widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disable OEMCrypto tests that install a test keybox.

Browse Source 
Because we do not want to accidentally install a test keybox on a
production device, most of the oemcrypto unit tests are being disabled
by default.

If you wish to run these tests, you can override this choice, by
running:
adb shell /system/bin/oemcrypto_test --gtest_also_run_disabled_tests

This change prompts for and requires positive confirmation before
running the disabled tests on a device that has a non-test keybox
already installed.

Bug: 8907626

Merge of https://widevine-internal-review.googlesource.com/#/c/5531/
from the Widevine CDM repository

Change-Id: Ib8e3605129ebf0861b4af15d04676f7a06cc5b78
This commit is contained in:
Jeff Tinker
2013-05-13 14:52:50 -07:00
parent d758945249
commit 5d7ac644c5
4 changed files with 411 additions and 242 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
libwvdrmengine/docs/WidevineSecurityIntegrationGuideforCENCAndroidSupplement.pdf
View File

Binary file not shown.

3
libwvdrmengine/oemcrypto/test/Android.mk
View File

@@ -4,8 +4,7 @@ LOCAL_PATH:= $(call my-dir)
include $(CLEAR_VARS)
LOCAL_SRC_FILES:= \
oemcrypto_test.cpp \
oemcrypto_keybox_test.cpp
oemcrypto_test.cpp
LOCAL_MODULE_TAGS := tests

507
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -4,6 +4,8 @@
// OEMCrypto unit tests
//
#include <arpa/inet.h> // TODO(fredgc): Add ntoh to wv_cdm_utilities.h
#include <ctype.h>
#include <getopt.h>
#include <gtest/gtest.h>
#include <openssl/aes.h>
#include <openssl/cmac.h>
@@ -104,6 +106,70 @@ const wvoec_mock::WidevineKeybox kDefaultKeybox = {
}
};
static wvoec_mock::WidevineKeybox kValidKeybox02 = {
// Sample keybox used for test vectors
{
// deviceID
0x54, 0x65, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x30, // TestKey02
0x32, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
}, {
// key
0x76, 0x5d, 0xce, 0x01, 0x04, 0x89, 0xb3, 0xd0,
0xdf, 0xce, 0x54, 0x8a, 0x49, 0xda, 0xdc, 0xb6,
}, {
// data
0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x10, 0x19,
0x92, 0x27, 0x0b, 0x1f, 0x1a, 0xd5, 0xc6, 0x93,
0x19, 0x3f, 0xaa, 0x74, 0x1f, 0xdd, 0x5f, 0xb4,
0xe9, 0x40, 0x2f, 0x34, 0xa4, 0x92, 0xf4, 0xae,
0x9a, 0x52, 0x39, 0xbc, 0xb7, 0x24, 0x38, 0x13,
0xab, 0xf4, 0x92, 0x96, 0xc4, 0x81, 0x60, 0x33,
0xd8, 0xb8, 0x09, 0xc7, 0x55, 0x0e, 0x12, 0xfa,
0xa8, 0x98, 0x62, 0x8a, 0xec, 0xea, 0x74, 0x8a,
0x4b, 0xfa, 0x5a, 0x9e, 0xb6, 0x49, 0x0d, 0x80,
}, {
// magic
0x6b, 0x62, 0x6f, 0x78,
}, {
// Crc
0x2a, 0x3b, 0x3e, 0xe4,
}
};
static wvoec_mock::WidevineKeybox kValidKeybox03 = {
// Sample keybox used for test vectors
{
// deviceID
0x54, 0x65, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x30, // TestKey03
