Clang Format some OEMCrypto Files
Merge from Widevine repo of http://go/wvgerrit/23240 This CL runs clang format on some OEMCrypto test and mock files, so it is easier to see what really changed in the next CL. Change-Id: I0abf98fc8d312d5b94ad51c3ef2caae820b931de
This commit is contained in:
Fred Gylys-Colwell
@@ -47,8 +47,7 @@ void ctr128_inc64(uint8_t* counter) {
|
||||
void dump_openssl_error() {
|
||||
while (unsigned long err = ERR_get_error()) {
|
||||
char buffer[120];
|
||||
LOGE("openssl error -- %lu -- %s",
|
||||
err, ERR_error_string(err, buffer));
|
||||
LOGE("openssl error -- %lu -- %s", err, ERR_error_string(err, buffer));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -96,8 +95,7 @@ SessionContext::~SessionContext() {
|
||||
|
||||
// Internal utility function to derive key using CMAC-128
|
||||
bool SessionContext::DeriveKey(const std::vector<uint8_t>& key,
|
||||
const std::vector<uint8_t>& context,
|
||||
int counter,
|
||||
const std::vector<uint8_t>& context, int counter,
|
||||
std::vector<uint8_t>* out) {
|
||||
if (key.empty() || counter > 4 || context.empty() || out == NULL) {
|
||||
LOGE("[DeriveKey(): OEMCrypto_ERROR_INVALID_CONTEXT]");
|
||||
@@ -180,9 +178,10 @@ bool SessionContext::DeriveKeys(const std::vector<uint8_t>& master_key,
|
||||
return true;
|
||||
}
|
||||
|
||||
bool SessionContext::RSADeriveKeys(const std::vector<uint8_t>& enc_session_key,
|
||||
const std::vector<uint8_t>& mac_key_context,
|
||||
const std::vector<uint8_t>& enc_key_context) {
|
||||
bool SessionContext::RSADeriveKeys(
|
||||
const std::vector<uint8_t>& enc_session_key,
|
||||
const std::vector<uint8_t>& mac_key_context,
|
||||
const std::vector<uint8_t>& enc_key_context) {
|
||||
if (!rsa_key()) {
|
||||
LOGE("[RSADeriveKeys(): no RSA key set]");
|
||||
return false;
|
||||
@@ -194,10 +193,9 @@ bool SessionContext::RSADeriveKeys(const std::vector<uint8_t>& enc_session_key,
|
||||
return false;
|
||||
}
|
||||
session_key_.resize(RSA_size(rsa_key()));
|
||||
int decrypted_size = RSA_private_decrypt(enc_session_key.size(),
|
||||
&enc_session_key[0],
|
||||
&session_key_[0], rsa_key(),
|
||||
RSA_PKCS1_OAEP_PADDING);
|
||||
int decrypted_size =
|
||||
RSA_private_decrypt(enc_session_key.size(), &enc_session_key[0],
|
||||
&session_key_[0], rsa_key(), RSA_PKCS1_OAEP_PADDING);
|
||||
if (-1 == decrypted_size) {
|
||||
LOGE("[RSADeriveKeys(): error decrypting session key.]");
|
||||
dump_openssl_error();
|
||||
@@ -219,8 +217,8 @@ bool SessionContext::GenerateSignature(const uint8_t* message,
|
||||
size_t message_length,
|
||||
uint8_t* signature,
|
||||
size_t* signature_length) {
|
||||
if (message == NULL || message_length == 0 ||
|
||||
signature == NULL || signature_length == 0) {
|
||||
if (message == NULL || message_length == 0 || signature == NULL ||
|
||||
signature_length == 0) {
|
||||
LOGE("[OEMCrypto_GenerateSignature(): OEMCrypto_ERROR_INVALID_CONTEXT]");
|
||||
return false;
|
||||
}
|
||||
@@ -237,8 +235,8 @@ bool SessionContext::GenerateSignature(const uint8_t* message,
|
||||
}
|
||||
|
||||
unsigned int md_len = *signature_length;
|
||||
if (HMAC(EVP_sha256(), &mac_key_client_[0], mac_key_client_.size(),
|
||||
message, message_length, signature, &md_len)) {
|
||||
if (HMAC(EVP_sha256(), &mac_key_client_[0], mac_key_client_.size(), message,
|
||||
message_length, signature, &md_len)) {
|
||||
*signature_length = md_len;
|
||||
return true;
|
||||
}
|
||||
@@ -256,8 +254,8 @@ size_t SessionContext::RSASignatureSize() {
|
||||
OEMCryptoResult SessionContext::GenerateRSASignature(
|
||||
const uint8_t* message, size_t message_length, uint8_t* signature,
|
||||
size_t* signature_length, RSA_Padding_Scheme padding_scheme) {
|
||||
if (message == NULL || message_length == 0 ||
|
||||
signature == NULL || signature_length == 0) {
|
||||
if (message == NULL || message_length == 0 || signature == NULL ||
|
||||
signature_length == 0) {
|
||||
LOGE("[GenerateRSASignature(): OEMCrypto_ERROR_INVALID_CONTEXT]");
|
||||
return OEMCrypto_ERROR_INVALID_CONTEXT;
|
||||
}
|
||||
@@ -285,9 +283,8 @@ OEMCryptoResult SessionContext::GenerateRSASignature(
|
||||
|
||||
// Add PSS padding.
|
||||
std::vector<uint8_t> padded_digest(*signature_length);
|
||||
int status = RSA_padding_add_PKCS1_PSS_mgf1(rsa_key(), &padded_digest[0],
|
||||
hash, EVP_sha1(), NULL,
|
||||
kPssSaltLength);
|
||||
int status = RSA_padding_add_PKCS1_PSS_mgf1(
|
||||
rsa_key(), &padded_digest[0], hash, EVP_sha1(), NULL, kPssSaltLength);
|
||||
if (status == -1) {
|
||||
LOGE("[GeneratRSASignature(): error padding hash.]");
|
||||
dump_openssl_error();
|
||||
@@ -295,8 +292,8 @@ OEMCryptoResult SessionContext::GenerateRSASignature(
|
||||
}
|
||||
|
||||
// Encrypt PSS padded digest.
|
||||
status = RSA_private_encrypt(*signature_length, &padded_digest[0], signature,
|
||||
rsa_key(), RSA_NO_PADDING);
|
||||
status = RSA_private_encrypt(*signature_length, &padded_digest[0],
|
||||
signature, rsa_key(), RSA_NO_PADDING);
|
||||
if (status == -1) {
|
||||
LOGE("[GeneratRSASignature(): error in private encrypt.]");
|
||||
dump_openssl_error();
|
||||
@@ -312,7 +309,8 @@ OEMCryptoResult SessionContext::GenerateRSASignature(
|
||||
size_t status = RSA_private_encrypt(message_length, message, signature,
|
||||
rsa_key(), RSA_PKCS1_PADDING);
|
||||
if (status != *signature_length) {
|
||||
LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]", status);
|
||||
LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]",
|
||||
status);
|
||||
dump_openssl_error();
|
||||
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
||||
}
|
||||
@@ -368,8 +366,8 @@ bool SessionContext::CheckNonceOrEntry(const KeyControlBlock& key_control_block,
|
||||
}
|
||||
usage_entry_ = ce_->usage_table()->CreateEntry(pst, this);
|
||||
}
|
||||
break; // Offline license. Nonce required on first use.
|
||||
case kControlNonceOrEntry:
|
||||
break;
|
||||
case kControlNonceOrEntry: // Offline license. Nonce required on first use.
|
||||
if (key_control_block.control_bits() & kControlNonceEnabled) {
|
||||
LOGE("KCB: Server provided NonceOrEntry but Nonce_Enabled = 1.");
|
||||
// Server error. Continue, and assume nonce required.
