widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Unit tests for forbidden RSA key usage

Browse Source 
This CL adds unit tests to verify that the following
forbidden uses of an RSA private key do not work:

- ForbidPrepAndSign -- A cast cert key cannot sign a license
  request.
- ForbidUseAsDRMCert -- A cast cert cannot be used with the
  DRM cert's padding scheme and it cannot be used to derive
  keys from a session key.
- *ForbidRSASignatureForDRMKey* -- A DRM cert key cannot be
  used with GenerateRSASignature.
- *OEMCertForbidGenerateRSASignature* -- An OEM cert key
  cannot be used with GenerateRSASignature.

Bug: 251875110
Change-Id: Ic2b23e3fd279e878c190a8294078a8d092126a29
This commit is contained in:
Fred Gylys-Colwell
2023-08-20 21:40:02 -07:00
committed by Robert Shih
parent 343324e97c
commit 8f3ee84c1b
4 changed files with 124 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
libwvdrmengine/oemcrypto/test/oemcrypto_security_test.cpp
View File

@@ -812,6 +812,7 @@ TEST_F(OEMCryptoLoadsCertificateAlternates,
sts = OEMCrypto_GenerateRSASignature(s.session_id(), message_buffer.data(),
message_buffer.size(), nullptr,
&signature_length, kSign_PKCS1_Block1);
if (sts == OEMCrypto_ERROR_NOT_IMPLEMENTED) return;
ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
ASSERT_NE(static_cast<size_t>(0), signature_length);
vector<uint8_t> signature(signature_length);