Add test base that catches nonce flood

Merge from Widevine repo of http://go/wvgerrit/56520

This CL adds a test base that installs a test keybox and catches nonce
flood errors for all CDM tests.

In order to do this, a new class is added called a
CryptoSessionFactory.  The default factory just creates a new
CryptoSession.  All places in the code that create a new CryptoSession
now call the static method MakeCryptoSession, which uses the current
factory to create a CryptoSession.  If MakeCryptoSession is called and
there is no current factory, a default factory is created.

The CryptoSession constructor is now private, so that we do not
accidentally try to create one without using the factory.

For the new test base, we first create a special test
CryptoSessionFactory that creates a TestCryptoSession.  The test
factory catches the first call to MakeCryptoSession and injects an
installation of the test keybox after OEMCrypto_Initialize is called.

The TestCryptoSession injects a sleep statement and a retry whenever
it detects a nonce flood.

Test: current unit tests still pass.
bug: 72354901 Fix Generic Crypto tests.
bug: 111361440 Remove #ifdef from unit tests
Change-Id: I248e7f3c53721c04d2af412ef835e19bb4d15d9a

libwvdrmengine/cdm/core/test/cdm_engine_test.cpp

@@ -23,6 +23,7 @@
 #include "properties.h"
 #include "scoped_ptr.h"
 #include "string_conversions.h"
+#include "test_base.h"
 #include "test_printers.h"
 #include "url_request.h"
 #include "wv_cdm_constants.h"
@@ -116,7 +117,7 @@ bool ExtractSignedMessage(const std::string& response,
 
 }  // namespace
 
-class WvCdmEnginePreProvTest : public testing::Test {
+class WvCdmEnginePreProvTest : public WvCdmTestBase {
  public:
   WvCdmEnginePreProvTest() : cdm_engine_(&file_system_),
                              session_opened_(false) {}
@@ -124,6 +125,7 @@ class WvCdmEnginePreProvTest : public testing::Test {
   virtual ~WvCdmEnginePreProvTest() {}
 
   virtual void SetUp() {
+    WvCdmTestBase::SetUp();
     session_opened_ = false;
   }
 
@@ -188,9 +190,6 @@ class WvCdmEnginePreProvTest : public testing::Test {
     CdmCertificateType cert_type = kCertificateWidevine;
     std::string cert_authority;
     std::string cert, wrapped_key;
-    // Keep a crypto session alive so that OEMCrypto won't terminate while we
-    // try to provision. This is needed for testing nonce floods.
-    CryptoSession keep_alive(cdm_engine_.GetMetrics()->GetCryptoMetrics());
 
     CdmResponseType result = NO_ERROR;
     for(int i = 0; i < 2; ++i) {  // Retry once if there is a nonce problem.
@@ -372,19 +371,9 @@ class WvCdmEngineTest : public WvCdmEnginePreProvTest {
 
     CdmKeyRequest key_request;
 
-    CdmResponseType result = NO_ERROR;
-    for(int i=0; i < 2; i++) {  // Retry once if there is a nonce problem.
-      result = cdm_engine_.GenerateKeyRequest(
-          session_id_, key_set_id, init_data,
-          kLicenseTypeStreaming, app_parameters,
-          &key_request);
-      if (result == LICENSE_REQUEST_NONCE_GENERATION_ERROR) {
-        LOGW("Woops.  Nonce problem.  Try again?");
-        sleep(1);
-      } else {
-        break;
-      }
-    }
+    CdmResponseType result = cdm_engine_.GenerateKeyRequest(
+        session_id_, key_set_id, init_data, kLicenseTypeStreaming,
+        app_parameters, &key_request);
     EXPECT_EQ(KEY_MESSAGE, result);
 
     key_msg_ = key_request.message;
@@ -393,16 +382,8 @@ class WvCdmEngineTest : public WvCdmEnginePreProvTest {
 
   void GenerateRenewalRequest() {
     CdmKeyRequest request;
-    CdmResponseType result = NO_ERROR;
-    for (int i = 0; i < 2; i++) {  // Retry once if there is a nonce problem.
-      result = cdm_engine_.GenerateRenewalRequest(session_id_, &request);
-      if (result == LICENSE_RENEWAL_NONCE_GENERATION_ERROR) {
-        LOGW("Woops.  Nonce problem.  Try again?");
-        sleep(1);
-      } else {
-        break;
-      }
-    }
+    CdmResponseType result =
+        cdm_engine_.GenerateRenewalRequest(session_id_, &request);
     EXPECT_EQ(KEY_MESSAGE, result);
 
