From 3c350b677f34ed7091d0e075d21b9f4e4dccaca7 Mon Sep 17 00:00:00 2001 From: Rahul Frias Date: Thu, 13 Dec 2018 12:04:10 -0800 Subject: [PATCH] Use vec.data() instead of &vec[0]. [ Merge of http://go/wvgerrit/67984 ] Getting the address of the first element is invalid when the size is 0. Calling data() is valid when the size is zero so long as we don't use the resulting pointer. This is important when we pass the pointer to low-level functions like memcpy. Also, MSVC is stricter about this and doesn't allow indexing the 0-th element when it is empty. But GCC/Clang seem to be fine with it so long as the object isn't used. Test: WV unit/integration tests Change-Id: Ic5d11da41dd3a185a63f86a6ea91e9b954fd699a --- .../oemcrypto/ref/src/oemcrypto_session.cpp | 2 +- .../ref/src/oemcrypto_usage_table_ref.cpp | 2 +- .../oemcrypto/test/oec_session_util.cpp | 142 ++-- .../oemcrypto/test/oemcrypto_test.cpp | 630 +++++++++--------- 4 files changed, 400 insertions(+), 376 deletions(-) diff --git a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_session.cpp b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_session.cpp index 8e27f80f..f31fe7f5 100644 --- a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_session.cpp +++ b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_session.cpp @@ -405,7 +405,7 @@ bool SessionContext::ValidateMessage(const uint8_t* given_message, uint8_t computed_signature[SHA256_DIGEST_LENGTH]; memset(computed_signature, 0, SHA256_DIGEST_LENGTH); unsigned int md_len = SHA256_DIGEST_LENGTH; - if (!HMAC(EVP_sha256(), &mac_key_server_[0], mac_key_server_.size(), + if (!HMAC(EVP_sha256(), mac_key_server_.data(), mac_key_server_.size(), given_message, message_length, computed_signature, &md_len)) { LOGE("ValidateMessage: Could not compute signature."); return false; diff --git a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_usage_table_ref.cpp b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_usage_table_ref.cpp index 8b4bde43..c24275dd 100644 --- a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_usage_table_ref.cpp +++ b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_usage_table_ref.cpp @@ -325,7 +325,7 @@ OEMCryptoResult UsageTableEntry::CopyOldUsageEntry( } else { data_.pst_length = pst.size(); } - memcpy(data_.pst, &pst[0], data_.pst_length); + memcpy(data_.pst, pst.data(), data_.pst_length); data_.pst[data_.pst_length] = '\0'; return OEMCrypto_SUCCESS; } diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp index 0cc739d3..cb6e8846 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp @@ -212,7 +212,7 @@ void Session::DeriveKey(const uint8_t* key, const vector& context, message.push_back(counter); message.insert(message.end(), context.begin(), context.end()); - ASSERT_EQ(1, CMAC_Update(cmac_ctx, &message[0], message.size())); + ASSERT_EQ(1, CMAC_Update(cmac_ctx, message.data(), message.size())); size_t reslen; uint8_t res[128]; @@ -248,9 +248,9 @@ void Session::GenerateDerivedKeysFromKeybox( vector enc_context; FillDefaultContext(&mac_context, &enc_context); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_GenerateDerivedKeys(session_id(), &mac_context[0], - mac_context.size(), &enc_context[0], - enc_context.size())); + OEMCrypto_GenerateDerivedKeys( + session_id(), mac_context.data(), mac_context.size(), + enc_context.data(), enc_context.size())); DeriveKeys(keybox.device_key_, mac_context, enc_context); } @@ -267,11 +267,11 @@ void Session::GenerateDerivedKeysFromSessionKey() { FillDefaultContext(&mac_context, &enc_context); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_DeriveKeysFromSessionKey( - session_id(), &enc_session_key[0], enc_session_key.size(), - &mac_context[0], mac_context.size(), &enc_context[0], + session_id(), enc_session_key.data(), enc_session_key.size(), + mac_context.data(), mac_context.size(), enc_context.data(), enc_context.size())); - DeriveKeys(&session_key[0], mac_context, enc_context); + DeriveKeys(session_key.data(), mac_context, enc_context); } void Session::LoadTestKeys(const std::string& provider_session_token, @@ -288,16 +288,17 @@ void Session::LoadTestKeys(const std::string& provider_session_token, if (new_mac_keys) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadKeys( - session_id(), message_ptr(), message_size_, &signature_[0], + session_id(), message_ptr(), message_size_, signature_.data(), signature_.size(), enc_mac_keys_iv, enc_mac_keys, num_keys_, key_array_, pst, GetSubstring(), OEMCrypto_ContentLicense)); // Update new generated keys. - memcpy(&mac_key_server_[0], license_.mac_keys, MAC_KEY_SIZE); - memcpy(&mac_key_client_[0], license_.mac_keys + MAC_KEY_SIZE, MAC_KEY_SIZE); + memcpy(mac_key_server_.data(), license_.mac_keys, MAC_KEY_SIZE); + memcpy(mac_key_client_.data(), license_.mac_keys + MAC_KEY_SIZE, + MAC_KEY_SIZE); } else { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadKeys( - session_id(), message_ptr(), message_size_, &signature_[0], + session_id(), message_ptr(), message_size_, signature_.data(), signature_.size(), GetSubstring(), GetSubstring(), num_keys_, key_array_, pst, GetSubstring(), OEMCrypto_ContentLicense)); } @@ -320,17 +321,19 @@ void Session::LoadEntitlementTestKeys(const std::string& provider_session_token, ASSERT_EQ( expected_sts, OEMCrypto_LoadKeys(session_id(), message_ptr(), message_size_, - &signature_[0], signature_.size(), enc_mac_keys_iv, - enc_mac_keys, num_keys_, key_array_, pst, - GetSubstring(), OEMCrypto_EntitlementLicense)); + signature_.data(), signature_.size(), + enc_mac_keys_iv, enc_mac_keys, num_keys_, + key_array_, pst, GetSubstring(), + OEMCrypto_EntitlementLicense)); // Update new generated keys. - memcpy(&mac_key_server_[0], license_.mac_keys, MAC_KEY_SIZE); - memcpy(&mac_key_client_[0], license_.mac_keys + MAC_KEY_SIZE, MAC_KEY_SIZE); + memcpy(mac_key_server_.data(), license_.mac_keys, MAC_KEY_SIZE); + memcpy(mac_key_client_.data(), license_.mac_keys + MAC_KEY_SIZE, + MAC_KEY_SIZE); } else { ASSERT_EQ( expected_sts, OEMCrypto_LoadKeys(session_id(), message_ptr(), message_size_, - &signature_[0], signature_.size(), GetSubstring(), + signature_.data(), signature_.size(), GetSubstring(), GetSubstring(), num_keys_, key_array_, pst, GetSubstring(), OEMCrypto_EntitlementLicense)); } @@ -381,10 +384,8 @@ void Session::FillEntitledKeyArray() { void Session::LoadEntitledContentKeys(OEMCryptoResult expected_sts) { encrypted_entitled_message_ = entitled_message_; - std::vector encrypted_entitled_key_array; - encrypted_entitled_key_array.resize(num_keys_); - memcpy(&encrypted_entitled_key_array[0], &entitled_key_array_[0], - sizeof(OEMCrypto_EntitledContentKeyObject) * num_keys_); + std::vector encrypted_entitled_key_array( + entitled_key_array_, entitled_key_array_ + num_keys_); for (size_t i = 0; i < num_keys_; ++i) { // Load the entitlement key from |key_array_|. @@ -416,7 +417,7 @@ void Session::LoadEntitledContentKeys(OEMCryptoResult expected_sts) { session_id(), reinterpret_cast(encrypted_entitled_message_.data()), encrypted_entitled_message_.size(), num_keys_, - &encrypted_entitled_key_array[0])); + encrypted_entitled_key_array.data())); if (expected_sts != OEMCrypto_SUCCESS) { return; } @@ -479,11 +480,11 @@ void Session::RefreshTestKeys(const size_t key_count, uint32_t control_bits, FillRefreshMessage(key_count, control_bits, nonce); ServerSignBuffer(reinterpret_cast(&padded_message_), message_size_, &signature_); - OEMCrypto_KeyRefreshObject key_array[key_count]; - FillRefreshArray(key_array, key_count); + std::vector key_array(key_count); + FillRefreshArray(key_array.data(), key_count); OEMCryptoResult sts = OEMCrypto_RefreshKeys( - session_id(), message_ptr(), message_size_, &signature_[0], - signature_.size(), key_count, key_array); + session_id(), message_ptr(), message_size_, signature_.data(), + signature_.size(), key_count, key_array.data()); ASSERT_EQ(expected_result, sts); ASSERT_NO_FATAL_FAILURE(TestDecryptCTR()); @@ -625,7 +626,7 @@ void Session::SetLoadKeysSubstringParams() { load_keys_params_.resize(4); std::string message = wvcdm::BytesToString(message_ptr(), sizeof(MessageData)); - OEMCrypto_Substring* enc_mac_keys_iv = &load_keys_params_[0]; + OEMCrypto_Substring* enc_mac_keys_iv = load_keys_params_.data(); *enc_mac_keys_iv = GetSubstring( message, wvcdm::BytesToString(encrypted_license().mac_key_iv, sizeof(encrypted_license().mac_key_iv))); @@ -648,7 +649,7 @@ void Session::EncryptAndSign() { uint8_t iv_buffer[16]; memcpy(iv_buffer, &license_.mac_key_iv[0], KEY_IV_SIZE); AES_KEY aes_key; - AES_set_encrypt_key(&enc_key_[0], 128, &aes_key); + AES_set_encrypt_key(enc_key_.data(), 128, &aes_key); AES_cbc_encrypt(&license_.mac_keys[0], &encrypted_license().mac_keys[0], 2 * MAC_KEY_SIZE, &aes_key, iv_buffer, AES_ENCRYPT); @@ -661,7 +662,7 @@ void Session::EncryptAndSign() { KEY_SIZE, &aes_key, iv_buffer, AES_ENCRYPT); memcpy(iv_buffer, &license_.keys[i].key_iv[0], KEY_IV_SIZE); - AES_set_encrypt_key(&enc_key_[0], 128, &aes_key); + AES_set_encrypt_key(enc_key_.data(), 128, &aes_key); AES_cbc_encrypt( &license_.keys[i].key_data[0], &encrypted_license().keys[i].key_data[0], license_.keys[i].key_data_length, &aes_key, iv_buffer, AES_ENCRYPT); @@ -695,7 +696,7 @@ void Session::ServerSignBuffer(const uint8_t* data, size_t data_length, ASSERT_LE(data_length, kMaxMessageSize); signature->assign(SHA256_DIGEST_LENGTH, 0); unsigned int md_len = SHA256_DIGEST_LENGTH; - HMAC(EVP_sha256(), &mac_key_server_[0], mac_key_server_.size(), data, + HMAC(EVP_sha256(), mac_key_server_.data(), mac_key_server_.size(), data, data_length, &(signature->front()), &md_len); } @@ -703,7 +704,7 @@ void Session::ClientSignMessage(const vector& data, std::vector* signature) { signature->assign(SHA256_DIGEST_LENGTH, 0); unsigned int md_len = SHA256_DIGEST_LENGTH; - HMAC(EVP_sha256(), &mac_key_client_[0], mac_key_client_.size(), + HMAC(EVP_sha256(), mac_key_client_.data(), mac_key_client_.size(), &(data.front()), data.size(), &(signature->front()), &md_len); } @@ -714,13 +715,14 @@ void Session::VerifyClientSignature(size_t data_length) { for (size_t i = 0; i < data.size(); i++) data[i] = i % 0xFF; OEMCryptoResult sts; size_t gen_signature_length = 0; - sts = OEMCrypto_GenerateSignature(session_id(), &data[0], data.size(), NULL, - &gen_signature_length); + sts = OEMCrypto_GenerateSignature(session_id(), data.data(), data.size(), + NULL, &gen_signature_length); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_EQ(static_cast(32), gen_signature_length); vector gen_signature(gen_signature_length); - sts = OEMCrypto_GenerateSignature(session_id(), &data[0], data.size(), - &gen_signature[0], &gen_signature_length); + sts = OEMCrypto_GenerateSignature(session_id(), data.data(), data.size(), + gen_signature.data(), + &gen_signature_length); ASSERT_EQ(OEMCrypto_SUCCESS, sts); std::vector expected_signature; ClientSignMessage(data, &expected_signature); @@ -809,12 +811,12 @@ void Session::TestDecryptCTR(bool