0x33, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
}, {
// key
0x25, 0xe5, 0x2a, 0x02, 0x29, 0x68, 0x04, 0xa2,
0x92, 0xfd, 0x7c, 0x67, 0x0b, 0x67, 0x1f, 0x31,
}, {
// data
0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x10, 0x19,
0xf4, 0x0a, 0x0e, 0xa2, 0x0a, 0x71, 0xd5, 0x92,
0xfa, 0xa3, 0x25, 0xc6, 0x4b, 0x76, 0xf1, 0x64,
0xf4, 0x60, 0xa0, 0x30, 0x72, 0x23, 0xbe, 0x03,
0xcd, 0xde, 0x7a, 0x06, 0xd4, 0x01, 0xeb, 0xdc,
0xe0, 0x50, 0xc0, 0x53, 0x0a, 0x50, 0xb0, 0x37,
0xe5, 0x05, 0x25, 0x0e, 0xa4, 0xc8, 0x5a, 0xff,
0x46, 0x6e, 0xa5, 0x31, 0xf3, 0xdd, 0x94, 0xb7,
0xe0, 0xd3, 0xf9, 0x04, 0xb2, 0x54, 0xb1, 0x64,
}, {
// magic
0x6b, 0x62, 0x6f, 0x78,
}, {
// Crc
0xa1, 0x99, 0x5f, 0x46,
}
};
/* Note: Key 1 was 3072 bits. We are only generating 2048 bit keys,
so we do not need to test with 3072 bit keys. */
@@ -911,10 +977,6 @@ class Session {
ASSERT_NE(OEMCrypto_SUCCESS,sts);
}
#if 1 // Each of these tests take 5 seconds, so we might want to turn them off.
// TODO(fredgc): change this to key 1.
// TODO(fredgc): make sure duration is reset.
// Select the key (from FillSimpleMessage)
vector<uint8_t> keyId = wvcdm::a2b_hex("000000000000000000000000");
@@ -995,9 +1057,6 @@ class Session {
ASSERT_NE(0, memcmp(&unencryptedData[0], outputBuffer,
unencryptedData.size()));
}
#endif
}
void FillSimpleMessage(MessageData* data, uint32_t duration, uint32_t control) {
@@ -1348,21 +1407,6 @@ class OEMCryptoClientTest : public ::testing::Test {
init();
}
void InstallKeybox(const wvoec_mock::WidevineKeybox& keybox) {
OEMCryptoResult sts;
uint8_t wrapped[sizeof(wvoec_mock::WidevineKeybox)];
size_t length = sizeof(wvoec_mock::WidevineKeybox);
sts = OEMCrypto_WrapKeybox(reinterpret_cast<const uint8_t*>(&keybox),
sizeof(keybox),
wrapped,
&length,
NULL, 0);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
sts = OEMCrypto_InstallKeybox(wrapped, sizeof(keybox));
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
}
void CreateWrappedRSAKey(vector<uint8_t>* wrapped_key) {
Session& s = createSession("RSA_Session");
s.open();
@@ -1430,22 +1474,82 @@ class OEMCryptoClientTest : public ::testing::Test {
Session OEMCryptoClientTest::badSession;
///////////////////////////////////////////////////
// initialization tests
///////////////////////////////////////////////////
TEST_F(OEMCryptoClientTest, NormalInitTermination) {
bool success;
success = init();
EXPECT_TRUE(success);
success = terminate();
ASSERT_TRUE(success);
}
///////////////////////////////////////////////////
// Keybox Tests
///////////////////////////////////////////////////
// These two tests are first, becuase it might give an idea why other
// tests are failing when the device has the wrong keybox installed.
