widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Entitlement License to OEMCrypto

Browse Source 
This CL adds entitlement license features and moves cipher mode from
LoadKeys to SelectKeys.

Merge from Widevine repo of http://go/wvgerrit/41660

bug: 70334840 Entitlement License - cdm layer
bug: 70334345 Entitlement License - reference code and unit tests

test: Entitlement license unit tests pass.
Change-Id: Ic7d7f42c15e6d83ef7fcfd8a866c778adc4c8095
This commit is contained in:
Fred Gylys-Colwell
2018-01-23 15:55:43 -08:00
parent 95fa4ffca9
commit 979ed70c7b
11 changed files with 1136 additions and 595 deletions
Download Patch File Download Diff File Expand all files Collapse all files

179
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -835,6 +835,29 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithNoMAC) {
ASSERT_EQ(expected_signature, signature);
}
TEST_F(OEMCryptoSessionTests, LoadEntitlementKeys) {
Session s;
ASSERT_NO_FATAL_FAILURE(s.open());
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
ASSERT_NO_FATAL_FAILURE(s.FillSimpleEntitlementMessage(0, 0, 0));
ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
ASSERT_NO_FATAL_FAILURE(s.LoadEnitlementTestKeys());
s.FillEntitledKeyArray();
ASSERT_NO_FATAL_FAILURE(s.LoadEntitledContentKeys());
s.FillEntitledKeyArray();
ASSERT_NO_FATAL_FAILURE(s.LoadEntitledContentKeys());
}
TEST_F(OEMCryptoSessionTests, LoadEntitlementKeysNoEntitlementKeys) {
Session s;
ASSERT_NO_FATAL_FAILURE(s.open());
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
ASSERT_NO_FATAL_FAILURE(s.FillSimpleEntitlementMessage(0, 0, 0));
ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
s.FillEntitledKeyArray();
s.LoadEntitledContentKeys(OEMCrypto_ERROR_INVALID_CONTEXT);
}
// This tests GenerateSignature with an 8k licnese request.
TEST_F(OEMCryptoSessionTests, ClientSignatureLargeBuffer) {
Session s;
@@ -894,7 +917,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange1) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
&mac_keys[0], // Not pointing into buffer.
s.num_keys(), s.key_array(), NULL, 0, NULL);
s.num_keys(), s.key_array(), NULL, 0, NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -913,7 +936,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) {
&s.signature()[0], s.signature().size(),
&mac_key_iv[0], // bad.
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0, NULL);
s.key_array(), NULL, 0, NULL,
OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -932,7 +956,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange3) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -952,7 +976,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange4) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -970,7 +994,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange5) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -990,7 +1014,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange6) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1010,7 +1034,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange7) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1026,7 +1050,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadNonce) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1052,7 +1076,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1068,7 +1092,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1104,7 +1128,7 @@ TEST_P(SessionTestAlternateVerification, LoadKeys) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
// If this is a future API, then LoadKeys should fail.
if (global_features.api_version < target_api_) {
ASSERT_NE(OEMCrypto_SUCCESS, sts);
@@ -1132,7 +1156,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1146,7 +1170,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysWithNoDerivedKeys) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1163,7 +1187,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeys) {
OEMCrypto_SUCCESS,
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(), NULL, NULL,
kNoKeys, s.key_array(), NULL, 0, NULL));
kNoKeys, s.key_array(), NULL, 0, NULL,
OEMCrypto_ContentLicense));
}
TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) {
@@ -1178,7 +1203,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) {
OEMCrypto_SUCCESS,
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(), NULL, NULL,
kNoKeys, s.key_array(), NULL, 0, NULL));
kNoKeys, s.key_array(), NULL, 0, NULL,
OEMCrypto_ContentLicense));
}
TEST_F(OEMCryptoSessionTests, QueryKeyControl) {
@@ -1219,7 +1245,7 @@ TEST_F(OEMCryptoSessionTests, AntiRollbackHardwareRequired) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
if (OEMCrypto_IsAntiRollbackHwPresent()) {
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
} else {
@@ -1243,7 +1269,8 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0, NULL));
s.key_array(), NULL, 0, NULL,
OEMCrypto_ContentLicense));
}
if (patch_level < 0x3F) {
Session s;
@@ -1259,7 +1286,8 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0, NULL));
s.key_array(), NULL, 0, NULL,
OEMCrypto_ContentLicense));
}
if (patch_level > 0) {
Session s;
@@ -1275,7 +1303,8 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0, NULL));
s.key_array(), NULL, 0, NULL,
OEMCrypto_ContentLicense));
}
}
@@ -1687,7 +1716,8 @@ class OEMCryptoSessionTestsDecryptTests
ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys());
