widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updates to OEMCrytpo Mock

Browse Source 
Squash merge from the widevine repo of several changes to oemcrypto
unit tests and the mock reference code.

http://go/wvgerrit/16264 Use unsigned int for count in usage table (more mock)
http://go/wvgerrit/16262 Use unsigned int for count in usage table (mock version)
http://go/wvgerrit/16247 Fix mock OEMCrypto_DeleteUsageTable
http://go/wvgerrit/16070 Fix OEMCrypto_GenerateRSASignature return values
http://go/wvgerrit/15991 Fix buffer overflow for 32-bit systems
http://go/wvgerrit/15993 Return Correct Value from OEMCrypto_RefreshKeys
http://go/wvgerrit/15880 Cast RSA_size() to int
http://go/wvgerrit/15831 Be strict about warnings for CE CDM

b/23729420
b/25221168

Change-Id: I97b91dfc672db8c586ae317977871b7d6afac4bb
This commit is contained in:
Fred Gylys-Colwell
2015-12-05 11:39:26 -08:00
parent 6886b1fa12
commit 6d7dcb8cba
7 changed files with 67 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -1557,6 +1557,7 @@ OEMCryptoResult OEMCrypto_LoadTestRSAKey();
* Returns: * Returns:
* OEMCrypto_SUCCESS success * OEMCrypto_SUCCESS success
* OEMCrypto_ERROR_INVALID_SESSION * OEMCrypto_ERROR_INVALID_SESSION
* OEMCrypto_ERROR_INVALID_CONTEXT
* OEMCrypto_ERROR_SHORT_BUFFER if the signature buffer is too small. * OEMCrypto_ERROR_SHORT_BUFFER if the signature buffer is too small.
* OEMCrypto_ERROR_INVALID_RSA_KEY * OEMCrypto_ERROR_INVALID_RSA_KEY
* OEMCrypto_ERROR_INSUFFICIENT_RESOURCES * OEMCrypto_ERROR_INSUFFICIENT_RESOURCES

