Update LoadTestKeybox

Merge from Widevine repo of http://go/wvgerrit/41662

This CL updates oemcrypto unit tests to use the new test keybox.

bug: 69552641 Update OEMCrypto_LoadTestKeybox

test: Unit tests compile and run -- many tests won't pass until merged
with vendor code

Change-Id: I73bdca3958b2c985d4c61801aa95807a2e6d4299

libwvdrmengine/oemcrypto/test/oec_session_util.cpp

@@ -7,6 +7,8 @@
 
 #include <arpa/inet.h>  // needed for ntoh()
 #include <openssl/aes.h>
+#include <openssl/bio.h>
+#include <openssl/cmac.h>
 #include <openssl/err.h>
 #include <openssl/hmac.h>
 #include <openssl/pem.h>
@@ -172,7 +174,53 @@ void Session::FillDefaultContext(vector<uint8_t>* mac_context,
       "180120002a0c31383836373837343035000000000080");
 }
 
-void Session::GenerateDerivedKeysFromKeybox() {
+void Session::DeriveKey(const uint8_t* key, const vector<uint8_t>& context,
+                        int counter, vector<uint8_t>* out) {
+  ASSERT_FALSE(context.empty());
+  ASSERT_GE(4, counter);
+  ASSERT_NE(static_cast<void*>(NULL), out);
+
+  const EVP_CIPHER* cipher = EVP_aes_128_cbc();
+  CMAC_CTX* cmac_ctx = CMAC_CTX_new();
+  ASSERT_NE(static_cast<void*>(NULL), cmac_ctx);
+
+  ASSERT_EQ(1, CMAC_Init(cmac_ctx, key, wvcdm::KEY_SIZE, cipher, 0));
+
+  std::vector<uint8_t> message;
+  message.push_back(counter);
+  message.insert(message.end(), context.begin(), context.end());
+
+  ASSERT_EQ(1, CMAC_Update(cmac_ctx, &message[0], message.size()));
+
+  size_t reslen;
+  uint8_t res[128];
+  ASSERT_EQ(1, CMAC_Final(cmac_ctx, res, &reslen));
+
+  out->assign(res, res + reslen);
+  CMAC_CTX_free(cmac_ctx);
+}
+
+void Session::DeriveKeys(const uint8_t* master_key,
+                         const vector<uint8_t>& mac_key_context,
+                         const vector<uint8_t>& enc_key_context) {
+  // Generate derived key for mac key
+  std::vector<uint8_t> mac_key_part2;
+  DeriveKey(master_key, mac_key_context, 1, &mac_key_server_);
+  DeriveKey(master_key, mac_key_context, 2, &mac_key_part2);
+  mac_key_server_.insert(mac_key_server_.end(), mac_key_part2.begin(),
+                         mac_key_part2.end());
+
+  DeriveKey(master_key, mac_key_context, 3, &mac_key_client_);
+  DeriveKey(master_key, mac_key_context, 4, &mac_key_part2);
+  mac_key_client_.insert(mac_key_client_.end(), mac_key_part2.begin(),
+                         mac_key_part2.end());
+
+  // Generate derived key for encryption key
+  DeriveKey(master_key, enc_key_context, 1, &enc_key_);
+}
+
+void Session::GenerateDerivedKeysFromKeybox(
+    const wvoec_mock::WidevineKeybox& keybox) {
   GenerateNonce();
   vector<uint8_t> mac_context;
   vector<uint8_t> enc_context;
@@ -182,13 +230,7 @@ void Session::GenerateDerivedKeysFromKeybox() {
                                           mac_context.size(), &enc_context[0],
                                           enc_context.size()));
 
-  // Expected MAC and ENC keys generated from context strings
-  // with test keybox "installed".
-  mac_key_server_ = wvcdm::a2b_hex(
-      "3CFD60254786AF350B353B4FBB700AB382558400356866BA16C256BCD8C502BF");
-  mac_key_client_ = wvcdm::a2b_hex(
-      "A9DE7B3E4E199ED8D1FBC29CD6B4C772CC4538C8B0D3E208B3E76F2EC0FD6F47");
-  enc_key_ = wvcdm::a2b_hex("D0BFC35DA9E33436E81C4229E78CB9F4");
+  DeriveKeys(keybox.device_key_, mac_context, enc_context);
 }
 
 void Session::GenerateDerivedKeysFromSessionKey() {
@@ -207,13 +249,7 @@ void Session::GenerateDerivedKeysFromSessionKey() {
                 &mac_context[0], mac_context.size(), &enc_context[0],
                 enc_context.size()));
 
-  // Expected MAC and ENC keys generated from context strings
-  // with RSA certificate "installed".
-  mac_key_server_ = wvcdm::a2b_hex(
-      "1E451E59CB663DA1646194DD28880788ED8ED2EFF913CBD6A0D535D1D5A90381");
-  mac_key_client_ = wvcdm::a2b_hex(
-      "F9AAE74690909F2207B53B13307FCA096CA8C49CC6DFE3659873CB952889A74B");
-  enc_key_ = wvcdm::a2b_hex("CB477D09014D72C9B8DCE76C33EA43B3");
+  DeriveKeys(&session_key[0], mac_context, enc_context);
 }
 
 void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) {