     key_msg_ = request.message;

libwvdrmengine/cdm/core/test/cdm_session_unittest.cpp

@@ -11,6 +11,7 @@
 #include "scoped_ptr.h"
 #include "service_certificate.h"
 #include "string_conversions.h"
+#include "test_base.h"
 #include "test_printers.h"
 #include "usage_table_header.h"
 #include "wv_cdm_constants.h"
@@ -122,10 +123,10 @@ class MockUsageTableHeader : public UsageTableHeader {
                                             CdmUsageEntry* usage_entry));
 };
 
-class MockCryptoSession : public CryptoSession {
+class MockCryptoSession : public TestCryptoSession {
  public:
   MockCryptoSession(metrics::CryptoMetrics* crypto_metrics)
-      : CryptoSession(crypto_metrics) {
+      : TestCryptoSession(crypto_metrics) {
     // By default, call the concrete implementation of GetUsageSupportType.
     ON_CALL(*this, GetUsageSupportType(_))
         .WillByDefault(
@@ -167,9 +168,10 @@ class MockCdmLicense : public CdmLicense {
 
 }  // namespace
 
-class CdmSessionTest : public ::testing::Test {
+class CdmSessionTest : public WvCdmTestBase {
  protected:
   virtual void SetUp() {
+    WvCdmTestBase::SetUp();
     cdm_session_.reset(new CdmSession(NULL, &metrics_));
     // Inject testing mocks.
     license_parser_ = new MockCdmLicense(cdm_session_->session_id());

libwvdrmengine/cdm/core/test/crypto_session_unittest.cpp

@@ -15,6 +15,8 @@
 #include "metrics.pb.h"
 #include "metrics_collections.h"
 #include "scoped_ptr.h"
+#include "test_base.h"
+#include "test_printers.h"
 #include "wv_cdm_types.h"
 
 namespace {
@@ -240,10 +242,10 @@ const uint32_t kOemCertSystemId = 7346;
 
 namespace wvcdm {
 
-class CryptoSessionForTest : public CryptoSession, public testing::Test {
+class CryptoSessionForTest : public TestCryptoSession, public WvCdmTestBase {
  public:
   using CryptoSession::ExtractSystemIdFromOemCert;
-  CryptoSessionForTest() : CryptoSession(metrics_.GetCryptoMetrics()) {}
+  CryptoSessionForTest() : TestCryptoSession(metrics_.GetCryptoMetrics()) {}
 
   void SetUp() {}
 
@@ -264,7 +266,7 @@ TEST(CryptoSessionTest, CanExtractSystemIdFromOemCertificate) {
   ASSERT_EQ(kOemCertSystemId, system_id);
 }
 
-class CryptoSessionMetricsTest : public testing::Test {
+class CryptoSessionMetricsTest : public WvCdmTestBase {
  protected:
   uint32_t FindKeyboxSystemID() {
     OEMCryptoResult sts;
@@ -280,11 +282,12 @@ class CryptoSessionMetricsTest : public testing::Test {
 
 TEST_F(CryptoSessionMetricsTest, OpenSessionValidMetrics) {
   metrics::CryptoMetrics crypto_metrics;
-  CryptoSession session(&crypto_metrics);
-  session.Open(wvcdm::kLevelDefault);
+  scoped_ptr<CryptoSession> session(
+      CryptoSession::MakeCryptoSession(&crypto_metrics));
+  session->Open(wvcdm::kLevelDefault);
   // Exercise a method that will touch a metric.
   CdmUsageSupportType usage_type;
-  ASSERT_EQ(NO_ERROR, session.GetUsageSupportType(&usage_type));
+  ASSERT_EQ(NO_ERROR, session->GetUsageSupportType(&usage_type));
 
   drm_metrics::WvCdmMetrics::CryptoMetrics metrics_proto;
   crypto_metrics.Serialize(&metrics_proto);
@@ -305,7 +308,7 @@ TEST_F(CryptoSessionMetricsTest, OpenSessionValidMetrics) {
             metrics_proto.oemcrypto_usage_table_support().int_value());
 