TEST_F(OEMCryptoClientTest, VersionNumber) {
OEMCryptoResult sts;
testSetUp();
const char* level = OEMCrypto_SecurityLevel();
ASSERT_NE((char *)NULL, level);
ASSERT_EQ('L', level[0]);
cout << " OEMCrypto Security Level is "<< level << endl;
uint32_t version = OEMCrypto_APIVersion();
cout << " OEMCrypto API version is " << version << endl;
ASSERT_EQ(oec_latest_version, version);
testTearDown();
}
TEST_F(OEMCryptoClientTest, NormalGetKeyData) {
testSetUp();
OEMCryptoResult sts;
uint8_t key_data[256];
uint32_t req_len = 256;
size_t key_data_len = req_len;
sts = OEMCrypto_GetKeyData(key_data, &key_data_len);
uint32_t* data = reinterpret_cast<uint32_t*>(key_data);
printf(" NormalGetKeyData: system_id = %d = 0x%04X, version=%d\n",
htonl(data[1]), htonl(data[1]), htonl(data[0]));
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
uint32_t system_id = htonl(data[1]);
if (system_id == 0x1019) {
cout << "======================================================================\n"
<< "If you run this as \"oemcrypto_test --gtest_also_run_disabled_tests\",\n"
<< "then a test keybox will be installed, and all tests will be run. \n"
<< "======================================================================\n";
}
testTearDown();
}
TEST_F(OEMCryptoClientTest, DISABLED_CheckSystemID) {
testSetUp();
OEMCryptoResult sts;
uint8_t key_data[256];
uint32_t req_len = 256;
size_t key_data_len = req_len;
sts = OEMCrypto_GetKeyData(key_data, &key_data_len);
uint32_t* data = reinterpret_cast<uint32_t*>(key_data);
uint32_t system_id = htonl(data[1]);
if (system_id != 0x1019) {
cout << "================================================================\n"
<< "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"
<< "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING \n"
<< "You have enabled the keybox tests. This code WILL INSTALL A \n"
<< "TEST KEYBOX. IT WILL REPLACE THE EXISTING KEYBOX, and you will.\n"
<< "NOT have access to production content. Your current keybox has \n"
<< "system id " << system_id << ".\n"
<< "\n"
<< "Continue? [y/N]:\n";
int answer = getchar();
if (tolower(answer) != 'y') {
cout << "Quitting tests. whew, that was close.\n";
exit(1);
}
}
testTearDown();
}
TEST_F(OEMCryptoClientTest, KeyboxValid) {
bool success;
success = init();
@@ -1460,12 +1564,12 @@ TEST_F(OEMCryptoClientTest, NormalGetDeviceId) {
testSetUp();
OEMCryptoResult sts;
uint8_t dev_id[128];
uint8_t dev_id[128] = {0};
size_t dev_id_len = 128;
sts = OEMCrypto_GetDeviceID(dev_id, &dev_id_len);
cout << " NormalGetDeviceId: dev_id = " << dev_id
<< " len = " << dev_id_len << endl;
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
// cout << "NormalGetDeviceId: dev_id = " << dev_id
// << " len = " << dev_id_len << endl;
testTearDown();
}
@@ -1496,17 +1600,16 @@ TEST_F(OEMCryptoClientTest, GetDeviceIdShortBuffer) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, NormalGetKeyData) {
testSetUp();
///////////////////////////////////////////////////
// initialization tests
///////////////////////////////////////////////////
OEMCryptoResult sts;
uint8_t key_data[256];
uint32_t req_len = 256;
size_t key_data_len = req_len;
sts = OEMCrypto_GetKeyData(key_data, &key_data_len);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
testTearDown();
TEST_F(OEMCryptoClientTest, NormalInitTermination) {
bool success;
success = init();
EXPECT_TRUE(success);
success = terminate();
ASSERT_TRUE(success);
}
///////////////////////////////////////////////////
@@ -1630,10 +1733,6 @@ TEST_F(OEMCryptoClientTest, EightSessionsOpenClose) {
testTearDown();
}
///////////////////////////////////////////////////
// AddKey Tests
///////////////////////////////////////////////////
TEST_F(OEMCryptoClientTest, GenerateNonce) {
Session& s = createSession("ONE");
testSetUp();
@@ -1641,7 +1740,7 @@ TEST_F(OEMCryptoClientTest, GenerateNonce) {
uint32_t nonce;
s.GenerateNonce(&nonce);
std::cout << "GenerateNonce:: nonce=" << nonce << std::endl;
// std::cout << "GenerateNonce:: nonce=" << nonce << std::endl;
s.close();
ASSERT_TRUE(s.successStatus());
@@ -1658,8 +1757,8 @@ TEST_F(OEMCryptoClientTest, GenerateTwoNonces) {
s.GenerateNonce(&nonce1);
s.GenerateNonce(&nonce2);
std::cout << "GenerateNonce:: nonce1=" << nonce1 << std::endl;
std::cout << "GenerateNonce:: nonce2=" << nonce2 << std::endl;
// std::cout << "GenerateNonce:: nonce1=" << nonce1 << std::endl;
// std::cout << "GenerateNonce:: nonce2=" << nonce2 << std::endl;
ASSERT_TRUE(nonce1 != nonce2);
@@ -1688,9 +1787,94 @@ TEST_F(OEMCryptoClientTest, GenerateDerivedKeys) {
// The Below tests are based on a specific keybox which is installed for testing.
