diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index 73eb96a7..60f61e6f 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -1108,21 +1108,51 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) { ASSERT_NE(OEMCrypto_SUCCESS, sts); } -TEST_F(OEMCryptoSessionTests, LoadKeyWithFutureVerification) { +// This tests each key control block verification string in the range kc09-kc1?. +class SessionTestAlternateVerification : public OEMCryptoSessionTests, + public WithParamInterface { + public: + virtual void SetUp() { + OEMCryptoSessionTests::SetUp(); + target_api_ = GetParam(); + } + protected: + int target_api_; +}; + +TEST_P(SessionTestAlternateVerification, LoadKeys) { Session s; ASSERT_NO_FATAL_FAILURE(s.open()); ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); - // OEMCrypto should reject API13 until the spec has been defined. - memcpy(s.license().keys[1].control.verification, "kc13", 4); + char buffer[5] = "kctl"; // This is the default verification string, required + // for all API versions. + if (target_api_ > 8 && target_api_ < 100) { + snprintf(buffer, 5, "kc%02d", target_api_); + } + for(int i=0; i < s.num_keys(); i++) { + memcpy(s.license().keys[i].control.verification, buffer, 4); + } ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); - ASSERT_NE(OEMCrypto_SUCCESS, sts); + // If this is a future API, then LoadKeys should fail. + if (global_features.api_version < target_api_) { + ASSERT_NE(OEMCrypto_SUCCESS, sts); + } else { + // Otherwise, LoadKeys should succeed. + ASSERT_EQ(OEMCrypto_SUCCESS, sts); + } } +// Range of API versions to test. This should start at 8, and go to +// the current API + 2. We use +2 because we want to test at least 1 +// future API, and the ::testing::Range is not inclusive. +INSTANTIATE_TEST_CASE_P(TestAll, SessionTestAlternateVerification, + Range(8, 12 + 2)); + TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) { Session s; ASSERT_NO_FATAL_FAILURE(s.open());