   // Validate metrics that differ based on provisioning type.
-  CdmClientTokenType token_type = session.GetPreProvisionTokenType();
+  CdmClientTokenType token_type = session->GetPreProvisionTokenType();
 
   if (token_type == kClientTokenKeybox) {
     uint32_t system_id = FindKeyboxSystemID();
@@ -337,18 +340,19 @@ TEST_F(CryptoSessionMetricsTest, OpenSessionValidMetrics) {
 
 TEST_F(CryptoSessionMetricsTest, GetProvisioningTokenValidMetrics) {
   metrics::CryptoMetrics crypto_metrics;
-  CryptoSession session(&crypto_metrics);
+  scoped_ptr<CryptoSession> session(
+      CryptoSession::MakeCryptoSession(&crypto_metrics));
 
-  ASSERT_EQ(NO_ERROR, session.Open(wvcdm::kLevelDefault));
+  ASSERT_EQ(NO_ERROR, session->Open(wvcdm::kLevelDefault));
 
-  CdmClientTokenType token_type = session.GetPreProvisionTokenType();
+  CdmClientTokenType token_type = session->GetPreProvisionTokenType();
   LOGI("token_type: %d", token_type);
 
   // DRM Certificate provisioning method does not support a provisioning
   // token. Otherwise, we should be able to fetch the token.
   std::string token;
   if (token_type != kClientTokenDrmCert) {
-    ASSERT_TRUE(session.GetProvisioningToken(&token));
+    ASSERT_TRUE(session->GetProvisioningToken(&token));
   }
 
   drm_metrics::WvCdmMetrics::CryptoMetrics metrics_proto;

libwvdrmengine/cdm/core/test/license_unittest.cpp

@@ -15,6 +15,8 @@
 #include "properties.h"
 #include "service_certificate.h"
 #include "string_conversions.h"
+#include "test_base.h"
+#include "test_printers.h"
 #include "wv_cdm_constants.h"
 
 namespace wvcdm {
@@ -142,10 +144,10 @@ const CryptoSession::SupportedCertificateTypes kDefaultSupportedCertTypes = {
     true
   };
 
-class MockCryptoSession : public CryptoSession {
+class MockCryptoSession : public TestCryptoSession {
  public:
   MockCryptoSession(metrics::CryptoMetrics* crypto_metrics)
-      : CryptoSession(crypto_metrics) { }
+      : TestCryptoSession(crypto_metrics) { }
   MOCK_METHOD0(IsOpen, bool());
   MOCK_METHOD1(GenerateRequestId, bool(std::string*));
   MOCK_METHOD1(UsageInformationSupport, bool(bool*));
@@ -194,11 +196,12 @@ using ::testing::Return;
 using ::testing::SetArgPointee;
 using ::testing::UnorderedElementsAre;
 
-class CdmLicenseTest : public ::testing::Test {
+class CdmLicenseTest : public WvCdmTestBase {
  protected:
   CdmLicenseTest(const std::string& pssh = (kCencInitDataHdr + kCencPssh))
       : pssh_(pssh) {}
   virtual void SetUp() {
+    WvCdmTestBase::SetUp();
     clock_ = new MockClock();
     crypto_session_ = new MockCryptoSession(&crypto_metrics_);
     init_data_ = new MockInitializationData(CENC_INIT_DATA_FORMAT, pssh_);

libwvdrmengine/cdm/core/test/policy_engine_constraints_unittest.cpp

@@ -11,6 +11,8 @@
 #include "policy_engine.h"
 #include "mock_clock.h"
 #include "scoped_ptr.h"
+#include "test_base.h"
+#include "test_printers.h"
 #include "wv_cdm_event_listener.h"
 #include "wv_cdm_types.h"
 
@@ -62,10 +64,10 @@ const OutputProtection::HDCP kHdcpV2_1 = OutputProtection::HDCP_V2_1;
 // should match kHdcpCheckInterval in policy_engine.cpp
 const int64_t kHdcpInterval = 10;
 
-class HdcpOnlyMockCryptoSession : public CryptoSession {
+class HdcpOnlyMockCryptoSession : public TestCryptoSession {
  public:
   HdcpOnlyMockCryptoSession(metrics::CryptoMetrics* crypto_metrics)
-      : CryptoSession(crypto_metrics) { }
+      : TestCryptoSession(crypto_metrics) { }
 
