Updated OEMCrypto tests to use DRM key objects.

[ Merge of http://go/wvgerrit/147275 ] Swapped out use of OpenSSL/BoringSSL RSA and EC_KEY to use OEMCrypto reference utility classes RsaPublicKey/EccPublicKey. This enables further test development with ECC keys, and removes duplicate OpenSSL/ BoringSSL code. For Android makefiles, only the minimally required files have been added. Bug: 205902021 Bug: 236317198 Test: run_prov30_test run_prov40_test oemcrypto_test Change-Id: I64491018e8ffb69bf986083e3aae446eb9e5cf39
2022-06-16 19:56:56 -07:00
parent 2a371dce54
commit bfa2d782bd
7 changed files with 252 additions and 314 deletions
--- a/libwvdrmengine/oemcrypto/test/oec_session_util.h
+++ b/libwvdrmengine/oemcrypto/test/oec_session_util.h
@@ -8,8 +8,6 @@
 // OEMCrypto unit tests
 //
 #include <gtest/gtest.h>
-#include <openssl/ec.h>
-#include <openssl/rsa.h>
 #include <time.h>

 #include <string>
@@ -20,7 +18,9 @@
 #include "odk.h"
 #include "oec_device_features.h"
 #include "oec_key_deriver.h"
+#include "oemcrypto_ecc_key.h"
 #include "oemcrypto_fuzz_structs.h"
+#include "oemcrypto_rsa_key.h"
 #include "oemcrypto_types.h"
 #include "pst_report.h"

@@ -558,38 +558,65 @@ class Session {
  void RewrapRSAKey(const struct RSAPrivateKeyMessage& encrypted,
                    size_t message_size, const std::vector<uint8_t>& signature,
                    vector<uint8_t>* wrapped_key, bool force);
-  // Loads the specified RSA public key into public_rsa_.  If rsa_key is null,
-  // the default test key is loaded.
-  void PreparePublicKey(const uint8_t* rsa_key = nullptr,
-                        size_t rsa_key_length = 0);
+  // Loads the default test RSA public key into public_rsa_.
+  void SetTestRsaPublicKey();
+  // Loads the specified DRM public key into the appropriate key.
+  // The provided key is serialized as an ASN.1 DER encoded PrivateKeyInfo.
+  void SetPublicKeyFromPrivateKeyInfo(OEMCrypto_PrivateKeyType key_type,
+                                      const uint8_t* buffer, size_t length);
  // Loads the specified RSA public key into public_rsa_.
-  void SetRsaPublicKey(const uint8_t* buffer, size_t length);
+  // The provided key is serialized as an ASN.1 DER encoded PrivateKeyInfo.
+  void SetRsaPublicKeyFromPrivateKeyInfo(const uint8_t* buffer, size_t length);
  // Loads the specified EC public key into public_ec_.
-  void SetEcPublicKey(const uint8_t* buffer, size_t length);
+  // The provided key is serialized as an ASN.1 DER encoded PrivateKeyInfo.
+  void SetEccPublicKeyFromPrivateKeyInfo(const uint8_t* buffer, size_t length);
+
+  // Loads the specified DRM public key into the appropriate key.
+  // The provided key is serialized as an ASN.1 DER encoded SubjectPublicKey.
+  void SetPublicKeyFromSubjectPublicKey(OEMCrypto_PrivateKeyType key_type,
+                                        const uint8_t* buffer, size_t length);
+  // Loads the specified RSA public key into public_rsa_.
+  // The provided key is serialized as an ASN.1 DER encoded SubjectPublicKey.
+  void SetRsaPublicKeyFromSubjectPublicKey(const uint8_t* buffer,
+                                           size_t length);
+  // Loads the specified EC public key into public_ec_.
+  // The provided key is serialized as an ASN.1 DER encoded SubjectPublicKey.
+  void SetEccPublicKeyFromSubjectPublicKey(const uint8_t* buffer,
+                                           size_t length);