sts = OEMCrypto_SelectKey(s.session_id(), s.license().keys[0].key_id,
s.license().keys[0].key_id_length);
s.license().keys[0].key_id_length,
cipher_mode_);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
// We decrypt each subsample.
@@ -2016,7 +2046,7 @@ INSTANTIATE_TEST_CASE_P(CTRTests, OEMCryptoSessionTestsPartialBlockTests,
// Decrypt in place for CBC tests was only required in v13.
INSTANTIATE_TEST_CASE_P(
CBCTestsAPI13, OEMCryptoSessionTestsPartialBlockTests,
CBCTestsAPI14, OEMCryptoSessionTestsPartialBlockTests,
Combine(
Values(MakePattern(0, 0),
MakePattern(3, 7),
@@ -2039,7 +2069,7 @@ INSTANTIATE_TEST_CASE_P(
// Decrypt in place for CBC tests was only required in v13.
INSTANTIATE_TEST_CASE_P(
CBCTestsAPI13, OEMCryptoSessionTestsDecryptTests,
CBCTestsAPI14, OEMCryptoSessionTestsDecryptTests,
Combine(
Values(MakePattern(0, 0),
MakePattern(3, 7),
@@ -3783,7 +3813,8 @@ class GenericCryptoTest : public OEMCryptoSessionTests {
EncryptBuffer(key_index, clear_buffer_, &expected_encrypted);
sts = OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length);
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
vector<uint8_t> encrypted(buffer_length);
sts =
@@ -3801,7 +3832,8 @@ class GenericCryptoTest : public OEMCryptoSessionTests {
EncryptBuffer(key_index, clear_buffer_, &encrypted);
sts = OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length);
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
vector<uint8_t> resultant(encrypted.size());
sts =
@@ -3818,7 +3850,8 @@ class GenericCryptoTest : public OEMCryptoSessionTests {
sts = OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length);
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
size_t signature_length = (size_t)SHA256_DIGEST_LENGTH;
vector<uint8_t> signature(SHA256_DIGEST_LENGTH);
@@ -3840,7 +3873,8 @@ class GenericCryptoTest : public OEMCryptoSessionTests {
sts = OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length);
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
sts = OEMCrypto_Generic_Verify(session_.session_id(), &clear_buffer_[0],
clear_buffer_.size(), algorithm,
@@ -3867,7 +3901,8 @@ TEST_F(GenericCryptoTest, GenericKeyEncrypt) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
vector<uint8_t> encrypted(clear_buffer_.size());
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Encrypt(
@@ -3895,7 +3930,8 @@ TEST_F(GenericCryptoTest, GenericKeyEncryptSameBufferAPI12) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
// Input and output are same buffer:
vector<uint8_t> buffer = clear_buffer_;
ASSERT_EQ(OEMCrypto_SUCCESS,
@@ -3914,7 +3950,8 @@ TEST_F(GenericCryptoTest, GenericKeyDecrypt) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
vector<uint8_t> resultant(encrypted.size());
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Decrypt(
@@ -3932,7 +3969,8 @@ TEST_F(GenericCryptoTest, GenericKeyDecryptSameBufferAPI12) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
vector<uint8_t> buffer = encrypted;
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Decrypt(
@@ -3952,7 +3990,8 @@ TEST_F(GenericCryptoTest, GenericSecureToClear) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
vector<uint8_t> resultant(encrypted.size());
ASSERT_NE(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Decrypt(
@@ -3981,7 +4020,8 @@ TEST_F(GenericCryptoTest, GenericKeySign) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
size_t gen_signature_length = 0;
ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER,
OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0],
@@ -4014,7 +4054,8 @@ TEST_F(GenericCryptoTest, GenericKeyVerify) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Verify(
session_.session_id(), &clear_buffer_[0], clear_buffer_.size(),
@@ -4042,7 +4083,8 @@ TEST_F(GenericCryptoTest, GenericKeyEncryptLargeBuffer) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
vector<uint8_t> encrypted(clear_buffer_.size());
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Encrypt(
@@ -4062,7 +4104,8 @@ TEST_F(GenericCryptoTest, GenericKeyDecryptLargeBuffer) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
vector<uint8_t> resultant(encrypted.size());
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Decrypt(
@@ -4082,7 +4125,8 @@ TEST_F(GenericCryptoTest, GenericKeySignLargeBuffer) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
size_t gen_signature_length = 0;
ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER,
OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0],
@@ -4108,7 +4152,8 @@ TEST_F(GenericCryptoTest, GenericKeyVerifyLargeBuffer) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Verify(
session_.session_id(), &clear_buffer_[0], clear_buffer_.size(),
@@ -4128,7 +4173,8 @@ TEST_F(GenericCryptoTest, KeyDurationEncrypt) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Encrypt(
session_.session_id(), &clear_buffer_[0], clear_buffer_.size(),
@@ -4157,7 +4203,8 @@ TEST_F(GenericCryptoTest, KeyDurationDecrypt) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
sleep(kShortSleep); // Should still be valid key.
@@ -4193,7 +4240,8 @@ TEST_F(GenericCryptoTest, KeyDurationSign) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
sleep(kShortSleep); // Should still be valid key.
@@ -4226,7 +4274,8 @@ TEST_F(GenericCryptoTest, KeyDurationVerify) {
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
sleep(kShortSleep); // Should still be valid key.
