widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Unit Test for OEMCrypto_ERROR_KEY_EXPIRED"

Browse Source
This commit is contained in:
Fred Gylys-Colwell
2014-03-26 19:50:33 +00:00
committed by Android (Google) Code Review
parent 55e8f29b40 7a4ae90b5b
commit 5e0b7328e7
4 changed files with 110 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

146
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp
View File

@@ -570,194 +570,198 @@ bool SessionContext::LoadRSAKey(uint8_t* pkcs8_rsa_key,
} }
} }
bool SessionContext::Generic_Encrypt(const uint8_t* in_buffer, OEMCryptoResult SessionContext::Generic_Encrypt(const uint8_t* in_buffer,
size_t buffer_length, size_t buffer_length,
const uint8_t* iv, const uint8_t* iv,
OEMCrypto_Algorithm algorithm, OEMCrypto_Algorithm algorithm,
uint8_t* out_buffer) { uint8_t* out_buffer) {
// Check there is a content key // Check there is a content key
if (current_content_key() == NULL) { if (current_content_key() == NULL) {
LOGE("[Generic_Encrypt(): OEMCrypto_ERROR_NO_CONTENT_KEY]"); LOGE("[Generic_Encrypt(): OEMCrypto_ERROR_NO_CONTENT_KEY]");
return false; return OEMCrypto_ERROR_NO_CONTENT_KEY;
} }
const std::vector<uint8_t>& key = current_content_key()->value(); const std::vector<uint8_t>& key = current_content_key()->value();
const KeyControlBlock& control = current_content_key()->control(); const KeyControlBlock& control = current_content_key()->control();
// Set the AES key. // Set the AES key.
if (static_cast<int>(key.size()) != AES_BLOCK_SIZE) { if (static_cast<int>(key.size()) != AES_BLOCK_SIZE) {
LOGE("[Generic_Encrypt(): CONTENT_KEY has wrong size: %d",key.size()); LOGE("[Generic_Encrypt(): CONTENT_KEY has wrong size: %d",key.size());
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!(control.control_bits() & kControlAllowEncrypt)) { if (!(control.control_bits() & kControlAllowEncrypt)) {
LOGE("[Generic_Encrypt(): control bit says not allowed."); LOGE("[Generic_Encrypt(): control bit says not allowed.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (control.duration() > 0) { if (control.duration() > 0) {
if (control.duration() < CurrentTimer()) { if (control.duration() < CurrentTimer()) {
LOGE("[Generic_Encrypt(): key expired."); LOGE("[Generic_Encrypt(): key expired.");
return false; return OEMCrypto_ERROR_KEY_EXPIRED;
} }
} }
if( algorithm != OEMCrypto_AES_CBC_128_NO_PADDING ) { if( algorithm != OEMCrypto_AES_CBC_128_NO_PADDING ) {
LOGE("[Generic_Encrypt(): algorithm bad."); LOGE("[Generic_Encrypt(): algorithm bad.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if( buffer_length % AES_BLOCK_SIZE != 0 ) { if( buffer_length % AES_BLOCK_SIZE != 0 ) {
LOGE("[Generic_Encrypt(): buffers size bad."); LOGE("[Generic_Encrypt(): buffers size bad.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
const uint8_t* key_u8 = &key[0]; const uint8_t* key_u8 = &key[0];
AES_KEY aes_key; AES_KEY aes_key;
if (AES_set_encrypt_key(key_u8, AES_BLOCK_SIZE * 8, &aes_key) != 0) { if (AES_set_encrypt_key(key_u8, AES_BLOCK_SIZE * 8, &aes_key) != 0) {
LOGE("[Generic_Encrypt(): FAILURE]"); LOGE("[Generic_Encrypt(): FAILURE]");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
uint8_t iv_buffer[ wvcdm::KEY_IV_SIZE]; uint8_t iv_buffer[ wvcdm::KEY_IV_SIZE];
memcpy(iv_buffer, iv, wvcdm::KEY_IV_SIZE); memcpy(iv_buffer, iv, wvcdm::KEY_IV_SIZE);
