Snap for 6278838 from e7bda1e2de to sc-release
Change-Id: I9c8e3af8b65844ff8dca3b6f347e1bba7404a3e5
This commit is contained in:
android-build-team Robot
@@ -1082,7 +1082,9 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_pst) {
|
||||
// The IV should not be identical to the data right before the encrypted mac
|
||||
// keys. This requirement was added in 15.2, so it frequently fails on
|
||||
// production devices.
|
||||
TEST_F(OEMCryptoLicenseTestAPI15, LoadKeyWithSuspiciousIV) {
|
||||
// This test is being restricted to v16 devices on rvc-dev branch because we
|
||||
// only required v15.1 on Android for Q.
|
||||
TEST_F(OEMCryptoLicenseTestAPI15, LoadKeyWithSuspiciousIVAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -1318,7 +1320,7 @@ TEST_P(OEMCryptoLicenseTestRangeAPI, LoadKeys) {
|
||||
INSTANTIATE_TEST_CASE_P(TestAll, OEMCryptoLicenseTestRangeAPI,
|
||||
Range<uint32_t>(10, kCurrentAPI + 2));
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeysBadSignature) {
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeysBadSignatureAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -1359,7 +1361,9 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyNoKeyWithNonce) {
|
||||
|
||||
// SelectKey should fail if we attempt to select a key that has not been loaded.
|
||||
// Also, the error should be NO_CONTENT_KEY.
|
||||
TEST_P(OEMCryptoLicenseTest, SelectKeyNotThereAPI15) {
|
||||
// This test should pass for v15 devices, except that the exact error code was
|
||||
// not specified until v16.
|
||||
TEST_P(OEMCryptoLicenseTest, SelectKeyNotThereAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -1683,22 +1687,28 @@ class OEMCryptoSessionTestDecryptWithHDCP : public OEMCryptoSessionTests,
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages.EncryptAndSignResponse());
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, license_messages.LoadResponse());
|
||||
|
||||
if (version > maximum) {
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
s.TestDecryptCTR(true, OEMCrypto_ERROR_INSUFFICIENT_HDCP));
|
||||
} else if (version > current) {
|
||||
if (version > current) {
|
||||
if (global_features.api_version >= 16) {
|
||||
// Can provide either OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION or
|
||||
// OEMCrypto_ERROR_INSUFFICIENT_HDCP. TestDecryptCTR allows either to be
|
||||
// reported if OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION is expected.
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
s.TestDecryptCTR(true, OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION));
|
||||
s.TestDecryptCTR(true, OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION))
|
||||
<< "Failed when current HDCP = " << HDCPCapabilityAsString(current)
|
||||
<< ", maximum HDCP = " << HDCPCapabilityAsString(maximum)
|
||||
<< ", license HDCP = " << HDCPCapabilityAsString(version);
|
||||
} else {
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
s.TestDecryptCTR(true, OEMCrypto_ERROR_INSUFFICIENT_HDCP));
|
||||
s.TestDecryptCTR(true, OEMCrypto_ERROR_INSUFFICIENT_HDCP))
|
||||
<< "Failed when current HDCP = " << HDCPCapabilityAsString(current)
|
||||
<< ", maximum HDCP = " << HDCPCapabilityAsString(maximum)
|
||||
<< ", license HDCP = " << HDCPCapabilityAsString(version);
|
||||
}
|
||||
} else {
|
||||
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR(true, OEMCrypto_SUCCESS));
|
||||
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR(true, OEMCrypto_SUCCESS))
|
||||
<< "Failed when current HDCP = " << HDCPCapabilityAsString(current)
|
||||
<< ", maximum HDCP = " << HDCPCapabilityAsString(maximum)
|
||||
<< ", license HDCP = " << HDCPCapabilityAsString(version);
|
||||
}
|
||||
}
|
||||
};
|
||||
@@ -2634,7 +2644,8 @@ TEST_F(OEMCryptoLoadsCertificate, SignProvisioningRequest) {
|
||||
ASSERT_NO_FATAL_FAILURE(provisioning_messages.SignAndVerifyRequest());
|
||||
}
|
||||
|
||||
TEST_F(OEMCryptoLoadsCertificate, SignLargeProvisioningRequest) {
|
||||
// This tests a large message size. The size is larger than we required in v15.
|
||||
TEST_F(OEMCryptoLoadsCertificate, SignLargeProvisioningRequestAPI16) {
|
||||
Session s;
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
if (global_features.provisioning_method == OEMCrypto_OEMCertificate) {
|
||||
@@ -2750,7 +2761,8 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange5Prov30_API16) {
|
||||
|
||||
// Test that RewrapDeviceRSAKey verifies the message signature.
|
||||
// TODO(b/144186970): This test should also run on Prov 3.0 devices.
|
||||
TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadSignatureKeyboxTest) {
|
||||
TEST_F(OEMCryptoLoadsCertificate,
|
||||
CertificateProvisionBadSignatureKeyboxTestAPI16) {
|
||||
Session s;
|
||||
ProvisioningRoundTrip provisioning_messages(&s, encoded_rsa_key_);
|
||||
provisioning_messages.PrepareSession(keybox_);
|
||||
@@ -2792,7 +2804,7 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKey) {
|
||||
|
||||
// Test that RewrapDeviceRSAKey verifies the RSA key is valid.
|
||||
// TODO(b/144186970): This test should also run on Prov 3.0 devices.
|
||||
TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKeyKeyboxTest) {
|
||||
TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKeyKeyboxTestAPI16) {
|
||||
Session s;
|
||||
ProvisioningRoundTrip provisioning_messages(&s, encoded_rsa_key_);
|
||||
provisioning_messages.PrepareSession(keybox_);
|
||||
@@ -5178,6 +5190,32 @@ TEST_P(OEMCryptoUsageTableTest, CreateAndLoadMultipleEntriesAPI16) {
|
||||
OEMCrypto_CreateNewUsageEntry(s2.session_id(), &usage_entry_number));
|
||||
}
|
||||
|
||||
// An entry can be loaded in only one session at a time.
|
||||
TEST_P(OEMCryptoUsageTableTest, LoadEntryInMultipleSessions) {
|
||||
// Entry Count: we start each test with an empty header.
|
||||
LicenseWithUsageEntry entry;
|
||||
entry.license_messages().set_api_version(license_api_version_);
|
||||
Session& s = entry.session();
|
||||
// Make first entry 0.
|
||||
ASSERT_NO_FATAL_FAILURE(entry.MakeOfflineAndClose(this));
|
||||
const uint32_t usage_entry_number = s.usage_entry_number();
|
||||
EXPECT_EQ(usage_entry_number, 0u); // Should be only entry in this test.
|
||||
|
||||
// Load an entry, then try to create a second.
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
// Reload entry 0.
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
|
||||
// Create an entry, then try to load a second.
|
||||
Session s2;
|
||||
ASSERT_NO_FATAL_FAILURE(s2.open());
|
||||
// Try to load entry 0 into session 2.
|
||||
ASSERT_EQ(OEMCrypto_ERROR_INVALID_SESSION,
|
||||
OEMCrypto_LoadUsageEntry(s2.session_id(), usage_entry_number,
|
||||
s.encrypted_usage_entry().data(),
|
||||
s.encrypted_usage_entry().size()));
|
||||
}
|
||||
|
||||
// Test generic encrypt when the license uses a PST.
|
||||
TEST_P(OEMCryptoUsageTableTest, GenericCryptoEncrypt) {
|
||||
LicenseWithUsageEntry entry;
|
||||
|
||||
Reference in New Issue
Block a user