widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Convert oemcrypto tests to BoringSSL

Browse Source 
Merge from Widevine repo of http://go/wvgerrit/41620

bug: 62739406
test: unit tests
Change-Id: I72a64623912305965ff625a45041e2932a41f69b
This commit is contained in:
Fred Gylys-Colwell
2018-01-23 13:39:42 -08:00
parent 80a70c2dfb
commit df389c1417
2 changed files with 23 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
libwvdrmengine/oemcrypto/mock/src/oemcrypto_session.cpp
View File

@@ -44,10 +44,11 @@ void ctr128_inc64(uint8_t* counter) {
} while (n > 8); } while (n > 8);
} }
void dump_openssl_error() { void dump_boringssl_error() {
while (unsigned long err = ERR_get_error()) { while (unsigned long err = ERR_get_error()) {
char buffer[120]; char buffer[120];
LOGE("openssl error -- %lu -- %s", err, ERR_error_string(err, buffer)); ERR_error_string_n(err, buffer, sizeof(buffer));
LOGE("BoringSSL Error -- %lu -- %s", err, buffer);
} }
} }
@@ -166,7 +167,7 @@ bool SessionContext::RSADeriveKeys(
if (enc_session_key.size() != static_cast<size_t>(RSA_size(rsa_key()))) { if (enc_session_key.size() != static_cast<size_t>(RSA_size(rsa_key()))) {
LOGE("[RSADeriveKeys(): encrypted session key wrong size:%zu, expected %d]", LOGE("[RSADeriveKeys(): encrypted session key wrong size:%zu, expected %d]",
enc_session_key.size(), RSA_size(rsa_key())); enc_session_key.size(), RSA_size(rsa_key()));
dump_openssl_error(); dump_boringssl_error();
return false; return false;
} }
session_key_.resize(RSA_size(rsa_key())); session_key_.resize(RSA_size(rsa_key()));
@@ -175,14 +176,14 @@ bool SessionContext::RSADeriveKeys(
&session_key_[0], rsa_key(), RSA_PKCS1_OAEP_PADDING); &session_key_[0], rsa_key(), RSA_PKCS1_OAEP_PADDING);
if (-1 == decrypted_size) { if (-1 == decrypted_size) {
LOGE("[RSADeriveKeys(): error decrypting session key.]"); LOGE("[RSADeriveKeys(): error decrypting session key.]");
dump_openssl_error(); dump_boringssl_error();
return false; return false;
} }
session_key_.resize(decrypted_size); session_key_.resize(decrypted_size);
if (decrypted_size != static_cast<int>(wvcdm::KEY_SIZE)) { if (decrypted_size != static_cast<int>(wvcdm::KEY_SIZE)) {
LOGE("[RSADeriveKeys(): error. Session key is wrong size: %d.]", LOGE("[RSADeriveKeys(): error. Session key is wrong size: %d.]",
decrypted_size); decrypted_size);
dump_openssl_error(); dump_boringssl_error();
session_key_.clear(); session_key_.clear();
return false; return false;
} }
@@ -232,8 +233,8 @@ bool SessionContext::GenerateSignature(const uint8_t* message,
} }
unsigned int md_len = *signature_length; unsigned int md_len = *signature_length;
if (HMAC(EVP_sha256(), mac_key, wvcdm::MAC_KEY_SIZE, message, if (HMAC(EVP_sha256(), mac_key, wvcdm::MAC_KEY_SIZE, message, message_length,
message_length, signature, &md_len)) { signature, &md_len)) {
*signature_length = md_len; *signature_length = md_len;
return true; return true;
} }
@@ -274,7 +275,7 @@ OEMCryptoResult SessionContext::GenerateRSASignature(
uint8_t hash[SHA_DIGEST_LENGTH]; uint8_t hash[SHA_DIGEST_LENGTH];
if (!SHA1(message, message_length, hash)) { if (!SHA1(message, message_length, hash)) {
LOGE("[GeneratRSASignature(): error creating signature hash.]"); LOGE("[GeneratRSASignature(): error creating signature hash.]");
dump_openssl_error(); dump_boringssl_error();
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
@@ -284,7 +285,7 @@ OEMCryptoResult SessionContext::GenerateRSASignature(
rsa_key(), &padded_digest[0], hash, EVP_sha1(), NULL, kPssSaltLength); rsa_key(), &padded_digest[0], hash, EVP_sha1(), NULL, kPssSaltLength);
if (status == -1) { if (status == -1) {
LOGE("[GeneratRSASignature(): error padding hash.]"); LOGE("[GeneratRSASignature(): error padding hash.]");
dump_openssl_error(); dump_boringssl_error();