#if defined(CAN_INSTALL_KEYBOX)
TEST_F(OEMCryptoClientTest, GenerateSignature) {
///////////////////////////////////////////////////
// AddKey Tests
///////////////////////////////////////////////////
/* These tests will install a test keybox. Since this may be a problem
on a production device, they are disabled by default.
Run this program with the command line argument "--gtest_also_run_disabled_tests"
to enable all of these tests.
*/
class DISABLED_TestKeybox : public OEMCryptoClientTest {
protected:
void InstallKeybox(const wvoec_mock::WidevineKeybox& keybox, bool good) {
OEMCryptoResult sts;
uint8_t wrapped[sizeof(wvoec_mock::WidevineKeybox)];
size_t length = sizeof(wvoec_mock::WidevineKeybox);
sts = OEMCrypto_WrapKeybox(reinterpret_cast<const uint8_t*>(&keybox),
sizeof(keybox),
wrapped,
&length,
NULL, 0);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
sts = OEMCrypto_InstallKeybox(wrapped, sizeof(keybox));
if( good ) {
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
} else {
// Can return error now, or return error on IsKeyboxValid.
}
}
};
TEST_F(DISABLED_TestKeybox, GoodKeybox) {
testSetUp();
InstallKeybox(kDefaultKeybox);
wvoec_mock::WidevineKeybox keybox = kValidKeybox02;
OEMCryptoResult sts;
InstallKeybox(keybox, true);
sts = OEMCrypto_IsKeyboxValid();
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
keybox = kValidKeybox03;
InstallKeybox(keybox, true);
sts = OEMCrypto_IsKeyboxValid();
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
}
TEST_F(DISABLED_TestKeybox, DefaultKeybox) {
testSetUp();
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_Initialize())
<< "OEMCrypto_Initialize failed.";
OEMCryptoResult sts;
sts = OEMCrypto_IsKeyboxValid();
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
}
TEST_F(DISABLED_TestKeybox, BadCRCKeybox) {
testSetUp();
wvoec_mock::WidevineKeybox keybox = kValidKeybox02;
keybox.crc_[1] = 42;
OEMCryptoResult sts;
InstallKeybox(keybox, false);
sts = OEMCrypto_IsKeyboxValid();
ASSERT_EQ(OEMCrypto_ERROR_BAD_CRC, sts);
}
TEST_F(DISABLED_TestKeybox, BadMagicKeybox) {
testSetUp();
wvoec_mock::WidevineKeybox keybox = kValidKeybox02;
keybox.magic_[1] = 42;
OEMCryptoResult sts;
InstallKeybox(keybox, false);
sts = OEMCrypto_IsKeyboxValid();
ASSERT_EQ(OEMCrypto_ERROR_BAD_MAGIC, sts);
}
TEST_F(DISABLED_TestKeybox, BadDataKeybox) {
testSetUp();
wvoec_mock::WidevineKeybox keybox = kValidKeybox02;
keybox.data_[1] = 42;
OEMCryptoResult sts;
InstallKeybox(keybox, false);
sts = OEMCrypto_IsKeyboxValid();
ASSERT_EQ(OEMCrypto_ERROR_BAD_CRC, sts);
}
TEST_F(DISABLED_TestKeybox, GenerateSignature) {
testSetUp();
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1728,9 +1912,9 @@ TEST_F(OEMCryptoClientTest, GenerateSignature) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyNoNonce) {
TEST_F(DISABLED_TestKeybox, LoadKeyNoNonce) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -1739,9 +1923,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyNoNonce) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithNonce) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithNonce) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1754,9 +1938,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithNonce) {
/* The Bad Range tests verify that OEMCrypto_LoadKeys checks the range
of all the pointers. It should reject a message if the pointer does
not point into the message buffer */
TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange1) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadRange1) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1786,9 +1970,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange1) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange2) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadRange2) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1818,9 +2002,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange2) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange3) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadRange3) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1852,9 +2036,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange3) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange4) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadRange4) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1886,9 +2070,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange4) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange5) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadRange5) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1920,9 +2104,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange5) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange6) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadRange6) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1954,9 +2138,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange6) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange7) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadRange7) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -1988,9 +2172,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadRange7) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithBadNonce) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadNonce) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -2025,9 +2209,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadNonce) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeyWithBadVerification) {
TEST_F(DISABLED_TestKeybox, LoadKeyWithBadVerification) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -2059,9 +2243,9 @@ TEST_F(OEMCryptoClientTest, LoadKeyWithBadVerification) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeysBadSignature) {
TEST_F(DISABLED_TestKeybox, LoadKeysBadSignature) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -2094,9 +2278,9 @@ TEST_F(OEMCryptoClientTest, LoadKeysBadSignature) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadKeysWithNoDerivedKeys) {
TEST_F(DISABLED_TestKeybox, LoadKeysWithNoDerivedKeys) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -2131,7 +2315,7 @@ TEST_F(OEMCryptoClientTest, LoadKeysWithNoDerivedKeys) {
// Load, Refresh Keys Test
///////////////////////////////////////////////////
class OEMCryptoRefreshKeyTest : public OEMCryptoClientTest {
class DISABLED_RefreshKeyTest : public DISABLED_TestKeybox {
public:
void RefreshWithNonce(const int key_count) {
Session& s = createSession("ONE");
@@ -2181,18 +2365,18 @@ class OEMCryptoRefreshKeyTest : public OEMCryptoClientTest {
};
TEST_F(OEMCryptoRefreshKeyTest, RefreshAllKeys) {
TEST_F(DISABLED_RefreshKeyTest, RefreshAllKeys) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
RefreshWithNonce(1); // One key control block to refresh all keys.
RefreshOldNonce(1);
RefreshBadNonce(1);
testTearDown();
}
TEST_F(OEMCryptoRefreshKeyTest, RefreshEachKeys) {
TEST_F(DISABLED_RefreshKeyTest, RefreshEachKeys) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
RefreshWithNonce(kNumKeys); // Each key control block updates a different key.