-  // Verifies the given signature is from the given message and RSA key, pkey.
-  static bool VerifyPSSSignature(EVP_PKEY* pkey, const uint8_t* message,
-                                 size_t message_length,
-                                 const uint8_t* signature,
-                                 size_t signature_length);
  // Verify that the message was signed by the private key associated with
  // |public_rsa_| using the specified padding scheme.
-  void VerifyRSASignature(const vector<uint8_t>& message,
+  void VerifyRsaSignature(const vector<uint8_t>& message,
                          const uint8_t* signature, size_t signature_length,
                          RSA_Padding_Scheme padding_scheme);
+  // Verify that the message was signed by the private key associated with
+  // |public_ecc_| using Widevine ECDSA.
+  void VerifyEccSignature(const vector<uint8_t>& message,
+                          const uint8_t* signature, size_t signature_length);
  // Encrypts a known session key with public_rsa_ for use in future calls to
  // OEMCrypto_DeriveKeysFromSessionKey or OEMCrypto_RewrapDeviceRSAKey30.
  // The unencrypted session key is stored in session_key.
-  bool GenerateRSASessionKey(vector<uint8_t>* session_key,
+  bool GenerateRsaSessionKey(vector<uint8_t>* session_key,
                             vector<uint8_t>* enc_session_key);
+  // Derives a session key with public_ec_ and a ephemeral "server" ECC key
+  // for use in future calls to OEMCrypto_DeriveKeysFromSessionKey.
+  // The unencrypted session key is stored in session_key.
+  bool GenerateEccSessionKey(vector<uint8_t>* session_key,
+                             vector<uint8_t>* ecdh_public_key_data);
+
  // Calls OEMCrypto_RewrapDeviceRSAKey30 with the given provisioning response
  // message. If force is true, we assert that the key loads successfully.
  void RewrapRSAKey30(const struct RSAPrivateKeyMessage& encrypted,
                      const std::vector<uint8_t>& encrypted_message_key,
                      vector<uint8_t>* wrapped_key, bool force);
-  // Loads the specified wrapped_rsa_key into OEMCrypto, and then runs
-  // GenerateDerivedKeysFromSessionKey to install known encryption and mac keys.
-  void InstallRSASessionTestKey(const vector<uint8_t>& wrapped_rsa_key);
+
+  void LoadWrappedDrmKey(OEMCrypto_PrivateKeyType key_type,
+                         const vector<uint8_t>& wrapped_drm_key);
+  // Loads the specified wrapped_rsa_key into OEMCrypto.
+  void LoadWrappedRsaDrmKey(const vector<uint8_t>& wrapped_rsa_key);
+  // Loads the specified wrapped_ecc_key into OEMCrypto.
+  void LoadWrappedEccDrmKey(const vector<uint8_t>& wrapped_ecc_key);
+
  // Creates a new usage entry, and keeps track of the index.
  // If status is null, we expect success, otherwise status is set to the
  // return value.
@@ -663,21 +690,21 @@ class Session {
                         OEMCryptoResult actual_select_result,
                         OEMCryptoResult actual_decryt_result);

-  bool open_;
-  bool forced_session_id_;
-  OEMCrypto_SESSION session_id_;
+  bool open_ = false;
+  bool forced_session_id_ = false;
+  OEMCrypto_SESSION session_id_ = 0;
  KeyDeriver key_deriver_;
-  uint32_t nonce_;
+  uint32_t nonce_ = 0;
  // Only one of RSA or EC should be set.
-  RSA* public_rsa_ = nullptr;
-  EC_KEY* public_ec_ = nullptr;
+  std::unique_ptr<util::RsaPublicKey> public_rsa_;
+  std::unique_ptr<util::EccPublicKey> public_ec_;
  vector<uint8_t> pst_report_buffer_;
  MessageData license_ = {};

  vector<uint8_t> encrypted_usage_entry_;
-  uint32_t usage_entry_number_;
+  uint32_t usage_entry_number_ = 0;
  string pst_;
-};
+};  // class Session

 // Used for OEMCrypto Fuzzing: Convert byte to a valid boolean to avoid errors
 // generated by msan.