AES_cbc_encrypt(in_buffer, out_buffer, buffer_length, AES_cbc_encrypt(in_buffer, out_buffer, buffer_length,
&aes_key, iv_buffer, AES_ENCRYPT); &aes_key, iv_buffer, AES_ENCRYPT);
return true; return OEMCrypto_SUCCESS;
} }
bool SessionContext::Generic_Decrypt(const uint8_t* in_buffer, OEMCryptoResult SessionContext::Generic_Decrypt(const uint8_t* in_buffer,
size_t buffer_length, size_t buffer_length,
const uint8_t* iv, const uint8_t* iv,
OEMCrypto_Algorithm algorithm, OEMCrypto_Algorithm algorithm,
uint8_t* out_buffer) { uint8_t* out_buffer) {
// Check there is a content key // Check there is a content key
if (current_content_key() == NULL) { if (current_content_key() == NULL) {
LOGE("[Generic_Decrypt(): OEMCrypto_ERROR_NO_CONTENT_KEY]"); LOGE("[Generic_Decrypt(): OEMCrypto_ERROR_NO_CONTENT_KEY]");
return false; return OEMCrypto_ERROR_NO_CONTENT_KEY;
} }
const std::vector<uint8_t>& key = current_content_key()->value(); const std::vector<uint8_t>& key = current_content_key()->value();
const KeyControlBlock& control = current_content_key()->control(); const KeyControlBlock& control = current_content_key()->control();
// Set the AES key. // Set the AES key.
if (static_cast<int>(key.size()) != AES_BLOCK_SIZE) { if (static_cast<int>(key.size()) != AES_BLOCK_SIZE) {
LOGE("[Generic_Decrypt(): CONTENT_KEY has wrong size."); LOGE("[Generic_Decrypt(): CONTENT_KEY has wrong size.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!(control.control_bits() & kControlAllowDecrypt)) { if (!(control.control_bits() & kControlAllowDecrypt)) {
LOGE("[Generic_Decrypt(): control bit says not allowed."); LOGE("[Generic_Decrypt(): control bit says not allowed.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (control.control_bits() & kControlDataPathSecure) { if (control.control_bits() & kControlDataPathSecure) {
LOGE("[Generic_Decrypt(): control bit says secure path only."); LOGE("[Generic_Decrypt(): control bit says secure path only.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (control.duration() > 0) { if (control.duration() > 0) {
if (control.duration() < CurrentTimer()) { if (control.duration() < CurrentTimer()) {
LOGE("[Generic_Decrypt(): key expired."); LOGE("[Generic_Decrypt(): key expired.");
return false; return OEMCrypto_ERROR_KEY_EXPIRED;
} }
} }
if( algorithm != OEMCrypto_AES_CBC_128_NO_PADDING ) { if( algorithm != OEMCrypto_AES_CBC_128_NO_PADDING ) {
LOGE("[Generic_Decrypt(): bad algorithm."); LOGE("[Generic_Decrypt(): bad algorithm.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if( buffer_length % AES_BLOCK_SIZE != 0 ) { if( buffer_length % AES_BLOCK_SIZE != 0 ) {
LOGE("[Generic_Decrypt(): bad buffer size."); LOGE("[Generic_Decrypt(): bad buffer size.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
const uint8_t* key_u8 = &key[0]; const uint8_t* key_u8 = &key[0];
AES_KEY aes_key; AES_KEY aes_key;
if (AES_set_decrypt_key(key_u8, AES_BLOCK_SIZE * 8, &aes_key) != 0) { if (AES_set_decrypt_key(key_u8, AES_BLOCK_SIZE * 8, &aes_key) != 0) {
LOGE("[Generic_Decrypt(): FAILURE]"); LOGE("[Generic_Decrypt(): FAILURE]");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
uint8_t iv_buffer[ wvcdm::KEY_IV_SIZE]; uint8_t iv_buffer[ wvcdm::KEY_IV_SIZE];
memcpy(iv_buffer, iv, wvcdm::KEY_IV_SIZE); memcpy(iv_buffer, iv, wvcdm::KEY_IV_SIZE);
AES_cbc_encrypt(in_buffer, out_buffer, buffer_length, AES_cbc_encrypt(in_buffer, out_buffer, buffer_length,