55
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp
View File

@@ -408,27 +408,25 @@ size_t SessionContext::RSASignatureSize() {
return static_cast<size_t>(RSA_size(rsa_key_)); return static_cast<size_t>(RSA_size(rsa_key_));
} }
bool SessionContext::GenerateRSASignature(const uint8_t* message, OEMCryptoResult SessionContext::GenerateRSASignature(
size_t message_length, const uint8_t* message, size_t message_length, uint8_t* signature,
uint8_t* signature, size_t* signature_length, RSA_Padding_Scheme padding_scheme) {
size_t* signature_length,
RSA_Padding_Scheme padding_scheme) {
if (message == NULL || message_length == 0 || if (message == NULL || message_length == 0 ||
signature == NULL || signature_length == 0) { signature == NULL || signature_length == 0) {
LOGE("[GenerateRSASignature(): OEMCrypto_ERROR_INVALID_CONTEXT]"); LOGE("[GenerateRSASignature(): OEMCrypto_ERROR_INVALID_CONTEXT]");
return false; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
if (!rsa_key_) { if (!rsa_key_) {
LOGE("[GenerateRSASignature(): no RSA key set]"); LOGE("[GenerateRSASignature(): no RSA key set]");
return false; return OEMCrypto_ERROR_INVALID_RSA_KEY;
} }
if (*signature_length < static_cast<size_t>(RSA_size(rsa_key_))) { if (*signature_length < static_cast<size_t>(RSA_size(rsa_key_))) {
*signature_length = RSA_size(rsa_key_); *signature_length = RSA_size(rsa_key_);
return false; return OEMCrypto_ERROR_SHORT_BUFFER;
} }
if ((padding_scheme & allowed_schemes_) != padding_scheme) { if ((padding_scheme & allowed_schemes_) != padding_scheme) {
LOGE("[GenerateRSASignature(): padding_scheme not allowed]"); LOGE("[GenerateRSASignature(): padding_scheme not allowed]");
return false; return OEMCrypto_ERROR_INVALID_RSA_KEY;
} }
// This is the standard padding scheme used for license requests. // This is the standard padding scheme used for license requests.
@@ -438,7 +436,7 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
if (!SHA1(message, message_length, hash)) { if (!SHA1(message, message_length, hash)) {
LOGE("[GeneratRSASignature(): error creating signature hash.]"); LOGE("[GeneratRSASignature(): error creating signature hash.]");
dump_openssl_error(); dump_openssl_error();
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
// Add PSS padding. // Add PSS padding.
@@ -449,7 +447,7 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
if (status == -1) { if (status == -1) {
LOGE("[GeneratRSASignature(): error padding hash.]"); LOGE("[GeneratRSASignature(): error padding hash.]");
dump_openssl_error(); dump_openssl_error();
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
// Encrypt PSS padded digest. // Encrypt PSS padded digest.
@@ -458,13 +456,13 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
if (status == -1) { if (status == -1) {
LOGE("[GeneratRSASignature(): error in private encrypt.]"); LOGE("[GeneratRSASignature(): error in private encrypt.]");
dump_openssl_error(); dump_openssl_error();
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
// This is the alternate padding scheme used by cast receivers only. // This is the alternate padding scheme used by cast receivers only.
} else if (padding_scheme == kSign_PKCS1_Block1) { } else if (padding_scheme == kSign_PKCS1_Block1) {
if (message_length > 83) { if (message_length > 83) {
LOGE("[GeneratRSASignature(): RSA digest too large.]"); LOGE("[GeneratRSASignature(): RSA digest too large.]");
return false; return OEMCrypto_ERROR_SIGNATURE_FAILURE;
} }
// Pad the message with PKCS1 padding, and then encrypt. // Pad the message with PKCS1 padding, and then encrypt.
size_t status = RSA_private_encrypt(message_length, message, signature, size_t status = RSA_private_encrypt(message_length, message, signature,
@@ -472,12 +470,12 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
if (status != *signature_length) { if (status != *signature_length) {
LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]", status); LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]", status);
dump_openssl_error(); dump_openssl_error();
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
} else { // Bad RSA_Padding_Scheme } else { // Bad RSA_Padding_Scheme
return false; return OEMCrypto_ERROR_INVALID_RSA_KEY;
} }
return true; return OEMCrypto_SUCCESS;
} }
// Validate message signature // Validate message signature
@@ -696,24 +694,25 @@ bool SessionContext::InstallKey(const KeyId& key_id,
return true; return true;
} }
bool SessionContext::RefreshKey(const KeyId& key_id, OEMCryptoResult SessionContext::RefreshKey(
const std::vector<uint8_t>& key_control, const KeyId& key_id,
const std::vector<uint8_t>& key_control_iv) { const std::vector<uint8_t>& key_control,
const std::vector<uint8_t>& key_control_iv) {
if (key_id.empty()) { if (key_id.empty()) {
// Key control is not encrypted if key id is NULL // Key control is not encrypted if key id is NULL
KeyControlBlock key_control_block(key_control); KeyControlBlock key_control_block(key_control);
if (!key_control_block.valid()) { if (!key_control_block.valid()) {
LOGE("Parse key control error."); LOGE("Parse key control error.");
return false; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
if ((key_control_block.control_bits() & kControlNonceEnabled) && if ((key_control_block.control_bits() & kControlNonceEnabled) &&
(!CheckNonce(key_control_block.nonce()))) { (!CheckNonce(key_control_block.nonce()))) {
LOGE("KCB: BAD Nonce"); LOGE("KCB: BAD Nonce");
return false; return OEMCrypto_ERROR_INVALID_NONCE;
} }
// Apply duration to all keys in this session // Apply duration to all keys in this session
session_keys_.UpdateDuration(key_control_block); session_keys_.UpdateDuration(key_control_block);
return true; return OEMCrypto_SUCCESS;
} }
Key* content_key = session_keys_.Find(key_id); Key* content_key = session_keys_.Find(key_id);
@@ -722,14 +721,14 @@ bool SessionContext::RefreshKey(const KeyId& key_id,
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) { if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Error: no matching content key."); LOGD("Error: no matching content key.");
} }
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (key_control.empty()) { if (key_control.empty()) {
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) { if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Error: no key_control."); LOGD("Error: no key_control.");
} }
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
const std::vector<uint8_t> content_key_value = content_key->value(); const std::vector<uint8_t> content_key_value = content_key->value();
@@ -750,7 +749,7 @@ bool SessionContext::RefreshKey(const KeyId& key_id,
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) { if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Error decrypting key control block."); LOGD("Error decrypting key control block.");
} }
return false; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
} }
@@ -759,15 +758,15 @@ bool SessionContext::RefreshKey(const KeyId& key_id,
if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) { if (LogCategoryEnabled(kLoggingDumpKeyControlBlocks)) {
LOGD("Parse key control error."); LOGD("Parse key control error.");
} }
return false; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
if ((key_control_block.control_bits() & kControlNonceEnabled) && if ((key_control_block.control_bits() & kControlNonceEnabled) &&
(!CheckNonce(key_control_block.nonce()))) { (!CheckNonce(key_control_block.nonce()))) {
LOGE("KCB: BAD Nonce"); LOGE("KCB: BAD Nonce");
return false; return OEMCrypto_ERROR_INVALID_NONCE;
} }
content_key->UpdateDuration(key_control_block); content_key->UpdateDuration(key_control_block);
return true; return OEMCrypto_SUCCESS;
} }
bool SessionContext::DecryptRSAKey(const uint8_t* enc_rsa_key, bool SessionContext::DecryptRSAKey(const uint8_t* enc_rsa_key,