|
||||
@@ -400,9 +398,7 @@ bool SessionContext::CheckNonceOrEntry(const KeyControlBlock& key_control_block,
|
||||
return true;
|
||||
}
|
||||
|
||||
void SessionContext::StartTimer() {
|
||||
timer_start_ = time(NULL);
|
||||
}
|
||||
void SessionContext::StartTimer() { timer_start_ = time(NULL); }
|
||||
|
||||
uint32_t SessionContext::CurrentTimer() {
|
||||
time_t now = time(NULL);
|
||||
@@ -501,12 +497,11 @@ bool SessionContext::InstallKey(const KeyId& key_id,
|
||||
}
|
||||
|
||||
if (LogCategoryEnabled(kLoggingDumpContentKeys)) {
|
||||
LOGI((" InstallKey: key_id = " +
|
||||
wvcdm::b2a_hex(key_id)).c_str());
|
||||
LOGI((" InstallKey: content_key = " +
|
||||
wvcdm::b2a_hex(content_key)).c_str());
|
||||
LOGI((" InstallKey: key_control = " +
|
||||
wvcdm::b2a_hex(key_control_str)).c_str());
|
||||
LOGI((" InstallKey: key_id = " + wvcdm::b2a_hex(key_id)).c_str());
|
||||
LOGI(
|
||||
(" InstallKey: content_key = " + wvcdm::b2a_hex(content_key)).c_str());
|
||||
LOGI((" InstallKey: key_control = " + wvcdm::b2a_hex(key_control_str))
|
||||
.c_str());
|
||||
}
|
||||
|
||||
// Key control must be supplied by license server
|
||||
@@ -554,13 +549,12 @@ bool SessionContext::InstallKey(const KeyId& key_id,
|
||||
return true;
|
||||
}
|
||||
|
||||
bool SessionContext::InstallRSAEncryptedKey(const uint8_t *encrypted_message_key,
|
||||
size_t encrypted_message_key_length) {
|
||||
bool SessionContext::InstallRSAEncryptedKey(
|
||||
const uint8_t* encrypted_message_key, size_t encrypted_message_key_length) {
|
||||
encryption_key_.resize(RSA_size(rsa_key()));
|
||||
int decrypted_size = RSA_private_decrypt( encrypted_message_key_length,
|
||||
encrypted_message_key,
|
||||
&encryption_key_[0], rsa_key(),
|
||||
RSA_PKCS1_OAEP_PADDING);
|
||||
int decrypted_size = RSA_private_decrypt(
|
||||
encrypted_message_key_length, encrypted_message_key, &encryption_key_[0],
|
||||
rsa_key(), RSA_PKCS1_OAEP_PADDING);
|
||||
if (-1 == decrypted_size) {
|
||||
LOGE("[RSADeriveKeys(): error decrypting session key.]");
|
||||
dump_openssl_error();
|
||||
@@ -651,17 +645,17 @@ OEMCryptoResult SessionContext::RefreshKey(
|
||||
return OEMCrypto_SUCCESS;
|
||||
}
|
||||
|
||||
bool SessionContext::DecryptRSAKey(const uint8_t* enc_rsa_key,
|
||||
size_t enc_rsa_key_length,
|
||||
const uint8_t* enc_rsa_key_iv,
|
||||
uint8_t* pkcs8_rsa_key) {
|
||||
bool SessionContext::DecryptRSAKey(const uint8_t* enc_rsa_key,
|
||||
size_t enc_rsa_key_length,
|
||||
const uint8_t* enc_rsa_key_iv,
|
||||
uint8_t* pkcs8_rsa_key) {
|
||||
// Decrypt rsa key with keybox.
|
||||
uint8_t iv_buffer[wvcdm::KEY_IV_SIZE];
|
||||
memcpy(iv_buffer, enc_rsa_key_iv, wvcdm::KEY_IV_SIZE);
|
||||
AES_KEY aes_key;
|
||||
AES_set_decrypt_key(&encryption_key_[0], 128, &aes_key);
|
||||
AES_cbc_encrypt(enc_rsa_key, pkcs8_rsa_key, enc_rsa_key_length,
|
||||
&aes_key, iv_buffer, AES_DECRYPT);
|
||||
AES_cbc_encrypt(enc_rsa_key, pkcs8_rsa_key, enc_rsa_key_length, &aes_key,
|
||||
iv_buffer, AES_DECRYPT);
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -674,8 +668,8 @@ bool SessionContext::EncryptRSAKey(const uint8_t* pkcs8_rsa_key,
|
||||
memcpy(iv_buffer, enc_rsa_key_iv, wvcdm::KEY_IV_SIZE);
|
||||
AES_KEY aes_key;
|
||||
AES_set_encrypt_key(&encryption_key_[0], 128, &aes_key);
|
||||
AES_cbc_encrypt(pkcs8_rsa_key, enc_rsa_key, enc_rsa_key_length,
|
||||
&aes_key, iv_buffer, AES_ENCRYPT);
|
||||
AES_cbc_encrypt(pkcs8_rsa_key, enc_rsa_key, enc_rsa_key_length, &aes_key,
|
||||
iv_buffer, AES_ENCRYPT);
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -701,7 +695,7 @@ OEMCryptoResult SessionContext::AllowKeyUse(const std::string& log_string,
|
||||
uint32_t use_type,
|
||||
OEMCryptoBufferType buffer_type) {
|
||||
const KeyControlBlock& control = current_content_key()->control();
|
||||
if (use_type && (!(control.control_bits() & use_type))) {
|
||||
if (use_type && (!(control.control_bits() & use_type))) {
|
||||
LOGE("[%s(): control bit says not allowed.", log_string.c_str());
|
||||
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
||||
}
|
||||
@@ -738,16 +732,14 @@ OEMCryptoResult SessionContext::AllowKeyUse(const std::string& log_string,
|
||||
}
|
||||
}
|
||||
if (control.control_bits() & kControlSRMVersionRequired) {
|
||||
LOGE("[%s(): control bit says SRM version required.",
|
||||
log_string.c_str());
|
||||
LOGE("[%s(): control bit says SRM version required.", log_string.c_str());
|
||||
return OEMCrypto_ERROR_INSUFFICIENT_HDCP;
|
||||
}
|
||||
}
|
||||
if (!ce_->config_local_display_only()
|
||||
|| buffer_type == OEMCrypto_BufferType_Clear) {
|
||||
if (!ce_->config_local_display_only() ||
|
||||
buffer_type == OEMCrypto_BufferType_Clear) {
|
||||
if (control.control_bits() & kControlDisableAnalogOutput) {
|
||||
LOGE("[%s(): control bit says disable analog.",
|
||||
log_string.c_str());
|
||||
LOGE("[%s(): control bit says disable analog.", log_string.c_str());
|
||||
return OEMCrypto_ERROR_ANALOG_OUTPUT;
|
||||
}
|
||||
}
|
||||
@@ -789,8 +781,8 @@ OEMCryptoResult SessionContext::Generic_Encrypt(const uint8_t* in_buffer,
|
||||
}
|
||||
uint8_t iv_buffer[wvcdm::KEY_IV_SIZE];
|
||||
memcpy(iv_buffer, iv, wvcdm::KEY_IV_SIZE);
|
||||
AES_cbc_encrypt(in_buffer, out_buffer, buffer_length,
|
||||
&aes_key, iv_buffer, AES_ENCRYPT);
|
||||
AES_cbc_encrypt(in_buffer, out_buffer, buffer_length, &aes_key, iv_buffer,
|
||||
AES_ENCRYPT);
|
||||
return OEMCrypto_SUCCESS;
|
||||
}
|
||||
|
||||
