From 8138df1c86437ce6cff4f55fdb891a53a055fde8 Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Fri, 19 May 2017 15:56:11 -0700 Subject: [PATCH] Use mac keys from usage entry if keys are not loaded Merge from Widevine repo of http://go/wvgerrit/27461 In order to sign a license release message, the mac keys from the usage entry should be used whenever keys have not been loaded. This CL updates the reference code, the unit tests, and the level 3 oemcrypto. b/38203566 Test: unit tests passing on bullhead. Change-Id: Ic71fee4b4b7b45801548ab80fbbbf8f4ccab3e6e --- .../oemcrypto/mock/src/oemcrypto_session.cpp | 13 +++++++++---- .../oemcrypto/mock/src/oemcrypto_usage_table_mock.h | 2 ++ libwvdrmengine/oemcrypto/test/oec_session_util.cpp | 3 +++ libwvdrmengine/oemcrypto/test/oec_session_util.h | 3 ++- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp index e409c0f0..c392e19f 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp @@ -192,9 +192,14 @@ bool SessionContext::GenerateSignature(const uint8_t* message, return false; } - if (mac_key_client_.empty() || - mac_key_client_.size() != wvcdm::MAC_KEY_SIZE) { - LOGE("[GenerateSignature(): No MAC Key]"); + const uint8_t *mac_key = NULL; + if (mac_key_client_.size() == wvcdm::MAC_KEY_SIZE) { + // If we have a mac key, use it. + mac_key = &mac_key_client_[0]; + } else if (usage_entry_status_ == kUsageEntryLoaded) { + // If not, but we have a usage entry, use its key. + mac_key = usage_entry_->mac_key_client(); + } else { return false; } @@ -204,7 +209,7 @@ bool SessionContext::GenerateSignature(const uint8_t* message, } unsigned int md_len = *signature_length; - if (HMAC(EVP_sha256(), &mac_key_client_[0], mac_key_client_.size(), message, + if (HMAC(EVP_sha256(), mac_key, wvcdm::MAC_KEY_SIZE, message, message_length, signature, &md_len)) { *signature_length = md_len; return true; diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_usage_table_mock.h b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_usage_table_mock.h index 0afc00c9..4ec70bec 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_usage_table_mock.h +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_usage_table_mock.h @@ -69,6 +69,8 @@ class UsageTableEntry { void set_index(int32_t index) { data_.index = index; } uint32_t index() { return data_.index; } static size_t SignedEntrySize(); + const uint8_t* mac_key_server() { return data_.mac_key_server; } + const uint8_t* mac_key_client() { return data_.mac_key_client; } private: UsageTable* usage_table_; // Owner of this object. diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp index 581c1564..927d6a80 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp @@ -927,6 +927,9 @@ void Session::GenerateReport(const std::string& pst, EXPECT_GE(kHardwareSecureClock, pst_report().clock_security_level()); EXPECT_EQ(pst.length(), pst_report().pst_length()); EXPECT_EQ(0, memcmp(pst.c_str(), pst_report().pst(), pst.length())); + // Also, we the session to be able to sign the release message with the + // correct mac keys from the usage table entry. + ASSERT_NO_FATAL_FAILURE(VerifyClientSignature()); } void Session::VerifyPST(const Test_PST_Report& expected) { diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.h b/libwvdrmengine/oemcrypto/test/oec_session_util.h index 578e5e85..e7c992e7 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.h +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.h @@ -293,7 +293,8 @@ class Session { wvcdm::Unpacked_PST_Report pst_report() { return wvcdm::Unpacked_PST_Report(&pst_report_buffer_[0]); } - // Verify the PST report. + // Verify the values in the PST report. The signature should have been + // verified in GenerateReport, above. void VerifyPST(const Test_PST_Report& report); // Generate and Verify the Usage Report. If any time is greater than 10 // minutes, it is assumed to be an absolute time, and time_since will be