18
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
View File

@@ -15,7 +15,7 @@
#include "lock.h" #include "lock.h"
#include "oemcrypto_key_mock.h" #include "oemcrypto_key_mock.h"
#include "oemcrypto_keybox_mock.h" #include "oemcrypto_keybox_mock.h"
#include "OEMCryptoCENC.h" // Needed for enum OEMCrypto_Algorithm. #include "OEMCryptoCENC.h" // Needed for enums only.
#include "wv_cdm_types.h" #include "wv_cdm_types.h"
namespace wvoec_mock { namespace wvoec_mock {
@@ -99,11 +99,11 @@ class SessionContext {
uint8_t* signature, uint8_t* signature,
size_t* signature_length); size_t* signature_length);
size_t RSASignatureSize(); size_t RSASignatureSize();
bool GenerateRSASignature(const uint8_t* message, OEMCryptoResult GenerateRSASignature(const uint8_t* message,
size_t message_length, size_t message_length,
uint8_t* signature, uint8_t* signature,
size_t* signature_length, size_t* signature_length,
RSA_Padding_Scheme padding_scheme); RSA_Padding_Scheme padding_scheme);
bool ValidateMessage(const uint8_t* message, bool ValidateMessage(const uint8_t* message,
size_t message_length, size_t message_length,
const uint8_t* signature, const uint8_t* signature,
@@ -157,9 +157,9 @@ class SessionContext {
size_t message_length, size_t message_length,
const uint8_t* signature, const uint8_t* signature,
size_t signature_length); size_t signature_length);
bool RefreshKey(const KeyId& key_id, OEMCryptoResult RefreshKey(const KeyId& key_id,
const std::vector<uint8_t>& key_control, const std::vector<uint8_t>& key_control,
const std::vector<uint8_t>& key_control_iv); const std::vector<uint8_t>& key_control_iv);
bool UpdateMacKeys(const std::vector<uint8_t>& mac_keys, bool UpdateMacKeys(const std::vector<uint8_t>& mac_keys,
const std::vector<uint8_t>& iv); const std::vector<uint8_t>& iv);
bool QueryKeyControlBlock(const KeyId& key_id, uint32_t* data); bool QueryKeyControlBlock(const KeyId& key_id, uint32_t* data);