select_key_first, vector unencryptedData(256); for (size_t i = 0; i < unencryptedData.size(); i++) unencryptedData[i] = i % 256; - EXPECT_EQ(1, GetRandBytes(&unencryptedData[0], unencryptedData.size())); + EXPECT_EQ(1, GetRandBytes(unencryptedData.data(), unencryptedData.size())); vector encryptionIv(KEY_IV_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], KEY_IV_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), KEY_IV_SIZE)); vector encryptedData(unencryptedData.size()); EncryptCTR(unencryptedData, license_.keys[key_index].key_data, - &encryptionIv[0], &encryptedData); + encryptionIv.data(), &encryptedData); // Describe the output vector outputBuffer(256); @@ -828,8 +830,8 @@ void Session::TestDecryptCTR(bool select_key_first, pattern.offset = 0; // Decrypt the data sts = OEMCrypto_DecryptCENC( - session_id(), &encryptedData[0], encryptedData.size(), true, - &encryptionIv[0], 0, &destBuffer, &pattern, + session_id(), encryptedData.data(), encryptedData.size(), true, + encryptionIv.data(), 0, &destBuffer, &pattern, OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample); // We only have a few errors that we test are reported. if (expected_result == OEMCrypto_SUCCESS) { // No error. @@ -886,7 +888,7 @@ void Session::LoadOEMCert(bool verify_cert) { ASSERT_LT(0u, public_cert_length); public_cert.resize(public_cert_length); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_GetOEMPublicCertificate(session_id(), &public_cert[0], + OEMCrypto_GetOEMPublicCertificate(session_id(), public_cert.data(), &public_cert_length)); // Load the certificate chain into a BoringSSL X509 Stack @@ -921,7 +923,7 @@ void Session::LoadOEMCert(bool verify_cert) { X509_NAME* name = X509_get_subject_name(x509_cert); printf(" OEM Certificate Name: %s\n", - X509_NAME_oneline(name, &buffer[0], buffer.size())); + X509_NAME_oneline(name, buffer.data(), buffer.size())); boringssl_ptr store(X509_STORE_new()); ASSERT_TRUE(store.NotNull()); boringssl_ptr store_ctx( @@ -979,16 +981,17 @@ void Session::RewrapRSAKey(const struct RSAPrivateKeyMessage& encrypted, const uint8_t* message_ptr = reinterpret_cast(&encrypted); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey( - session_id(), message_ptr, message_size, &signature[0], + session_id(), message_ptr, message_size, signature.data(), signature.size(), &encrypted.nonce, encrypted.rsa_key, encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, &wrapped_key_length)); wrapped_key->clear(); wrapped_key->assign(wrapped_key_length, 0); OEMCryptoResult sts = OEMCrypto_RewrapDeviceRSAKey( - session_id(), message_ptr, message_size, &signature[0], signature.size(), - &encrypted.nonce, encrypted.rsa_key, encrypted.rsa_key_length, - encrypted.rsa_key_iv, &(wrapped_key->front()), &wrapped_key_length); + session_id(), message_ptr, message_size, signature.data(), + signature.size(), &encrypted.nonce, encrypted.rsa_key, + encrypted.rsa_key_length, encrypted.rsa_key_iv, &(wrapped_key->front()), + &wrapped_key_length); if (force) { ASSERT_EQ(OEMCrypto_SUCCESS, sts); } @@ -1003,14 +1006,14 @@ void Session::RewrapRSAKey30(const struct RSAPrivateKeyMessage& encrypted, size_t wrapped_key_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey30( - session_id(), &nonce_, &encrypted_message_key[0], + session_id(), &nonce_, encrypted_message_key.data(), encrypted_message_key.size(), encrypted.rsa_key, encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, &wrapped_key_length)); wrapped_key->clear(); wrapped_key->assign(wrapped_key_length, 0); OEMCryptoResult sts = OEMCrypto_RewrapDeviceRSAKey30( - session_id(), &nonce_, &encrypted_message_key[0], + session_id(), &nonce_, encrypted_message_key.data(), encrypted_message_key.size(), encrypted.rsa_key, encrypted.rsa_key_length, encrypted.rsa_key_iv, &(wrapped_key->front()), &wrapped_key_length); if (force) { @@ -1121,16 +1124,18 @@ void Session::VerifyRSASignature(const vector& message, boringssl_ptr pkey(EVP_PKEY_new()); ASSERT_EQ(1, EVP_PKEY_set1_RSA(pkey.get(), public_rsa_)); - const bool ok = VerifyPSSSignature(pkey.get(), &message[0], message.size(), - signature, signature_length); + const bool ok = VerifyPSSSignature( + pkey.get(), message.data(), message.size(), signature, + signature_length); EXPECT_TRUE(ok) << "PSS signature check failed."; } else if (padding_scheme == kSign_PKCS1_Block1) { vector padded_digest(signature_length); int size; // RSA_public_decrypt decrypts the signature, and then verifies that // it was padded with RSA PKCS1 padding. - size = RSA_public_decrypt(signature_length, signature, &padded_digest[0], - public_rsa_, RSA_PKCS1_PADDING); + size = RSA_public_decrypt( + signature_length, signature, padded_digest.data(), public_rsa_, + RSA_PKCS1_PADDING); EXPECT_GT(size, 0); padded_digest.resize(size); EXPECT_EQ(message, padded_digest); @@ -1161,7 +1166,7 @@ bool Session::GenerateRSASessionKey(vector* session_key, void Session::InstallRSASessionTestKey(const vector& wrapped_rsa_key) { ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_LoadDeviceRSAKey(session_id(), &wrapped_rsa_key[0], + OEMCrypto_LoadDeviceRSAKey(session_id(), wrapped_rsa_key.data(), wrapped_rsa_key.size())); GenerateDerivedKeysFromSessionKey(); } @@ -1189,8 +1194,8 @@ void Session::UpdateUsageEntry(std::vector* header_buffer) { encrypted_usage_entry_.resize(entry_buffer_length); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageEntry( - session_id(), &(header_buffer->front()), &header_buffer_length, - &encrypted_usage_entry_[0], &entry_buffer_length)); + session_id(), header_buffer->data(), &header_buffer_length, + encrypted_usage_entry_.data(), &entry_buffer_length)); } void Session::DeactivateUsageEntry(const std::string& pst) { @@ -1205,7 +1210,8 @@ void Session::LoadUsageEntry(uint32_t index, const vector& buffer) { encrypted_usage_entry_ = buffer; ASSERT_EQ( OEMCrypto_SUCCESS, - OEMCrypto_LoadUsageEntry(session_id(), index, &buffer[0], buffer.size())); + OEMCrypto_LoadUsageEntry( + session_id(), index, buffer.data(), buffer.size())); } void Session::MoveUsageEntry(uint32_t new_index, @@ -1233,7 +1239,7 @@ void Session::GenerateReport(const std::string& pst, size_t length = 0; OEMCryptoResult sts = OEMCrypto_ReportUsage( session_id(), reinterpret_cast(pst.c_str()), pst.length(), - &pst_report_buffer_[0], &length); + pst_report_buffer_.data(), &length); if (expected_result == OEMCrypto_SUCCESS) { ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); } @@ -1243,7 +1249,7 @@ void Session::GenerateReport(const std::string& pst, } sts = OEMCrypto_ReportUsage(session_id(), reinterpret_cast(pst.c_str()), - pst.length(), &pst_report_buffer_[0], &length); + pst.length(), pst_report_buffer_.data(), &length); ASSERT_EQ(expected_result, sts); if (expected_result != OEMCrypto_SUCCESS) { return; @@ -1251,10 +1257,10 @@ void Session::GenerateReport(const std::string& pst, ASSERT_EQ(pst_report_buffer_.size(), length); vector computed_signature(SHA_DIGEST_LENGTH); unsigned int sig_len = SHA_DIGEST_LENGTH; - HMAC(EVP_sha1(), &mac_key_client_[0], mac_key_client_.size(), + HMAC(EVP_sha1(), mac_key_client_.data(), mac_key_client_.size(), &pst_report_buffer_[SHA_DIGEST_LENGTH], length - SHA_DIGEST_LENGTH, - &computed_signature[0], &sig_len); - EXPECT_EQ(0, memcmp(&computed_signature[0], pst_report().signature(), + computed_signature.data(), &sig_len); + EXPECT_EQ(0, memcmp(computed_signature.data(), pst_report().signature(), SHA_DIGEST_LENGTH)); EXPECT_GE(kInactiveUnused, pst_report().status()); EXPECT_GE(kHardwareSecureClock, pst_report().clock_security_level()); @@ -1287,14 +1293,14 @@ void Session::VerifyPST(const Test_PST_Report& expected) { } std::vector signature(SHA_DIGEST_LENGTH); unsigned int md_len = SHA_DIGEST_LENGTH; - if (!HMAC(EVP_sha1(), &mac_key_client_[0], mac_key_client_.size(), - &pst_report_buffer_[0] + SHA_DIGEST_LENGTH, - pst_report_buffer_.size() - SHA_DIGEST_LENGTH, - &signature[0], &md_len)) { + if (!HMAC(EVP_sha1(), mac_key_client_.data(), mac_key_client_.size(), + pst_report_buffer_.data() + SHA_DIGEST_LENGTH, + pst_report_buffer_.size() - SHA_DIGEST_LENGTH, + signature.data(), &md_len)) { cout << "Error computing HMAC.\n"; dump_boringssl_error(); } - EXPECT_EQ(0, memcmp(computed.signature(), &signature[0], + EXPECT_EQ(0, memcmp(computed.signature(), signature.data(), SHA_DIGEST_LENGTH)); } @@ -1336,8 +1342,8 @@ void Session::CreateOldEntry(const Test_PST_Report& report) { report.seconds_since_license_received, report.seconds_since_first_decrypt, report.seconds_since_last_decrypt, - report.status, &mac_key_server_[0], - &mac_key_client_[0], + report.status, mac_key_server_.data(), + mac_key_client_.data(), reinterpret_cast(report.pst.c_str()), report.pst.length()); if (result == OEMCrypto_ERROR_NOT_IMPLEMENTED) return; diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index 1f3a4b03..09fc1810 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -204,8 +204,9 @@ TEST_F(OEMCryptoClientTest, CheckSRMCapabilityV13) { EXPECT_EQ(OEMCrypto_ERROR_NOT_IMPLEMENTED, current_result); } vector bad_srm(42); - GetRandBytes(&bad_srm[0], bad_srm.size()); - EXPECT_NE(OEMCrypto_SUCCESS, OEMCrypto_LoadSRM(&bad_srm[0], bad_srm.size())); + GetRandBytes(bad_srm.data(), bad_srm.size()); + EXPECT_NE(OEMCrypto_SUCCESS, + OEMCrypto_LoadSRM(bad_srm.data(), bad_srm.size())); } TEST_F(OEMCryptoClientTest, CheckMaxNumberOfSessionsAPI10) { @@ -432,15 +433,15 @@ TEST_F(OEMCryptoClientTest, ClearCopyTestAPI10) { ASSERT_NO_FATAL_FAILURE(s.open()); const int kDataSize = 256; vector input_buffer(kDataSize); - GetRandBytes(&input_buffer[0], input_buffer.size()); + GetRandBytes(input_buffer.data(), input_buffer.size()); vector output_buffer(kDataSize); OEMCrypto_DestBufferDesc dest_buffer; dest_buffer.type = OEMCrypto_BufferType_Clear; - dest_buffer.buffer.clear.address = &output_buffer[0]; + dest_buffer.buffer.clear.address = output_buffer.data(); dest_buffer.buffer.clear.max_length = output_buffer.size(); ASSERT_EQ( OEMCrypto_SUCCESS, - OEMCrypto_CopyBuffer(s.session_id(), &input_buffer[0], + OEMCrypto_CopyBuffer(s.session_id(), input_buffer.data(), input_buffer.size(), &dest_buffer, OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample)); ASSERT_EQ(input_buffer, output_buffer); @@ -450,19 +451,19 @@ TEST_F(OEMCryptoClientTest, ClearCopyTestAPI10) { OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample)); ASSERT_EQ(OEMCrypto_ERROR_INVALID_CONTEXT, OEMCrypto_CopyBuffer( - s.session_id(), &input_buffer[0], input_buffer.size(), NULL, + s.session_id(), input_buffer.data(), input_buffer.size(), NULL, OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample)); dest_buffer.buffer.clear.address = NULL; ASSERT_EQ( OEMCrypto_ERROR_INVALID_CONTEXT, - OEMCrypto_CopyBuffer(s.session_id(), &input_buffer[0], + OEMCrypto_CopyBuffer(s.session_id(), input_buffer.data(), input_buffer.size(), &dest_buffer, OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample)); - dest_buffer.buffer.clear.address = &output_buffer[0]; + dest_buffer.buffer.clear.address = output_buffer.data(); dest_buffer.buffer.clear.max_length = output_buffer.size() - 1; ASSERT_EQ( OEMCrypto_ERROR_SHORT_BUFFER, - OEMCrypto_CopyBuffer(s.session_id(), &input_buffer[0], + OEMCrypto_CopyBuffer(s.session_id(), input_buffer.data(), input_buffer.size(), &dest_buffer, OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample)); } @@ -472,15 +473,15 @@ TEST_F(OEMCryptoClientTest, ClearCopyTestLargeSubsample) { ASSERT_NO_FATAL_FAILURE(s.open()); size_t max_size = GetResourceValue(kMaxSubsampleSize); vector input_buffer(max_size); - GetRandBytes(&input_buffer[0], input_buffer.size()); + GetRandBytes(input_buffer.data(), input_buffer.size()); vector output_buffer(max_size); OEMCrypto_DestBufferDesc dest_buffer; dest_buffer.type = OEMCrypto_BufferType_Clear; - dest_buffer.buffer.clear.address = &output_buffer[0]; + dest_buffer.buffer.clear.address = output_buffer.data(); dest_buffer.buffer.clear.max_length = output_buffer.size(); ASSERT_EQ( OEMCrypto_SUCCESS, - OEMCrypto_CopyBuffer(s.session_id(), &input_buffer[0], + OEMCrypto_CopyBuffer(s.session_id(), input_buffer.data(), input_buffer.size(), &dest_buffer, OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample)); ASSERT_EQ(input_buffer, output_buffer); @@ -575,9 +576,9 @@ TEST_F(OEMCryptoKeyboxTest, GenerateDerivedKeysFromKeyboxLargeBuffer) { enc_context[i] = (3 * i) % 0x100; } ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_GenerateDerivedKeys(s.session_id(), &mac_context[0], - mac_context.size(), &enc_context[0], - enc_context.size())); + OEMCrypto_GenerateDerivedKeys( + s.session_id(), mac_context.data(), mac_context.size(), + enc_context.data(),enc_context.size())); } class OEMCryptoProv30Test : public OEMCryptoClientTest {}; @@ -590,14 +591,14 @@ TEST_F(OEMCryptoProv30Test, GetDeviceId) { OEMCryptoResult sts; std::vector dev_id(128, 0); size_t dev_id_len = dev_id.size(); - sts = OEMCrypto_GetDeviceID(&dev_id[0], &dev_id_len); + sts = OEMCrypto_GetDeviceID(dev_id.data(), &dev_id_len); if (sts == OEMCrypto_ERROR_NOT_IMPLEMENTED) return; if (sts == OEMCrypto_ERROR_SHORT_BUFFER) { ASSERT_GT(dev_id_len, 0u); dev_id.resize(dev_id_len); - sts = OEMCrypto_GetDeviceID(&dev_id[0], &dev_id_len); + sts = OEMCrypto_GetDeviceID(dev_id.data(), &dev_id_len); } - cout << " NormalGetDeviceId: dev_id = " << &dev_id[0] + cout << " NormalGetDeviceId: dev_id = " << dev_id.data() << " len = " << dev_id_len << endl; ASSERT_EQ(OEMCrypto_SUCCESS, sts); } @@ -622,25 +623,25 @@ TEST_F(OEMCryptoProv30Test, OEMCertSignature) { OEMCryptoResult sts; // Sign a Message vector data(500); - GetRandBytes(&data[0], data.size()); + GetRandBytes(data.data(), data.size()); size_t signature_length = 0; vector signature(1); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &data[0], data.size(), - &signature[0], &signature_length, + sts = OEMCrypto_GenerateRSASignature(s.session_id(), data.data(), data.size(), + signature.data(), &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_NE(static_cast(0), signature_length); signature.resize(signature_length, 0); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &data[0], data.size(), - &signature[0], &signature_length, + sts = OEMCrypto_GenerateRSASignature(s.session_id(), data.data(), data.size(), + signature.data(), &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_SUCCESS, sts); ASSERT_NO_FATAL_FAILURE(s.VerifyRSASignature( - data, &signature[0], signature_length, kSign_RSASSA_PSS)); + data, signature.data(), signature_length, kSign_RSASSA_PSS)); } TEST_F(OEMCryptoProv30Test, OEMCertForbiddenPaddingScheme) { @@ -650,23 +651,23 @@ TEST_F(OEMCryptoProv30Test, OEMCertForbiddenPaddingScheme) { OEMCryptoResult sts; // Sign a Message vector data(500); - GetRandBytes(&data[0], data.size()); + GetRandBytes(data.data(), data.size()); size_t signature_length = 0; // We need a size one vector to pass as a pointer. vector signature(1, 0); vector zero(1, 0); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &data[0], data.size(), - &signature[0], &signature_length, + sts = OEMCrypto_GenerateRSASignature(s.session_id(), data.data(), data.size(), + signature.data(), &signature_length, kSign_PKCS1_Block1); if (OEMCrypto_ERROR_SHORT_BUFFER == sts) { // The OEMCrypto could complain about buffer length first, so let's // resize and check if it's writing to the signature again. signature.resize(signature_length, 0); zero.resize(signature_length, 0); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &data[0], data.size(), - &signature[0], &signature_length, - kSign_PKCS1_Block1); + sts = OEMCrypto_GenerateRSASignature(s.session_id(), data.data(), + data.size(), signature.data(), + &signature_length, kSign_PKCS1_Block1); } EXPECT_NE(OEMCrypto_SUCCESS, sts) << "OEM Cert Signed with forbidden kSign_PKCS1_Block1."; @@ -680,25 +681,25 @@ TEST_F(OEMCryptoProv30Test, OEMCertSignatureLargeBuffer) { OEMCryptoResult sts; // Sign a Message vector data(kMaxMessageSize); - GetRandBytes(&data[0], data.size()); + GetRandBytes(data.data(), data.size()); size_t signature_length = 0; vector signature(1); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &data[0], data.size(), - &signature[0], &signature_length, + sts = OEMCrypto_GenerateRSASignature(s.session_id(), data.data(), data.size(), + signature.data(), &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_NE(static_cast(0), signature_length); signature.resize(signature_length); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &data[0], data.size(), - &signature[0], &signature_length, + sts = OEMCrypto_GenerateRSASignature(s.session_id(), data.data(), data.size(), + signature.data(), &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_SUCCESS, sts); ASSERT_NO_FATAL_FAILURE(s.VerifyRSASignature( - data, &signature[0], signature_length, kSign_RSASSA_PSS)); + data, signature.data(), signature_length, kSign_RSASSA_PSS)); } // @@ -729,7 +730,7 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest { if (sts != OEMCrypto_ERROR_SHORT_BUFFER) return; } encrypted_usage_header_.resize(header_buffer_length); - sts = OEMCrypto_CreateUsageTableHeader(&encrypted_usage_header_[0], + sts = OEMCrypto_CreateUsageTableHeader(encrypted_usage_header_.data(), &header_buffer_length); if (expect_success) { ASSERT_EQ(OEMCrypto_SUCCESS, sts); @@ -819,8 +820,9 @@ TEST_F(OEMCryptoSessionTestKeyboxTest, GenerateSignature) { size_t signature_length = signature.size(); OEMCryptoResult sts; - sts = OEMCrypto_GenerateSignature(s.session_id(), &context[0], context.size(), - &signature[0], &signature_length); + sts = OEMCrypto_GenerateSignature(s.session_id(), context.data(), + context.size(), signature.data(), + &signature_length); ASSERT_EQ(OEMCrypto_SUCCESS, sts); static const uint32_t SignatureExpectedLength = 32; @@ -888,8 +890,9 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithNoMAC) { size_t signature_length = signature.size(); OEMCryptoResult sts; - sts = OEMCrypto_GenerateSignature(s.session_id(), &context[0], context.size(), - &signature[0], &signature_length); + sts = OEMCrypto_GenerateSignature(s.session_id(), context.data(), + context.size(), signature.data(), + &signature_length); ASSERT_EQ(OEMCrypto_SUCCESS, sts); @@ -960,8 +963,9 @@ TEST_F(OEMCryptoSessionTests, ClientSignatureLargeBuffer) { size_t signature_length = signature.size(); OEMCryptoResult sts; - sts = OEMCrypto_GenerateSignature(s.session_id(), &context[0], context.size(), - &signature[0], &signature_length); + sts = OEMCrypto_GenerateSignature(s.session_id(), context.data(), + context.size(), signature.data(), + &signature_length); ASSERT_EQ(OEMCrypto_SUCCESS, sts); static const uint32_t SignatureExpectedLength = 32; @@ -1008,7 +1012,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange1) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), reinterpret_cast(double_message.data()), - s.message_size(), &s.signature()[0], s.signature().size(), + s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), wrong_mac_keys, // Not within range of one message. s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), @@ -1028,7 +1032,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), reinterpret_cast(double_message.data()), - s.message_size(), &s.signature()[0], s.signature().size(), + s.message_size(), s.signature().data(), s.signature().size(), wrong_mac_keys_iv, // bad. s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1046,7 +1050,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange3) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), reinterpret_cast(double_message.data()), - s.message_size(), &s.signature()[0], s.signature().size(), + s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); ASSERT_NE(OEMCrypto_SUCCESS, sts); @@ -1064,7 +1068,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange4) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), reinterpret_cast(double_message.data()), - s.message_size(), &s.signature()[0], s.signature().size(), + s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); ASSERT_NE(OEMCrypto_SUCCESS, sts); @@ -1080,7 +1084,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange5) { s.key_array()[1].key_data_iv.offset += s.message_size(); OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), reinterpret_cast(double_message.data()), - s.message_size(), &s.signature()[0], s.signature().size(), + s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); ASSERT_NE(OEMCrypto_SUCCESS, sts); @@ -1098,7 +1102,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange6) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), reinterpret_cast(double_message.data()), - s.message_size(), &s.signature()[0], s.signature().size(), + s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); ASSERT_NE(OEMCrypto_SUCCESS, sts); @@ -1115,7 +1119,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange7) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), reinterpret_cast(double_message.data()), - s.message_size(), &s.signature()[0], s.signature().size(), + s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); ASSERT_NE(OEMCrypto_SUCCESS, sts); @@ -1131,7 +1135,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithNullKeyControl) { s.key_array()[2].key_control.length = 0; OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1148,7 +1152,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithNullKeyControlIv) { s.key_array()[2].key_control_iv.length = 0; OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1163,7 +1167,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadNonce) { 42)); // bad nonce. ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1188,7 +1192,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) { nonce)); // same old nonce. ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1214,7 +1218,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNonceReopenSession) { nonce)); // same old nonce ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1239,8 +1243,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNonceWrongSession) { nonce)); // nonce from session s1 ASSERT_NO_FATAL_FAILURE(s2.