@@ -830,8 +822,8 @@ OEMCryptoResult SessionContext::Generic_Decrypt(const uint8_t* in_buffer,
|
||||
}
|
||||
uint8_t iv_buffer[wvcdm::KEY_IV_SIZE];
|
||||
memcpy(iv_buffer, iv, wvcdm::KEY_IV_SIZE);
|
||||
AES_cbc_encrypt(in_buffer, out_buffer, buffer_length,
|
||||
&aes_key, iv_buffer, AES_DECRYPT);
|
||||
AES_cbc_encrypt(in_buffer, out_buffer, buffer_length, &aes_key, iv_buffer,
|
||||
AES_DECRYPT);
|
||||
return OEMCrypto_SUCCESS;
|
||||
}
|
||||
|
||||
@@ -863,8 +855,8 @@ OEMCryptoResult SessionContext::Generic_Sign(const uint8_t* in_buffer,
|
||||
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
||||
}
|
||||
unsigned int md_len = *signature_length;
|
||||
if (HMAC(EVP_sha256(), &key[0], key.size(),
|
||||
in_buffer, buffer_length, signature, &md_len)) {
|
||||
if (HMAC(EVP_sha256(), &key[0], key.size(), in_buffer, buffer_length,
|
||||
signature, &md_len)) {
|
||||
*signature_length = md_len;
|
||||
return OEMCrypto_SUCCESS;
|
||||
}
|
||||
@@ -900,8 +892,8 @@ OEMCryptoResult SessionContext::Generic_Verify(const uint8_t* in_buffer,
|
||||
}
|
||||
unsigned int md_len = signature_length;
|
||||
uint8_t computed_signature[SHA256_DIGEST_LENGTH];
|
||||
if (HMAC(EVP_sha256(), &key[0], key.size(),
|
||||
in_buffer, buffer_length, computed_signature, &md_len)) {
|
||||
if (HMAC(EVP_sha256(), &key[0], key.size(), in_buffer, buffer_length,
|
||||
computed_signature, &md_len)) {
|
||||
if (0 == memcmp(signature, computed_signature, SHA256_DIGEST_LENGTH)) {
|
||||
return OEMCrypto_SUCCESS;
|
||||
} else {
|
||||
@@ -920,21 +912,20 @@ bool SessionContext::UpdateMacKeys(const std::vector<uint8_t>& enc_mac_keys,
|
||||
if (!DecryptMessage(encryption_key_, iv, enc_mac_keys, &mac_keys)) {
|
||||
return false;
|
||||
}
|
||||
mac_key_server_ = std::vector<uint8_t>(mac_keys.begin(),
|
||||
mac_keys.begin()+wvcdm::MAC_KEY_SIZE);
|
||||
mac_key_client_ = std::vector<uint8_t>(mac_keys.begin()+wvcdm::MAC_KEY_SIZE,
|
||||
mac_key_server_ = std::vector<uint8_t>(
|
||||
mac_keys.begin(), mac_keys.begin() + wvcdm::MAC_KEY_SIZE);
|
||||
mac_key_client_ = std::vector<uint8_t>(mac_keys.begin() + wvcdm::MAC_KEY_SIZE,
|
||||
mac_keys.end());
|
||||
return true;
|
||||
}
|
||||
|
||||
bool SessionContext::QueryKeyControlBlock(const KeyId& key_id, uint32_t* data) {
|
||||
const Key* content_key = session_keys_.Find(key_id);
|
||||
if (LogCategoryEnabled(kLoggingTraceDecryption)){
|
||||
LOGI(( "Select Key: key_id = " +
|
||||
wvcdm::b2a_hex(key_id) ).c_str());
|
||||
if (LogCategoryEnabled(kLoggingTraceDecryption)) {
|
||||
LOGI(("Select Key: key_id = " + wvcdm::b2a_hex(key_id)).c_str());
|
||||
if (content_key) {
|
||||
LOGI(( "Select Key: key = " +
|
||||
wvcdm::b2a_hex(content_key->value()) ).c_str());
|
||||
LOGI(("Select Key: key = " + wvcdm::b2a_hex(content_key->value()))
|
||||
.c_str());
|
||||
} else {
|
||||
LOGI("Select Key: key = null.");
|
||||
}
|
||||
@@ -953,11 +944,10 @@ bool SessionContext::QueryKeyControlBlock(const KeyId& key_id, uint32_t* data) {
|
||||
OEMCryptoResult SessionContext::SelectContentKey(const KeyId& key_id) {
|
||||
const Key* content_key = session_keys_.Find(key_id);
|
||||
|
||||
if (LogCategoryEnabled(kLoggingTraceDecryption)){
|
||||
LOGI(( " Select Key: key_id = " +
|
||||
wvcdm::b2a_hex(key_id) ).c_str());
|
||||
LOGI(( " Select Key: key = " +
|
||||
wvcdm::b2a_hex(content_key->value()) ).c_str());
|
||||
if (LogCategoryEnabled(kLoggingTraceDecryption)) {
|
||||
LOGI((" Select Key: key_id = " + wvcdm::b2a_hex(key_id)).c_str());
|
||||
LOGI((" Select Key: key = " + wvcdm::b2a_hex(content_key->value()))
|
||||
.c_str());
|
||||
}
|
||||
|
||||
if (NULL == content_key) {
|
||||
@@ -975,17 +965,13 @@ OEMCryptoResult SessionContext::SelectContentKey(const KeyId& key_id) {
|
||||
return OEMCrypto_SUCCESS;
|
||||
}
|
||||
|
||||
void SessionContext::AddNonce(uint32_t nonce) {
|
||||
nonce_table_.AddNonce(nonce);
|
||||
}
|
||||
void SessionContext::AddNonce(uint32_t nonce) { nonce_table_.AddNonce(nonce); }
|
||||
|
||||
bool SessionContext::CheckNonce(uint32_t nonce) {
|
||||
return nonce_table_.CheckNonce(nonce);
|
||||
}
|
||||
|
||||
void SessionContext::FlushNonces() {
|
||||
nonce_table_.Flush();
|
||||
}
|
||||
void SessionContext::FlushNonces() { nonce_table_.Flush(); }
|
||||
|
||||
bool SessionContext::IsUsageEntryValid() {
|
||||
if (!usage_entry_) return false;
|
||||
@@ -994,10 +980,10 @@ bool SessionContext::IsUsageEntryValid() {
|
||||
|
||||
void SessionContext::ReleaseUsageEntry() { usage_entry_ = NULL; }
|
||||
|
||||
CryptoEngine::CryptoEngine(wvcdm::FileSystem* file_system) :
|
||||
root_of_trust_(config_provisioning_method()),
|
||||
file_system_(file_system),
|
||||
usage_table_(new UsageTable(this)) {
|
||||
CryptoEngine::CryptoEngine(wvcdm::FileSystem* file_system)
|
||||
: root_of_trust_(config_provisioning_method()),
|
||||
file_system_(file_system),
|
||||
usage_table_(new UsageTable(this)) {
|
||||
ERR_load_crypto_strings();
|
||||
}
|
||||
|
||||
@@ -1012,8 +998,8 @@ SessionId CryptoEngine::CreateSession() {
|
||||
wvcdm::AutoLock lock(session_table_lock_);
|
||||
static int unique_id = 1;
|
||||
SessionId sid = (SessionId)++unique_id;
|
||||
SessionContext* sctx = new SessionContext(this, sid,
|
||||
root_of_trust_.SharedRsaKey());
|
||||
SessionContext* sctx =
|
||||
new SessionContext(this, sid, root_of_trust_.SharedRsaKey());
|
||||
sessions_[sid] = sctx;
|
||||
return sid;
|
||||
}
|
||||
@@ -1130,8 +1116,8 @@ OEMCryptoResult SessionContext::DecryptCBC(
|
||||
size_t size =
|