&aes_key, iv_buffer, AES_DECRYPT); &aes_key, iv_buffer, AES_DECRYPT);
return true; return OEMCrypto_SUCCESS;
} }
bool SessionContext::Generic_Sign(const uint8_t* in_buffer, OEMCryptoResult SessionContext::Generic_Sign(const uint8_t* in_buffer,
size_t buffer_length, size_t buffer_length,
OEMCrypto_Algorithm algorithm, OEMCrypto_Algorithm algorithm,
uint8_t* signature, uint8_t* signature,
size_t* signature_length) { size_t* signature_length) {
// Check there is a content key // Check there is a content key
if (current_content_key() == NULL) { if (current_content_key() == NULL) {
LOGE("[Generic_Sign(): OEMCrypto_ERROR_NO_CONTENT_KEY]"); LOGE("[Generic_Sign(): OEMCrypto_ERROR_NO_CONTENT_KEY]");
return false; return OEMCrypto_ERROR_NO_CONTENT_KEY;
} }
if (*signature_length < SHA256_DIGEST_LENGTH) { if (*signature_length < SHA256_DIGEST_LENGTH) {
*signature_length = SHA256_DIGEST_LENGTH; *signature_length = SHA256_DIGEST_LENGTH;
LOGE("[Generic_Sign(): bad signature length."); LOGE("[Generic_Sign(): bad signature length.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
const std::vector<uint8_t>& key = current_content_key()->value(); const std::vector<uint8_t>& key = current_content_key()->value();
const KeyControlBlock& control = current_content_key()->control(); const KeyControlBlock& control = current_content_key()->control();
if (static_cast<int>(key.size()) != SHA256_DIGEST_LENGTH) { if (static_cast<int>(key.size()) != SHA256_DIGEST_LENGTH) {
LOGE("[Generic_Sign(): CONTENT_KEY has wrong size; %d", key.size()); LOGE("[Generic_Sign(): CONTENT_KEY has wrong size; %d", key.size());
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!(control.control_bits() & kControlAllowSign)) { if (!(control.control_bits() & kControlAllowSign)) {
LOGE("[Generic_Sign(): control bit says not allowed."); LOGE("[Generic_Sign(): control bit says not allowed.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (control.duration() > 0) { if (control.duration() > 0) {
if (control.duration() < CurrentTimer()) { if (control.duration() < CurrentTimer()) {
LOGE("[Generic_Sign(): key expired."); LOGE("[Generic_Sign(): key expired.");
return false; return OEMCrypto_ERROR_KEY_EXPIRED;
} }
} }
if( algorithm != OEMCrypto_HMAC_SHA256 ) { if( algorithm != OEMCrypto_HMAC_SHA256 ) {
LOGE("[Generic_Sign(): bad algorithm."); LOGE("[Generic_Sign(): bad algorithm.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
unsigned int md_len = *signature_length; unsigned int md_len = *signature_length;
if (HMAC(EVP_sha256(), &key[0], SHA256_DIGEST_LENGTH, if (HMAC(EVP_sha256(), &key[0], SHA256_DIGEST_LENGTH,
in_buffer, buffer_length, signature, &md_len)) { in_buffer, buffer_length, signature, &md_len)) {
*signature_length = md_len; *signature_length = md_len;
return true; return OEMCrypto_SUCCESS;
} }
LOGE("[Generic_Sign(): hmac failed."); LOGE("[Generic_Sign(): hmac failed.");
dump_openssl_error(); dump_openssl_error();
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
bool SessionContext::Generic_Verify(const uint8_t* in_buffer, OEMCryptoResult SessionContext::Generic_Verify(const uint8_t* in_buffer,
size_t buffer_length, size_t buffer_length,
OEMCrypto_Algorithm algorithm, OEMCrypto_Algorithm algorithm,
const uint8_t* signature, const uint8_t* signature,
size_t signature_length) { size_t signature_length) {
// Check there is a content key // Check there is a content key