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s2.session_id(), s2.message_ptr(), s2.message_size(), &s2.signature()[0], - s2.signature().size(), s2.enc_mac_keys_iv_substr(), + s2.session_id(), s2.message_ptr(), s2.message_size(), + s2.signature().data(), s2.signature().size(), s2.enc_mac_keys_iv_substr(), s2.enc_mac_keys_substr(), s2.num_keys(), s2.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1255,7 +1259,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) { s.license().keys[1].control.verification[2] = 'Z'; ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1283,7 +1287,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyUnalignedMessage) { // Thus, buffer[offset] is NOT word aligned. const uint8_t* unaligned_message = &buffer[offset]; OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), unaligned_message, s.message_size(), &s.signature()[0], + s.session_id(), unaligned_message, s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1318,7 +1322,7 @@ TEST_P(SessionTestAlternateVerification, LoadKeys) { } ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1346,7 +1350,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) { ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); s.signature()[0] ^= 42; // Bad signature. OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1360,7 +1364,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysWithNoDerivedKeys) { ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1379,7 +1383,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeys) { ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), GetSubstring(), + s.signature().data(), s.signature().size(), GetSubstring(), GetSubstring(), kNoKeys, s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense)); } @@ -1395,7 +1399,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) { ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), GetSubstring(), + s.signature().data(), s.signature().size(), GetSubstring(), GetSubstring(), kNoKeys, s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense)); } @@ -1450,7 +1454,7 @@ TEST_F(OEMCryptoSessionTests, AntiRollbackHardwareRequired) { 0, wvoec::kControlRequireAntiRollbackHardware, 0)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -1474,7 +1478,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { ASSERT_EQ( OEMCrypto_SUCCESS, OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), + s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -1489,7 +1493,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { ASSERT_EQ( OEMCrypto_ERROR_UNKNOWN_FAILURE, OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), + s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -1504,7 +1508,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { ASSERT_EQ( OEMCrypto_SUCCESS, OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), + s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -1691,7 +1695,7 @@ TEST_P(SessionTestRefreshKeyTest, RefreshWithNoSelectKey) { s.FillRefreshArray(key_array, num_keys_); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_RefreshKeys(s.session_id(), s.message_ptr(), - s.message_size(), &s.signature()[0], + s.message_size(), s.signature().data(), s.signature().size(), num_keys_, key_array)); ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR(false)); // This should still be valid key, even if the refresh failed, because this @@ -1851,12 +1855,12 @@ class OEMCryptoSessionTestsDecryptTests const vector& in_buffer, vector* out_buffer) { AES_KEY aes_key; - AES_set_encrypt_key(&key[0], AES_BLOCK_SIZE * 8, &aes_key); + AES_set_encrypt_key(key.data(), AES_BLOCK_SIZE * 8, &aes_key); out_buffer->resize(in_buffer.size()); uint8_t iv[AES_BLOCK_SIZE]; // Current iv. - memcpy(iv, &starting_iv[0], AES_BLOCK_SIZE); + memcpy(iv, starting_iv.data(), AES_BLOCK_SIZE); size_t buffer_index = 0; // byte index into in and out. size_t block_offset = 0; // byte index into current block. @@ -1936,7 +1940,7 @@ class OEMCryptoSessionTestsDecryptTests ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE( s.FillSimpleMessage(kDuration, kControlAllowHashVerification, 0)); - memcpy(s.license().keys[0].key_data, &key[0], key.size()); + memcpy(s.license().keys[0].key_data, key.data(), key.size()); s.license().keys[0].cipher_mode = cipher_mode_; ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); @@ -1956,9 +1960,9 @@ class OEMCryptoSessionTestsDecryptTests // will be the same as input_buffer. Leave the 0xaa padding at the end. for(size_t i=0; i < total_size_; i++) output_buffer[i] = encryptedData[i]; // Now let input_buffer point to the same data. - input_buffer = &output_buffer[0]; + input_buffer = output_buffer.data(); } else { - input_buffer = &encryptedData[0]; + input_buffer = encryptedData.data(); } size_t buffer_offset = 0; for (size_t i = 0; i < subsample_size_.size(); i++) { @@ -2018,7 +2022,7 @@ class OEMCryptoSessionTestsDecryptTests EXPECT_EQ(unencryptedData, output_buffer); if (global_features.supports_crc) { uint32_t hash = - wvoec::wvcrc32(&unencryptedData[0], unencryptedData.size()); + wvoec::wvcrc32(unencryptedData.data(), unencryptedData.size()); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_SetDecryptHash( s.session_id(), 1, reinterpret_cast(&hash), @@ -2053,8 +2057,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, SingleLargeSubsample) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2071,8 +2075,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, PatternPlusOneBlock) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2085,8 +2089,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, OneBlock) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2104,8 +2108,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, NoOffset) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2125,7 +2129,7 @@ TEST_P(OEMCryptoSessionTestsPartialBlockTests, EvenOffset) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); // CTR Mode is self-inverse -- i.e. We can pick the encrypted data and // compute the unencrypted data. By picking the encrypted data to be all 0, // it is easier to re-encrypt the data and debug problems. Similarly, we @@ -2153,8 +2157,8 @@ TEST_P(OEMCryptoSessionTestsPartialBlockTests, OddOffset) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2177,7 +2181,7 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptWithNearWrap) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); encryptionIv = wvcdm::a2b_hex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE"); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); @@ -2197,8 +2201,8 @@ TEST_P(OEMCryptoSessionTestsPartialBlockTests, PartialBlock) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2222,8 +2226,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptMaxSample) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2238,8 +2242,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptMaxSubsample) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2253,8 +2257,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptSmallBuffer) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2267,8 +2271,8 @@ TEST_P(OEMCryptoSessionTestsDecryptTests, DecryptUnencrypted) { vector encryptedData(total_size_); vector encryptionIv(AES_BLOCK_SIZE); vector key(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); - EXPECT_EQ(1, GetRandBytes(&key[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(key.data(), AES_BLOCK_SIZE)); for (size_t i = 0; i < total_size_; i++) unencryptedData[i] = i % 256; EncryptData(key, encryptionIv, unencryptedData, &encryptedData); TestDecryptCENC(key, encryptionIv, encryptedData, unencryptedData); @@ -2284,12 +2288,12 @@ TEST_F(OEMCryptoSessionTests, DecryptUnencryptedNoKey) { vector in_buffer(256); for (size_t i = 0; i < in_buffer.size(); i++) in_buffer[i] = i % 256; vector encryptionIv(AES_BLOCK_SIZE); - EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], AES_BLOCK_SIZE)); + EXPECT_EQ(1, GetRandBytes(encryptionIv.data(), AES_BLOCK_SIZE)); // Describe the output vector out_buffer(in_buffer.size()); OEMCrypto_DestBufferDesc destBuffer; destBuffer.type = OEMCrypto_BufferType_Clear; - destBuffer.buffer.clear.address = &out_buffer[0]; + destBuffer.buffer.clear.address = out_buffer.data(); destBuffer.buffer.clear.max_length = out_buffer.size(); OEMCrypto_CENCEncryptPatternDesc pattern; pattern.encrypt = 0; @@ -2298,8 +2302,9 @@ TEST_F(OEMCryptoSessionTests, DecryptUnencryptedNoKey) { // Decrypt the data sts = - OEMCrypto_DecryptCENC(s.session_id(), &in_buffer[0], in_buffer.size(), - false, &encryptionIv[0], 0, &destBuffer, &pattern, + OEMCrypto_DecryptCENC(s.session_id(), in_buffer.data(), in_buffer.size(), + false, encryptionIv.data(), 0, &destBuffer, + &pattern, OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample); ASSERT_EQ(OEMCrypto_SUCCESS, sts); ASSERT_EQ(in_buffer, out_buffer); @@ -2432,17 +2437,17 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange1KeyboxTest) { size_t wrapped_key_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, - &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, NULL, &wrapped_key_length)); wrapped_key.clear(); wrapped_key.assign(wrapped_key_length, 0); uint32_t nonce = encrypted.nonce; ASSERT_NE( OEMCrypto_SUCCESS, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], + s.session_id(), message_ptr, sizeof(encrypted), signature.data(), signature.size(), &nonce, encrypted.rsa_key, encrypted.rsa_key_length, encrypted.rsa_key_iv, &(wrapped_key.front()), &wrapped_key_length)); } @@ -2462,10 +2467,10 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange2KeyboxTest) { size_t wrapped_key_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, - &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, NULL, &wrapped_key_length)); wrapped_key.clear(); wrapped_key.assign(wrapped_key_length, 0); vector bad_buffer(encrypted.rsa_key, @@ -2473,10 +2478,10 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange2KeyboxTest) { ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, &bad_buffer[0], - encrypted.rsa_key_length, encrypted.rsa_key_iv, - &(wrapped_key.front()), &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + bad_buffer.data(), encrypted.rsa_key_length, + encrypted.rsa_key_iv, wrapped_key.data(), &wrapped_key_length)); } TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange3KeyboxTest) { @@ -2495,10 +2500,10 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange3KeyboxTest) { size_t wrapped_key_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, - &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, NULL, &wrapped_key_length)); wrapped_key.clear(); wrapped_key.assign(wrapped_key_length, 0); vector bad_buffer(encrypted.rsa_key, @@ -2506,9 +2511,9 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange3KeyboxTest) { ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, &bad_buffer[0], + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, bad_buffer.data(), &(wrapped_key.front()), &wrapped_key_length)); } @@ -2528,19 +2533,19 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadSignatureKeyboxTest) { size_t wrapped_key_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, - &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, NULL, &wrapped_key_length)); wrapped_key.clear(); wrapped_key.assign(wrapped_key_length, 0); signature[4] ^= 42; // bad signature. ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, - &(wrapped_key.front()), &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, wrapped_key.data(), &wrapped_key_length)); } TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadNonceKeyboxTest) { @@ -2559,19 +2564,19 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadNonceKeyboxTest) { size_t wrapped_key_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, - &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, NULL, &wrapped_key_length)); wrapped_key.clear(); wrapped_key.assign(wrapped_key_length, 0); encrypted.nonce ^= 42; // Almost surely a bad nonce. ASSERT_EQ(OEMCrypto_ERROR_INVALID_NONCE, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, - &(wrapped_key.front()), &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, wrapped_key.data(), &wrapped_key_length)); } TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKeyKeyboxTest) { @@ -2590,19 +2595,19 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKeyKeyboxTest) { size_t wrapped_key_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, - &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, NULL, &wrapped_key_length)); wrapped_key.clear(); wrapped_key.assign(wrapped_key_length, 0); encrypted.rsa_key[1] ^= 42; // Almost surely a bad key. ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_RewrapDeviceRSAKey( - s.session_id(), message_ptr, sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, - &(wrapped_key.front()), &wrapped_key_length)); + s.session_id(), message_ptr, sizeof(encrypted), + signature.data(), signature.size(), &encrypted.nonce, + encrypted.rsa_key, encrypted.rsa_key_length, + encrypted.rsa_key_iv, wrapped_key.data(), &wrapped_key_length)); } TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionLargeBufferKeyboxTest) { @@ -2642,17 +2647,17 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadNonceProv30Test) { size_t wrapped_key_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey30( - s.session_id(), &bad_nonce, &encrypted_message_key[0], + s.session_id(), &bad_nonce, encrypted_message_key.data(), encrypted_message_key.size(), encrypted.rsa_key, encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, &wrapped_key_length)); vector wrapped_key(wrapped_key_length, 0); ASSERT_EQ(OEMCrypto_ERROR_INVALID_NONCE, OEMCrypto_RewrapDeviceRSAKey30( - s.session_id(), &bad_nonce, &encrypted_message_key[0], + s.session_id(), &bad_nonce, encrypted_message_key.data(), encrypted_message_key.size(), encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, &wrapped_key[0], - &wrapped_key_length)); + encrypted.rsa_key_length, encrypted.rsa_key_iv, + wrapped_key.data(), &wrapped_key_length)); } TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKeyProv30Test) { @@ -2672,7 +2677,7 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKeyProv30Test) { uint32_t nonce = s.get_nonce(); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, OEMCrypto_RewrapDeviceRSAKey30( - s.session_id(), &nonce, &encrypted_message_key[0], + s.session_id(), &nonce, encrypted_message_key.data(), encrypted_message_key.size(), encrypted.rsa_key, encrypted.rsa_key_length, encrypted.rsa_key_iv, NULL, &wrapped_key_length)); @@ -2680,10 +2685,10 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKeyProv30Test) { encrypted.rsa_key[1] ^= 42; // Almost surely a bad key. ASSERT_EQ(OEMCrypto_ERROR_INVALID_RSA_KEY, OEMCrypto_RewrapDeviceRSAKey30( - s.session_id(), &nonce, &encrypted_message_key[0], + s.session_id(), &nonce, encrypted_message_key.data(), encrypted_message_key.size(), encrypted.rsa_key, - encrypted.rsa_key_length, encrypted.rsa_key_iv, &wrapped_key[0], - &wrapped_key_length)); + encrypted.rsa_key_length, encrypted.rsa_key_iv, + wrapped_key.data(), &wrapped_key_length)); } TEST_F(OEMCryptoLoadsCertificate, LoadWrappedRSAKey) { @@ -2692,7 +2697,7 @@ TEST_F(OEMCryptoLoadsCertificate, LoadWrappedRSAKey) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), wrapped_rsa_key_.data(), wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); } @@ -2718,7 +2723,7 @@ TEST_F(OEMCryptoLoadsCertificate, TestLargeRSAKey3072) { CreateWrappedRSAKey(kSign_RSASSA_PSS, true); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_NO_FATAL_FAILURE(s.InstallRSASessionTestKey(wrapped_rsa_key_)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 0)); @@ -2736,7 +2741,7 @@ TEST_F(OEMCryptoLoadsCertificate, TestCarmichaelRSAKey) { CreateWrappedRSAKey(kSign_RSASSA_PSS, true); Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_NO_FATAL_FAILURE(s.InstallRSASessionTestKey(wrapped_rsa_key_)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(kDuration, 0, 0)); @@ -2751,10 +2756,10 @@ TEST_F(OEMCryptoLoadsCertificate, TestMultipleRSAKeys) { Session s1; // Session s1 loads the default rsa key, but doesn't use it // until after s2 uses its key. ASSERT_NO_FATAL_FAILURE(s1.open()); - ASSERT_NO_FATAL_FAILURE(s1.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(s1.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_LoadDeviceRSAKey(s1.session_id(), &wrapped_rsa_key_[0], + OEMCrypto_LoadDeviceRSAKey(s1.session_id(), wrapped_rsa_key_.data(), wrapped_rsa_key_.size())); Session s2; // Session s2 uses a different rsa key. @@ -2763,7 +2768,7 @@ TEST_F(OEMCryptoLoadsCertificate, TestMultipleRSAKeys) { sizeof(kTestRSAPKCS8PrivateKeyInfo4_2048)); CreateWrappedRSAKey(kSign_RSASSA_PSS, true); ASSERT_NO_FATAL_FAILURE(s2.open()); - ASSERT_NO_FATAL_FAILURE(s2.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(s2.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_NO_FATAL_FAILURE(s2.InstallRSASessionTestKey(wrapped_rsa_key_)); ASSERT_NO_FATAL_FAILURE(s2.FillSimpleMessage(kDuration, 0, 0)); @@ -2797,7 +2802,7 @@ class OEMCryptoUsesCertificate : public OEMCryptoLoadsCertificate { CreateWrappedRSAKey(kSign_RSASSA_PSS, true); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadDeviceRSAKey(session_.session_id(), - &wrapped_rsa_key_[0], + wrapped_rsa_key_.data(), wrapped_rsa_key_.size())); } } @@ -2841,20 +2846,20 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) { do { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), wrapped_rsa_key_.data(), wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); const size_t size = 50; vector licenseRequest(size); - GetRandBytes(&licenseRequest[0], licenseRequest.size()); + GetRandBytes(licenseRequest.data(), licenseRequest.size()); size_t signature_length = 0; - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + sts = OEMCrypto_GenerateRSASignature(s.session_id(), licenseRequest.data(), licenseRequest.size(), NULL, &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_NE(static_cast(0), signature_length); uint8_t* signature = new uint8_t[signature_length]; - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + sts = OEMCrypto_GenerateRSASignature(s.session_id(), licenseRequest.data(), licenseRequest.size(), signature, &signature_length, kSign_RSASSA_PSS); delete[] signature; @@ -2870,11 +2875,11 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + OEMCrypto_LoadDeviceRSAKey(s.session_id(), wrapped_rsa_key_.data(), wrapped_rsa_key_.size())); vector session_key; vector enc_session_key; - ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_TRUE(s.GenerateRSASessionKey(&session_key, &enc_session_key)); vector mac_context; @@ -2906,9 +2911,10 @@ TEST_F(OEMCryptoLoadsCertificate, RSAPerformance) { do { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_DeriveKeysFromSessionKey( - s.session_id(), &enc_session_key[0], enc_session_key.size(), - &mac_context[0], mac_context.size(), &enc_context[0], - enc_context.size())); + s.session_id(), + enc_session_key.data(), enc_session_key.size(), + mac_context.data(), mac_context.size(), + enc_context.data(), enc_context.size())); count++; gettimeofday(&end_time, NULL); long seconds = end_time.tv_sec - start_time.tv_sec; @@ -2927,12 +2933,12 @@ TEST_F(OEMCryptoUsesCertificate, RSASignature) { OEMCryptoResult sts; // Sign a Message vector licenseRequest(500); - GetRandBytes(&licenseRequest[0], licenseRequest.size()); + GetRandBytes(licenseRequest.data(), licenseRequest.size()); size_t signature_length = 0; uint8_t signature[500]; sts = OEMCrypto_GenerateRSASignature( - session_.session_id(), &licenseRequest[0], licenseRequest.size(), + session_.session_id(), licenseRequest.data(), licenseRequest.size(), signature, &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); @@ -2940,13 +2946,13 @@ TEST_F(OEMCryptoUsesCertificate, RSASignature) { ASSERT_GE(sizeof(signature), signature_length); sts = OEMCrypto_GenerateRSASignature( - session_.session_id(), &licenseRequest[0], licenseRequest.size(), + session_.session_id(), licenseRequest.data(), licenseRequest.size(), signature, &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_SUCCESS, sts); // In the real world, the signature above would just have been used to contact // the license server to get this response. - ASSERT_NO_FATAL_FAILURE(session_.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(session_.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_NO_FATAL_FAILURE(session_.VerifyRSASignature( licenseRequest, signature, signature_length, kSign_RSASSA_PSS)); @@ -2956,12 +2962,12 @@ TEST_F(OEMCryptoUsesCertificate, RSASignatureLargeBuffer) { OEMCryptoResult sts; // Sign a Message vector licenseRequest(kMaxMessageSize); - GetRandBytes(&licenseRequest[0], licenseRequest.size()); + GetRandBytes(licenseRequest.data(), licenseRequest.size()); size_t signature_length = 0; uint8_t signature[500]; sts = OEMCrypto_GenerateRSASignature( - session_.session_id(), &licenseRequest[0], licenseRequest.size(), + session_.session_id(), licenseRequest.data(), licenseRequest.size(), signature, &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); @@ -2969,13 +2975,13 @@ TEST_F(OEMCryptoUsesCertificate, RSASignatureLargeBuffer) { ASSERT_GE(sizeof(signature), signature_length); sts = OEMCrypto_GenerateRSASignature( - session_.session_id(), &licenseRequest[0], licenseRequest.size(), + session_.session_id(), licenseRequest.data(), licenseRequest.size(), signature, &signature_length, kSign_RSASSA_PSS); ASSERT_EQ(OEMCrypto_SUCCESS, sts); // In the real world, the signature above would just have been used to contact // the license server to get this response. - ASSERT_NO_FATAL_FAILURE(session_.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(session_.