||||
std::min(cipher_data_length - l, static_cast<size_t>(AES_BLOCK_SIZE));
|
||||
size_t pattern_length = pattern->encrypt + pattern->skip;
|
||||
bool skip_block = (pattern_offset >= pattern->encrypt)
|
||||
&& (pattern_length>0);
|
||||
bool skip_block =
|
||||
(pattern_offset >= pattern->encrypt) && (pattern_length > 0);
|
||||
if (pattern_length > 0) {
|
||||
pattern_offset = (pattern_offset + 1) % pattern_length;
|
||||
}
|
||||
@@ -1165,8 +1151,8 @@ OEMCryptoResult SessionContext::PatternDecryptCTR(
|
||||
size_t size =
|
||||
std::min(cipher_data_length - l, AES_BLOCK_SIZE - block_offset);
|
||||
size_t pattern_length = pattern->encrypt + pattern->skip;
|
||||
bool skip_block = (pattern_offset >= pattern->encrypt)
|
||||
&& (pattern_length>0);
|
||||
bool skip_block =
|
||||
(pattern_offset >= pattern->encrypt) && (pattern_length > 0);
|
||||
if (pattern_length > 0) {
|
||||
pattern_offset = (pattern_offset + 1) % pattern_length;
|
||||
}
|
||||
|
||||
@@ -58,7 +58,7 @@ class NonceTable {
|
||||
state_[i] = kNTStateInvalid;
|
||||
}
|
||||
}
|
||||
~NonceTable() {};
|
||||
~NonceTable() {}
|
||||
void AddNonce(uint32_t nonce);
|
||||
bool CheckNonce(uint32_t nonce);
|
||||
void Flush();
|
||||
@@ -79,8 +79,7 @@ class SessionContext {
|
||||
SessionContext() {}
|
||||
|
||||
public:
|
||||
SessionContext(CryptoEngine* ce, SessionId sid,
|
||||
const RSA_shared_ptr& rsa_key)
|
||||
SessionContext(CryptoEngine* ce, SessionId sid, const RSA_shared_ptr& rsa_key)
|
||||
: valid_(true),
|
||||
ce_(ce),
|
||||
id_(sid),
|
||||
@@ -98,20 +97,16 @@ class SessionContext {
|
||||
bool RSADeriveKeys(const std::vector<uint8_t>& enc_session_key,
|
||||
const std::vector<uint8_t>& mac_context,
|
||||
const std::vector<uint8_t>& enc_context);
|
||||
bool GenerateSignature(const uint8_t* message,
|
||||
size_t message_length,
|
||||
uint8_t* signature,
|
||||
size_t* signature_length);
|
||||
bool GenerateSignature(const uint8_t* message, size_t message_length,
|
||||
uint8_t* signature, size_t* signature_length);
|
||||
size_t RSASignatureSize();
|
||||
OEMCryptoResult GenerateRSASignature(const uint8_t* message,
|
||||
size_t message_length,
|
||||
uint8_t* signature,
|
||||
size_t* signature_length,
|
||||
RSA_Padding_Scheme padding_scheme);
|
||||
bool ValidateMessage(const uint8_t* message,
|
||||
size_t message_length,
|
||||
const uint8_t* signature,
|
||||
size_t signature_length);
|
||||
bool ValidateMessage(const uint8_t* message, size_t message_length,
|
||||
const uint8_t* signature, size_t signature_length);
|
||||
OEMCryptoResult DecryptCENC(const uint8_t* iv, size_t block_offset,
|
||||
const OEMCrypto_CENCEncryptPatternDesc* pattern,
|
||||
const uint8_t* cipher_data,
|
||||
@@ -142,25 +137,18 @@ class SessionContext {
|
||||
const uint8_t* enc_mac_keys, size_t num_keys,
|
||||
const OEMCrypto_KeyObject* key_array,
|
||||
const uint8_t* pst, size_t pst_length);
|
||||
bool InstallKey(const KeyId& key_id,
|
||||
const std::vector<uint8_t>& key_data,
|
||||
bool InstallKey(const KeyId& key_id, const std::vector<uint8_t>& key_data,
|
||||
const std::vector<uint8_t>& key_data_iv,
|
||||
const std::vector<uint8_t>& key_control,
|
||||
const std::vector<uint8_t>& key_control_iv,
|
||||
const std::vector<uint8_t>& pst,
|
||||
bool ctr_mode);
|
||||
bool InstallRSAEncryptedKey(const uint8_t *encrypted_message_key,
|
||||
const std::vector<uint8_t>& pst, bool ctr_mode);
|
||||
bool InstallRSAEncryptedKey(const uint8_t* encrypted_message_key,
|
||||
size_t encrypted_message_key_length);
|
||||
bool DecryptRSAKey(const uint8_t* enc_rsa_key,
|
||||
size_t enc_rsa_key_length,
|
||||
const uint8_t* wrapped_rsa_key_iv,
|
||||
uint8_t* pkcs8_rsa_key);
|
||||
bool EncryptRSAKey(const uint8_t* pkcs8_rsa_key,
|
||||
size_t enc_rsa_key_length,
|
||||
const uint8_t* enc_rsa_key_iv,
|
||||
uint8_t* enc_rsa_key);
|
||||
bool LoadRSAKey(const uint8_t* pkcs8_rsa_key,
|
||||
size_t rsa_key_length);
|
||||
bool DecryptRSAKey(const uint8_t* enc_rsa_key, size_t enc_rsa_key_length,
|
||||
const uint8_t* wrapped_rsa_key_iv, uint8_t* pkcs8_rsa_key);
|
||||
bool EncryptRSAKey(const uint8_t* pkcs8_rsa_key, size_t enc_rsa_key_length,
|
||||
const uint8_t* enc_rsa_key_iv, uint8_t* enc_rsa_key);
|
||||
bool LoadRSAKey(const uint8_t* pkcs8_rsa_key, size_t rsa_key_length);
|
||||
OEMCryptoResult RefreshKey(const KeyId& key_id,
|
||||
const std::vector<uint8_t>& key_control,
|
||||
const std::vector<uint8_t>& key_control_iv);
|
||||
@@ -191,8 +179,8 @@ class SessionContext {
|
||||
|
||||
private:
|
||||
bool DeriveKey(const std::vector<uint8_t>& key,
|
||||
const std::vector<uint8_t>& context,
|
||||
int counter, std::vector<uint8_t>* out);
|
||||
const std::vector<uint8_t>& context, int counter,
|
||||
std::vector<uint8_t>* out);
|
||||
bool DecryptMessage(const std::vector<uint8_t>& key,
|
||||
const std::vector<uint8_t>& iv,
|
||||
const std::vector<uint8_t>& message,
|
||||
@@ -261,11 +249,9 @@ class CryptoEngine {
|
||||
return root_of_trust_.DeviceId();
|
||||
}
|
||||
|
||||
size_t DeviceRootTokenLength() {
|
||||
return root_of_trust_.DeviceTokenLength();
|
||||
}
|
||||
size_t DeviceRootTokenLength() { return root_of_trust_.DeviceTokenLength(); }
|
||||
|
||||
const uint8_t* const DeviceRootToken() {
|
||||
const uint8_t* const DeviceRootToken() {
|
||||
return root_of_trust_.DeviceToken();
|
||||
}
|
||||
|
||||
|
||||
@@ -65,13 +65,13 @@ class KeyControlBlock {
|
||||
// AES-128 crypto key, or HMAC signing key.
