widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Validate decryption with entitled keys in OEC tests

Browse Source 
(This change is merged from http://go/wvgerrit/124825)

The OEMCrypto tests have tests that verify that entitled keys can be
loaded but not that they can be successfully used for decrypt. This
patch adds a decrypt portion to the existing tests.

As part of this, the existing Session::EncryptCTR() method and portions
of Session::TestDecryptCTR() are lifted to be static functions so they
can be shared across unrelated classes in oec_session_util.cpp.
EncryptCTR() had no dependence on its enclosing class and is unchanged
other than being moved outside the class.

To reduce ambiguity with the new decrypt verification, this patch also
renames EntitledMessage::VerifyEntitlementTestKeys() to the
more-specific EntitledMessage::VerifyKCBs(). Its behavior is unchanged.

Bug: 186782279
Test: x86-64 platform
Test: opk_ta platform
Test: build_and_run_all_unit_tests
Change-Id: I15156882907b0987215087aaf43b4666fedc171a
This commit is contained in:
John W. Bruce
2021-05-11 12:52:24 -07:00
parent ed17d09c1b
commit d742daf9c7
2 changed files with 96 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libwvdrmengine/oemcrypto/test/oec_session_util.h
View File

@@ -476,8 +476,6 @@ class EntitledMessage {
void set_num_keys(uint32_t num_keys) { num_keys_ = num_keys; }
uint32_t num_keys() const { return num_keys_; }
void SetEntitlementKeyId(unsigned int index, const std::string& key_id);
// Verify that key control blocks of the loaded keys.
void VerifyEntitlementTestKeys();
OEMCrypto_EntitledContentKeyObject* entitled_key_array();
// Returns entitled_key_data_ which is used as input message buffer to
// load entitled content keys API.
@@ -487,6 +485,11 @@ class EntitledMessage {
private:
// Find the offset of the give pointer, relative to |entitled_key_data_|.
OEMCrypto_Substring FindSubstring(const void* ptr, size_t size);
// Verify that key control blocks of the loaded keys matches their entitlement
// key.
void VerifyKCBs();
// Verify that decryption with the entitled keys works.
void VerifyDecrypt();
LicenseRoundTrip* license_messages_;
uint32_t num_keys_;
@@ -528,9 +531,6 @@ class Session {
// Generate known mac and enc keys using OEMCrypto_DeriveKeysFromSessionKey
// and also fill out enc_key_, mac_key_server_, and mac_key_client_.
void GenerateDerivedKeysFromSessionKey();
// Encrypt a block of data using CTR mode.
void EncryptCTR(const vector<uint8_t>& in_buffer, const uint8_t* key,
const uint8_t* starting_iv, vector<uint8_t>* out_buffer);
// Encrypt some data and pass to OEMCrypto_DecryptCENC to verify decryption.
void TestDecryptCTR(bool select_key_first = true,
OEMCryptoResult expected_result = OEMCrypto_SUCCESS,