if (current_content_key() == NULL) { if (current_content_key() == NULL) {
LOGE("[Decrypt_Verify(): OEMCrypto_ERROR_NO_CONTENT_KEY]"); LOGE("[Decrypt_Verify(): OEMCrypto_ERROR_NO_CONTENT_KEY]");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (signature_length < SHA256_DIGEST_LENGTH) { if (signature_length < SHA256_DIGEST_LENGTH) {
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
const std::vector<uint8_t>& key = current_content_key()->value(); const std::vector<uint8_t>& key = current_content_key()->value();
const KeyControlBlock& control = current_content_key()->control(); const KeyControlBlock& control = current_content_key()->control();
if (static_cast<int>(key.size()) != SHA256_DIGEST_LENGTH) { if (static_cast<int>(key.size()) != SHA256_DIGEST_LENGTH) {
LOGE("[Generic_Verify(): CONTENT_KEY has wrong size: %d", key.size()); LOGE("[Generic_Verify(): CONTENT_KEY has wrong size: %d", key.size());
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!(control.control_bits() & kControlAllowVerify)) { if (!(control.control_bits() & kControlAllowVerify)) {
LOGE("[Generic_Verify(): control bit says not allowed."); LOGE("[Generic_Verify(): control bit says not allowed.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (control.duration() > 0) { if (control.duration() > 0) {
if (control.duration() < CurrentTimer()) { if (control.duration() < CurrentTimer()) {
LOGE("[Generic_Verify(): key expired."); LOGE("[Generic_Verify(): key expired.");
return false; return OEMCrypto_ERROR_KEY_EXPIRED;
} }
} }
if( algorithm != OEMCrypto_HMAC_SHA256 ) { if( algorithm != OEMCrypto_HMAC_SHA256 ) {
LOGE("[Generic_Verify(): bad algorithm."); LOGE("[Generic_Verify(): bad algorithm.");
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
unsigned int md_len = signature_length; unsigned int md_len = signature_length;
uint8_t computed_signature[SHA256_DIGEST_LENGTH]; uint8_t computed_signature[SHA256_DIGEST_LENGTH];
if (HMAC(EVP_sha256(), &key[0], SHA256_DIGEST_LENGTH, if (HMAC(EVP_sha256(), &key[0], SHA256_DIGEST_LENGTH,
in_buffer, buffer_length, computed_signature, &md_len)) { in_buffer, buffer_length, computed_signature, &md_len)) {
return (0 == memcmp( signature, computed_signature, SHA256_DIGEST_LENGTH)); if (0 == memcmp(signature, computed_signature, SHA256_DIGEST_LENGTH)) {
return OEMCrypto_SUCCESS;
} else {
return OEMCrypto_ERROR_SIGNATURE_FAILURE;
}
} }
LOGE("[Generic_Verify(): HMAC failed."); LOGE("[Generic_Verify(): HMAC failed.");
dump_openssl_error(); dump_openssl_error();
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
bool SessionContext::RefreshKey(const KeyId& key_id, bool SessionContext::RefreshKey(const KeyId& key_id,
@@ -928,41 +932,41 @@ bool CryptoEngine::DecryptMessage(SessionContext* session,
return true; return true;
} }
bool CryptoEngine::DecryptCTR(SessionContext* session, OEMCryptoResult CryptoEngine::DecryptCTR(SessionContext* session,
const uint8_t* iv, const uint8_t* iv, size_t block_offset,
size_t block_offset, const uint8_t* cipher_data,
const uint8_t* cipher_data, size_t cipher_data_length,
size_t cipher_data_length, bool is_encrypted, uint8_t* clear_data,
bool is_encrypted, BufferType buffer_type) {
uint8_t* clear_data,
BufferType buffer_type) {
// If the data is clear, we do not need a current key selected. // If the data is clear, we do not need a current key selected.