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
@@ -293,7 +294,7 @@ OEMCryptoResult SessionContext::GenerateRSASignature(
signature, rsa_key(), RSA_NO_PADDING); signature, rsa_key(), RSA_NO_PADDING);
if (status == -1) { if (status == -1) {
LOGE("[GeneratRSASignature(): error in private encrypt.]"); LOGE("[GeneratRSASignature(): error in private encrypt.]");
dump_openssl_error(); dump_boringssl_error();
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
// This is the alternate padding scheme used by cast receivers only. // This is the alternate padding scheme used by cast receivers only.
@@ -308,7 +309,7 @@ OEMCryptoResult SessionContext::GenerateRSASignature(
if (status != *signature_length) { if (status != *signature_length) {
LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]", LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]",
status); status);
dump_openssl_error(); dump_boringssl_error();
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
} else { // Bad RSA_Padding_Scheme } else { // Bad RSA_Padding_Scheme
@@ -645,14 +646,14 @@ bool SessionContext::InstallRSAEncryptedKey(
rsa_key(), RSA_PKCS1_OAEP_PADDING); rsa_key(), RSA_PKCS1_OAEP_PADDING);
if (-1 == decrypted_size) { if (-1 == decrypted_size) {
LOGE("[RSADeriveKeys(): error decrypting session key.]"); LOGE("[RSADeriveKeys(): error decrypting session key.]");
dump_openssl_error(); dump_boringssl_error();
return false; return false;
} }
encryption_key_.resize(decrypted_size); encryption_key_.resize(decrypted_size);
if (decrypted_size != static_cast<int>(wvcdm::KEY_SIZE)) { if (decrypted_size != static_cast<int>(wvcdm::KEY_SIZE)) {
LOGE("[RSADeriveKeys(): error. Session key is wrong size: %d.]", LOGE("[RSADeriveKeys(): error. Session key is wrong size: %d.]",
decrypted_size); decrypted_size);
dump_openssl_error(); dump_boringssl_error();
encryption_key_.clear(); encryption_key_.clear();
return false; return false;
} }
@@ -950,7 +951,7 @@ OEMCryptoResult SessionContext::Generic_Sign(const uint8_t* in_buffer,
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
LOGE("[Generic_Sign(): hmac failed."); LOGE("[Generic_Sign(): hmac failed.");
dump_openssl_error(); dump_boringssl_error();
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
@@ -990,7 +991,7 @@ OEMCryptoResult SessionContext::Generic_Verify(const uint8_t* in_buffer,
} }
} }
LOGE("[Generic_Verify(): HMAC failed."); LOGE("[Generic_Verify(): HMAC failed.");
dump_openssl_error(); dump_boringssl_error();
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
@@ -1330,8 +1331,8 @@ OEMCryptoResult SessionContext::DecryptCTR(const uint8_t* key_u8,
EVP_CIPHER_CTX* evp_cipher_ctx = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX* evp_cipher_ctx = EVP_CIPHER_CTX_new();
#endif #endif
EVP_CIPHER_CTX_set_padding(evp_cipher_ctx, 0); EVP_CIPHER_CTX_set_padding(evp_cipher_ctx, 0);
if (!EVP_DecryptInit_ex(evp_cipher_ctx, EVP_aes_128_ctr(), NULL, if (!EVP_DecryptInit_ex(evp_cipher_ctx, EVP_aes_128_ctr(), NULL, key_u8,
key_u8, aes_iv_u8)) { aes_iv_u8)) {
LOGE("[DecryptCTR(): EVP_INIT ERROR]"); LOGE("[DecryptCTR(): EVP_INIT ERROR]");
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
EVP_CIPHER_CTX_cleanup(evp_cipher_ctx); EVP_CIPHER_CTX_cleanup(evp_cipher_ctx);

2
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -2964,7 +2964,7 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates {
uint8_t hash[SHA_DIGEST_LENGTH]; uint8_t hash[SHA_DIGEST_LENGTH];
if (!SHA1(&message[0], message.size(), hash)) { if (!SHA1(&message[0], message.size(), hash)) {
dump_boringssl_error(); dump_boringssl_error();
FAIL() << "openssl error creating SHA1 hash."; FAIL() << "boringssl error creating SHA1 hash.";
} }
// The application will prepend the digest info to the hash. // The application will prepend the digest info to the hash.