@@ -4292,7 +4341,8 @@ class GenericCryptoKeyIdLengthTest : public GenericCryptoTest {
ASSERT_EQ(
OEMCrypto_SUCCESS,
OEMCrypto_SelectKey(session_.session_id(), key_id_buffer.data(),
session_.license().keys[key_index].key_id_length));
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR));
vector<uint8_t> resultant(encrypted.size());
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_Generic_Decrypt(
@@ -4500,7 +4550,8 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length(), NULL));
s.key_array(), pst_ptr, pst.length(), NULL,
OEMCrypto_ContentLicense));
ASSERT_NO_FATAL_FAILURE(s2.close());
}
@@ -4518,7 +4569,7 @@ TEST_F(UsageTableTest, OnlineEmptyPST) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -4538,7 +4589,7 @@ TEST_F(UsageTableTest, OnlineMissingEntry) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(),
s.encrypted_license().pst, pst.length(), NULL);
s.encrypted_license().pst, pst.length(), NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -4617,7 +4668,8 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoEncrypt) {
EncryptBuffer(key_index, clear_buffer_, &expected_encrypted);
sts = OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length);
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
vector<uint8_t> encrypted(clear_buffer_.size());
sts = OEMCrypto_Generic_Encrypt(
@@ -4653,7 +4705,8 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoDecrypt) {
EncryptBuffer(key_index, clear_buffer_, &encrypted);
sts = OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length);
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
vector<uint8_t> resultant(encrypted.size());
sts = OEMCrypto_Generic_Decrypt(
@@ -4692,7 +4745,8 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoSign) {
sts = OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length);
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
size_t gen_signature_length = 0;
sts = OEMCrypto_Generic_Sign(session_.session_id(), &clear_buffer_[0],
@@ -4738,7 +4792,8 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoVerify) {
sts = OEMCrypto_SelectKey(session_.session_id(),
session_.license().keys[key_index].key_id,
session_.license().keys[key_index].key_id_length);
session_.license().keys[key_index].key_id_length,
OEMCrypto_CipherMode_CTR);
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
sts = OEMCrypto_Generic_Verify(session_.session_id(), &clear_buffer_[0],
clear_buffer_.size(), OEMCrypto_HMAC_SHA256,
@@ -4885,7 +4940,8 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) {
&s2.signature()[0], s2.signature().size(),
s2.encrypted_license().mac_key_iv,
s2.encrypted_license().mac_keys, s.num_keys(),
s2.key_array(), pst_ptr, pst.length(), NULL));
s2.key_array(), pst_ptr, pst.length(), NULL,
OEMCrypto_ContentLicense));
ASSERT_NO_FATAL_FAILURE(s2.close());
// Offline license with same mac keys should still be OK.
@@ -4912,7 +4968,7 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr,
pst.length(), NULL);
pst.length(), NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -4930,7 +4986,7 @@ TEST_P(UsageTableTestWithMAC, OfflineEmptyPST) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
NULL);
NULL, OEMCrypto_ContentLicense);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -4952,7 +5008,8 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineWrongPST) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(), NULL, NULL,
s.num_keys(), s.key_array(),
pst_ptr, bad_pst.length(), NULL));
pst_ptr, bad_pst.length(), NULL,
OEMCrypto_ContentLicense));
}
TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) {
@@ -4986,7 +5043,8 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length(), NULL));
s.key_array(), pst_ptr, pst.length(), NULL,
OEMCrypto_ContentLicense));
s2.close();
// But we can still generate a report.
Session s3;
@@ -5013,7 +5071,8 @@ TEST_P(UsageTableTestWithMAC, BadRange) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length(), NULL));
s.key_array(), pst_ptr, pst.length(), NULL,
OEMCrypto_ContentLicense));
}
TEST_F(UsageTableTest, UpdateFailsWithNullPtr) {
@@ -5090,7 +5149,8 @@ class UsageTableDefragTest : public UsageTableTest {
&s->signature()[0], s->signature().size(),
s->encrypted_license().mac_key_iv,
s->encrypted_license().mac_keys, s->num_keys(),
s->key_array(), pst_ptr, s->pst().length(), NULL));
s->key_array(), pst_ptr, s->pst().length(), NULL,
OEMCrypto_ContentLicense));
ASSERT_NO_FATAL_FAILURE(s->close());
}
@@ -5212,6 +5272,7 @@ TEST_F(UsageTableDefragTest, ReloadUsageEntryBadData) {
ASSERT_NO_FATAL_FAILURE(s.open());
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
vector<uint8_t> data = s.encrypted_usage_entry();
ASSERT_LT(0, data.size());
data[0] ^= 42;
// Error could be signature or verification error.
ASSERT_NE(OEMCrypto_SUCCESS,
@@ -5607,7 +5668,8 @@ TEST_F(UsageTableTest, LoadSharedLicenseWithNoMaster) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys,
s.num_keys(), s.key_array(), pst_ptr, pst.length(), NULL));
s.num_keys(), s.key_array(), pst_ptr, pst.length(), NULL,
OEMCrypto_ContentLicense));
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -5642,7 +5704,8 @@ TEST_F(UsageTableTest, PSTLargeBuffer) {
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length(), NULL));
s.key_array(), pst_ptr, pst.length(), NULL,
OEMCrypto_ContentLicense));
s2.close();
// But we can still generate a report.
Session s3;