if (!is_encrypted && buffer_type != kBufferTypeDirect) { if (!is_encrypted && buffer_type != kBufferTypeDirect) {
memcpy(reinterpret_cast<uint8_t*>(clear_data), memcpy(reinterpret_cast<uint8_t*>(clear_data),
cipher_data, cipher_data_length); cipher_data, cipher_data_length);
return true; return OEMCrypto_SUCCESS;
} }
// Check there is a content key // Check there is a content key
if (session->current_content_key() == NULL) { if (session->current_content_key() == NULL) {
LOGE("[DecryptCTR(): OEMCrypto_ERROR_NO_CONTENT_KEY]"); LOGE("[DecryptCTR(): OEMCrypto_ERROR_NO_CONTENT_KEY]");
return false; return OEMCrypto_ERROR_DECRYPT_FAILED;
} }
const KeyControlBlock& control = session->current_content_key()->control(); const KeyControlBlock& control = session->current_content_key()->control();
if (control.control_bits() & kControlDataPathSecure) { if (control.control_bits() & kControlDataPathSecure) {
if (buffer_type == kBufferTypeClear) { if (buffer_type == kBufferTypeClear) {
LOGE("[DecryptCTR(): Secure key with insecure buffer]"); LOGE("[DecryptCTR(): Secure key with insecure buffer]");
return false; return OEMCrypto_ERROR_DECRYPT_FAILED;
} }
} }
if (control.control_bits() & kControlHDCPRequired) { if (control.control_bits() & kControlHDCPRequired) {
// For reference implementation, we do not implement any HDCP. // For reference implementation, we do not implement any HDCP.
return false; LOGE("[DecryptCTR(): DECRYPT FAILED: HDCP Required]");
return OEMCrypto_ERROR_DECRYPT_FAILED;
} }
if (control.duration() > 0) { if (control.duration() > 0) {
if (control.duration() < session->CurrentTimer()) { if (control.duration() < session->CurrentTimer()) {
return false; LOGE("[DecryptCTR(): KEY_EXPIRED]");
return OEMCrypto_ERROR_KEY_EXPIRED;
} }
} }
@@ -971,23 +975,23 @@ bool CryptoEngine::DecryptCTR(SessionContext* session,
// Set the AES key. // Set the AES key.
if (static_cast<int>(content_key.size()) != AES_BLOCK_SIZE) { if (static_cast<int>(content_key.size()) != AES_BLOCK_SIZE) {
LOGE("[DecryptCTR(): CONTENT_KEY has wrong size: %d", content_key.size()); LOGE("[DecryptCTR(): CONTENT_KEY has wrong size: %d", content_key.size());
return false; return OEMCrypto_ERROR_DECRYPT_FAILED;
} }
const uint8_t* key_u8 = &content_key[0]; const uint8_t* key_u8 = &content_key[0];
AES_KEY aes_key; AES_KEY aes_key;
if (AES_set_encrypt_key(key_u8, AES_BLOCK_SIZE * 8, &aes_key) != 0) { if (AES_set_encrypt_key(key_u8, AES_BLOCK_SIZE * 8, &aes_key) != 0) {
LOGE("[DecryptCTR(): FAILURE]"); LOGE("[DecryptCTR(): FAILURE]");
return false; return OEMCrypto_ERROR_DECRYPT_FAILED;
} }
if (buffer_type == kBufferTypeDirect) { if (buffer_type == kBufferTypeDirect) {
// For reference implementation, we quietly drop direct video. // For reference implementation, we quietly drop direct video.
return true; return OEMCrypto_SUCCESS;
} }
if (buffer_type == kBufferTypeSecure) { if (buffer_type == kBufferTypeSecure) {
// For reference implementation, we also quietly drop secure data. // For reference implementation, we also quietly drop secure data.
return true; return OEMCrypto_SUCCESS;
} }
// Local copy (will be modified). // Local copy (will be modified).
