Add Shared License bit to key control block

Merge from widevine of http://go/wvgerrit/23184 This adds the shared license bit to the key control block for the reference code and the unit tests. b/31458046 Change-Id: I4e360ea5dd2e6cee145663d4ab4f384b65cac427
2017-01-27 15:20:03 -08:00
parent 3d977d999c
commit 650a0fdead
5 changed files with 68 additions and 18 deletions
--- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
+++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
@@ -5244,14 +5244,37 @@ TEST_F(UsageTableTest, VerifyUsageTimes) {
 // This is a special case where a collection of licenses can be shared with
 // multiple devices.  In order for this to work, a single session must first
 // load a device specific license, and then a shared content license.
-#if 0  // TODO(fredgc,jfore): fix this in http://go/wvgerrit/23184/
 TEST_F(UsageTableTest, LoadSharedLicense) {
-  // session_.generatersasignature.
-  // session_.GenerateNonce
-  // DeriveKeysFromSessionKey - (specify enc/mac keys.
-  // LoadKeys replay control = 2.  loads new mac keys.
-  // LoadKeys replay control = 0.  uses same mac key.
-  // check second loadkeys without first fails.
+  std::string pst = "my_pst";
+  Session s;
+  ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst));
+
+  ASSERT_NO_FATAL_FAILURE(s.open());
+  ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
+  // We will reuse the encrypted and signed message, so we don't call
+  // FillSimpleMessage again.
+  ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
+  ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, true));
+
+  // The second set of keys are in the shared license.  They will have the
+  // same mac keys as the original license, so we leave that alone.
+  // We given them different key ids so we can test that they were loaded.
+  // For this test, we leave the key content the same -- in real life it
+  // will be different.
+  for (unsigned int i = 0; i < s.num_keys(); i++) {
+    memset(s.license().keys[i].key_id, 'A' + i,
+           s.license().keys[i].key_id_length);
+    s.license().keys[i].control.nonce = 0;
+    s.license().keys[i].control.control_bits =
+        htonl(wvoec_mock::kSharedLicense);
+  }
+  ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
+  ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, false));
+  ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR());
+  ASSERT_NO_FATAL_FAILURE(s.close());
+}
+
+TEST_F(UsageTableTest, LoadSharedLicenseWithNoMaster) {
  std::string pst = "my_pst";
  Session s;
  ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst));
@@ -5259,21 +5282,32 @@ TEST_F(UsageTableTest, LoadSharedLicense) {
  ASSERT_NO_FATAL_FAILURE(s.open());
  ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
  ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
-  ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, true));
-  ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0));
+  // This time, we do NOT load the master license.  This should
+  // generate an error below.
+  // ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, true));
+
  // The second set of keys are in the shared license.
+  // We given them different key ids so we can test that they were loaded.
+  // For this test, we leave the key content the same -- in real life it
+  // will be different.
  for (unsigned int i = 0; i < s.num_keys(); i++) {
    memset(s.license().keys[i].key_id, 'A' + i,
           s.license().keys[i].key_id_length);
+    s.license().keys[i].control.nonce = 0;
+    s.license().keys[i].control.control_bits =
+        htonl(wvoec_mock::kSharedLicense);
  }
-  // TODO(fredgc,jfore): Decide if first set of keys need to stay loaded, or if
-  // they are replaced.
  ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
-  ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, false));
-  ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR());
+  uint8_t* pst_ptr = s.encrypted_license().pst;
+  ASSERT_EQ(OEMCrypto_ERROR_MISSING_MASTER,
+            OEMCrypto_LoadKeys(
+                s.session_id(), s.message_ptr(), s.message_size(),
+                &s.signature()[0], s.signature().size(),
+                s.encrypted_license().mac_key_iv,
+                s.encrypted_license().mac_keys,
+                s.num_keys(), s.key_array(), pst_ptr, pst.length(), NULL));
  ASSERT_NO_FATAL_FAILURE(s.close());
 }
-#endif

 TEST_F(UsageTableTest, PSTLargeBuffer) {
  std::string pst(kMaxPSTLength, 'a');  // A large PST.