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_NO_FATAL_FAILURE(session_.VerifyRSASignature( licenseRequest, signature, signature_length, kSign_RSASSA_PSS)); @@ -2984,7 +2990,7 @@ TEST_F(OEMCryptoUsesCertificate, RSASignatureLargeBuffer) { TEST_F(OEMCryptoUsesCertificate, GenerateDerivedKeysLargeBuffer) { vector session_key; vector enc_session_key; - ASSERT_NO_FATAL_FAILURE(session_.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(session_.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_TRUE(session_.GenerateRSASessionKey(&session_key, &enc_session_key)); vector mac_context(kMaxMessageSize); @@ -2996,9 +3002,10 @@ TEST_F(OEMCryptoUsesCertificate, GenerateDerivedKeysLargeBuffer) { } ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_DeriveKeysFromSessionKey( - session_.session_id(), &enc_session_key[0], - enc_session_key.size(), &mac_context[0], mac_context.size(), - &enc_context[0], enc_context.size())); + session_.session_id(), + enc_session_key.data(), enc_session_key.size(), + mac_context.data(), mac_context.size(), + enc_context.data(), enc_context.size())); } // This test attempts to use alternate algorithms for loaded device certs. @@ -3008,25 +3015,28 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate { OEMCryptoResult sts; Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), wrapped_rsa_key_.data(), wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); // Sign a Message vector licenseRequest(size); - GetRandBytes(&licenseRequest[0], licenseRequest.size()); + GetRandBytes(licenseRequest.data(), licenseRequest.size()); size_t signature_length = 256; vector signature(signature_length); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], - licenseRequest.size(), &signature[0], - &signature_length, scheme); + sts = OEMCrypto_GenerateRSASignature(s.session_id(), licenseRequest.data(), + licenseRequest.size(), + signature.data(), &signature_length, + scheme); // Allow OEMCrypto to request a full buffer. if (sts == OEMCrypto_ERROR_SHORT_BUFFER) { ASSERT_NE(static_cast(0), signature_length); signature.assign(signature_length, 0); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], - licenseRequest.size(), &signature[0], - &signature_length, scheme); + sts = OEMCrypto_GenerateRSASignature(s.session_id(), + licenseRequest.data(), + licenseRequest.size(), + signature.data(), &signature_length, + scheme); } EXPECT_NE(OEMCrypto_SUCCESS, sts) @@ -3040,28 +3050,28 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate { OEMCryptoResult sts; Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), wrapped_rsa_key_.data(), wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); vector licenseRequest(size); - GetRandBytes(&licenseRequest[0], licenseRequest.size()); + GetRandBytes(licenseRequest.data(), licenseRequest.size()); size_t signature_length = 0; - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + sts = OEMCrypto_GenerateRSASignature(s.session_id(), licenseRequest.data(), licenseRequest.size(), NULL, &signature_length, scheme); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_NE(static_cast(0), signature_length); uint8_t* signature = new uint8_t[signature_length]; - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + sts = OEMCrypto_GenerateRSASignature(s.session_id(), licenseRequest.data(), licenseRequest.size(), signature, &signature_length, scheme); ASSERT_EQ(OEMCrypto_SUCCESS, sts) << "Failed to sign with padding scheme=" << (int)scheme << ", size=" << (int)size; - ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_NO_FATAL_FAILURE(s.VerifyRSASignature(licenseRequest, signature, signature_length, scheme)); @@ -3072,13 +3082,13 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate { OEMCryptoResult sts; Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), wrapped_rsa_key_.data(), wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); s.GenerateNonce(); vector session_key; vector enc_session_key; - ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); ASSERT_TRUE(s.GenerateRSASessionKey(&session_key, &enc_session_key)); vector mac_context; @@ -3086,9 +3096,9 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate { s.FillDefaultContext(&mac_context, &enc_context); ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_DeriveKeysFromSessionKey( - s.session_id(), &enc_session_key[0], enc_session_key.size(), - &mac_context[0], mac_context.size(), &enc_context[0], - enc_context.size())); + s.session_id(), enc_session_key.data(), + enc_session_key.size(), mac_context.data(), + mac_context.size(), enc_context.data(), enc_context.size())); } // If force is true, we assert that the key loads successfully. @@ -3313,14 +3323,14 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates { OEMCryptoResult sts; Session s; ASSERT_NO_FATAL_FAILURE(s.open()); - sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), wrapped_rsa_key_.data(), wrapped_rsa_key_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); // The application will compute the SHA-1 Hash of the message, so this // test must do that also. uint8_t hash[SHA_DIGEST_LENGTH]; - if (!SHA1(&message[0], message.size(), hash)) { + if (!SHA1(message.data(), message.size(), hash)) { dump_boringssl_error(); FAIL() << "boringssl error creating SHA1 hash."; } @@ -3332,21 +3342,21 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates { // OEMCrypto will apply the padding, and encrypt to generate the signature. size_t signature_length = 0; - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &digest[0], + sts = OEMCrypto_GenerateRSASignature(s.session_id(), digest.data(), digest.size(), NULL, &signature_length, scheme); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_NE(static_cast(0), signature_length); vector signature(signature_length); - sts = OEMCrypto_GenerateRSASignature(s.session_id(), &digest[0], - digest.size(), &signature[0], + sts = OEMCrypto_GenerateRSASignature(s.session_id(), digest.data(), + digest.size(), signature.data(), &signature_length, scheme); ASSERT_EQ(OEMCrypto_SUCCESS, sts) << "Failed to sign with padding scheme=" << (int)scheme << ", size=" << (int)message.size(); - ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(&encoded_rsa_key_[0], + ASSERT_NO_FATAL_FAILURE(s.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size())); // Verify that the signature matches the official test vector. @@ -3356,10 +3366,10 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates { // Also verify that our verification algorithm agrees. This is not needed // to test OEMCrypto, but it does verify that this test is valid. - ASSERT_NO_FATAL_FAILURE( - s.VerifyRSASignature(digest, &signature[0], signature_length, scheme)); ASSERT_NO_FATAL_FAILURE(s.VerifyRSASignature( - digest, &correct_signature[0], correct_signature.size(), scheme)); + digest, signature.data(), signature_length, scheme)); + ASSERT_NO_FATAL_FAILURE(s.VerifyRSASignature( + digest, correct_signature.data(), correct_signature.size(), scheme)); } }; @@ -4120,7 +4130,7 @@ class GenericCryptoTest : public OEMCryptoSessionTests { out_buffer->resize(in_buffer.size()); ASSERT_GT(in_buffer.size(), 0u); ASSERT_EQ(0u, in_buffer.size() % AES_BLOCK_SIZE); - AES_cbc_encrypt(&in_buffer[0], out_buffer->data(), in_buffer.size(), + AES_cbc_encrypt(in_buffer.data(), out_buffer->data(), in_buffer.size(), &aes_key, iv_buffer, AES_ENCRYPT); } @@ -4130,7 +4140,7 @@ class GenericCryptoTest : public OEMCryptoSessionTests { unsigned int md_len = SHA256_DIGEST_LENGTH; signature->resize(SHA256_DIGEST_LENGTH); HMAC(EVP_sha256(), session_.license().keys[key_index].key_data, - wvoec::MAC_KEY_SIZE, &in_buffer[0], in_buffer.size(), + wvoec::MAC_KEY_SIZE, in_buffer.data(), in_buffer.size(), signature->data(), &md_len); } @@ -4146,8 +4156,9 @@ class GenericCryptoTest : public OEMCryptoSessionTests { ASSERT_EQ(OEMCrypto_SUCCESS, sts); vector encrypted(buffer_length); sts = - OEMCrypto_Generic_Encrypt(session_.session_id(), &clear_buffer_[0], - buffer_length, iv_, algorithm, &encrypted[0]); + OEMCrypto_Generic_Encrypt(session_.session_id(), clear_buffer_.data(), + buffer_length, iv_, algorithm, + encrypted.data()); EXPECT_NE(OEMCrypto_SUCCESS, sts); expected_encrypted.resize(buffer_length); EXPECT_NE(encrypted, expected_encrypted); @@ -4165,8 +4176,9 @@ class GenericCryptoTest : public OEMCryptoSessionTests { ASSERT_EQ(OEMCrypto_SUCCESS, sts); vector resultant(encrypted.size()); sts = - OEMCrypto_Generic_Decrypt(session_.session_id(), &encrypted[0], - buffer_length, iv_, algorithm, &resultant[0]); + OEMCrypto_Generic_Decrypt(session_.session_id(), encrypted.data(), + buffer_length, iv_, algorithm, + resultant.data()); EXPECT_NE(OEMCrypto_SUCCESS, sts); EXPECT_NE(clear_buffer_, resultant); } @@ -4183,9 +4195,9 @@ class GenericCryptoTest : public OEMCryptoSessionTests { ASSERT_EQ(OEMCrypto_SUCCESS, sts); size_t signature_length = (size_t)SHA256_DIGEST_LENGTH; vector signature(SHA256_DIGEST_LENGTH); - sts = OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], - clear_buffer_.size(), algorithm, &signature[0], - &signature_length); + sts = OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), + clear_buffer_.size(), algorithm, + signature.data(), &signature_length); EXPECT_NE(OEMCrypto_SUCCESS, sts); EXPECT_NE(signature, expected_signature); } @@ -4204,9 +4216,9 @@ class GenericCryptoTest : public OEMCryptoSessionTests { session_.license().keys[key_index].key_id_length, OEMCrypto_CipherMode_CTR); ASSERT_EQ(OEMCrypto_SUCCESS, sts); - sts = OEMCrypto_Generic_Verify(session_.session_id(), &clear_buffer_[0], + sts = OEMCrypto_Generic_Verify(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), algorithm, - &signature[0], signature_size); + signature.data(), signature_size); EXPECT_NE(OEMCrypto_SUCCESS, sts); } @@ -4234,8 +4246,9 @@ TEST_F(GenericCryptoTest, GenericKeyEncrypt) { vector encrypted(clear_buffer_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Encrypt( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), - iv_, OEMCrypto_AES_CBC_128_NO_PADDING, &encrypted[0])); + session_.session_id(), clear_buffer_.data(), + clear_buffer_.size(), iv_, OEMCrypto_AES_CBC_128_NO_PADDING, + encrypted.data())); ASSERT_EQ(expected_encrypted, encrypted); } @@ -4264,8 +4277,8 @@ TEST_F(GenericCryptoTest, GenericKeyEncryptSameBufferAPI12) { vector buffer = clear_buffer_; ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Encrypt( - session_.session_id(), &buffer[0], buffer.size(), - iv_, OEMCrypto_AES_CBC_128_NO_PADDING, &buffer[0])); + session_.session_id(), buffer.data(), buffer.size(), + iv_, OEMCrypto_AES_CBC_128_NO_PADDING, buffer.data())); ASSERT_EQ(expected_encrypted, buffer); } @@ -4283,8 +4296,8 @@ TEST_F(GenericCryptoTest, GenericKeyDecrypt) { vector resultant(encrypted.size()); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Decrypt( - session_.session_id(), &encrypted[0], encrypted.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0])); + session_.session_id(), encrypted.data(), encrypted.