RefreshOldNonce(kNumKeys);
RefreshBadNonce(kNumKeys);
@@ -2203,10 +2387,10 @@ TEST_F(OEMCryptoRefreshKeyTest, RefreshEachKeys) {
// Decrypt Tests
///////////////////////////////////////////////////
TEST_F(OEMCryptoClientTest, Decrypt) {
TEST_F(DISABLED_TestKeybox, Decrypt) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -2260,10 +2444,10 @@ TEST_F(OEMCryptoClientTest, Decrypt) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, DecryptZeroDuration) {
TEST_F(DISABLED_TestKeybox, DecryptZeroDuration) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -2317,10 +2501,10 @@ TEST_F(OEMCryptoClientTest, DecryptZeroDuration) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, DecryptWithOffset) {
TEST_F(DISABLED_TestKeybox, DecryptWithOffset) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -2376,10 +2560,10 @@ TEST_F(OEMCryptoClientTest, DecryptWithOffset) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, DecryptUnencrypted) {
TEST_F(DISABLED_TestKeybox, DecryptUnencrypted) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
@@ -2424,10 +2608,10 @@ TEST_F(OEMCryptoClientTest, DecryptUnencrypted) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, DecryptUnencryptedNoKey) {
TEST_F(DISABLED_TestKeybox, DecryptUnencryptedNoKey) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("NOKEY");
s.open();
@@ -2466,10 +2650,10 @@ TEST_F(OEMCryptoClientTest, DecryptUnencryptedNoKey) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, DecryptSecureToClear) {
TEST_F(DISABLED_TestKeybox, DecryptSecureToClear) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2523,10 +2707,10 @@ TEST_F(OEMCryptoClientTest, DecryptSecureToClear) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, KeyDuration) {
TEST_F(DISABLED_TestKeybox, KeyDuration) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2636,15 +2820,15 @@ void TestKey(const uint8_t key[], size_t length) {
ASSERT_TRUE(false);
}
}
TEST_F(OEMCryptoClientTest, ValidateRSATestKeys) {
TEST_F(DISABLED_TestKeybox, ValidateRSATestKeys) {
TestKey(kTestPKCS1RSAPrivateKey2_2048, sizeof(kTestPKCS1RSAPrivateKey2_2048));
TestKey(kTestPKCS1RSAPrivateKey3_2048, sizeof(kTestPKCS1RSAPrivateKey3_2048));
}
TEST_F(OEMCryptoClientTest, CertificateProvision) {
TEST_F(DISABLED_TestKeybox, CertificateProvision) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2663,10 +2847,10 @@ TEST_F(OEMCryptoClientTest, CertificateProvision) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, CertificateProvisionBadRange1) {
TEST_F(DISABLED_TestKeybox, CertificateProvisionBadRange1) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2701,10 +2885,10 @@ TEST_F(OEMCryptoClientTest, CertificateProvisionBadRange1) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, CertificateProvisionBadRange2) {
TEST_F(DISABLED_TestKeybox, CertificateProvisionBadRange2) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2741,10 +2925,10 @@ TEST_F(OEMCryptoClientTest, CertificateProvisionBadRange2) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, CertificateProvisionBadRange3) {
TEST_F(DISABLED_TestKeybox, CertificateProvisionBadRange3) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2781,10 +2965,10 @@ TEST_F(OEMCryptoClientTest, CertificateProvisionBadRange3) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, CertificateProvisionBadSignature) {
TEST_F(DISABLED_TestKeybox, CertificateProvisionBadSignature) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2819,10 +3003,10 @@ TEST_F(OEMCryptoClientTest, CertificateProvisionBadSignature) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, CertificateProvisionBadNonce) {
TEST_F(DISABLED_TestKeybox, CertificateProvisionBadNonce) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2857,10 +3041,10 @@ TEST_F(OEMCryptoClientTest, CertificateProvisionBadNonce) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, CertificateProvisionBadRSAKey) {
