Reject Embedded Keys Under 16 Bytes

(This is a merge of http://go/wvgerrit/60620)

The license code handles keys larger than 16 bytes correctly, but it
does not properly reject keys smaller than 16 bytes.

This patch adds unit tests not only for the new error case but also
the existing success cases which were not previously being tested. As
part of this, license_unittest was changed to use a Test Peer instead
of making the test fixture a friend class.

Bug: 111069024
Test: CE CDM unit tests
Test: Android unit tests
Change-Id: Idb2deb6fbe0aeb19b530f9818bebff480541f5c8

libwvdrmengine/cdm/core/include/license.h

@@ -155,7 +155,7 @@ class CdmLicense {
   CdmLicenseKeyType license_key_type_;
   RepeatedPtrField<License_KeyContainer> entitlement_keys_;
 #if defined(UNIT_TEST)
-  friend class CdmLicenseTest;
+  friend class CdmLicenseTestPeer;
 #endif
 
   CORE_DISALLOW_COPY_AND_ASSIGN(CdmLicense);

libwvdrmengine/cdm/core/include/wv_cdm_constants.h

@@ -12,7 +12,8 @@ static const size_t KEY_CONTROL_SIZE = 16;
 static const size_t KEY_ID_SIZE = 16;
 static const size_t KEY_IV_SIZE = 16;
 static const size_t KEY_PAD_SIZE = 16;
-static const size_t KEY_SIZE = 16;
+static const size_t CONTENT_KEY_SIZE = 16;
+static const size_t SERVICE_KEY_SIZE = 16;
 static const size_t MAC_KEY_SIZE = 32;
 static const size_t KEYBOX_KEY_DATA_SIZE = 72;
 static const size_t SRM_REQUIREMENT_SIZE = 12;

libwvdrmengine/cdm/core/include/wv_cdm_types.h

@@ -126,7 +126,7 @@ enum CdmResponseType {
   INVALID_SESSION_ID = 83,
   KEY_REQUEST_ERROR_1 = 84,
   /* previously KEY_REQUEST_ERROR_2 = 85 */
-  KEY_SIZE_ERROR = 86,
+  KEY_SIZE_ERROR_1 = 86,
   KEYSET_ID_NOT_FOUND_1 = 87,
   KEYSET_ID_NOT_FOUND_2 = 88,
   KEYSET_ID_NOT_FOUND_3 = 89,
@@ -336,6 +336,7 @@ enum CdmResponseType {
   NO_CONTENT_KEY_3 = 292,
   DEVICE_CANNOT_REPROVISION = 293,
   SESSION_NOT_FOUND_19 = 294,
+  KEY_SIZE_ERROR_2 = 295,
   // Don't forget to add new values to ../test/test_printers.cpp.
 };
 

libwvdrmengine/cdm/core/src/crypto_session.cpp

@@ -117,7 +117,7 @@ void GenerateEncryptContext(const std::string& input_context,
   }
 
   const std::string kEncryptionKeyLabel = "ENCRYPTION";
-  const size_t kEncryptionKeySizeBits = wvcdm::KEY_SIZE * 8;
+  const size_t kEncryptionKeySizeBits = wvcdm::CONTENT_KEY_SIZE * 8;
 
   deriv_context->assign(kEncryptionKeyLabel);
   deriv_context->append(1, '\0');

libwvdrmengine/cdm/core/src/license.cpp

@@ -633,7 +633,7 @@ CdmResponseType CdmLicense::HandleKeyResponse(
           "CdmLicense::HandleKeyResponse: mac key/iv size error"
           "(key/iv size expected: %d/%d, actual: %d/%d",
           MAC_KEY_SIZE, KEY_IV_SIZE, mac_key.size(), mac_key_iv.size());
-      return KEY_SIZE_ERROR;
+      return KEY_SIZE_ERROR_1;
     }
   }
 
