widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Unit tests for forbidden RSA key usage

Browse Source 
[ Partial merge of http://go/wvgerrit/188279 ]

This CL adds unit tests to verify that the following
forbidden uses of an RSA private key do not work:

- ForbidPrepAndSign -- A cast cert key cannot sign a license
  request.
- ForbidUseAsDRMCert -- A cast cert cannot be used with the
  DRM cert's padding scheme and it cannot be used to derive
  keys from a session key.
- *ForbidRSASignatureForDRMKey* -- A DRM cert key cannot be
  used with GenerateRSASignature.
- *OEMCertForbidGenerateRSASignature* -- An OEM cert key
  cannot be used with GenerateRSASignature.

Bug: 251875110
Test: WVTS
Change-Id: I55b1eb04465023352edea55ba4ef532d1cd07231
This commit is contained in:
Rahul Frias
2024-03-20 23:49:49 -07:00
parent b3157f2328
commit a798692e4e
1 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
libwvdrmengine/oemcrypto/test/oemcrypto_cast_test.cpp
View File

@@ -11,7 +11,7 @@ using ::testing::Range;
namespace wvoec {
/// @addtogroup generic
/// @addtogroup cast
/// @{
/** If a device can load a private key with the alternate padding schemes, it
@@ -82,10 +82,7 @@ TEST_F(OEMCryptoLoadsCertificateAlternates, ForbidPrepAndSign) {
OEMCryptoResult result = OEMCrypto_PrepAndSignLicenseRequest(
s.session_id(), message.data(), message.size(), &core_message_length,
signature.data(), &signature_length);
// TODO: remove OEMCrypto_ERROR_INVALID_RSA_KEY once OEMCrypto v16 is not
// supported anymore. This error code has been deprecated since v17.
ASSERT_TRUE(result == OEMCrypto_ERROR_INVALID_KEY ||
result == OEMCrypto_ERROR_INVALID_RSA_KEY);
ASSERT_EQ(OEMCrypto_ERROR_INVALID_KEY, result);
const vector<uint8_t> zero(signature.size(), 0);
ASSERT_EQ(signature, zero); // Signature should not have been computed.
}