31
libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp
View File

@@ -444,7 +444,7 @@ OEMCryptoResult OEMCrypto_RefreshKeys(
} }
// Decrypt and refresh keys in key refresh object // Decrypt and refresh keys in key refresh object
bool status = true; OEMCryptoResult status = OEMCrypto_SUCCESS;
std::vector<uint8_t> key_id; std::vector<uint8_t> key_id;
std::vector<uint8_t> key_control; std::vector<uint8_t> key_control;
std::vector<uint8_t> key_control_iv; std::vector<uint8_t> key_control_iv;
@@ -469,15 +469,17 @@ OEMCryptoResult OEMCrypto_RefreshKeys(
key_array[i].key_control + wvcdm::KEY_CONTROL_SIZE); key_array[i].key_control + wvcdm::KEY_CONTROL_SIZE);
} }
if (!session_ctx->RefreshKey(key_id, key_control, key_control_iv)) { status = session_ctx->RefreshKey(key_id, key_control, key_control_iv);
LOGE("[OEMCrypto_RefreshKeys(): error in key %i]", i); if (status != OEMCrypto_SUCCESS) {
status = false; LOGE("[OEMCrypto_RefreshKeys(): error %u in key %i]", status, i);
break; break;
} }
} }
session_ctx->FlushNonces(); session_ctx->FlushNonces();
if (!status) return OEMCrypto_ERROR_UNKNOWN_FAILURE; if (status != OEMCrypto_SUCCESS) {
return status;
}
session_ctx->StartTimer(); session_ctx->StartTimer();
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
@@ -1101,10 +1103,6 @@ OEMCryptoResult OEMCrypto_GenerateRSASignature(
LOGE("OEMCrypto_GenerateRSASignature: OEMCrypto Not Initialized."); LOGE("OEMCrypto_GenerateRSASignature: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (NO_ERROR != crypto_engine->ValidateKeybox()) {
LOGE("[OEMCrypto_GenerateRSASignature(): ERROR_KEYBOX_INVALID]");
return OEMCrypto_ERROR_KEYBOX_INVALID;
}
if (signature_length == 0) { if (signature_length == 0) {
LOGE("[OEMCrypto_GenerateRSASignature(): OEMCrypto_ERROR_INVALID_CONTEXT]"); LOGE("[OEMCrypto_GenerateRSASignature(): OEMCrypto_ERROR_INVALID_CONTEXT]");
@@ -1129,19 +1127,19 @@ OEMCryptoResult OEMCrypto_GenerateRSASignature(
return OEMCrypto_ERROR_INVALID_CONTEXT; return OEMCrypto_ERROR_INVALID_CONTEXT;
} }
if (session_ctx->GenerateRSASignature(message, OEMCryptoResult sts = session_ctx->GenerateRSASignature(message,
message_length, message_length,
signature, signature,
signature_length, signature_length,
padding_scheme)) { padding_scheme);
if (sts == OEMCrypto_SUCCESS) {
if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) {
if (wvcdm::g_cutoff >= wvcdm::LOG_VERBOSE) { if (wvcdm::g_cutoff >= wvcdm::LOG_VERBOSE) {
dump_hex("signature", signature, *signature_length); dump_hex("signature", signature, *signature_length);
} }
} }
return OEMCrypto_SUCCESS;
} }
return OEMCrypto_ERROR_UNKNOWN_FAILURE;; return sts;
} }
extern "C" extern "C"
@@ -1625,6 +1623,7 @@ OEMCryptoResult OEMCrypto_DeleteUsageTable() {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
crypto_engine->usage_table()->Clear(); crypto_engine->usage_table()->Clear();
crypto_engine->usage_table()->UpdateTable();
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }

2
libwvdrmengine/oemcrypto/mock/src/oemcrypto_usage_table_mock.cpp
View File

@@ -241,7 +241,7 @@ UsageTable::UsageTable(CryptoEngine *ce) {
// At this point, the stored table looks valid. We can load in all the // At this point, the stored table looks valid. We can load in all the
// entries. // entries.
for (size_t i = 0; i < stored_table->count; i++) { for (uint64_t i = 0; i < stored_table->count; i++) {
UsageTableEntry *entry = UsageTableEntry *entry =
new UsageTableEntry(&stored_table->entries[i].entry); new UsageTableEntry(&stored_table->entries[i].entry);
table_[entry->pst_hash()] = entry; table_[entry->pst_hash()] = entry;

2
libwvdrmengine/oemcrypto/mock/src/oemcrypto_usage_table_mock.h
View File

@@ -39,7 +39,7 @@ struct StoredUsageTable {
uint8_t signature[SHA256_DIGEST_LENGTH]; uint8_t signature[SHA256_DIGEST_LENGTH];
uint8_t iv[wvcdm::KEY_IV_SIZE]; uint8_t iv[wvcdm::KEY_IV_SIZE];
int64_t generation; int64_t generation;
size_t count; uint64_t count;
AlignedStoredUsageEntry entries[]; AlignedStoredUsageEntry entries[];
}; };