@@ -1126,11 +1126,11 @@ CdmResponseType CdmLicense::HandleEntitlementKeyResponse(
 CdmResponseType CdmLicense::HandleNewEntitledKeys(
     const std::vector<WidevinePsshData_EntitledKey>& wrapped_keys) {
   std::vector<CryptoKey> entitled_key_array;
-  entitled_key_array.reserve(entitlement_keys_.size());
+  entitled_key_array.reserve(wrapped_keys.size());
 
   for (RepeatedPtrField<License_KeyContainer>::const_iterator kc =
            entitlement_keys_.begin();
-       kc != entitlement_keys_.end(); kc++) {
+       kc != entitlement_keys_.end(); ++kc) {
     if (kc->type() != video_widevine::License::KeyContainer::ENTITLEMENT) {
       continue;
     }
@@ -1143,8 +1143,11 @@ CdmResponseType CdmLicense::HandleNewEntitledKeys(
 
         // Strip PKCS#5 padding from entitled content keys.
         std::string content_key = wk->key();
-        if (content_key.size() > KEY_SIZE) {
-          content_key.resize(KEY_SIZE);
+        if (content_key.size() < CONTENT_KEY_SIZE) {
+          LOGE("Entitled Key too small, %lu bytes", content_key.size());
+          return KEY_SIZE_ERROR_2;
+        } else if (content_key.size() > CONTENT_KEY_SIZE) {
+          content_key.resize(CONTENT_KEY_SIZE);
         }
 
         CryptoKey& this_entry = entitled_key_array.back();
@@ -1193,8 +1196,8 @@ CdmResponseType CdmLicense::HandleSubLicense(
 
     // Strip PKCS#5 padding from sublicense content keys.
     // TODO(jfore): Refactor this to use ExtractContentKeys.
-    if (keyc.key().size() > KEY_SIZE) {
-      length = keyc.key().size() - KEY_SIZE;
+    if (keyc.key().size() > CONTENT_KEY_SIZE) {
+      length = keyc.key().size() - CONTENT_KEY_SIZE;
     } else {
       length = 0;
     }

libwvdrmengine/cdm/core/src/service_certificate.cpp

@@ -226,7 +226,7 @@ CdmResponseType ServiceCertificate::EncryptClientId(
   encrypted_client_id->set_service_certificate_serial_number(serial_number_);
 
   std::string iv(KEY_IV_SIZE, 0);
-  std::string key(KEY_SIZE, 0);
+  std::string key(SERVICE_KEY_SIZE, 0);
 
   if (!crypto_session->GetRandom(key.size(),
                                 reinterpret_cast<uint8_t*>(&key[0])))

libwvdrmengine/cdm/core/test/cdm_engine_test.cpp

@@ -357,7 +357,7 @@ TEST_F(WvCdmEngineTest, LoadKey) {
   holder.OpenSession(config_.key_system());
   holder.GenerateKeyRequest(binary_key_id(), ISO_BMFF_VIDEO_MIME_TYPE);
   holder.CreateDefaultLicense();
-  std::vector<uint8_t> key_data(KEY_SIZE, '1');
+  std::vector<uint8_t> key_data(CONTENT_KEY_SIZE, '1');
   wvoec::KeyControlBlock block = {};
   holder.AddKey("key_one", key_data, block);
   holder.SignAndLoadLicense();

libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp

@@ -43,10 +43,10 @@ class WvGenericOperationsTest : public WvCdmTestBase {
     holder_.CreateDefaultLicense();
 
     ency_id_ = "ency";
-    StripeBuffer(&ency_key_, KEY_SIZE, 'e');
+    StripeBuffer(&ency_key_, CONTENT_KEY_SIZE, 'e');
     AddOneKey(ency_id_, ency_key_, wvoec::kControlAllowEncrypt);
     dency_id_ = "dency";
-    StripeBuffer(&dency_key_, KEY_SIZE, 'd');
+    StripeBuffer(&dency_key_, CONTENT_KEY_SIZE, 'd');
     AddOneKey(dency_id_, dency_key_, wvoec::kControlAllowDecrypt);
     siggy_id_ = "siggy";
     StripeBuffer(&siggy_key_, MAC_KEY_SIZE, 's');
@@ -55,10 +55,10 @@ class WvGenericOperationsTest : public WvCdmTestBase {
     StripeBuffer(&vou_key_, MAC_KEY_SIZE, 'v');
     AddOneKey(vou_id_, vou_key_, wvoec::kControlAllowVerify);
 