@@ -1011,7 +1015,7 @@ bool CryptoEngine::DecryptCTR(SessionContext* session,
ctr128_inc64(aes_iv); ctr128_inc64(aes_iv);
block_offset = 0; block_offset = 0;
} }
return true; return OEMCrypto_SUCCESS;
} }
void NonceTable::AddNonce(uint32_t nonce) { void NonceTable::AddNonce(uint32_t nonce) {

47
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
View File

@@ -116,26 +116,21 @@ class SessionContext {
size_t message_length, size_t message_length,
const uint8_t* signature, const uint8_t* signature,
size_t signature_length); size_t signature_length);
bool Generic_Encrypt(const uint8_t* in_buffer, OEMCryptoResult Generic_Encrypt(const uint8_t* in_buffer,
size_t buffer_length, size_t buffer_length, const uint8_t* iv,
const uint8_t* iv, OEMCrypto_Algorithm algorithm,
OEMCrypto_Algorithm algorithm, uint8_t* out_buffer);
uint8_t* out_buffer); OEMCryptoResult Generic_Decrypt(const uint8_t* in_buffer,
bool Generic_Decrypt(const uint8_t* in_buffer, size_t buffer_length, const uint8_t* iv,
size_t buffer_length, OEMCrypto_Algorithm algorithm,
const uint8_t* iv, uint8_t* out_buffer);
OEMCrypto_Algorithm algorithm, OEMCryptoResult Generic_Sign(const uint8_t* in_buffer, size_t buffer_length,
uint8_t* out_buffer); OEMCrypto_Algorithm algorithm,
bool Generic_Sign(const uint8_t* in_buffer, uint8_t* signature, size_t* signature_length);
size_t buffer_length, OEMCryptoResult Generic_Verify(const uint8_t* in_buffer, size_t buffer_length,
OEMCrypto_Algorithm algorithm, OEMCrypto_Algorithm algorithm,
uint8_t* signature, const uint8_t* signature,
size_t* signature_length); size_t signature_length);
bool Generic_Verify(const uint8_t* in_buffer,
size_t buffer_length,
OEMCrypto_Algorithm algorithm,
const uint8_t* signature,
size_t signature_length);
void StartTimer(); void StartTimer();
uint32_t CurrentTimer(); // (seconds). uint32_t CurrentTimer(); // (seconds).
bool InstallKey(const KeyId& key_id, bool InstallKey(const KeyId& key_id,
@@ -248,14 +243,10 @@ class CryptoEngine {
const std::vector<uint8_t>& message, const std::vector<uint8_t>& message,
std::vector<uint8_t>* decrypted); std::vector<uint8_t>* decrypted);
bool DecryptCTR(SessionContext* session, OEMCryptoResult DecryptCTR(SessionContext* session, const uint8_t* iv,
const uint8_t* iv, size_t block_offset, const uint8_t* cipher_data,
size_t block_offset, size_t cipher_data_length, bool is_encrypted,
const uint8_t* cipher_data, uint8_t* clear_data, BufferType buffer_type);
size_t cipher_data_length,
bool is_encrypted,
uint8_t* clear_data,
BufferType buffer_type);
private: private:

40
libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp
View File

@@ -582,14 +582,9 @@ OEMCryptoResult OEMCrypto_DecryptCTR(OEMCrypto_SESSION session,
return OEMCrypto_ERROR_INVALID_CONTEXT; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
if (!crypto_engine->DecryptCTR(session_ctx, iv, block_offset, return crypto_engine->DecryptCTR(session_ctx, iv, block_offset, data_addr,
data_addr, data_length, is_encrypted, data_length, is_encrypted, destination,