32
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -678,7 +678,7 @@ class Session {
} }
void RefreshTestKeys(const size_t key_count, uint32_t control_bits, void RefreshTestKeys(const size_t key_count, uint32_t control_bits,
uint32_t nonce, bool expect_good) { uint32_t nonce, OEMCryptoResult expected_result) {
// Note: we store the message in encrypted_license_, but the refresh key // Note: we store the message in encrypted_license_, but the refresh key
// message is not actually encrypted. It is, however, signed. // message is not actually encrypted. It is, however, signed.
FillRefreshMessage(key_count, control_bits, nonce); FillRefreshMessage(key_count, control_bits, nonce);
@@ -688,17 +688,13 @@ class Session {
OEMCryptoResult sts = OEMCrypto_RefreshKeys( OEMCryptoResult sts = OEMCrypto_RefreshKeys(
session_id(), message_ptr(), sizeof(MessageData), &signature_[0], session_id(), message_ptr(), sizeof(MessageData), &signature_[0],
signature_.size(), key_count, key_array); signature_.size(), key_count, key_array);
if (expect_good) { ASSERT_EQ(expected_result, sts);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
} else {
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
TestDecryptCTR(); TestDecryptCTR();
sleep(kShortSleep); // Should still be valid key. sleep(kShortSleep); // Should still be valid key.
TestDecryptCTR(false); TestDecryptCTR(false);
sleep(kShortSleep + kLongSleep); // Should be after first expiration. sleep(kShortSleep + kLongSleep); // Should be after first expiration.
if (expect_good) { if (expected_result == OEMCrypto_SUCCESS) {
TestDecryptCTR(false, OEMCrypto_SUCCESS); TestDecryptCTR(false, OEMCrypto_SUCCESS);
} else { } else {
TestDecryptCTR(false, OEMCrypto_ERROR_UNKNOWN_FAILURE); TestDecryptCTR(false, OEMCrypto_ERROR_UNKNOWN_FAILURE);
@@ -2157,7 +2153,8 @@ TEST_P(SessionTestRefreshKeyTest, RefreshWithNonce) {
s.LoadTestKeys("", new_mac_keys_); s.LoadTestKeys("", new_mac_keys_);
uint32_t nonce; uint32_t nonce;
s.GenerateNonce(&nonce); s.GenerateNonce(&nonce);
s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce, true); s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce,
OEMCrypto_SUCCESS);
} }
TEST_P(SessionTestRefreshKeyTest, RefreshNoNonce) { TEST_P(SessionTestRefreshKeyTest, RefreshNoNonce) {
@@ -2169,7 +2166,7 @@ TEST_P(SessionTestRefreshKeyTest, RefreshNoNonce) {
s.LoadTestKeys("", new_mac_keys_); s.LoadTestKeys("", new_mac_keys_);
uint32_t nonce; uint32_t nonce;
s.GenerateNonce(&nonce); s.GenerateNonce(&nonce);
s.RefreshTestKeys(num_keys_, 0, 0, true); s.RefreshTestKeys(num_keys_, 0, 0, OEMCrypto_SUCCESS);
} }
TEST_P(SessionTestRefreshKeyTest, RefreshOldNonce) { TEST_P(SessionTestRefreshKeyTest, RefreshOldNonce) {
@@ -2181,7 +2178,8 @@ TEST_P(SessionTestRefreshKeyTest, RefreshOldNonce) {
s.EncryptAndSign(); s.EncryptAndSign();
s.LoadTestKeys("", new_mac_keys_); s.LoadTestKeys("", new_mac_keys_);
uint32_t nonce = s.get_nonce(); uint32_t nonce = s.get_nonce();
s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce, false); s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce,
OEMCrypto_ERROR_INVALID_NONCE);
} }
TEST_P(SessionTestRefreshKeyTest, RefreshBadNonce) { TEST_P(SessionTestRefreshKeyTest, RefreshBadNonce) {
@@ -2195,7 +2193,8 @@ TEST_P(SessionTestRefreshKeyTest, RefreshBadNonce) {
uint32_t nonce; uint32_t nonce;
s.GenerateNonce(&nonce); s.GenerateNonce(&nonce);
nonce ^= 42; nonce ^= 42;
s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce, false); s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce,
OEMCrypto_ERROR_INVALID_NONCE);
} }
// Of only one key control block in the refesh, we update all the keys. // Of only one key control block in the refesh, we update all the keys.
@@ -5286,9 +5285,7 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) {
Session s; Session s;
s.open(); s.open();
s.GenerateTestSessionKeys(); s.GenerateTestSessionKeys();
s.FillSimpleMessage( s.FillSimpleMessage(0, wvoec_mock::kControlNonceOrEntry, 42, pst);
0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceOrEntry,
42, pst);
s.EncryptAndSign(); s.EncryptAndSign();
uint8_t* pst_ptr = s.encrypted_license().pst; uint8_t* pst_ptr = s.encrypted_license().pst;
OEMCryptoResult sts = OEMCrypto_LoadKeys( OEMCryptoResult sts = OEMCrypto_LoadKeys(
@@ -5306,9 +5303,7 @@ TEST_P(UsageTableTestWithMAC, OfflineEmptyPST) {
Session s; Session s;
s.open(); s.open();
s.GenerateTestSessionKeys(); s.GenerateTestSessionKeys();
s.FillSimpleMessage( s.FillSimpleMessage(0, wvoec_mock::kControlNonceOrEntry, s.get_nonce());
0, wvoec_mock::kControlNonceEnabled | wvoec_mock::kControlNonceOrEntry,
s.get_nonce());
s.EncryptAndSign(); s.EncryptAndSign();
OEMCryptoResult sts = OEMCrypto_LoadKeys( OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
@@ -5368,8 +5363,7 @@ TEST_P(UsageTableTestWithMAC, BadRange) {
Session s; Session s;
s.open(); s.open();
s.GenerateTestSessionKeys(); s.GenerateTestSessionKeys();
s.FillSimpleMessage(0, wvoec_mock::kControlNonceOrEntry, s.FillSimpleMessage(0, wvoec_mock::kControlNonceOrEntry,s.get_nonce(), pst);
s.get_nonce(), pst);
s.EncryptAndSign(); s.EncryptAndSign();
uint8_t* pst_ptr = s.license().pst; // Bad: not in encrypted_license. uint8_t* pst_ptr = s.license().pst; // Bad: not in encrypted_license.
ASSERT_NE( ASSERT_NE(