Merge "Allow a service certificate to be specified for provisioning" into pi-dev

2018-05-02 21:51:54 +00:00
parent 81ce8b4601 816f00e533
commit 734b6b819e
16 changed files with 179 additions and 88 deletions
--- a/libwvdrmengine/cdm/core/test/cdm_engine_test.cpp
+++ b/libwvdrmengine/cdm/core/test/cdm_engine_test.cpp
@@ -193,13 +193,11 @@ class WvCdmEnginePreProvTest : public testing::Test {
    // try to provision. This is needed for testing nonce floods.
    CryptoSession keep_alive(cdm_engine_.GetMetrics()->GetCryptoMetrics());

-    ASSERT_EQ(NO_ERROR, cdm_engine_.SetProvisioningServiceCertificate(
-        g_provisioning_service_certificate));
    CdmResponseType result = NO_ERROR;
    for(int i = 0; i < 2; ++i) {  // Retry once if there is a nonce problem.
      result = cdm_engine_.GetProvisioningRequest(
-          cert_type, cert_authority, &prov_request,
-          &provisioning_server_url);
+          cert_type, cert_authority, g_provisioning_service_certificate,
+          &prov_request, &provisioning_server_url);
      if (result == CERT_PROVISIONING_NONCE_GENERATION_ERROR) {
        LOGW("Woops.  Nonce problem.  Try again?");
        sleep(1);
@@ -295,11 +293,9 @@ class WvCdmEnginePreProvTestUatBinary : public WvCdmEnginePreProvTest {
    CdmCertificateType cert_type = kCertificateWidevine;
    std::string cert_authority;
    std::string cert, wrapped_key;
-    ASSERT_EQ(NO_ERROR, cdm_engine_.SetProvisioningServiceCertificate(
-        g_provisioning_service_certificate));
    ASSERT_EQ(NO_ERROR, cdm_engine_.GetProvisioningRequest(
-        cert_type, cert_authority, &binary_prov_request,
-        &provisioning_server_url));
+        cert_type, cert_authority, g_provisioning_service_certificate,
+        &binary_prov_request, &provisioning_server_url));

    // prov_request is binary - base64 encode it
    std::string prov_request(Base64SafeEncodeNoPad(
@@ -508,18 +504,20 @@ class WvCdmEngineTest : public WvCdmEnginePreProvTest {
  std::string server_url_;
 };

-// Test that service certificate is initially absent.
-TEST_F(WvCdmEnginePreProvTestStaging,
-       ProvisioningServiceCertificateInitialNoneTest) {
-  ASSERT_FALSE(cdm_engine_.HasProvisioningServiceCertificate());
+// Tests to validate service certificate
+TEST_F(WvCdmEnginePreProvTestUat, ProvisioningServiceCertificateValidTest) {
+  ASSERT_EQ(
+      cdm_engine_.ValidateServiceCertificate(
+          g_provisioning_service_certificate),
+      NO_ERROR);
 };

-// Test that service certificate can be properly installed.
-TEST_F(WvCdmEnginePreProvTestStaging, ProvisioningServiceCertificateGoodTest) {
-  ASSERT_EQ(cdm_engine_.SetProvisioningServiceCertificate(
-      g_license_service_certificate),
-      NO_ERROR);
-  ASSERT_TRUE(cdm_engine_.HasProvisioningServiceCertificate());
+TEST_F(WvCdmEnginePreProvTestUat, ProvisioningServiceCertificateInvalidTest) {
+  std::string certificate = g_provisioning_service_certificate;
+  // Add four nulls to the beginning of the cert to invalidate it
+  certificate.insert(0, 4, 0);
+
+  ASSERT_NE(cdm_engine_.ValidateServiceCertificate(certificate), NO_ERROR);
 };

 // Test that provisioning works, even if device is already provisioned.