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, resultant.data())); ASSERT_EQ(clear_buffer_, resultant); } @@ -4302,8 +4315,8 @@ TEST_F(GenericCryptoTest, GenericKeyDecryptSameBufferAPI12) { vector buffer = encrypted; ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Decrypt( - session_.session_id(), &buffer[0], buffer.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &buffer[0])); + session_.session_id(), buffer.data(), buffer.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, buffer.data())); ASSERT_EQ(clear_buffer_, buffer); } @@ -4323,8 +4336,8 @@ TEST_F(GenericCryptoTest, GenericSecureToClear) { vector resultant(encrypted.size()); ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_Generic_Decrypt( - session_.session_id(), &encrypted[0], encrypted.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0])); + session_.session_id(), encrypted.data(), encrypted.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, resultant.data())); ASSERT_NE(clear_buffer_, resultant); } @@ -4352,15 +4365,15 @@ TEST_F(GenericCryptoTest, GenericKeySign) { OEMCrypto_CipherMode_CTR)); size_t gen_signature_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, - OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], + OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, NULL, &gen_signature_length)); ASSERT_EQ(static_cast(SHA256_DIGEST_LENGTH), gen_signature_length); vector signature(SHA256_DIGEST_LENGTH); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], + OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, - &signature[0], &gen_signature_length)); + signature.data(), &gen_signature_length)); ASSERT_EQ(expected_signature, signature); } @@ -4386,8 +4399,9 @@ TEST_F(GenericCryptoTest, GenericKeyVerify) { OEMCrypto_CipherMode_CTR)); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Verify( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), - OEMCrypto_HMAC_SHA256, &signature[0], signature.size())); + session_.session_id(), clear_buffer_.data(), + clear_buffer_.size(), OEMCrypto_HMAC_SHA256, signature.data(), + signature.size())); } TEST_F(GenericCryptoTest, GenericKeyBadVerify) { @@ -4416,8 +4430,9 @@ TEST_F(GenericCryptoTest, GenericKeyEncryptLargeBuffer) { vector encrypted(clear_buffer_.size()); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Encrypt( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), - iv_, OEMCrypto_AES_CBC_128_NO_PADDING, &encrypted[0])); + session_.session_id(), clear_buffer_.data(), + clear_buffer_.size(), iv_, OEMCrypto_AES_CBC_128_NO_PADDING, + encrypted.data())); ASSERT_EQ(expected_encrypted, encrypted); } @@ -4437,8 +4452,8 @@ TEST_F(GenericCryptoTest, GenericKeyDecryptLargeBuffer) { vector resultant(encrypted.size()); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Decrypt( - session_.session_id(), &encrypted[0], encrypted.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0])); + session_.session_id(), encrypted.data(), encrypted.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, resultant.data())); ASSERT_EQ(clear_buffer_, resultant); } @@ -4457,15 +4472,15 @@ TEST_F(GenericCryptoTest, GenericKeySignLargeBuffer) { OEMCrypto_CipherMode_CTR)); size_t gen_signature_length = 0; ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, - OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], + OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, NULL, &gen_signature_length)); ASSERT_EQ(static_cast(SHA256_DIGEST_LENGTH), gen_signature_length); vector signature(SHA256_DIGEST_LENGTH); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], + OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, - &signature[0], &gen_signature_length)); + signature.data(), &gen_signature_length)); ASSERT_EQ(expected_signature, signature); } @@ -4484,8 +4499,9 @@ TEST_F(GenericCryptoTest, GenericKeyVerifyLargeBuffer) { OEMCrypto_CipherMode_CTR)); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Verify( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), - OEMCrypto_HMAC_SHA256, &signature[0], signature.size())); + session_.session_id(), clear_buffer_.data(), + clear_buffer_.size(), OEMCrypto_HMAC_SHA256, signature.data(), + signature.size())); } TEST_F(GenericCryptoTest, KeyDurationEncrypt) { @@ -4505,16 +4521,17 @@ TEST_F(GenericCryptoTest, KeyDurationEncrypt) { OEMCrypto_CipherMode_CTR)); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Encrypt( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), - iv_, OEMCrypto_AES_CBC_128_NO_PADDING, &encrypted[0])); + session_.session_id(), clear_buffer_.data(), + clear_buffer_.size(), iv_, OEMCrypto_AES_CBC_128_NO_PADDING, + encrypted.data())); ASSERT_EQ(expected_encrypted, encrypted); sleep(kLongSleep); // Should be expired key. encrypted.assign(clear_buffer_.size(), 0); OEMCryptoResult status = OEMCrypto_Generic_Encrypt( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &encrypted[0]); + session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, encrypted.data()); ASSERT_NO_FATAL_FAILURE( session_.TestDecryptResult(OEMCrypto_ERROR_KEY_EXPIRED, status)); ASSERT_NE(encrypted, expected_encrypted); @@ -4539,16 +4556,16 @@ TEST_F(GenericCryptoTest, KeyDurationDecrypt) { vector resultant(encrypted.size()); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Decrypt( - session_.session_id(), &encrypted[0], encrypted.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0])); + session_.session_id(), encrypted.data(), encrypted.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, resultant.data())); ASSERT_EQ(clear_buffer_, resultant); sleep(kLongSleep); // Should be expired key. resultant.assign(encrypted.size(), 0); OEMCryptoResult status = OEMCrypto_Generic_Decrypt( - session_.session_id(), &encrypted[0], encrypted.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0]); + session_.session_id(), encrypted.data(), encrypted.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, resultant.data()); ASSERT_NO_FATAL_FAILURE( session_.TestDecryptResult(OEMCrypto_ERROR_KEY_EXPIRED, status)); ASSERT_NE(clear_buffer_, resultant); @@ -4574,17 +4591,17 @@ TEST_F(GenericCryptoTest, KeyDurationSign) { sleep(kShortSleep); // Should still be valid key. ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], + OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, - &signature[0], &signature_length)); + signature.data(), &signature_length)); ASSERT_EQ(expected_signature, signature); sleep(kLongSleep); // Should be expired key. signature.assign(SHA256_DIGEST_LENGTH, 0); OEMCryptoResult status = OEMCrypto_Generic_Sign( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), - OEMCrypto_HMAC_SHA256, &signature[0], &signature_length); + session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), + OEMCrypto_HMAC_SHA256, signature.data(), &signature_length); ASSERT_NO_FATAL_FAILURE( session_.TestDecryptResult(OEMCrypto_ERROR_KEY_EXPIRED, status)); ASSERT_NE(expected_signature, signature); @@ -4609,14 +4626,15 @@ TEST_F(GenericCryptoTest, KeyDurationVerify) { ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Verify( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), - OEMCrypto_HMAC_SHA256, &signature[0], signature.size())); + session_.session_id(), clear_buffer_.data(), + clear_buffer_.size(), OEMCrypto_HMAC_SHA256, signature.data(), + signature.size())); sleep(kLongSleep); // Should be expired key. OEMCryptoResult status = OEMCrypto_Generic_Verify( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), - OEMCrypto_HMAC_SHA256, &signature[0], signature.size()); + session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), + OEMCrypto_HMAC_SHA256, signature.data(), signature.size()); ASSERT_NO_FATAL_FAILURE( session_.TestDecryptResult(OEMCrypto_ERROR_KEY_EXPIRED, status)); ASSERT_NO_FATAL_FAILURE(session_.TestSelectExpired(key_index)); @@ -4674,8 +4692,8 @@ class GenericCryptoKeyIdLengthTest : public GenericCryptoTest { vector resultant(encrypted.size()); ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Generic_Decrypt( - session_.session_id(), &encrypted[0], encrypted.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0])); + session_.session_id(), encrypted.data(), encrypted.size(), + iv_, OEMCrypto_AES_CBC_128_NO_PADDING, resultant.data())); ASSERT_EQ(clear_buffer_, resultant); } }; @@ -4899,7 +4917,7 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) { ASSERT_NE( OEMCrypto_SUCCESS, OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), + s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), s.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -4917,7 +4935,7 @@ TEST_F(UsageTableTest, OnlineEmptyPST) { ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); ASSERT_NO_FATAL_FAILURE(s.CreateNewUsageEntry()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -4937,7 +4955,7 @@ TEST_F(UsageTableTest, OnlineMissingEntry) { ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); // ENTRY NOT CREATED: ASSERT_NO_FATAL_FAILURE(s.CreateNewUsageEntry()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), s.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense); @@ -4964,8 +4982,8 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoEncrypt) { ASSERT_EQ(OEMCrypto_SUCCESS, sts); vector encrypted(clear_buffer_.size()); sts = OEMCrypto_Generic_Encrypt( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &encrypted[0]); + session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, encrypted.data()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); EXPECT_EQ(expected_encrypted, encrypted); ASSERT_NO_FATAL_FAILURE(session_.UpdateUsageEntry(&encrypted_usage_header_)); @@ -4975,8 +4993,8 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoEncrypt) { ASSERT_NO_FATAL_FAILURE(session_.GenerateVerifyReport(pst, kInactiveUsed)); encrypted.assign(clear_buffer_.size(), 0); sts = OEMCrypto_Generic_Encrypt( - session_.session_id(), &clear_buffer_[0], clear_buffer_.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &encrypted[0]); + session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, encrypted.data()); ASSERT_NE(OEMCrypto_SUCCESS, sts); EXPECT_NE(encrypted, expected_encrypted); } @@ -5001,8 +5019,8 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoDecrypt) { ASSERT_EQ(OEMCrypto_SUCCESS, sts); vector resultant(encrypted.size()); sts = OEMCrypto_Generic_Decrypt( - session_.session_id(), &encrypted[0], encrypted.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0]); + session_.session_id(), encrypted.data(), encrypted.