widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Verify Key Rewrapping Does Not Leave Key in Clear

Browse Source 
Merge from widevine repo of http:/go/wvgerrit/14707

This CL adds a check to oemcrypto_test to verify that when a
certificate is rewrapped, it does not show up in the clear.  We can't
really verify that it is encrypted well, but we can check this.

bug: 21871738

Change-Id: I07c87c38a1e2a099a90a5be4e3350e91e09f6722
This commit is contained in:
Fred Gylys-Colwell
2015-06-16 11:15:13 -07:00
parent 1d934be5d1
commit 8bd1a40cd2
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -2753,6 +2753,9 @@ class OEMCryptoLoadsCertificate : public OEMCryptoSessionTestKeyboxTest {
s.MakeRSACertificate(&encrypted, &signature, allowed_schemes,
encoded_rsa_key_);
s.RewrapRSAKey(encrypted, signature, wrapped_key, force);
// Verify that the clear key is not contained in the wrapped key.
// It should be encrypted.
ASSERT_EQ(NULL, find(*wrapped_key, encoded_rsa_key_));
}
std::vector<uint8_t> encoded_rsa_key_;
@@ -4119,7 +4122,7 @@ class GenericCryptoTest : public OEMCryptoSessionTests {
memcpy(iv_buffer, iv_, wvcdm::KEY_IV_SIZE);
out_buffer->resize(in_buffer.size());
ASSERT_GT(in_buffer.size(), 0u);
ASSERT_EQ(0, in_buffer.size() % AES_BLOCK_SIZE);
ASSERT_EQ(0u, in_buffer.size() % AES_BLOCK_SIZE);
AES_cbc_encrypt(&in_buffer[0], out_buffer->data(), in_buffer.size(),
&aes_key, iv_buffer, AES_ENCRYPT);
}