TEST_F(DISABLED_TestKeybox, CertificateProvisionBadRSAKey) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -2895,10 +3079,10 @@ TEST_F(OEMCryptoClientTest, CertificateProvisionBadRSAKey) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, LoadWrappedRSAKey) {
TEST_F(DISABLED_TestKeybox, LoadWrappedRSAKey) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
std::vector<uint8_t> wrapped_rsa_key;
CreateWrappedRSAKey(&wrapped_rsa_key);
@@ -2911,10 +3095,10 @@ TEST_F(OEMCryptoClientTest, LoadWrappedRSAKey) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, RSASignature) {
TEST_F(DISABLED_TestKeybox, RSASignature) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
std::vector<uint8_t> wrapped_rsa_key;
CreateWrappedRSAKey(&wrapped_rsa_key);
@@ -2960,11 +3144,11 @@ TEST_F(OEMCryptoClientTest, RSASignature) {
delete[] signature;
}
TEST_F(OEMCryptoClientTest, LoadRSASessionKey) {
TEST_F(DISABLED_TestKeybox, LoadRSASessionKey) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
std::vector<uint8_t> wrapped_rsa_key;
CreateWrappedRSAKey(&wrapped_rsa_key);
Session& s = createSession("ONE");
@@ -2974,10 +3158,10 @@ TEST_F(OEMCryptoClientTest, LoadRSASessionKey) {
testTearDown();
}
TEST_F(OEMCryptoClientTest, CertificateDecrypt) {
TEST_F(DISABLED_TestKeybox, CertificateDecrypt) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
std::vector<uint8_t> wrapped_rsa_key;
CreateWrappedRSAKey(&wrapped_rsa_key);
Session& s = createSession("ONE");
@@ -3032,24 +3216,8 @@ TEST_F(OEMCryptoClientTest, CertificateDecrypt) {
s.close();
testTearDown();
}
#endif // CAN_INSTALL_KEYBOX
TEST_F(OEMCryptoClientTest, VersionNumber) {
OEMCryptoResult sts;
testSetUp();
const char* level = OEMCrypto_SecurityLevel();
ASSERT_NE((char *)NULL, level);
ASSERT_EQ('L', level[0]);
cout << " OEMCrypto Security Level is "<< level << endl;
uint32_t version = OEMCrypto_APIVersion();
cout << " OEMCrypto API version is " << version << endl;
ASSERT_LT((uint32_t)5, version);
testTearDown();
}
class OEMCryptoGenericDRMTest : public OEMCryptoClientTest {
class DISABLED_GenericDRMTest : public DISABLED_TestKeybox {
protected:
MessageData message_data_;
@@ -3119,7 +3287,7 @@ class OEMCryptoGenericDRMTest : public OEMCryptoClientTest {
void BadEncrypt(unsigned int key_index, OEMCrypto_Algorithm algorithm,
size_t buffer_length) {
OEMCryptoResult sts;
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3143,7 +3311,7 @@ class OEMCryptoGenericDRMTest : public OEMCryptoClientTest {
void BadDecrypt(unsigned int key_index, OEMCrypto_Algorithm algorithm,
size_t buffer_length) {
OEMCryptoResult sts;
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3166,7 +3334,7 @@ class OEMCryptoGenericDRMTest : public OEMCryptoClientTest {
void BadSign(unsigned int key_index, OEMCrypto_Algorithm algorithm) {
OEMCryptoResult sts;
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3191,7 +3359,7 @@ class OEMCryptoGenericDRMTest : public OEMCryptoClientTest {
void BadVerify(unsigned int key_index, OEMCrypto_Algorithm algorithm,
size_t signature_size, bool alter_data) {
OEMCryptoResult sts;
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3215,9 +3383,9 @@ class OEMCryptoGenericDRMTest : public OEMCryptoClientTest {
}
};
TEST_F(OEMCryptoGenericDRMTest, GenericKeyLoad) {
TEST_F(DISABLED_GenericDRMTest, GenericKeyLoad) {
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3228,10 +3396,10 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeyLoad) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, GenericKeyEncrypt) {
TEST_F(DISABLED_GenericDRMTest, GenericKeyEncrypt) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3254,7 +3422,7 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeyEncrypt) {
}
TEST_F(OEMCryptoGenericDRMTest, GenericKeyBadEncrypt) {
