widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Unit Tests for Security Patch Level

Browse Source 
Merge of widevine change http://go/wvgerrit/16249

This CL adds unit tests and reference code for the security patch
level, which is a new feature in OEMCrypto v11.  This CL also adjusts
the dynamic and static adapters to still run with devices that have a
v10 OEMCrypto.

The level 3 haystack code will be updated in a future CL.

bug: 26188985

Change-Id: I518ef46b4098cf3718fe0c0390bfb6825db4fb6b
This commit is contained in:
Fred Gylys-Colwell
2015-12-16 13:27:36 -08:00
parent 17faabee44
commit ce6d392041
13 changed files with 134 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
View File

@@ -62,7 +62,7 @@ typedef OEMCryptoResult (*L1_LoadKeys_t)(
const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
const OEMCrypto_KeyObject* key_array, const uint8_t* pst,
size_t pst_length);
typedef OEMCryptoResult (*L1_LoadKeys_V10_t)(
typedef OEMCryptoResult (*L1_LoadKeys_V9_or_V10_t)(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,
const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
@@ -72,7 +72,7 @@ typedef OEMCryptoResult (*L1_LoadKeys_V8_t)(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length,
const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
const OEMCrypto_KeyObject* key_array);
const OEMCrypto_KeyObject_V10* key_array);
typedef OEMCryptoResult (*L1_RefreshKeys_t)(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length, size_t num_keys,
@@ -91,7 +91,7 @@ typedef OEMCryptoResult (*L1_DecryptCENC_t)(
OEMCrypto_SESSION session, const uint8_t* data_addr, size_t data_length,
bool is_encrypted, const uint8_t* iv, size_t offset,
const OEMCrypto_DestBufferDesc* out_buffer,
const OEMCrypto_PatternDesc* pattern, uint8_t subsample_flags);
const OEMCrypto_CENCEncryptPatternDesc* pattern, uint8_t subsample_flags);
typedef OEMCryptoResult (*L1_CopyBuffer_t)(const uint8_t* data_addr,
size_t data_length,
OEMCrypto_DestBufferDesc* out_buffer,
@@ -229,7 +229,7 @@ struct FunctionPointers {
L1_LoadKeys_V8_t LoadKeys_V8;
L1_GenerateRSASignature_V8_t GenerateRSASignature_V8;
L1_GetHDCPCapability_V9_t GetHDCPCapability_V9;
L1_LoadKeys_V10_t LoadKeys_V10;
L1_LoadKeys_V9_or_V10_t LoadKeys_V9_or_V10;
};
struct LevelSession {
@@ -338,7 +338,6 @@ class Adapter {
LOOKUP(LoadKeys_V8, OEMCrypto_LoadKeys_V8);
LOOKUP(GenerateRSASignature_V8, OEMCrypto_GenerateRSASignature_V8);
} else {
LOOKUP(LoadKeys, OEMCrypto_LoadKeys);
LOOKUP(GenerateRSASignature, OEMCrypto_GenerateRSASignature);
LOOKUP(SupportsUsageTable, OEMCrypto_SupportsUsageTable);
LOOKUP(UpdateUsageTable, OEMCrypto_UpdateUsageTable);
@@ -347,6 +346,7 @@ class Adapter {
LOOKUP(DeleteUsageEntry, OEMCrypto_DeleteUsageEntry);
LOOKUP(DeleteUsageTable, OEMCrypto_DeleteUsageTable);
if (level1_.version == 9) {
LOOKUP(LoadKeys_V9_or_V10, OEMCrypto_LoadKeys_V9_or_V10);
LOOKUP(GetHDCPCapability_V9, OEMCrypto_GetHDCPCapability_V9);
} else {
LOOKUP(LoadTestKeybox, OEMCrypto_LoadTestKeybox);
@@ -359,9 +359,9 @@ class Adapter {
LOOKUP(GetMaxNumberOfSessions, OEMCrypto_GetMaxNumberOfSessions);
LOOKUP(ForceDeleteUsageEntry, OEMCrypto_ForceDeleteUsageEntry);
if (level1_.version == 10) {
LOOKUP(LoadKeys_V10, OEMCrypto_LoadKeys_V10);
LOOKUP(DecryptCTR_V10, OEMCrypto_DecryptCTR_V10);
} else {
