From 6639965d305d3db103610af8b1abbfd2bb507217 Mon Sep 17 00:00:00 2001
From: Fred Gylys-Colwell <fredgc@google.com>
Date: Tue, 19 May 2015 21:05:29 -0700
Subject: [PATCH] Update padding scheme in mock

Merge from widevine repo of http://go/wvgerrit/14370

In order to run on android, we need the mock to compile with
BoringSSL, which uses a different function call for
RSA_padding_add_PKCS1_PSS.

Change-Id: I9cad4e7d5c1d4a3117fe7c0fc1e27590809a7ac3
---
 .../oemcrypto/mock/src/oemcrypto_engine_mock.cpp           | 7 +++++--
 libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h  | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp
index 7e07d06b..4bfe8ac9 100644
--- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp
+++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp
@@ -429,6 +429,7 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
     return false;
   }
 
+  // This is the standard padding scheme used for license requests.
   if (padding_scheme == kSign_RSASSA_PSS) {
     // Hash the message using SHA1.
     uint8_t hash[SHA_DIGEST_LENGTH];
@@ -440,8 +441,9 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
 
     // Add PSS padding.
     std::vector<uint8_t> padded_digest(*signature_length);
-    int status = RSA_padding_add_PKCS1_PSS(rsa_key_, &padded_digest[0], hash,
-                                           EVP_sha1(), kPssSaltLength);
+    int status = RSA_padding_add_PKCS1_PSS_mgf1(rsa_key_, &padded_digest[0],
+                                                hash, EVP_sha1(), NULL,
+                                                kPssSaltLength);
     if (status == -1) {
       LOGE("[GeneratRSASignature(): error padding hash.]");
       dump_openssl_error();
@@ -456,6 +458,7 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
       dump_openssl_error();
       return false;
     }
+    // This is the alternate padding scheme used by cast receivers only.
   } else if (padding_scheme == kSign_PKCS1_Block1) {
     if (message_length > 83) {
       LOGE("[GeneratRSASignature(): RSA digest too large.]");
diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
index 225f246d..27eeb8df 100644
--- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
+++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
@@ -265,9 +265,9 @@ class CryptoEngine {
   ActiveSessions sessions_;
   WvKeybox keybox_;
   WvTestKeybox test_keybox_;
+  bool use_test_keybox_;
   wvcdm::Lock session_table_lock_;
   UsageTable* usage_table_;
-  bool use_test_keybox_;
   RSA* rsa_key_;  // If no keybox, this is baked in certificate.
 
   CORE_DISALLOW_COPY_AND_ASSIGN(CryptoEngine);