|
||||
class Key {
|
||||
public:
|
||||
Key(const Key& key) : value_(key.value_), control_(key.control_),
|
||||
ctr_mode_(key.ctr_mode_) {}
|
||||
Key(const Key& key)
|
||||
: value_(key.value_), control_(key.control_), ctr_mode_(key.ctr_mode_) {}
|
||||
Key(const std::vector<uint8_t>& key_string, const KeyControlBlock& control,
|
||||
bool ctr_mode) : value_(key_string), control_(control),
|
||||
ctr_mode_(ctr_mode) {};
|
||||
bool ctr_mode)
|
||||
: value_(key_string), control_(control), ctr_mode_(ctr_mode){};
|
||||
|
||||
virtual ~Key() {};
|
||||
virtual ~Key(){};
|
||||
void UpdateDuration(const KeyControlBlock& control);
|
||||
const std::vector<uint8_t>& value() const { return value_; }
|
||||
const KeyControlBlock& control() const { return control_; }
|
||||
|
||||
@@ -9,8 +9,8 @@
|
||||
#include <sys/types.h>
|
||||
#include <string>
|
||||
#include "log.h"
|
||||
#include "wvcrc32.h"
|
||||
#include "wv_keybox.h"
|
||||
#include "wvcrc32.h"
|
||||
|
||||
namespace wvoec_mock {
|
||||
|
||||
|
||||
@@ -14,17 +14,13 @@ void SetLoggingSettings(int level, int categories) {
|
||||
AddLoggingForCategories(categories);
|
||||
}
|
||||
|
||||
void TurnOffLoggingForAllCategories() {
|
||||
logging_category_setting = 0;
|
||||
void TurnOffLoggingForAllCategories() { logging_category_setting = 0; }
|
||||
|
||||
void SetLoggingLevel(int level) {
|
||||
wvcdm::g_cutoff = static_cast<wvcdm::LogPriority>(level);
|
||||
}
|
||||
|
||||
void SetLoggingLevel(int level){;
|
||||
wvcdm::g_cutoff = static_cast<wvcdm::LogPriority>(level);
|
||||
}
|
||||
|
||||
void SetLoggingLevel(wvcdm::LogPriority level) {
|
||||
wvcdm::g_cutoff = level;
|
||||
}
|
||||
void SetLoggingLevel(wvcdm::LogPriority level) { wvcdm::g_cutoff = level; }
|
||||
|
||||
void AddLoggingForCategories(int categories) {
|
||||
logging_category_setting |= categories;
|
||||
@@ -35,20 +31,20 @@ void RemoveLoggingForCategories(int categories) {
|
||||
}
|
||||
|
||||
bool LogCategoryEnabled(int categories) {
|
||||
return ( (logging_category_setting & categories) !=0 );
|
||||
return ((logging_category_setting & categories) != 0);
|
||||
}
|
||||
|
||||
void dump_hex_helper(std::string& buffer, std::string name,
|
||||
const uint8_t* vector, size_t length) {
|
||||
const uint8_t* vector, size_t length) {
|
||||
buffer += name + " = ";
|
||||
if (vector == NULL) {
|
||||
buffer +="NULL;\n";
|
||||
buffer += "NULL;\n";
|
||||
LOGE(buffer.c_str());
|
||||
return;
|
||||
}
|
||||
int a, b;
|
||||
char int_to_hexcar[16] = {'0', '1', '2', '3', '4', '5', '6', '7',
|
||||
'8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
|
||||
'8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
|
||||
for (size_t i = 0; i < length; i++) {
|
||||
if (i == 0) {
|
||||
buffer += "\n wvcdm::a2b_hex(\"";
|
||||
@@ -64,7 +60,7 @@ void dump_hex_helper(std::string& buffer, std::string name,
|
||||
}
|
||||
|
||||
void dump_hex(std::string name, const uint8_t* vector, size_t length) {
|
||||
std::string buffer="";
|
||||
std::string buffer = "";
|
||||
dump_hex_helper(buffer, name, vector, length);
|
||||
LOGV(buffer.c_str());
|
||||
}
|
||||
@@ -88,7 +84,7 @@ void dump_array_part_helper(std::string& buffer, std::string array,
|
||||
}
|
||||
buffer += "std::string s";
|
||||
buffer += index_str;
|
||||
buffer+= "_";
|
||||
buffer += "_";
|
||||
dump_hex_helper(buffer, name, vector, length);
|
||||
buffer += array.c_str();
|
||||
buffer += "[";
|
||||
@@ -98,9 +94,9 @@ void dump_array_part_helper(std::string& buffer, std::string array,
|
||||
buffer += "_" + name + ".data());\n";
|
||||
}
|
||||
|
||||
void dump_array_part(std::string array, size_t index,
|
||||
std::string name, const uint8_t* vector, size_t length) {
|
||||
std::string buffer ="";
|
||||
void dump_array_part(std::string array, size_t index, std::string name,
|
||||
const uint8_t* vector, size_t length) {
|
||||
std::string buffer = "";
|
||||
dump_array_part_helper(buffer, array, index, name, vector, length);
|
||||
LOGV(buffer.c_str());
|
||||
}
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -222,18 +222,17 @@ void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) {
|
||||
&signature_[0], signature_.size(),
|
||||
encrypted_license().mac_key_iv,
|
||||
encrypted_license().mac_keys, num_keys_,
|
||||
key_array_, pst_ptr, pst.length(),
|
||||
NULL));
|
||||
key_array_, pst_ptr, pst.length(), NULL));
|
||||
// Update new generated keys.
|
||||
memcpy(&mac_key_server_[0], license_.mac_keys, wvcdm::MAC_KEY_SIZE);
|
||||
memcpy(&mac_key_client_[0], license_.mac_keys + wvcdm::MAC_KEY_SIZE,
|
||||
wvcdm::MAC_KEY_SIZE);
|
||||
} else {
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS,
|
||||
OEMCrypto_LoadKeys(session_id(), message_ptr(), message_size_,
|
||||
&signature_[0], signature_.size(), NULL, NULL,
|
||||
num_keys_, key_array_, pst_ptr, pst.length(),
|
||||
NULL));
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_SUCCESS,
|
||||
OEMCrypto_LoadKeys(session_id(), message_ptr(), message_size_,
|
||||
&signature_[0], signature_.size(), NULL, NULL,
|
||||
num_keys_, key_array_, pst_ptr, pst.length(), NULL));
|
||||
}
|
||||
VerifyTestKeys();
|
||||
}
|
||||
@@ -848,8 +847,8 @@ void Session::GenerateReport(const std::string& pst, bool expect_success,
|
||||
vector<uint8_t> computed_signature(SHA_DIGEST_LENGTH);
|
||||
unsigned int sig_len = SHA_DIGEST_LENGTH;
|
||||
HMAC(EVP_sha1(), &mac_key_client_[0], mac_key_client_.size(),
|
||||
&pst_report_buffer_[SHA_DIGEST_LENGTH],
|
||||
length - SHA_DIGEST_LENGTH, &computed_signature[0], &sig_len);
|
||||
&pst_report_buffer_[SHA_DIGEST_LENGTH], length - SHA_DIGEST_LENGTH,
|
||||
&computed_signature[0], &sig_len);
|
||||
EXPECT_EQ(0, memcmp(&computed_signature[0], pst_report().signature(),
|
||||
SHA_DIGEST_LENGTH));
|
||||
EXPECT_GE(kInactiveUnused, pst_report().status());
|
||||
|
||||
@@ -970,12 +970,12 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) {
|
||||
s.encrypted_license().mac_key_iv +
|
||||
sizeof(s.encrypted_license().mac_key_iv));
|
||||
|
||||
OEMCryptoResult sts = OEMCrypto_LoadKeys(
|
||||
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
|
||||
s.signature().size(),
|
||||
&mac_key_iv[0], // bad.