TEST_F(DISABLED_GenericDRMTest, GenericKeyBadEncrypt) {
testSetUp();
BadEncrypt(0, OEMCrypto_HMAC_SHA256, kBufferSize);
BadEncrypt(0, OEMCrypto_AES_CBC_128_NO_PADDING, kBufferSize-10);
@@ -3264,10 +3432,10 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeyBadEncrypt) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, GenericKeyDecrypt) {
TEST_F(DISABLED_GenericDRMTest, GenericKeyDecrypt) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3288,10 +3456,10 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeyDecrypt) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, GenericSecureToClear) {
TEST_F(DISABLED_GenericDRMTest, GenericSecureToClear) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3316,7 +3484,7 @@ TEST_F(OEMCryptoGenericDRMTest, GenericSecureToClear) {
}
TEST_F(OEMCryptoGenericDRMTest, GenericKeyBadDecrypt) {
TEST_F(DISABLED_GenericDRMTest, GenericKeyBadDecrypt) {
testSetUp();
BadDecrypt(1, OEMCrypto_HMAC_SHA256, kBufferSize);
BadDecrypt(1, OEMCrypto_AES_CBC_128_NO_PADDING, kBufferSize-10);
@@ -3326,10 +3494,10 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeyBadDecrypt) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, GenericKeySign) {
TEST_F(DISABLED_GenericDRMTest, GenericKeySign) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3358,7 +3526,7 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeySign) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, GenericKeyBadSign) {
TEST_F(DISABLED_GenericDRMTest, GenericKeyBadSign) {
testSetUp();
BadSign(0, OEMCrypto_HMAC_SHA256); // Can't sign with encrypt key.
BadSign(1, OEMCrypto_HMAC_SHA256); // Can't sign with decrypt key.
@@ -3367,10 +3535,10 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeyBadSign) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, GenericKeyVerify) {
TEST_F(DISABLED_GenericDRMTest, GenericKeyVerify) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3391,7 +3559,7 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeyVerify) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, GenericKeyBadVerify) {
TEST_F(DISABLED_GenericDRMTest, GenericKeyBadVerify) {
testSetUp();
BadVerify(0, OEMCrypto_HMAC_SHA256, SHA256_DIGEST_LENGTH, false);
BadVerify(1, OEMCrypto_HMAC_SHA256, SHA256_DIGEST_LENGTH, false);
@@ -3403,10 +3571,10 @@ TEST_F(OEMCryptoGenericDRMTest, GenericKeyBadVerify) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, KeyDurationEncrypt) {
TEST_F(DISABLED_GenericDRMTest, KeyDurationEncrypt) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3445,10 +3613,10 @@ TEST_F(OEMCryptoGenericDRMTest, KeyDurationEncrypt) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, KeyDurationDecrypt) {
TEST_F(DISABLED_GenericDRMTest, KeyDurationDecrypt) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3486,10 +3654,10 @@ TEST_F(OEMCryptoGenericDRMTest, KeyDurationDecrypt) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, KeyDurationSign) {
TEST_F(DISABLED_GenericDRMTest, KeyDurationSign) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3534,10 +3702,10 @@ TEST_F(OEMCryptoGenericDRMTest, KeyDurationSign) {
testTearDown();
}
TEST_F(OEMCryptoGenericDRMTest, KeyDurationVerify) {
TEST_F(DISABLED_GenericDRMTest, KeyDurationVerify) {
OEMCryptoResult sts;
testSetUp();
InstallKeybox(kDefaultKeybox);
InstallKeybox(kDefaultKeybox, true);
Session& s = createSession("ONE");
s.open();
s.GenerateDerivedKeys();
@@ -3573,4 +3741,5 @@ TEST_F(OEMCryptoGenericDRMTest, KeyDurationVerify) {
s.close();
testTearDown();
}
#endif // CAN_INSTALL_KEYBOX
} // namespace wvoec

1
libwvdrmengine/run_all_unit_tests.sh
View File

@@ -8,6 +8,7 @@ fi
echo "waiting for device"
adb root && adb wait-for-device remount && adb sync
adb shell /system/bin/oemcrypto_test
adb shell /system/bin/request_license_test
adb shell /system/bin/policy_engine_unittest
adb shell /system/bin/libwvdrmmediacrypto_test