   MOCK_METHOD2(GetHdcpCapabilities, bool(HdcpCapability*, HdcpCapability*));
 };
@@ -82,7 +84,7 @@ class MockCdmEventListener : public WvCdmEventListener {
 
 }  // namespace
 
-class PolicyEngineConstraintsTest : public Test {
+class PolicyEngineConstraintsTest : public WvCdmTestBase {
  public:
   PolicyEngineConstraintsTest() :
       crypto_session_(&dummy_metrics_) {
@@ -90,6 +92,7 @@ class PolicyEngineConstraintsTest : public Test {
 
  protected:
   virtual void SetUp() {
+    WvCdmTestBase::SetUp();
     current_time_ = 0;
 
     policy_engine_.reset(new PolicyEngine(kSessionId, &mock_event_listener_,

libwvdrmengine/cdm/core/test/policy_engine_unittest.cpp

@@ -14,6 +14,7 @@
 #include "mock_clock.h"
 #include "policy_engine.h"
 #include "scoped_ptr.h"
+#include "test_base.h"
 #include "test_printers.h"
 #include "wv_cdm_event_listener.h"
 #include "wv_cdm_constants.h"
@@ -57,10 +58,10 @@ int64_t ParseInt(const std::string& str) {
   return ret;
 }
 
-class HdcpOnlyMockCryptoSession : public CryptoSession {
+class HdcpOnlyMockCryptoSession : public TestCryptoSession {
  public:
   HdcpOnlyMockCryptoSession(metrics::CryptoMetrics* metrics) :
-      CryptoSession(metrics) {}
+      TestCryptoSession(metrics) {}
 
   MOCK_METHOD2(GetHdcpCapabilities, bool(HdcpCapability*, HdcpCapability*));
   bool DoRealGetHdcpCapabilities(HdcpCapability* current,
@@ -99,12 +100,13 @@ using ::testing::Return;
 using ::testing::StrictMock;
 using ::testing::UnorderedElementsAre;
 
-class PolicyEngineTest : public ::testing::Test {
+class PolicyEngineTest : public WvCdmTestBase {
  public:
   PolicyEngineTest() : crypto_session_(&dummy_metrics_) {
   }
  protected:
   virtual void SetUp() {
+    WvCdmTestBase::SetUp();
     policy_engine_.reset(
         new PolicyEngine(kSessionId, &mock_event_listener_,
                          &crypto_session_));

libwvdrmengine/cdm/core/test/test_base.cpp

@@ -0,0 +1,82 @@
+// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine Master
+// License Agreement.
+// This file adds some print methods so that when unit tests fail, the
+// will print the name of an enumeration instead of the numeric value.
+
+#include "test_base.h"
+
+#include <getopt.h>
+
+#include <openssl/aes.h>
+#include <openssl/bio.h>
+#include <openssl/cmac.h>
+#include <openssl/err.h>
+
+#include "cdm_engine.h"
+#include "crypto_session.h"
+#include "file_store.h"
+#include "log.h"
+#include "oec_device_features.h"
+#include "oec_test_data.h"
+#include "properties.h"
+#include "test_printers.h"
+#include "url_request.h"
+
+namespace wvcdm {
+
+TestCryptoSession::TestCryptoSession(metrics::CryptoMetrics* crypto_metrics)
+    : CryptoSession(crypto_metrics) {
+  // The first CryptoSession should have initialized OEMCrypto.  This is right
+  // after that, so should tell oemcrypto to use a test keybox.
+  if (session_count() == 1) {
+    WvCdmTestBase::InstallTestRootOfTrust();
+  }
+}
+
+bool TestCryptoSession::GenerateNonce(uint32_t* nonce) {
+  for (int i = 0; !CryptoSession::GenerateNonce(nonce); i++) {
+    LOGV("Recovering from nonce flood.");
+    if (i > 2) return false;
+    sleep(1);
+  }
+  return true;
+}
+
+class TestCryptoSessionFactory : public CryptoSessionFactory {
+  CryptoSession* MakeCryptoSession(metrics::CryptoMetrics* crypto_metrics) {
+    return new TestCryptoSession(crypto_metrics);
+  }
+};
+
+void WvCdmTestBase::SetUp() {
+  ::testing::Test::SetUp();
+  Properties::Init();
+  const ::testing::TestInfo* const test_info =
+      ::testing::UnitTest::GetInstance()->current_test_info();
+  LOGD("Running test %s.%s", test_info->test_case_name(), test_info->name());
+  CryptoSession::SetCryptoSessionFactory(new TestCryptoSessionFactory());
+  // TODO(fredgc): Add a test version of DeviceFiles.
+}
+
+void WvCdmTestBase::InstallTestRootOfTrust() {
+  switch (wvoec::global_features.derive_key_method) {
+    case wvoec::DeviceFeatures::LOAD_TEST_KEYBOX:
+      ASSERT_EQ(OEMCrypto_SUCCESS,
+                OEMCrypto_LoadTestKeybox(
+                    reinterpret_cast<const uint8_t*>(&wvoec::kTestKeybox),
+                    sizeof(wvoec::kTestKeybox)));
+      break;
+    case wvoec::DeviceFeatures::LOAD_TEST_RSA_KEY:
+      // Rare case: used by devices with baked in DRM cert.
+      ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadTestRSAKey());
+      break;
+    case wvoec::DeviceFeatures::TEST_PROVISION_30:
+      // Can use oem certificate to install test rsa key.
+      break;
+    default:
+      FAIL() << "Cannot run test without test keybox or RSA key installed.";
+  }
+}
+
+}  // namespace wvcdm

