From a31398517424c848701cb6afa7a0affbf2ced632 Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Wed, 2 May 2018 13:54:18 -0700 Subject: [PATCH] Add unit test for nonce sharing Merge from Widevine repo of http://go/wvgerrit/49302 This CL adds some unit tests to verify that several OEMCrypto sessions do not share nonce tables. bug: 64850992 test: unit tests run on sailfish, taimen, and walleye. Change-Id: I06cf3fdafb84f8b09cf2f0e58c1866bac511a293 --- .../oemcrypto/test/oemcrypto_test.cpp | 53 +++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index 84b4d5c0..c94eafce 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -1076,6 +1076,59 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) { ASSERT_NE(OEMCrypto_SUCCESS, sts); } +// This tests that a nonce cannot be used in new session. +TEST_F(OEMCryptoSessionTests, LoadKeyNonceReopenSession) { + Session s; + ASSERT_NO_FATAL_FAILURE(s.open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); + uint32_t nonce = s.get_nonce(); + // Do not use the nonce now. Close session and use it after re-opening. + ASSERT_NO_FATAL_FAILURE(s.close()); + + // Actually, this isn't the same session. OEMCrypto opens a new session, but + // we are guarding against the possiblity that it re-uses the session data + // and might not clear out the nonce table correctly. + ASSERT_NO_FATAL_FAILURE(s.open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); + ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, + wvoec_mock::kControlNonceEnabled, + nonce)); // same old nonce + ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); + OEMCryptoResult sts = OEMCrypto_LoadKeys( + s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], + s.signature().size(), s.encrypted_license().mac_key_iv, + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0, + NULL, OEMCrypto_ContentLicense); + + ASSERT_NE(OEMCrypto_SUCCESS, sts); +} + +// This tests that a nonce cannot be used in wrong session. +TEST_F(OEMCryptoSessionTests, LoadKeyNonceWrongSession) { + Session s1; + ASSERT_NO_FATAL_FAILURE(s1.open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s1)); + uint32_t nonce = s1.get_nonce(); + // Do not use the nonce. Also, leave the session open. We want to make sure + // that s and s1 do NOT share a nonce table. This is different from the + // LoadKeyNonceReopenSession in that we do not close s1. + + Session s2; + ASSERT_NO_FATAL_FAILURE(s2.open()); + ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2)); + ASSERT_NO_FATAL_FAILURE(s2.FillSimpleMessage(0, + wvoec_mock::kControlNonceEnabled, + nonce)); // nonce from session s1 + ASSERT_NO_FATAL_FAILURE(s2.EncryptAndSign()); + OEMCryptoResult sts = OEMCrypto_LoadKeys( + s2.session_id(), s2.message_ptr(), s2.message_size(), &s2.signature()[0], + s2.signature().size(), s2.encrypted_license().mac_key_iv, + s2.encrypted_license().mac_keys, s2.num_keys(), s2.key_array(), NULL, 0, + NULL, OEMCrypto_ContentLicense); + + ASSERT_NE(OEMCrypto_SUCCESS, sts); +} + TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) { Session s; ASSERT_NO_FATAL_FAILURE(s.open());