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING,resultant.data()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); EXPECT_EQ(clear_buffer_, resultant); ASSERT_NO_FATAL_FAILURE(session_.UpdateUsageEntry(&encrypted_usage_header_)); @@ -5012,8 +5030,8 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoDecrypt) { ASSERT_NO_FATAL_FAILURE(session_.GenerateVerifyReport(pst, kInactiveUsed)); resultant.assign(encrypted.size(), 0); sts = OEMCrypto_Generic_Decrypt( - session_.session_id(), &encrypted[0], encrypted.size(), iv_, - OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0]); + session_.session_id(), encrypted.data(), encrypted.size(), iv_, + OEMCrypto_AES_CBC_128_NO_PADDING, resultant.data()); ASSERT_NE(OEMCrypto_SUCCESS, sts); EXPECT_NE(clear_buffer_, resultant); } @@ -5040,15 +5058,15 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoSign) { OEMCrypto_CipherMode_CTR); ASSERT_EQ(OEMCrypto_SUCCESS, sts); size_t gen_signature_length = 0; - sts = OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], + sts = OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, NULL, &gen_signature_length); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); ASSERT_EQ(static_cast(SHA256_DIGEST_LENGTH), gen_signature_length); vector signature(SHA256_DIGEST_LENGTH); - sts = OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], + sts = OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, - &signature[0], &gen_signature_length); + signature.data(), &gen_signature_length); ASSERT_EQ(OEMCrypto_SUCCESS, sts); ASSERT_EQ(expected_signature, signature); @@ -5059,9 +5077,9 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoSign) { ASSERT_NO_FATAL_FAILURE(session_.GenerateVerifyReport(pst, kInactiveUsed)); signature.assign(SHA256_DIGEST_LENGTH, 0); gen_signature_length = SHA256_DIGEST_LENGTH; - sts = OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0], + sts = OEMCrypto_Generic_Sign(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, - &signature[0], &gen_signature_length); + signature.data(), &gen_signature_length); ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_NE(signature, expected_signature); } @@ -5086,18 +5104,18 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoVerify) { session_.license().keys[key_index].key_id_length, OEMCrypto_CipherMode_CTR); ASSERT_EQ(OEMCrypto_SUCCESS, sts); - sts = OEMCrypto_Generic_Verify(session_.session_id(), &clear_buffer_[0], + sts = OEMCrypto_Generic_Verify(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, - &signature[0], signature.size()); + signature.data(), signature.size()); ASSERT_EQ(OEMCrypto_SUCCESS, sts); ASSERT_NO_FATAL_FAILURE(session_.UpdateUsageEntry(&encrypted_usage_header_)); ASSERT_NO_FATAL_FAILURE(session_.GenerateVerifyReport(pst, kActive)); ASSERT_NO_FATAL_FAILURE(session_.DeactivateUsageEntry(pst)); ASSERT_NO_FATAL_FAILURE(session_.UpdateUsageEntry(&encrypted_usage_header_)); ASSERT_NO_FATAL_FAILURE(session_.GenerateVerifyReport(pst, kInactiveUsed)); - sts = OEMCrypto_Generic_Verify(session_.session_id(), &clear_buffer_[0], + sts = OEMCrypto_Generic_Verify(session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), OEMCrypto_HMAC_SHA256, - &signature[0], signature.size()); + signature.data(), signature.size()); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -5194,7 +5212,7 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicenseWithTerminate) { ShutDown(); Restart(); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_LoadUsageTableHeader(&encrypted_usage_header_[0], + OEMCrypto_LoadUsageTableHeader(encrypted_usage_header_.data(), encrypted_usage_header_.size())); ASSERT_NO_FATAL_FAILURE(s.open()); @@ -5228,7 +5246,7 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) { ASSERT_NE( OEMCrypto_SUCCESS, OEMCrypto_LoadKeys(s2.session_id(), s2.message_ptr(), s2.message_size(), - &s2.signature()[0], s2.signature().size(), + s2.signature().data(), s2.signature().size(), s2.enc_mac_keys_iv_substr(), s2.enc_mac_keys_substr(), s.num_keys(), s2.key_array(), s2.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -5257,7 +5275,7 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) { s.FillSimpleMessage(0, wvoec::kControlNonceOrEntry, 42, pst)); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), s.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense); @@ -5275,7 +5293,7 @@ TEST_P(UsageTableTestWithMAC, OfflineEmptyPST) { s.FillSimpleMessage(0, wvoec::kControlNonceOrEntry, s.get_nonce())); ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( - s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.session_id(), s.message_ptr(), s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), GetSubstring(), GetSubstring(), OEMCrypto_ContentLicense); @@ -5297,7 +5315,7 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineWrongPST) { ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), GetSubstring(), + s.signature().data(), s.signature().size(), GetSubstring(), GetSubstring(), s.num_keys(), s.key_array(), s.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense)); } @@ -5329,7 +5347,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) { EXPECT_NE( OEMCrypto_SUCCESS, OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), + s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), s.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -5370,7 +5388,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicenseUnused) { EXPECT_NE( OEMCrypto_SUCCESS, OEMCrypto_LoadKeys(s2.session_id(), s1.message_ptr(), s1.message_size(), - &s1.signature()[0], s1.signature().size(), + s1.signature().data(), s1.signature().size(), s1.enc_mac_keys_iv_substr(), s1.enc_mac_keys_substr(), s1.num_keys(), s1.key_array(), s1.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -5401,7 +5419,7 @@ TEST_P(UsageTableTestWithMAC, BadRange) { OEMCrypto_LoadKeys( s.session_id(), reinterpret_cast(double_message.data()), - s.message_size(), &s.signature()[0], s.signature().size(), + s.message_size(), s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), wrong_pst, GetSubstring(), OEMCrypto_ContentLicense)); } @@ -5425,10 +5443,10 @@ TEST_F(UsageTableTest, UpdateFailsWithNullPtr) { ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageEntry( s.session_id(), NULL, &header_buffer_length, - &buffer[0], &entry_buffer_length)); + buffer.data(), &entry_buffer_length)); ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageEntry( - s.session_id(), &encrypted_usage_header_[0], + s.session_id(), encrypted_usage_header_.data(), &header_buffer_length, NULL, &entry_buffer_length)); } @@ -5470,13 +5488,13 @@ class UsageTableDefragTest : public UsageTableTest { ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(s)); ASSERT_EQ(expected_result, OEMCrypto_LoadUsageEntry(s->session_id(), s->usage_entry_number(), - &s->encrypted_usage_entry()[0], + s->encrypted_usage_entry().data(), s->encrypted_usage_entry().size())); ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_LoadKeys( s->session_id(), s->message_ptr(), s->message_size(), - &s->signature()[0], s->signature().size(), + s->signature().data(), s->signature().size(), s->enc_mac_keys_iv_substr(), s->enc_mac_keys_substr(), s->num_keys(), s->key_array(), s->pst_substr(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -5497,7 +5515,7 @@ class UsageTableDefragTest : public UsageTableTest { ASSERT_LT(0u, header_buffer_length); encrypted_usage_header_.resize(header_buffer_length); sts = OEMCrypto_ShrinkUsageTableHeader( - new_size, &encrypted_usage_header_[0], + new_size, encrypted_usage_header_.data(), &header_buffer_length); ASSERT_EQ(expected_result, sts); } @@ -5524,7 +5542,7 @@ TEST_F(UsageTableDefragTest, MoveUsageEntries) { ShutDown(); Restart(); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_LoadUsageTableHeader(&encrypted_usage_header_[0], + OEMCrypto_LoadUsageTableHeader(encrypted_usage_header_.data(), encrypted_usage_header_.size())); ASSERT_NO_FATAL_FAILURE(ReloadLicense(&sessions[0], start[0])); // Now has index 1. @@ -5606,7 +5624,7 @@ TEST_F(UsageTableDefragTest, ReloadUsageEntryBadData) { // Error could be signature or verification error. ASSERT_NE(OEMCrypto_SUCCESS, OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(), - &data[0], data.size())); + data.data(), data.size())); } static std::string MakePST(size_t n) { @@ -5779,7 +5797,7 @@ TEST_F(UsageTableTest, ReloadUsageTableWithSkew) { ASSERT_EQ( OEMCrypto_ERROR_UNKNOWN_FAILURE, OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(), - &s.encrypted_usage_entry()[0], + s.encrypted_usage_entry().data(), s.encrypted_usage_entry().size())); ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.close()); @@ -5788,42 +5806,42 @@ TEST_F(UsageTableTest, ReloadUsageTableWithSkew) { vector bad_header = encrypted_usage_header_; bad_header[3] ^= 42; ASSERT_NE(OEMCrypto_SUCCESS, - OEMCrypto_LoadUsageTableHeader(&bad_header[0], + OEMCrypto_LoadUsageTableHeader(bad_header.data(), bad_header.size())); ASSERT_NO_FATAL_FAILURE(s.open()); // Cannot load an entry with if header didn't load. ASSERT_EQ( OEMCrypto_ERROR_UNKNOWN_FAILURE, OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(), - &s.encrypted_usage_entry()[0], + s.encrypted_usage_entry().data(), s.encrypted_usage_entry().size())); ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.close()); // Old by 2 generation numbers is error. ASSERT_EQ(OEMCrypto_ERROR_GENERATION_SKEW, - OEMCrypto_LoadUsageTableHeader(&old_usage_header_2_[0], + OEMCrypto_LoadUsageTableHeader(old_usage_header_2_.data(), old_usage_header_2_.size())); ASSERT_NO_FATAL_FAILURE(s.open()); // Cannot load an entry with if header didn't load. ASSERT_NE( OEMCrypto_SUCCESS, OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(), - &s.encrypted_usage_entry()[0], + s.encrypted_usage_entry().data(), s.encrypted_usage_entry().size())); ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.close()); // Old by 1 generation numbers is just warning. ASSERT_EQ(OEMCrypto_WARNING_GENERATION_SKEW, - OEMCrypto_LoadUsageTableHeader(&old_usage_header_1_[0], + OEMCrypto_LoadUsageTableHeader(old_usage_header_1_.data(), old_usage_header_1_.size())); // Everything else should still work. Skew by 1 is just a warning. ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_EQ( OEMCrypto_WARNING_GENERATION_SKEW, OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(), - &s.encrypted_usage_entry()[0], + s.encrypted_usage_entry().data(), s.encrypted_usage_entry().size())); ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_)); @@ -5893,7 +5911,7 @@ TEST_F(UsageTableTest, TimingTest) { sleep(kShortSleep); Restart(); ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_LoadUsageTableHeader(&encrypted_usage_header_[0], + OEMCrypto_LoadUsageTableHeader(encrypted_usage_header_.data(), encrypted_usage_header_.size())); // After a reboot, we should be able to reload keys, and generate reports. @@ -6159,7 +6177,7 @@ TEST_F(UsageTableTest, LoadSharedLicenseWithNoMaster) { ASSERT_EQ( OEMCrypto_ERROR_MISSING_MASTER, OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), + s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), s.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense)); @@ -6193,7 +6211,7 @@ TEST_F(UsageTableTest, PSTLargeBuffer) { EXPECT_NE( OEMCrypto_SUCCESS, OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), s.message_size(), - &s.signature()[0], s.signature().size(), + s.signature().data(), s.signature().size(), s.enc_mac_keys_iv_substr(), s.enc_mac_keys_substr(), s.num_keys(), s.key_array(), s.pst_substr(), GetSubstring(), OEMCrypto_ContentLicense));