destination, buffer_type)) { buffer_type);
LOGE("[OEMCrypto_DecryptCTR(): OEMCrypto_ERROR_DECRYPT_FAILED]");
return OEMCrypto_ERROR_DECRYPT_FAILED;
}
return OEMCrypto_SUCCESS;
} }
extern "C" extern "C"
@@ -1053,12 +1048,8 @@ OEMCryptoResult OEMCrypto_Generic_Encrypt(OEMCrypto_SESSION session,
LOGE("[OEMCrypto_Generic_Enrypt(): OEMCrypto_ERROR_INVALID_CONTEXT]"); LOGE("[OEMCrypto_Generic_Enrypt(): OEMCrypto_ERROR_INVALID_CONTEXT]");
return OEMCrypto_ERROR_INVALID_CONTEXT; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
if (!session_ctx->Generic_Encrypt(in_buffer, buffer_length, iv, algorithm, return session_ctx->Generic_Encrypt(in_buffer, buffer_length, iv, algorithm,
out_buffer)) { out_buffer);
LOGE("[OEMCrypto_Generic_Enrypt(): OEMCrypto_ERROR_UNKNOWN_FAILURE]");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
return OEMCrypto_SUCCESS;
} }
extern "C" extern "C"
@@ -1077,16 +1068,13 @@ OEMCryptoResult OEMCrypto_Generic_Decrypt(OEMCrypto_SESSION session,
LOGE("[OEMCrypto_Generic_Decrypt(): ERROR_INVALID_SESSION]"); LOGE("[OEMCrypto_Generic_Decrypt(): ERROR_INVALID_SESSION]");
return OEMCrypto_ERROR_INVALID_SESSION; return OEMCrypto_ERROR_INVALID_SESSION;
} }
if (!session_ctx->Generic_Decrypt(in_buffer, buffer_length, iv, algorithm,
out_buffer)) {
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
if (in_buffer == NULL || buffer_length == 0 || if (in_buffer == NULL || buffer_length == 0 ||
iv == NULL || out_buffer == NULL) { iv == NULL || out_buffer == NULL) {
LOGE("[OEMCrypto_Generic_Decrypt(): OEMCrypto_ERROR_INVALID_CONTEXT]"); LOGE("[OEMCrypto_Generic_Decrypt(): OEMCrypto_ERROR_INVALID_CONTEXT]");
return OEMCrypto_ERROR_INVALID_CONTEXT; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
return OEMCrypto_SUCCESS; return session_ctx->Generic_Decrypt(in_buffer, buffer_length, iv, algorithm,
out_buffer);
} }
extern "C" extern "C"
@@ -1113,11 +1101,8 @@ OEMCryptoResult OEMCrypto_Generic_Sign(OEMCrypto_SESSION session,
LOGE("[OEMCrypto_Generic_Sign(): OEMCrypto_ERROR_INVALID_CONTEXT]"); LOGE("[OEMCrypto_Generic_Sign(): OEMCrypto_ERROR_INVALID_CONTEXT]");
return OEMCrypto_ERROR_INVALID_CONTEXT; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
if (!session_ctx->Generic_Sign(in_buffer, buffer_length, algorithm, return session_ctx->Generic_Sign(in_buffer, buffer_length, algorithm,
signature, signature_length)) { signature, signature_length);
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
return OEMCrypto_SUCCESS;
} }
extern "C" extern "C"
@@ -1143,11 +1128,8 @@ OEMCryptoResult OEMCrypto_Generic_Verify(OEMCrypto_SESSION session,
LOGE("[OEMCrypto_Generic_Verify(): OEMCrypto_ERROR_INVALID_CONTEXT]"); LOGE("[OEMCrypto_Generic_Verify(): OEMCrypto_ERROR_INVALID_CONTEXT]");
return OEMCrypto_ERROR_INVALID_CONTEXT; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
if (!session_ctx->Generic_Verify(in_buffer, buffer_length, algorithm, return session_ctx->Generic_Verify(in_buffer, buffer_length, algorithm,