-    StripeBuffer(&in_vector_, KEY_SIZE * 15, '1');
+    StripeBuffer(&in_vector_, CONTENT_KEY_SIZE * 15, '1');
     in_buffer_ = std::string(in_vector_.begin(), in_vector_.end());
 
-    StripeBuffer(&iv_vector_, KEY_SIZE, 'a');
+    StripeBuffer(&iv_vector_, KEY_IV_SIZE, 'a');
     iv_ = std::string(iv_vector_.begin(), iv_vector_.end());
   }
 
@@ -255,7 +255,7 @@ TEST_F(WvGenericOperationsTest, GenericEncryptDecrypt) {
   KeyId key_id = "enc and dec";
 
   std::vector<uint8_t> key_data;
-  StripeBuffer(&key_data, KEY_SIZE, '3');
+  StripeBuffer(&key_data, CONTENT_KEY_SIZE, '3');
   AddOneKey(key_id, key_data,
             wvoec::kControlAllowEncrypt | wvoec::kControlAllowDecrypt);
 

libwvdrmengine/cdm/core/test/license_unittest.cpp

@@ -8,6 +8,7 @@
 #include <memory>
 
 #include "clock.h"
+#include "crypto_key.h"
 #include "crypto_session.h"
 #include "initialization_data.h"
 #include "license.h"
@@ -144,6 +145,20 @@ const CryptoSession::SupportedCertificateTypes kDefaultSupportedCertTypes = {
     true
   };
 
+const std::string kFakeEntitlementKeyId =
+    a2bs_hex("2a538231c616c67143032a645f9c545d");
+const std::string kFakeEntitledKeyId =
+    a2bs_hex("f93c7a81e62d4e9a988ff20bca60f52d");
+const std::string kFakeUnpaddedKey =
+    a2bs_hex("b2047e7fab08b3a4dac76b7b82e8cd4d");
+const std::string kFakePaddedKey =
+    a2bs_hex("42f804e9ce0fa693692e1c4ffaeb0e14"
+             "10101010101010101010101010101010");
+const std::string kFakeKeyTooLong =
+    a2bs_hex("d4bc8605d662878a46adb2adb6bf3c0b30a54a0c2f");
+const std::string kFakeKeyTooShort = a2bs_hex("06e247e7f924208011");
+const std::string kFakeIv = a2bs_hex("3d515a3ee0be1687080ac59da9e0d69a");
+
 class MockCryptoSession : public TestCryptoSession {
  public:
   MockCryptoSession(metrics::CryptoMetrics* crypto_metrics)
@@ -159,12 +174,16 @@ class MockCryptoSession : public TestCryptoSession {
   MOCK_METHOD3(GenerateSubSessionNonce,
                bool(const std::string& sub_session_key_id, bool* exists,
                     uint32_t* nonce));
+  MOCK_METHOD1(LoadEntitledContentKeys,
+               CdmResponseType(const std::vector<CryptoKey>& key_array));
 };
 
 class MockPolicyEngine : public PolicyEngine {
  public:
   MockPolicyEngine(CryptoSession* crypto)
       : PolicyEngine("mock_session_id", NULL, crypto) {}
+  MOCK_METHOD1(SetEntitledLicenseKeys,
+      void(const std::vector<video_widevine::WidevinePsshData_EntitledKey>&));
 };
 
 class MockClock : public Clock {
@@ -185,16 +204,33 @@ class MockInitializationData : public InitializationData {
 // Protobuf generated classes
 using video_widevine::LicenseRequest_ContentIdentification;
 using video_widevine::ClientIdentification;
+using video_widevine::License;
+using video_widevine::License_KeyContainer;
 using video_widevine::LicenseRequest;
 using video_widevine::SignedMessage;
+using video_widevine::WidevinePsshData_EntitledKey;
 
