From df389c141705059a4f94c0f03bddbdad52609d58 Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Tue, 23 Jan 2018 13:39:42 -0800 Subject: [PATCH] Convert oemcrypto tests to BoringSSL Merge from Widevine repo of http://go/wvgerrit/41620 bug: 62739406 test: unit tests Change-Id: I72a64623912305965ff625a45041e2932a41f69b --- .../oemcrypto/mock/src/oemcrypto_session.cpp | 43 ++++++++++--------- .../oemcrypto/test/oemcrypto_test.cpp | 2 +- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp index 77c4a44a..fc3db54d 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp @@ -44,10 +44,11 @@ void ctr128_inc64(uint8_t* counter) { } while (n > 8); } -void dump_openssl_error() { +void dump_boringssl_error() { while (unsigned long err = ERR_get_error()) { char buffer[120]; - LOGE("openssl error -- %lu -- %s", err, ERR_error_string(err, buffer)); + ERR_error_string_n(err, buffer, sizeof(buffer)); + LOGE("BoringSSL Error -- %lu -- %s", err, buffer); } } @@ -166,7 +167,7 @@ bool SessionContext::RSADeriveKeys( if (enc_session_key.size() != static_cast(RSA_size(rsa_key()))) { LOGE("[RSADeriveKeys(): encrypted session key wrong size:%zu, expected %d]", enc_session_key.size(), RSA_size(rsa_key())); - dump_openssl_error(); + dump_boringssl_error(); return false; } session_key_.resize(RSA_size(rsa_key())); @@ -175,14 +176,14 @@ bool SessionContext::RSADeriveKeys( &session_key_[0], rsa_key(), RSA_PKCS1_OAEP_PADDING); if (-1 == decrypted_size) { LOGE("[RSADeriveKeys(): error decrypting session key.]"); - dump_openssl_error(); + dump_boringssl_error(); return false; } session_key_.resize(decrypted_size); if (decrypted_size != static_cast(wvcdm::KEY_SIZE)) { LOGE("[RSADeriveKeys(): error. Session key is wrong size: %d.]", decrypted_size); - dump_openssl_error(); + dump_boringssl_error(); session_key_.clear(); return false; } @@ -232,8 +233,8 @@ bool SessionContext::GenerateSignature(const uint8_t* message, } unsigned int md_len = *signature_length; - if (HMAC(EVP_sha256(), mac_key, wvcdm::MAC_KEY_SIZE, message, - message_length, signature, &md_len)) { + if (HMAC(EVP_sha256(), mac_key, wvcdm::MAC_KEY_SIZE, message, message_length, + signature, &md_len)) { *signature_length = md_len; return true; } @@ -274,7 +275,7 @@ OEMCryptoResult SessionContext::GenerateRSASignature( uint8_t hash[SHA_DIGEST_LENGTH]; if (!SHA1(message, message_length, hash)) { LOGE("[GeneratRSASignature(): error creating signature hash.]"); - dump_openssl_error(); + dump_boringssl_error(); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } @@ -284,7 +285,7 @@ OEMCryptoResult SessionContext::GenerateRSASignature( rsa_key(), &padded_digest[0], hash, EVP_sha1(), NULL, kPssSaltLength); if (status == -1) { LOGE("[GeneratRSASignature(): error padding hash.]"); - dump_openssl_error(); + dump_boringssl_error(); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } @@ -293,7 +294,7 @@ OEMCryptoResult SessionContext::GenerateRSASignature( signature, rsa_key(), RSA_NO_PADDING); if (status == -1) { LOGE("[GeneratRSASignature(): error in private encrypt.]"); - dump_openssl_error(); + dump_boringssl_error(); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } // This is the alternate padding scheme used by cast receivers only. @@ -308,7 +309,7 @@ OEMCryptoResult SessionContext::GenerateRSASignature( if (status != *signature_length) { LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]", status); - dump_openssl_error(); + dump_boringssl_error(); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } } else { // Bad RSA_Padding_Scheme @@ -645,14 +646,14 @@ bool SessionContext::InstallRSAEncryptedKey( rsa_key(), RSA_PKCS1_OAEP_PADDING); if (-1 == decrypted_size) { LOGE("[RSADeriveKeys(): error decrypting session key.]"); - dump_openssl_error(); + dump_boringssl_error(); return false; } encryption_key_.resize(decrypted_size); if (decrypted_size != static_cast(wvcdm::KEY_SIZE)) { LOGE("[RSADeriveKeys(): error. Session key is wrong size: %d.]", decrypted_size); - dump_openssl_error(); + dump_boringssl_error(); encryption_key_.clear(); return false; } @@ -950,7 +951,7 @@ OEMCryptoResult SessionContext::Generic_Sign(const uint8_t* in_buffer, return OEMCrypto_SUCCESS; } LOGE("[Generic_Sign(): hmac failed."); - dump_openssl_error(); + dump_boringssl_error(); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } @@ -990,7 +991,7 @@ OEMCryptoResult SessionContext::Generic_Verify(const uint8_t* in_buffer, } } LOGE("[Generic_Verify(): HMAC failed."); - dump_openssl_error(); + dump_boringssl_error(); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } @@ -1323,15 +1324,15 @@ OEMCryptoResult SessionContext::DecryptCTR(const uint8_t* key_u8, while (remaining) { #if (OPENSSL_VERSION_NUMBER < 0x10100000L) - EVP_CIPHER_CTX ctx_struct; - EVP_CIPHER_CTX* evp_cipher_ctx = &ctx_struct; - EVP_CIPHER_CTX_init(evp_cipher_ctx); + EVP_CIPHER_CTX ctx_struct; + EVP_CIPHER_CTX* evp_cipher_ctx = &ctx_struct; + EVP_CIPHER_CTX_init(evp_cipher_ctx); #else - EVP_CIPHER_CTX* evp_cipher_ctx = EVP_CIPHER_CTX_new(); + EVP_CIPHER_CTX* evp_cipher_ctx = EVP_CIPHER_CTX_new(); #endif EVP_CIPHER_CTX_set_padding(evp_cipher_ctx, 0); - if (!EVP_DecryptInit_ex(evp_cipher_ctx, EVP_aes_128_ctr(), NULL, - key_u8, aes_iv_u8)) { + if (!EVP_DecryptInit_ex(evp_cipher_ctx, EVP_aes_128_ctr(), NULL, key_u8, + aes_iv_u8)) { LOGE("[DecryptCTR(): EVP_INIT ERROR]"); #if (OPENSSL_VERSION_NUMBER < 0x10100000L) EVP_CIPHER_CTX_cleanup(evp_cipher_ctx); diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index f88518ec..c83344f6 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -2964,7 +2964,7 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates { uint8_t hash[SHA_DIGEST_LENGTH]; if (!SHA1(&message[0], message.size(), hash)) { dump_boringssl_error(); - FAIL() << "openssl error creating SHA1 hash."; + FAIL() << "boringssl error creating SHA1 hash."; } // The application will prepend the digest info to the hash.