LOOKUP(LoadKeys_V9_or_V10, OEMCrypto_LoadKeys_V9_or_V10);
LOOKUP(DecryptCTR_V10, OEMCrypto_DecryptCTR_V10);
} else { // version 11.
LOOKUP(LoadKeys, OEMCrypto_LoadKeys);
LOOKUP(DecryptCENC, OEMCrypto_DecryptCENC);
LOOKUP(SecurityPatchLevel, OEMCrypto_Security_Patch_Level);
@@ -420,7 +420,7 @@ class Adapter {
level3_.GenerateDerivedKeys = Level3_GenerateDerivedKeys;
level3_.GenerateNonce = Level3_GenerateNonce;
level3_.GenerateSignature = Level3_GenerateSignature;
level3_.LoadKeys_V10 = Level3_LoadKeys;
level3_.LoadKeys_V9_or_V10 = Level3_LoadKeys;
level3_.RefreshKeys = Level3_RefreshKeys;
level3_.QueryKeyControl = Level3_QueryKeyControl;
level3_.SelectKey = Level3_SelectKey;
@@ -609,7 +609,7 @@ uint8_t OEMCrypto_Security_Patch_Level(SecurityLevel level) {
if (!kAdapter) return 0;
const FunctionPointers* fcn = kAdapter->get(level);
if (!fcn) return 0;
if (fcn->version < 10) return 0;
if (fcn->version < 11) return 0;
return fcn->SecurityPatchLevel();
}
@@ -742,13 +742,9 @@ extern "C" OEMCryptoResult OEMCrypto_LoadKeys(
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
if (pair.fcn->version == 8) {
return pair.fcn->LoadKeys_V8(pair.session, message, message_length,
signature, signature_length, enc_mac_key_iv,
enc_mac_key, num_keys, key_array);
} else if (pair.fcn->version < 11) {
if (pair.fcn->version < 11) {
std::vector<OEMCrypto_KeyObject_V10> key_array_v10(num_keys);
for(int i=0; i< num_keys; i++) {
for(size_t i=0; i < num_keys; i++) {
key_array_v10[i].key_id = key_array[i].key_id;
key_array_v10[i].key_id_length = key_array[i].key_id_length;
key_array_v10[i].key_data_iv = key_array[i].key_data_iv;
@@ -761,10 +757,17 @@ extern "C" OEMCryptoResult OEMCrypto_LoadKeys(
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
}
return pair.fcn->LoadKeys_V10(pair.session, message, message_length,
signature,
signature_length, enc_mac_key_iv, enc_mac_key,
num_keys, &key_array_v10[0], pst, pst_length);
if (pair.fcn->version == 8) {
return pair.fcn->LoadKeys_V8(pair.session, message, message_length,
signature, signature_length, enc_mac_key_iv,
enc_mac_key, num_keys, &key_array_v10[0]);
} else {
return pair.fcn->LoadKeys_V9_or_V10(pair.session, message, message_length,
signature, signature_length,
enc_mac_key_iv, enc_mac_key,
num_keys, &key_array_v10[0],
pst, pst_length);
}
} else {
return pair.fcn->LoadKeys(pair.session, message, message_length, signature,
signature_length, enc_mac_key_iv, enc_mac_key,
@@ -806,7 +809,8 @@ extern "C" OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session,
extern "C" OEMCryptoResult OEMCrypto_DecryptCENC(
OEMCrypto_SESSION session, const uint8_t* data_addr, size_t data_length,
bool is_encrypted, const uint8_t* iv, size_t offset,
OEMCrypto_DestBufferDesc* out_buffer, const OEMCrypto_PatternDesc* pattern,
OEMCrypto_DestBufferDesc* out_buffer,
const OEMCrypto_CENCEncryptPatternDesc* pattern,
uint8_t subsample_flags) {
if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
LevelSession pair = kAdapter->get(session);
@@ -944,6 +948,10 @@ extern "C" uint32_t OEMCrypto_APIVersion() {
return OEMCrypto_APIVersion(kLevelDefault);
}
extern "C" uint8_t OEMCrypto_Security_Patch_Level() {
return OEMCrypto_Security_Patch_Level(kLevelDefault);
}
extern "C" const char* OEMCrypto_SecurityLevel() {
return OEMCrypto_SecurityLevel(kLevelDefault);
}