TEST_F(OEMCryptoLoadsCertificate, TestMultipleRSAKeys) { // After s2 has loaded its rsa key, we continue using s1's key. LicenseRoundTrip license_messages1(&s1); - ASSERT_NO_FATAL_FAILURE(s1.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages1.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages1.CreateDefaultResponse()); ASSERT_NO_FATAL_FAILURE(license_messages1.EncryptAndSignResponse()); @@ -6484,7 +6417,6 @@ class OEMCryptoGenericCryptoTest : public OEMCryptoRefreshTest { void SetUp() override { OEMCryptoRefreshTest::SetUp(); - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE( license_messages_.CreateResponseWithGenericCryptoKeys()); @@ -7377,7 +7309,6 @@ class LicenseWithUsageEntry { license_messages_.set_control(control); ASSERT_NO_FATAL_FAILURE(session_.open()); ASSERT_NO_FATAL_FAILURE(util->InstallTestRSAKey(&session_)); - ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest()); if (generic_crypto_) { ASSERT_NO_FATAL_FAILURE( @@ -7823,7 +7754,6 @@ TEST_P(OEMCryptoUsageTableTest, OnlineBadNonce) { ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s)); ASSERT_NO_FATAL_FAILURE(s.CreateNewUsageEntry()); - ASSERT_NO_FATAL_FAILURE(s.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages.CreateDefaultResponse()); for (uint32_t i = 0; i < license_messages.num_keys(); i++) @@ -7837,7 +7767,6 @@ TEST_P(OEMCryptoUsageTableTest, OnlineEmptyPST) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s)); - ASSERT_NO_FATAL_FAILURE(s.GenerateNonce()); LicenseRoundTrip license_messages(&s); license_messages.set_api_version(license_api_version_); license_messages.set_control(wvoec::kControlNonceEnabled | @@ -7855,7 +7784,6 @@ TEST_P(OEMCryptoUsageTableTest, OnlineMissingEntry) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s)); - ASSERT_NO_FATAL_FAILURE(s.GenerateNonce()); LicenseRoundTrip license_messages(&s); license_messages.set_api_version(license_api_version_); license_messages.set_control(wvoec::kControlNonceEnabled | @@ -8213,7 +8141,6 @@ TEST_P(OEMCryptoUsageTableTest, OfflineBadNonce) { ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s)); ASSERT_NO_FATAL_FAILURE(s.CreateNewUsageEntry()); - ASSERT_NO_FATAL_FAILURE(s.GenerateNonce()); ASSERT_NO_FATAL_FAILURE(license_messages.SignAndVerifyRequest()); ASSERT_NO_FATAL_FAILURE(license_messages.CreateDefaultResponse()); for (size_t i = 0; i < license_messages.num_keys(); i++) @@ -8227,7 +8154,6 @@ TEST_P(OEMCryptoUsageTableTest, OfflineEmptyPST) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s)); - ASSERT_NO_FATAL_FAILURE(s.GenerateNonce()); LicenseRoundTrip license_messages(&s); license_messages.set_api_version(license_api_version_); license_messages.set_control(wvoec::kControlNonceOrEntry);