widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Cherry pick cdm udc-widevine-release changes to udc-widevine-dev to be in sync with 18.3 release

Browse Source 
Merged from go/wvgerrit/178231

Bug: 290252845
Test: WVTS tests seem to be running and passing
Change-Id: Ifff9123a73e173e835a6e89ba7c2760e1cd500fd
(cherry picked from commit 6889845d2e7e24f22c00b333335c34259b3fc96e)
This commit is contained in:
Vicky Min
2023-07-12 18:59:13 +00:00
parent 42a5f26c5a
commit bc20b9dac9
460 changed files with 16767 additions and 3215 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
libwvdrmengine/oemcrypto/test/oec_session_util.h
View File

@@ -27,8 +27,6 @@
#include "oemcrypto_types.h"
#include "pst_report.h"
using namespace std;
// GTest requires PrintTo to be in the same namespace as the thing it prints,
// which is std::vector in this case.
namespace std {
@@ -38,13 +36,15 @@ void PrintTo(const vector<uint8_t>& value, ostream* os);
} // namespace std
namespace wvoec {
using namespace std;
// OEMCrypto Fuzzing: Set max signture length to 1mb.
const size_t MB = 1024 * 1024;
// Make sure this is larger than kMaxKeysPerSession.
constexpr size_t kMaxNumKeys = 30;
namespace {
#if defined(TEST_SPEED_MULTIPLIER) // Can slow test time limits when
// debugging is slowing everything.
constexpr int kSpeedMultiplier = TEST_SPEED_MULTIPLIER;
@@ -57,7 +57,6 @@ constexpr uint32_t kDuration = 2 * kSpeedMultiplier;
constexpr uint32_t kLongDuration = 5 * kSpeedMultiplier;
constexpr int32_t kTimeTolerance = 3 * kSpeedMultiplier;
constexpr int64_t kUsageTableTimeTolerance = 10 * kSpeedMultiplier;
} // namespace
// Note: The API does not specify a maximum key id length. We specify a
// maximum just for these tests, so that we have a fixed message size.
@@ -158,7 +157,7 @@ class RoundTrip {
required_request_signature_size_(0),
encrypted_response_length_(0),
response_signature_length_(0) {}
virtual ~RoundTrip() {}
virtual ~RoundTrip() = default;
// Have OEMCrypto sign a request message and then verify the signature and the
// core message.
@@ -369,18 +368,69 @@ class Provisioning40RoundTrip
OEMCrypto_PrivateKeyType drm_key_type_;
};
class Provisioning40CastRoundTrip
: public RoundTrip<
/* CoreRequest */ oemcrypto_core_message::ODK_Provisioning40Request,
OEMCrypto_PrepAndSignProvisioningRequest,
/* CoreResponse */ ODK_ParsedProvisioning,
/* ResponseData */ RSAPrivateKeyMessage> {
public:
Provisioning40CastRoundTrip(Session* session,
const std::vector<uint8_t>& encoded_rsa_key)
: RoundTrip(session), encryptor_(),
encoded_rsa_key_(encoded_rsa_key) {}
void PrepareSession();
void LoadDRMPrivateKey();
void CreateDefaultResponse() override;
void SignResponse();
void EncryptAndSignResponse() override;
OEMCryptoResult LoadResponse() override { return LoadResponse(session_); }
OEMCryptoResult LoadResponse(Session* session) override;
OEMCryptoResult LoadResponseNoRetry(Session* session, size_t* wrapped_key_length) ;
// Returned
const std::vector<uint8_t>& wrapped_drm_key() { return wrapped_drm_key_; }
const std::vector<uint8_t>& wrapped_rsa_key() { return wrapped_rsa_key_; }
const std::vector<uint8_t>& drm_public_key() { return drm_public_key_; }
OEMCrypto_PrivateKeyType drm_key_type() { return drm_key_type_; }
void set_allowed_schemes(uint32_t allowed_schemes) {
allowed_schemes_ = allowed_schemes;
}
protected:
bool RequestHasNonce() override { return true; }
void VerifyRequestSignature(const vector<uint8_t>& data,
const vector<uint8_t>& generated_signature,
size_t core_message_length) override;
// Verify the values of the core response.
virtual void FillAndVerifyCoreRequest(
const std::string& core_message_string) override;
uint32_t allowed_schemes_;
Encryptor encryptor_;
std::vector<uint8_t> wrapped_oem_key_;
std::vector<uint8_t> oem_public_key_;
OEMCrypto_PrivateKeyType oem_key_type_;
std::vector<uint8_t> wrapped_drm_key_;
std::vector<uint8_t> drm_public_key_;
OEMCrypto_PrivateKeyType drm_key_type_;
std::vector<uint8_t> encoded_rsa_key_;
std::vector<uint8_t> wrapped_rsa_key_;
};
class LicenseRoundTrip
: public RoundTrip<
/* CoreRequest */ oemcrypto_core_message::ODK_LicenseRequest,
OEMCrypto_PrepAndSignLicenseRequest,
/* CoreResponse */ ODK_ParsedLicense,
/* CoreResponse */ ODK_Packing_ParsedLicense,
/* ResponseData */ MessageData> {
public:
LicenseRoundTrip(Session* session)
: RoundTrip(session),
control_(wvoec::kControlNonceEnabled),
num_keys_(4),
pst_(""),
pst_(),
minimum_srm_version_(0),
update_mac_keys_(true),
api_version_(kCurrentAPI),
@@ -399,7 +449,7 @@ class LicenseRoundTrip
void InjectFuzzedResponseData(const uint8_t* data, size_t size);
// Used for OEMCrypto Fuzzing: Convert boolean flags in parsed_license to
// valid bytes to avoid errors from msan.
void ConvertDataToValidBools(ODK_ParsedLicense* t);
void ConvertDataToValidBools(ODK_Packing_ParsedLicense* t);
// Create a license with four keys. Each key is responsible for one of generic
// encrypt (key 0), decrypt (key 1), sign (key 2) and verify (key 3). Each key
// is allowed only one type of operation.
@@ -494,6 +544,9 @@ class LicenseRoundTrip
// CreateDefaultResponse.
OEMCrypto_LicenseType license_type_;
uint8_t request_hash_[ODK_SHA256_HASH_SIZE];
// Used to hold and add/update key information to be transferred into the core
// response later on.
std::vector<OEMCrypto_KeyObject> key_array_;
};
class RenewalRoundTrip
@@ -516,7 +569,7 @@ class RenewalRoundTrip
void EncryptAndSignResponse() override;
void InjectFuzzedResponseData(OEMCrypto_Renewal_Response_Fuzz& fuzzed_data,
const uint8_t* renewal_response,
const size_t renewal_response_size);
size_t renewal_response_size);
OEMCryptoResult LoadResponse() override { return LoadResponse(session_); }
OEMCryptoResult LoadResponse(Session* session) override;
uint64_t renewal_duration_seconds() const {
@@ -849,6 +902,7 @@ OEMCryptoResult GetKeyHandleIntoVector(OEMCrypto_SESSION session,
size_t key_id_length,
OEMCryptoCipherMode cipher_mode,
vector<uint8_t>& key_handle);
} // namespace wvoec
#endif // CDM_OEC_SESSION_UTIL_H_