|
||||
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0,
|
||||
NULL);
|
||||
OEMCryptoResult sts =
|
||||
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
|
||||
&s.signature()[0], s.signature().size(),
|
||||
&mac_key_iv[0], // bad.
|
||||
s.encrypted_license().mac_keys, s.num_keys(),
|
||||
s.key_array(), NULL, 0, NULL);
|
||||
ASSERT_NE(OEMCrypto_SUCCESS, sts);
|
||||
}
|
||||
|
||||
@@ -1143,6 +1143,7 @@ class SessionTestAlternateVerification : public OEMCryptoSessionTests,
|
||||
OEMCryptoSessionTests::SetUp();
|
||||
target_api_ = GetParam();
|
||||
}
|
||||
|
||||
protected:
|
||||
int target_api_;
|
||||
};
|
||||
@@ -1157,7 +1158,7 @@ TEST_P(SessionTestAlternateVerification, LoadKeys) {
|
||||
if (target_api_ > 8 && target_api_ < 100) {
|
||||
snprintf(buffer, 5, "kc%02d", target_api_);
|
||||
}
|
||||
for(int i=0; i < s.num_keys(); i++) {
|
||||
for (int i = 0; i < s.num_keys(); i++) {
|
||||
memcpy(s.license().keys[i].control.verification, buffer, 4);
|
||||
}
|
||||
ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
|
||||
@@ -1224,8 +1225,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeys) {
|
||||
OEMCrypto_SUCCESS,
|
||||
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
|
||||
&s.signature()[0], s.signature().size(), NULL, NULL,
|
||||
kNoKeys, s.key_array(), NULL, 0,
|
||||
NULL));
|
||||
kNoKeys, s.key_array(), NULL, 0, NULL));
|
||||
}
|
||||
|
||||
TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) {
|
||||
@@ -1240,8 +1240,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) {
|
||||
OEMCrypto_SUCCESS,
|
||||
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
|
||||
&s.signature()[0], s.signature().size(), NULL, NULL,
|
||||
kNoKeys, s.key_array(), NULL, 0,
|
||||
NULL));
|
||||
kNoKeys, s.key_array(), NULL, 0, NULL));
|
||||
}
|
||||
|
||||
TEST_F(OEMCryptoSessionTests, QueryKeyControl) {
|
||||
@@ -1305,8 +1304,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
|
||||
&s.signature()[0], s.signature().size(),
|
||||
s.encrypted_license().mac_key_iv,
|
||||
s.encrypted_license().mac_keys, s.num_keys(),
|
||||
s.key_array(), NULL, 0,
|
||||
NULL));
|
||||
s.key_array(), NULL, 0, NULL));
|
||||
if (patch_level < 0x3F) {
|
||||
Session s;
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
@@ -1321,8 +1319,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
|
||||
&s.signature()[0], s.signature().size(),
|
||||
s.encrypted_license().mac_key_iv,
|
||||
s.encrypted_license().mac_keys, s.num_keys(),
|
||||
s.key_array(), NULL, 0,
|
||||
NULL));
|
||||
s.key_array(), NULL, 0, NULL));
|
||||
}
|
||||
if (patch_level > 0) {
|
||||
Session s;
|
||||
@@ -1338,8 +1335,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
|
||||
&s.signature()[0], s.signature().size(),
|
||||
s.encrypted_license().mac_key_iv,
|
||||
s.encrypted_license().mac_keys, s.num_keys(),
|
||||
s.key_array(), NULL, 0,
|
||||
NULL));
|
||||
s.key_array(), NULL, 0, NULL));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4129,10 +4125,11 @@ TEST_F(GenericCryptoTest, KeyDurationEncrypt) {
|
||||
session_.session_id(), &clear_buffer_[0], clear_buffer_.size(),
|
||||
iv_, OEMCrypto_AES_CBC_128_NO_PADDING, &encrypted[0]));
|
||||
ASSERT_NE(encrypted, expected_encrypted);
|
||||
ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED,
|
||||
OEMCrypto_SelectKey(session_.session_id(),
|
||||
session_.license().keys[key_index].key_id,
|
||||
session_.license().keys[key_index].key_id_length));
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_ERROR_KEY_EXPIRED,
|
||||
OEMCrypto_SelectKey(session_.session_id(),
|
||||
session_.license().keys[key_index].key_id,
|
||||
session_.license().keys[key_index].key_id_length));
|
||||
}
|
||||
|
||||
TEST_F(GenericCryptoTest, KeyDurationDecrypt) {
|
||||
@@ -4164,10 +4161,11 @@ TEST_F(GenericCryptoTest, KeyDurationDecrypt) {
|
||||
session_.session_id(), &encrypted[0], encrypted.size(), iv_,
|
||||
OEMCrypto_AES_CBC_128_NO_PADDING, &resultant[0]));
|
||||
ASSERT_NE(clear_buffer_, resultant);
|
||||
ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED,
|
||||
OEMCrypto_SelectKey(session_.session_id(),
|
||||
session_.license().keys[key_index].key_id,
|
||||
session_.license().keys[key_index].key_id_length));
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_ERROR_KEY_EXPIRED,
|
||||
OEMCrypto_SelectKey(session_.session_id(),
|
||||
session_.license().keys[key_index].key_id,
|
||||
session_.license().keys[key_index].key_id_length));
|
||||
}
|
||||
|
||||
TEST_F(GenericCryptoTest, KeyDurationSign) {
|
||||
@@ -4201,10 +4199,11 @@ TEST_F(GenericCryptoTest, KeyDurationSign) {
|
||||
clear_buffer_.size(), OEMCrypto_HMAC_SHA256,
|
||||
&signature[0], &signature_length));
|
||||
ASSERT_NE(expected_signature, signature);
|
||||
ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED,
|
||||
OEMCrypto_SelectKey(session_.session_id(),
|
||||
session_.license().keys[key_index].key_id,
|
||||
session_.license().keys[key_index].key_id_length));
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_ERROR_KEY_EXPIRED,
|
||||
OEMCrypto_SelectKey(session_.session_id(),
|
||||
session_.license().keys[key_index].key_id,
|
||||
session_.license().keys[key_index].key_id_length));
|
||||
}
|
||||
|
||||
TEST_F(GenericCryptoTest, KeyDurationVerify) {
|
||||
@@ -4233,10 +4232,11 @@ TEST_F(GenericCryptoTest, KeyDurationVerify) {
|
||||
OEMCrypto_Generic_Verify(
|
||||
session_.session_id(), &clear_buffer_[0], clear_buffer_.size(),
|
||||
OEMCrypto_HMAC_SHA256, &signature[0], signature.size()));
|
||||
ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED,
|
||||
OEMCrypto_SelectKey(session_.session_id(),
|
||||
session_.license().keys[key_index].key_id,
|
||||
session_.license().keys[key_index].key_id_length));
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_ERROR_KEY_EXPIRED,
|
||||
OEMCrypto_SelectKey(session_.session_id(),
|
||||
session_.license().keys[key_index].key_id,
|
||||
session_.license().keys[key_index].key_id_length));
|
||||
}
|
||||
|
||||
const unsigned int kLongKeyId = 2;
|
||||
@@ -4328,9 +4328,10 @@ class UsageTableTest : public GenericCryptoTest {
|
||||
}
|
||||
|
||||
void DeactivatePST(const std::string& pst) {
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS,
|
||||
OEMCrypto_DeactivateUsageEntry(0,
|
||||
reinterpret_cast<const uint8_t*>(pst.c_str()), pst.length()));
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_SUCCESS,
|
||||
OEMCrypto_DeactivateUsageEntry(
|
||||
0, reinterpret_cast<const uint8_t*>(pst.c_str()), pst.length()));
|
||||
}
|
||||
|
||||
void LoadOfflineLicense(Session& s, const std::string& pst) {
|
||||
@@ -4344,8 +4345,7 @@ class UsageTableTest : public GenericCryptoTest {
|
||||
s.GenerateReport(pst);
|
||||
s.GenerateReport(pst);
|
||||
EXPECT_EQ(kUnused, s.pst_report().status());
|
||||
EXPECT_NEAR(0,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
}
|
||||
@@ -4407,10 +4407,8 @@ TEST_P(UsageTableTestWithMAC, OnlineLicense) {
|
||||
EXPECT_EQ(kActive, s.pst_report().status());
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_first_decrypt(), kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(), kTimeTolerance);
|
||||
ASSERT_NO_FATAL_FAILURE(DeactivatePST(pst));
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateReport(pst));
|
||||
EXPECT_EQ(kInactiveUsed, s.pst_report().status());
|
||||
@@ -4446,15 +4444,12 @@ TEST_P(UsageTableTestWithMAC, OnlineLicenseWithRefresh) {
|
||||
EXPECT_EQ(kActive, s.pst_report().status());
|
||||
// license received at LoadKeys, not at RefreshKeys.
