widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updates to OEMCrytpo Mock

Browse Source 
Squash merge from the widevine repo of several changes to oemcrypto
unit tests and the mock reference code.

http://go/wvgerrit/16264 Use unsigned int for count in usage table (more mock)
http://go/wvgerrit/16262 Use unsigned int for count in usage table (mock version)
http://go/wvgerrit/16247 Fix mock OEMCrypto_DeleteUsageTable
http://go/wvgerrit/16070 Fix OEMCrypto_GenerateRSASignature return values
http://go/wvgerrit/15991 Fix buffer overflow for 32-bit systems
http://go/wvgerrit/15993 Return Correct Value from OEMCrypto_RefreshKeys
http://go/wvgerrit/15880 Cast RSA_size() to int
http://go/wvgerrit/15831 Be strict about warnings for CE CDM

b/23729420
b/25221168

Change-Id: I97b91dfc672db8c586ae317977871b7d6afac4bb
This commit is contained in:
Fred Gylys-Colwell
2015-12-05 11:39:26 -08:00
parent 6886b1fa12
commit 6d7dcb8cba
7 changed files with 67 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp
View File

@@ -408,27 +408,25 @@ size_t SessionContext::RSASignatureSize() {
return static_cast<size_t>(RSA_size(rsa_key_));
}
bool SessionContext::GenerateRSASignature(const uint8_t* message,
size_t message_length,
uint8_t* signature,
size_t* signature_length,
RSA_Padding_Scheme padding_scheme) {
OEMCryptoResult SessionContext::GenerateRSASignature(
const uint8_t* message, size_t message_length, uint8_t* signature,
size_t* signature_length, RSA_Padding_Scheme padding_scheme) {
if (message == NULL || message_length == 0 ||
signature == NULL || signature_length == 0) {
LOGE("[GenerateRSASignature(): OEMCrypto_ERROR_INVALID_CONTEXT]");
return false;
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
if (!rsa_key_) {
LOGE("[GenerateRSASignature(): no RSA key set]");
return false;
return OEMCrypto_ERROR_INVALID_RSA_KEY;
}
if (*signature_length < static_cast<size_t>(RSA_size(rsa_key_))) {
*signature_length = RSA_size(rsa_key_);
return false;
return OEMCrypto_ERROR_SHORT_BUFFER;
}
if ((padding_scheme & allowed_schemes_) != padding_scheme) {
LOGE("[GenerateRSASignature(): padding_scheme not allowed]");
return false;
return OEMCrypto_ERROR_INVALID_RSA_KEY;
}
// This is the standard padding scheme used for license requests.
@@ -438,7 +436,7 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
if (!SHA1(message, message_length, hash)) {
LOGE("[GeneratRSASignature(): error creating signature hash.]");
dump_openssl_error();
return false;
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
// Add PSS padding.
@@ -449,7 +447,7 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
if (status == -1) {
LOGE("[GeneratRSASignature(): error padding hash.]");
dump_openssl_error();
return false;
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
// Encrypt PSS padded digest.
@@ -458,13 +456,13 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
if (status == -1) {
LOGE("[GeneratRSASignature(): error in private encrypt.]");
dump_openssl_error();
return false;
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
// This is the alternate padding scheme used by cast receivers only.
} else if (padding_scheme == kSign_PKCS1_Block1) {
if (message_length > 83) {
LOGE("[GeneratRSASignature(): RSA digest too large.]");
return false;
return OEMCrypto_ERROR_SIGNATURE_FAILURE;
}
// Pad the message with PKCS1 padding, and then encrypt.
size_t status = RSA_private_encrypt(message_length, message, signature,
@@ -472,12 +470,12 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
if (status != *signature_length) {
LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]", status);
dump_openssl_error();
return false;
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
} else { // Bad RSA_Padding_Scheme
return false;
return OEMCrypto_ERROR_INVALID_RSA_KEY;
}
return true;
return OEMCrypto_SUCCESS;
}
// Validate message signature
@@ -696,24 +694,25 @@ bool SessionContext::InstallKey(const KeyId& key_id,
return true;
}
bool SessionContext::RefreshKey(const KeyId& key_id,
const std::vector<uint8_t>& key_control,
const std::vector<uint8_t>& key_control_iv) {
OEMCryptoResult SessionContext::RefreshKey(
const KeyId& key_id,
const std::vector<uint8_t>& key_control,
const std::vector<uint8_t>& key_control_iv) {
if (key_id.empty()) {
// Key control is not encrypted if key id is NULL
KeyControlBlock key_control_block(key_control);
if (!key_control_block.valid()) {
LOGE("Parse key control error.");
return false;
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
if ((key_control_block.control_bits() & kControlNonceEnabled) &&
(!CheckNonce(key_control_block.nonce()))) {
LOGE("KCB: BAD Nonce");
return false;
return OEMCrypto_ERROR_INVALID_NONCE;
}
// Apply duration to all keys in this session
session_keys_.UpdateDuration(key_control_block);
return true;
return OEMCrypto_SUCCESS;
}
Key* content_key = session_keys_.Find(key_id);
@@ -722,14 +721,14 @@ bool SessionContext::RefreshKey(const KeyId& key_id,
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Error: no matching content key.");
}
return false;
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
if (key_control.empty()) {
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Error: no key_control.");
}
return false;
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
const std::vector<uint8_t> content_key_value = content_key->value();
@@ -750,7 +749,7 @@ bool SessionContext::RefreshKey(const KeyId& key_id,
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Error decrypting key control block.");
}
return false;
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
}
@@ -759,15 +758,15 @@ bool SessionContext::RefreshKey(const KeyId& key_id,
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Parse key control error.");
}
return false;
return OEMCrypto_ERROR_INVALID_CONTEXT;
}
if ((key_control_block.control_bits() & kControlNonceEnabled) &&
(!CheckNonce(key_control_block.nonce()))) {
LOGE("KCB: BAD Nonce");
return false;
return OEMCrypto_ERROR_INVALID_NONCE;
}
content_key->UpdateDuration(key_control_block);
return true;
return OEMCrypto_SUCCESS;
}
bool SessionContext::DecryptRSAKey(const uint8_t* enc_rsa_key,