 // gmock methods
 using ::testing::_;
 using ::testing::Eq;
 using ::testing::NotNull;
+using ::testing::PrintToStringParamName;
 using ::testing::Return;
 using ::testing::SetArgPointee;
 using ::testing::UnorderedElementsAre;
+using ::testing::Values;
+
+class CdmLicenseTestPeer : public CdmLicense {
+ public:
+  CdmLicenseTestPeer(const CdmSessionId& session_id, Clock* clock)
+      : CdmLicense(session_id, clock) {}
+
+  using CdmLicense::HandleNewEntitledKeys;
+
+  void set_entitlement_keys(License license) {
+    entitlement_keys_.CopyFrom(license.key());
+  }
+};
 
 class CdmLicenseTest : public WvCdmTestBase {
  protected:
@@ -221,11 +257,11 @@ class CdmLicenseTest : public WvCdmTestBase {
   }
 
   virtual void CreateCdmLicense() {
-    cdm_license_ = new CdmLicense(kCdmSessionId, clock_);
+    cdm_license_ = new CdmLicenseTestPeer(kCdmSessionId, clock_);
     clock_ = NULL;
   }
 
-  CdmLicense* cdm_license_;
+  CdmLicenseTestPeer* cdm_license_;
   MockClock* clock_;
   metrics::CryptoMetrics crypto_metrics_;
   MockCryptoSession* crypto_session_;
@@ -416,6 +452,85 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidation) {
   EXPECT_EQ(kNonce, license_request.key_control_nonce());
 }
 
+struct EntitledKeyVariant {
+  EntitledKeyVariant(const char* name, const std::string& key,
+                     bool should_succeed)
+      : name(name),
+        key(key),
+        should_succeed(should_succeed) {}
+  const std::string name;
+  const std::string key;
+  const bool should_succeed;
+
+  friend void PrintTo(const EntitledKeyVariant& self, std::ostream* os) {
+    *os << self.name;
+  }
+};
+
+class CdmLicenseEntitledKeyTest
+    : public CdmLicenseTest,
+      public ::testing::WithParamInterface<EntitledKeyVariant> {};
+
+TEST_P(CdmLicenseEntitledKeyTest, LoadsEntitledKeys) {
+  EntitledKeyVariant variant = GetParam();
+
+  // Set up a known, fake entitlement key
+  License entitlement_license;
+  License_KeyContainer* entitlement_key = entitlement_license.add_key();
+  entitlement_key->set_type(
+      video_widevine::License_KeyContainer_KeyType_ENTITLEMENT);
+  entitlement_key->set_id(kFakeEntitlementKeyId);
+
+  // Set up a fake entitled key that matches the entitlement key
+  std::vector<WidevinePsshData_EntitledKey> entitled_keys(1);
+  WidevinePsshData_EntitledKey& padded_key = entitled_keys[0];
+  padded_key.set_entitlement_key_id(kFakeEntitlementKeyId);
+  padded_key.set_key_id(kFakeEntitledKeyId);
+  padded_key.set_key(variant.key);
+  padded_key.set_iv(kFakeIv);
+
+  // Set the expected downstream calls
+  EXPECT_CALL(*crypto_session_, IsOpen())
+      .WillOnce(Return(true));
+
+  if (variant.should_succeed) {
+    EXPECT_CALL(*crypto_session_, LoadEntitledContentKeys(_))
+      .WillOnce(Return(KEY_ADDED));
+    EXPECT_CALL(*policy_engine_, SetEntitledLicenseKeys(_))
+      .Times(1);
+  } else {
+    EXPECT_CALL(*crypto_session_, LoadEntitledContentKeys(_))
+      .Times(0);
+    EXPECT_CALL(*policy_engine_, SetEntitledLicenseKeys(_))
+      .Times(0);
+  }
+
+  // Set up the CdmLicense with the mocks and fake entitlement key
+  CreateCdmLicense();
+  EXPECT_TRUE(cdm_license_->Init(
+      kToken, kClientTokenDrmCert, kEmptyString, true,
+      kDefaultServiceCertificate, crypto_session_, policy_engine_));
+  cdm_license_->set_entitlement_keys(entitlement_license);
+
+  // Call the function under test and check its return value
+  CdmResponseType ret = cdm_license_->HandleNewEntitledKeys(entitled_keys);
+
+  if (variant.should_succeed) {
+    EXPECT_EQ(KEY_ADDED, ret);
+  } else {
+    EXPECT_NE(KEY_ADDED, ret);
+  }
+}
+
+INSTANTIATE_TEST_CASE_P(
+    EntitledKeyTests, CdmLicenseEntitledKeyTest,
+    Values(
+        EntitledKeyVariant("UnpaddedKey", kFakeUnpaddedKey, true),
+        EntitledKeyVariant("PaddedKey", kFakePaddedKey, true),
+        EntitledKeyVariant("KeyTooLong", kFakeKeyTooLong, true),
+        EntitledKeyVariant("KeyTooShort", kFakeKeyTooShort, false)),
+    PrintToStringParamName());
+
 // TODO(jfore): The pssh has changed in ways that are not compatible with
 //sublicenses. Restructure or remove sublicense support including this test.
 TEST_F(SubLicenseTest, DISABLED_VerifySubSessionData) {