|
||||
EXPECT_NEAR(report_generated - loaded,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_license_received(), kTimeTolerance);
|
||||
// First decrypt was just after LoadKeys.
|
||||
EXPECT_NEAR(report_generated - loaded,
|
||||
s.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_first_decrypt(), kTimeTolerance);
|
||||
// Last decrypt just before report generated.
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(), kTimeTolerance);
|
||||
}
|
||||
|
||||
TEST_F(UsageTableTest, RepeatOnlineLicense) {
|
||||
@@ -4482,8 +4477,7 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) {
|
||||
&s.signature()[0], s.signature().size(),
|
||||
s.encrypted_license().mac_key_iv,
|
||||
s.encrypted_license().mac_keys, s.num_keys(),
|
||||
s.key_array(), pst_ptr, pst.length(),
|
||||
NULL));
|
||||
s.key_array(), pst_ptr, pst.length(), NULL));
|
||||
ASSERT_NO_FATAL_FAILURE(s2.close());
|
||||
}
|
||||
|
||||
@@ -4830,12 +4824,12 @@ TEST_P(UsageTableTestWithMAC, DeleteEntryBadRange) {
|
||||
TEST_P(UsageTableTestWithMAC, DeactivateBadPST) {
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable());
|
||||
std::string pst = "nonexistant pst";
|
||||
OEMCryptoResult sts = OEMCrypto_DeactivateUsageEntry(0,
|
||||
reinterpret_cast<const uint8_t*>(pst.c_str()), pst.length());
|
||||
OEMCryptoResult sts = OEMCrypto_DeactivateUsageEntry(
|
||||
0, reinterpret_cast<const uint8_t*>(pst.c_str()), pst.length());
|
||||
EXPECT_EQ(OEMCrypto_ERROR_INVALID_CONTEXT, sts);
|
||||
std::string null_pst = "";
|
||||
sts = OEMCrypto_DeactivateUsageEntry(0,
|
||||
reinterpret_cast<const uint8_t*>(null_pst.c_str()), null_pst.length());
|
||||
sts = OEMCrypto_DeactivateUsageEntry(
|
||||
0, reinterpret_cast<const uint8_t*>(null_pst.c_str()), null_pst.length());
|
||||
EXPECT_EQ(OEMCrypto_ERROR_INVALID_CONTEXT, sts);
|
||||
}
|
||||
|
||||
@@ -5009,17 +5003,16 @@ TEST_P(UsageTableTestWithMAC, GenericCryptoVerify) {
|
||||
session_.GenerateReport(pst);
|
||||
EXPECT_EQ(kActive, session_.pst_report().status());
|
||||
EXPECT_NEAR(0, session_.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, session_.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, session_.pst_report().seconds_since_last_decrypt(),
|
||||
kTimeTolerance);
|
||||
kTimeTolerance);
|
||||
ASSERT_NO_FATAL_FAILURE(DeactivatePST(pst));
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateReport(pst));
|
||||
EXPECT_EQ(kInactiveUsed, session_.pst_report().status());
|
||||
EXPECT_NEAR(
|
||||
0, session_.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, session_.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
|
||||
sts = OEMCrypto_Generic_Verify(session_.session_id(), &clear_buffer_[0],
|
||||
clear_buffer_.size(), OEMCrypto_HMAC_SHA256,
|
||||
@@ -5057,15 +5050,12 @@ TEST_P(UsageTableTestWithMAC, OfflineLicenseRefresh) {
|
||||
EXPECT_EQ(kActive, s.pst_report().status());
|
||||
// license received at LoadKeys, not at RefreshKeys.
|
||||
EXPECT_NEAR(report_generated - loaded,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_license_received(), kTimeTolerance);
|
||||
// First decrypt was just after LoadKeys.
|
||||
EXPECT_NEAR(report_generated - loaded,
|
||||
s.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_first_decrypt(), kTimeTolerance);
|
||||
// Last decrypt just before report generated.
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(), kTimeTolerance);
|
||||
}
|
||||
|
||||
TEST_P(UsageTableTestWithMAC, ReloadOfflineLicense) {
|
||||
@@ -5082,19 +5072,15 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicense) {
|
||||
s.GenerateReport(pst);
|
||||
s.GenerateReport(pst);
|
||||
EXPECT_EQ(kUnused, s.pst_report().status());
|
||||
EXPECT_NEAR(0,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR());
|
||||
s.GenerateReport(pst);
|
||||
EXPECT_EQ(kActive, s.pst_report().status());
|
||||
EXPECT_NEAR(0,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(),
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_first_decrypt(), kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(), kTimeTolerance);
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
}
|
||||
|
||||
@@ -5113,8 +5099,7 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicenseWithRefresh) {
|
||||
s.GenerateReport(pst);
|
||||
s.GenerateReport(pst);
|
||||
EXPECT_EQ(kUnused, s.pst_report().status());
|
||||
EXPECT_NEAR(0,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR());
|
||||
time_t decrypt_time = time(NULL);
|
||||
@@ -5123,15 +5108,12 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicenseWithRefresh) {
|
||||
EXPECT_EQ(kActive, s.pst_report().status());
|
||||
// license received at first LoadKeys.
|
||||
EXPECT_NEAR(report_generated - loaded,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_license_received(), kTimeTolerance);
|
||||
// First decrypt was just after second LoadKeys.
|
||||
EXPECT_NEAR(report_generated - decrypt_time,
|
||||
s.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_first_decrypt(), kTimeTolerance);
|
||||
EXPECT_NEAR(report_generated - decrypt_time,
|
||||
s.pst_report().seconds_since_last_decrypt(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_last_decrypt(), kTimeTolerance);
|
||||
size_t kAllKeys = 1;
|
||||
ASSERT_NO_FATAL_FAILURE(s.RefreshTestKeys(
|
||||
kAllKeys, wvoec_mock::kControlNonceOrEntry, 0, OEMCrypto_SUCCESS));
|
||||
@@ -5140,15 +5122,12 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicenseWithRefresh) {
|
||||
EXPECT_EQ(kActive, s.pst_report().status());
|
||||
// license received at LoadKeys, not at RefreshKeys.
|
||||
EXPECT_NEAR(report_generated - loaded,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_license_received(), kTimeTolerance);
|
||||
// First decrypt was just after LoadKeys.
|
||||
EXPECT_NEAR(report_generated - decrypt_time,
|
||||
s.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
s.pst_report().seconds_since_first_decrypt(), kTimeTolerance);
|
||||
// Last decrypt just before report generated.
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(),
|
||||
kTimeTolerance);
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_last_decrypt(), kTimeTolerance);
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
}
|
||||
|
||||
@@ -5172,8 +5151,7 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) {
|
||||
&s2.signature()[0], s2.signature().size(),
|
||||
s2.encrypted_license().mac_key_iv,
|
||||
s2.encrypted_license().mac_keys, s.num_keys(),
|
||||
s2.key_array(), pst_ptr, pst.length(),
|
||||
NULL));
|
||||
s2.key_array(), pst_ptr, pst.length(), NULL));
|
||||
ASSERT_NO_FATAL_FAILURE(s2.close());
|
||||
|
||||
// Offline license with same mac keys should still be OK.
|
||||
@@ -5199,8 +5177,7 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) {
|
||||
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
|
||||
s.signature().size(), s.encrypted_license().mac_key_iv,
|
||||
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr,
|
||||
pst.length(),
|
||||
NULL);
|
||||
pst.length(), NULL);
|
||||
ASSERT_NE(OEMCrypto_SUCCESS, sts);
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
}
|
||||
@@ -5240,8 +5217,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) {
|
||||
s.TestDecryptCTR(false, OEMCrypto_ERROR_UNKNOWN_FAILURE));
|
||||
s.GenerateReport(pst);
|
||||
EXPECT_EQ(kInactiveUsed, s.pst_report().status());
|
||||
EXPECT_NEAR(0,
|
||||
s.pst_report().seconds_since_license_received(),
|
||||
EXPECT_NEAR(0, s.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
|
||||
@@ -5256,8 +5232,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) {
|
||||
&s.signature()[0], s.signature().size(),
|
||||
s.encrypted_license().mac_key_iv,
|
||||
s.encrypted_license().mac_keys, s.num_keys(),
|
||||
s.key_array(), pst_ptr, pst.length(),
|
||||
NULL));
|
||||
s.key_array(), pst_ptr, pst.length(), NULL));
|
||||
// But we can still generate a report.
|
||||
Session s3;
|
||||
ASSERT_NO_FATAL_FAILURE(s3.open());
|
||||
@@ -5281,8 +5256,7 @@ TEST_P(UsageTableTestWithMAC, BadRange) {
|
||||
&s.signature()[0], s.signature().size(),
|
||||
s.encrypted_license().mac_key_iv,
|
||||
s.encrypted_license().mac_keys, s.num_keys(),
|
||||
s.key_array(), pst_ptr, pst.length(),
|
||||
NULL));
|
||||
s.key_array(), pst_ptr, pst.length(), NULL));
|
||||
}
|
||||
|
||||
TEST_F(UsageTableTest, TimingTest) {
|
||||
@@ -5356,30 +5330,23 @@ TEST_F(UsageTableTest, TimingTest) {
|
||||
|
||||
EXPECT_EQ(kInactiveUsed, s1.pst_report().status());
|
||||
EXPECT_NEAR(report_generated1 - loaded1,
|
||||
s1.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
s1.pst_report().seconds_since_license_received(), kTimeTolerance);
|
||||
EXPECT_NEAR(report_generated1 - first_decrypt1,
|
||||
s1.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
s1.pst_report().seconds_since_first_decrypt(), kTimeTolerance);
|
||||
EXPECT_NEAR(report_generated1 - second_decrypt,
|
||||
s1.pst_report().seconds_since_last_decrypt(),
|
||||
kTimeTolerance);
|
||||
s1.pst_report().seconds_since_last_decrypt(), kTimeTolerance);
|
||||
|
||||
EXPECT_EQ(kActive, s2.pst_report().status());
|
||||
EXPECT_NEAR(report_generated2 - loaded2,
|
||||
s2.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
s2.pst_report().seconds_since_license_received(), kTimeTolerance);
|
||||
EXPECT_NEAR(report_generated2 - first_decrypt2,
|
||||
s2.pst_report().seconds_since_first_decrypt(),
|
||||
kTimeTolerance);
|
||||
s2.pst_report().seconds_since_first_decrypt(), kTimeTolerance);
|
||||
EXPECT_NEAR(report_generated2 - third_decrypt,
|
||||
s2.pst_report().seconds_since_last_decrypt(),
|
||||
kTimeTolerance);
|
||||
s2.pst_report().seconds_since_last_decrypt(), kTimeTolerance);
|
||||
|
||||
EXPECT_EQ(kUnused, s3.pst_report().status());
|
||||
EXPECT_NEAR(report_generated3 - loaded3,
|
||||
s3.pst_report().seconds_since_license_received(),
|
||||
kTimeTolerance);
|
||||
s3.pst_report().seconds_since_license_received(), kTimeTolerance);
|
||||
// We don't expect first or last decrypt for unused report.
|
||||
}
|
||||
|
||||
@@ -5420,8 +5387,8 @@ TEST_F(UsageTableTest, VerifyUsageTimes) {
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_UpdateUsageTable());
|
||||
s.GenerateReport(pst);
|
||||
EXPECT_EQ(kUnused, s.pst_report().status());
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_license_received(),
|
||||
kIdleInSeconds, kLicenseReceivedTimeTolerance);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_license_received(), kIdleInSeconds,
|
||||
kLicenseReceivedTimeTolerance);
|
||||
cout << "Start simulated playback..." << endl;
|
||||
|
||||
time_t dot_time = kDotIntervalInSeconds;
|
||||
@@ -5445,12 +5412,12 @@ TEST_F(UsageTableTest, VerifyUsageTimes) {
|
||||
s.GenerateReport(pst);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_license_received(),
|
||||
playback_time + kIdleInSeconds, kLicenseReceivedTimeTolerance);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_first_decrypt(),
|
||||
playback_time, kUsageTableTimeTolerance);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_first_decrypt(), playback_time,
|
||||
kUsageTableTimeTolerance);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_last_decrypt(), 0,
|
||||
kUsageTableTimeTolerance);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_first_decrypt() -
|
||||
s.pst_report().seconds_since_last_decrypt(),
|
||||
s.pst_report().seconds_since_last_decrypt(),
|
||||
playback_time, kUsageTableTimeTolerance);
|
||||
|
||||
cout << "Wait another " << kIdleInSeconds
|
||||
@@ -5472,8 +5439,8 @@ TEST_F(UsageTableTest, VerifyUsageTimes) {
|
||||
kLicenseReceivedTimeTolerance);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_first_decrypt(),
|
||||
playback_time + kIdleInSeconds, kUsageTableTimeTolerance);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_last_decrypt(),
|
||||
kIdleInSeconds, kUsageTableTimeTolerance);
|
||||
EXPECT_NEAR(s.pst_report().seconds_since_last_decrypt(), kIdleInSeconds,
|
||||
kUsageTableTimeTolerance);
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(DeactivatePST(pst));
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateReport(pst));
|
||||
@@ -5546,8 +5513,7 @@ TEST_F(UsageTableTest, PSTLargeBuffer) {
|
||||
&s.signature()[0], s.signature().size(),
|
||||
s.encrypted_license().mac_key_iv,
|
||||
s.encrypted_license().mac_keys, s.num_keys(),
|
||||
s.key_array(), pst_ptr, pst.length(),
|
||||
NULL));
|
||||
s.key_array(), pst_ptr, pst.length(), NULL));
|
||||
// But we can still generate a report.
|
||||
Session s3;
|
||||
ASSERT_NO_FATAL_FAILURE(s3.open());
|
||||
|
||||
Reference in New Issue
Block a user