signature, signature_length)) { signature, signature_length);
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
return OEMCrypto_SUCCESS;
} }
extern "C" extern "C"

10
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -3014,7 +3014,7 @@ TEST_F(DISABLED_TestKeybox, KeyDuration) {
encryptedData.size(), true, &encryptionIv[0], 0, encryptedData.size(), true, &encryptionIv[0], 0,
&destBuffer, &destBuffer,
OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample); OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample);
ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, sts);
ASSERT_NE(0, memcmp(&unencryptedData[0], outputBuffer, ASSERT_NE(0, memcmp(&unencryptedData[0], outputBuffer,
unencryptedData.size())); unencryptedData.size()));
@@ -4975,7 +4975,7 @@ TEST_F(DISABLED_GenericDRMTest, KeyDurationEncrypt) {
memset(encrypted, 0, kBufferSize); memset(encrypted, 0, kBufferSize);
sts = OEMCrypto_Generic_Encrypt(s.session_id(), clear_buffer_, kBufferSize, iv_, sts = OEMCrypto_Generic_Encrypt(s.session_id(), clear_buffer_, kBufferSize, iv_,
OEMCrypto_AES_CBC_128_NO_PADDING, encrypted); OEMCrypto_AES_CBC_128_NO_PADDING, encrypted);
ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, sts);
ASSERT_NE(0, memcmp(encrypted, expected_encrypted, kBufferSize)); ASSERT_NE(0, memcmp(encrypted, expected_encrypted, kBufferSize));
s.close(); s.close();
testTearDown(); testTearDown();
@@ -5016,7 +5016,7 @@ TEST_F(DISABLED_GenericDRMTest, KeyDurationDecrypt) {
memset(resultant, 0, kBufferSize); memset(resultant, 0, kBufferSize);
sts = OEMCrypto_Generic_Decrypt(s.session_id(), encrypted, kBufferSize, iv_, sts = OEMCrypto_Generic_Decrypt(s.session_id(), encrypted, kBufferSize, iv_,
OEMCrypto_AES_CBC_128_NO_PADDING, resultant); OEMCrypto_AES_CBC_128_NO_PADDING, resultant);
ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, sts);
ASSERT_NE(0, memcmp(clear_buffer_, resultant, kBufferSize)); ASSERT_NE(0, memcmp(clear_buffer_, resultant, kBufferSize));
s.close(); s.close();
testTearDown(); testTearDown();
@@ -5063,7 +5063,7 @@ TEST_F(DISABLED_GenericDRMTest, KeyDurationSign) {
sts = OEMCrypto_Generic_Sign(s.session_id(), clear_buffer_, kBufferSize, sts = OEMCrypto_Generic_Sign(s.session_id(), clear_buffer_, kBufferSize,
OEMCrypto_HMAC_SHA256,signature, OEMCrypto_HMAC_SHA256,signature,
&signature_length); &signature_length);
ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, sts);
ASSERT_NE(0, memcmp(signature, expected_signature, SHA256_DIGEST_LENGTH)); ASSERT_NE(0, memcmp(signature, expected_signature, SHA256_DIGEST_LENGTH));
s.close(); s.close();
@@ -5104,7 +5104,7 @@ TEST_F(DISABLED_GenericDRMTest, KeyDurationVerify) {
sts = OEMCrypto_Generic_Verify(s.session_id(), clear_buffer_, kBufferSize, sts = OEMCrypto_Generic_Verify(s.session_id(), clear_buffer_, kBufferSize,
OEMCrypto_HMAC_SHA256,signature, OEMCrypto_HMAC_SHA256,signature,
SHA256_DIGEST_LENGTH); SHA256_DIGEST_LENGTH);
ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, sts);
s.close(); s.close();
testTearDown(); testTearDown();