libwvdrmengine/cdm/core/test/test_base.cpp

@@ -446,8 +446,8 @@ TestLicenseHolder::TestLicenseHolder(CdmEngine* cdm_engine)
       derived_mac_key_client_(MAC_KEY_SIZE, 'b'),
       mac_key_server_(MAC_KEY_SIZE, 'c'),
       mac_key_client_(MAC_KEY_SIZE, 'd'),
-      enc_key_(KEY_SIZE, 'e'),
-      session_key_(KEY_SIZE, 'f') {}
+      enc_key_(CONTENT_KEY_SIZE, 'e'),
+      session_key_(CONTENT_KEY_SIZE, 'f') {}
 
 TestLicenseHolder::~TestLicenseHolder() {
   CloseSession();
@@ -526,7 +526,7 @@ void TestLicenseHolder::CreateDefaultLicense() {
 
 void TestLicenseHolder::AddMacKey() {
   video_widevine::License_KeyContainer* key_container = license()->add_key();
-  std::vector<uint8_t> iv(KEY_SIZE, 'v');
+  std::vector<uint8_t> iv(KEY_IV_SIZE, 'v');
   std::string iv_s(iv.begin(), iv.end());
   key_container->set_iv(iv_s);
   key_container->set_type(video_widevine::License_KeyContainer_KeyType_SIGNING);
@@ -556,20 +556,20 @@ video_widevine::License_KeyContainer* TestLicenseHolder::AddKey(
   key_container->set_level(
       video_widevine::License_KeyContainer_SecurityLevel_SW_SECURE_CRYPTO);
 
-  std::vector<uint8_t> iv(KEY_SIZE, 'v');
+  std::vector<uint8_t> iv(KEY_IV_SIZE, 'v');
   std::string iv_s(iv.begin(), iv.end());
   key_container->set_iv(iv_s);
 
   std::string encrypted_key_data =
       WvCdmTestBase::Aes128CbcEncrypt(enc_key_, key_data, iv);
   // TODO(b/111069024): remove this!
-  std::string padding(KEY_SIZE, '-');
+  std::string padding(CONTENT_KEY_SIZE, '-');
   key_container->set_key(encrypted_key_data + padding);
 
   std::vector<uint8_t> block_v(
       reinterpret_cast<const uint8_t*>(&block),
       reinterpret_cast<const uint8_t*>(&block) + sizeof(block));
-  std::vector<uint8_t> block_iv(KEY_SIZE, 'w');
+  std::vector<uint8_t> block_iv(KEY_IV_SIZE, 'w');
   std::string block_iv_s(block_iv.begin(), block_iv.end());
   std::string encrypted_block =
       WvCdmTestBase::Aes128CbcEncrypt(key_data, block_v, block_iv);