libwvdrmengine/cdm/core/test/test_base.h

@@ -0,0 +1,37 @@
+// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine Master
+// License Agreement.
+
+#ifndef WVCDM_CORE_TEST_BASE_H_
+#define WVCDM_CORE_TEST_BASE_H_
+
+#include <gtest/gtest.h>
+
+#include "config_test_env.h"
+#include "crypto_session.h"
+#include "metrics_collections.h"
+
+namespace wvcdm {
+// This is the base class for Widevine CDM integration tests.  It's main use is
+// to configure OEMCrypto to use a test keybox.
+class WvCdmTestBase : public ::testing::Test {
+ public:
+  WvCdmTestBase() {}
+  virtual ~WvCdmTestBase() {}
+  virtual void SetUp();
+
+  // Install a test keybox, if appropriate.
+  static void InstallTestRootOfTrust();
+};
+
+class TestCryptoSession  : public CryptoSession {
+ public:
+  explicit TestCryptoSession(metrics::CryptoMetrics* crypto_metrics);
+  // This intercepts nonce flood errors, which is useful for tests that request
+  // many nonces and are not time critical.
+  bool GenerateNonce(uint32_t* nonce);
+};
+
+}  // namespace wvcdm
+
+#endif  // WVCDM_CORE_TEST_BASE_H_

libwvdrmengine/cdm/core/test/usage_table_header_unittest.cpp

@@ -11,6 +11,8 @@
 #include "crypto_session.h"
 #include "device_files.h"
 #include "file_store.h"
+#include "test_base.h"
+#include "test_printers.h"
 #include "wv_cdm_constants.h"
 #include "wv_cdm_types.h"
 
@@ -225,10 +227,10 @@ class MockDeviceFiles : public DeviceFiles {
   FileSystem file_system_;
 };
 
-class MockCryptoSession : public CryptoSession {
+class MockCryptoSession : public TestCryptoSession {
  public:
   MockCryptoSession(metrics::CryptoMetrics* metrics)
-      : CryptoSession(metrics) {}
+      : TestCryptoSession(metrics) {}
   MOCK_METHOD1(Open, CdmResponseType(SecurityLevel));
   MOCK_METHOD1(LoadUsageTableHeader,
                CdmResponseType(const CdmUsageTableHeader&));
@@ -255,7 +257,7 @@ using ::testing::StrEq;
 using ::testing::UnorderedElementsAre;
 using ::testing::UnorderedElementsAreArray;
 
-class UsageTableHeaderTest : public ::testing::Test {
+class UsageTableHeaderTest : public WvCdmTestBase {
  public:
   static void SetUpTestCase() {
     InitVectorConstants();
@@ -263,6 +265,7 @@ class UsageTableHeaderTest : public ::testing::Test {
 
  protected:
   virtual void SetUp() {
+    WvCdmTestBase::SetUp();
     // UsageTableHeader will take ownership of the pointer
     device_files_ = new MockDeviceFiles();
     crypto_session_ = new MockCryptoSession(&crypto_metrics_);