libwvdrmengine/cdm/core/test/test_printers.cpp

@@ -184,7 +184,9 @@ void PrintTo(const enum CdmResponseType& value, ::std::ostream* os) {
       break;
     case KEY_REQUEST_ERROR_1: *os                  << "KEY_REQUEST_ERROR_1";
       break;
-    case KEY_SIZE_ERROR: *os                       << "KEY_SIZE_ERROR";
+    case KEY_SIZE_ERROR_1: *os                       << "KEY_SIZE_ERROR_1";
+      break;
+    case KEY_SIZE_ERROR_2: *os                       << "KEY_SIZE_ERROR_2";
       break;
     case KEYSET_ID_NOT_FOUND_1: *os                << "KEYSET_ID_NOT_FOUND_1";
       break;

libwvdrmengine/include/WVErrors.h

@@ -84,7 +84,7 @@ enum {
   kInvalidQueryKey = ERROR_DRM_VENDOR_MIN + 80,
   kInvalidSessionId = ERROR_DRM_VENDOR_MIN + 81,
   kKeyRequestError1 = ERROR_DRM_VENDOR_MIN + 82,
-  kKeySizeError = ERROR_DRM_VENDOR_MIN + 84,
+  kKeySizeError1 = ERROR_DRM_VENDOR_MIN + 84,
   kKeySetIdNotFound1 = ERROR_DRM_VENDOR_MIN + 85,
   kKeySetIdNotFound2 = ERROR_DRM_VENDOR_MIN + 86,
   kKeySetIdNotFound3 = ERROR_DRM_VENDOR_MIN + 87,
@@ -270,10 +270,11 @@ enum {
   kLoadEntitledContentKeysError = ERROR_DRM_VENDOR_MIN + 279,
   kGetProvisioningError = ERROR_DRM_VENDOR_MIN + 280,
   kDeviceCannotReprovision = ERROR_DRM_VENDOR_MIN + 281,
+  kKeySizeError2 = ERROR_DRM_VENDOR_MIN + 282,
 
   // This should always follow the last error code.
   // The offset value should be updated each time a new error code is added.
-  kErrorWVDrmMaxErrorUsed = ERROR_DRM_VENDOR_MIN + 281,
+  kErrorWVDrmMaxErrorUsed = ERROR_DRM_VENDOR_MIN + 282,
 
   // Used by crypto test mode
   kErrorTestMode = ERROR_DRM_VENDOR_MAX,

libwvdrmengine/include/mapErrors-inl.h

@@ -161,8 +161,10 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) {
       return kInvalidSessionId;
     case wvcdm::KEY_REQUEST_ERROR_1:
       return kKeyRequestError1;
-    case wvcdm::KEY_SIZE_ERROR:
-      return kKeySizeError;
+    case wvcdm::KEY_SIZE_ERROR_1:
+      return kKeySizeError1;
+    case wvcdm::KEY_SIZE_ERROR_2:
+      return kKeySizeError2;
     case wvcdm::KEYSET_ID_NOT_FOUND_1:
       return kKeySetIdNotFound1;
     case wvcdm::KEYSET_ID_NOT_FOUND_2:

libwvdrmengine/include_hidl/mapErrors-inl.h

@@ -136,7 +136,8 @@ static Status mapCdmResponseType(wvcdm::CdmResponseType res) {
     case wvcdm::INVALID_QUERY_KEY:
     case wvcdm::INVALID_SESSION_ID:
     case wvcdm::KEY_REQUEST_ERROR_1:
-    case wvcdm::KEY_SIZE_ERROR:
+    case wvcdm::KEY_SIZE_ERROR_1:
+    case wvcdm::KEY_SIZE_ERROR_2:
     case wvcdm::KEYSET_ID_NOT_FOUND_1:
     case wvcdm::KEYSET_ID_NOT_FOUND_2:
     case wvcdm::KEYSET_ID_NOT_FOUND_3: