Rename LoadWithAllowedSchemes to LoadCastCertificateKey

The unit test helper function LoadWithAllowedSchemes should
only be used to load a Cast Certificate. So it has been
renamed to make that clear.

The only unit test that used the old function with the
non-cast padding scheme has been removed. A replacement will
be added in the next CL of the chain.

Change-Id: Id4aa2f420435baff664324ee4b3dcb74ab9ffe8a

libwvdrmengine/oemcrypto/test/oemcrypto_cast_test.cpp

@@ -11,20 +11,6 @@ using ::testing::Range;
 
 namespace wvoec {
 
-// The alternate padding is only required for cast receivers, but all devices
-// should forbid the alternate padding for regular certificates.
-TEST_F(OEMCryptoLoadsCertificateAlternates, DisallowForbiddenPaddingAPI09) {
-  // TODO(b/197141970): Need to revisit OEMCryptoLoadsCert* tests for
-  // provisioning 4. Disabled here temporarily.
-  if (!global_features.loads_certificate ||
-      global_features.provisioning_method == OEMCrypto_BootCertificateChain) {
-    GTEST_SKIP() << "Test for non Prov 4.0 devices only.";
-  }
-  LoadWithAllowedSchemes(kSign_RSASSA_PSS,
-                         true);  // Use default padding scheme
-  DisallowForbiddenPaddingDRMKey(kSign_PKCS1_Block1, 50);
-}
-
 // The alternate padding is only required for cast receivers, but if a device
 // does load an alternate certificate, it should NOT use it for generating
 // a license request signature.
@@ -37,7 +23,7 @@ TEST_F(OEMCryptoLoadsCertificateAlternates, TestSignaturePKCS1) {
   }
   // Try to load an RSA key with alternative padding schemes.  This signing
   // scheme is used by cast receivers.
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
+  LoadCastCertificateKey(false);
   // If the device is a cast receiver, then this scheme is required.
   if (global_features.cast_receiver) {
     ASSERT_TRUE(key_loaded_);
@@ -287,7 +273,7 @@ TEST_F(OEMCryptoCastReceiverTest, SupportsCertificatesAPI13) {
 // # PKCS#1 v1.5 Signature Example 15.1
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_1) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "f45d55f35551e975d6a8dc7ea9f48859"
       "3940cc75694a278f27e578a163d839b3"
@@ -326,7 +312,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_1) {
 // # PKCS#1 v1.5 Signature Example 15.2
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_2) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "c14b4c6075b2f9aad661def4ecfd3cb9"
       "33c623f4e63bf53410d2f016d1ab98e2"
@@ -361,7 +347,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_2) {
 // # PKCS#1 v1.5 Signature Example 15.3
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_3) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "d02371ad7ee48bbfdb2763de7a843b94"
       "08ce5eb5abf847ca3d735986df84e906"
@@ -402,7 +388,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_3) {
 // # PKCS#1 v1.5 Signature Example 15.4
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_4) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "29035584ab7e0226a9ec4b02e8dcf127"
       "2dc9a41d73e2820007b0f6e21feccd5b"
@@ -431,7 +417,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_4) {
 // # PKCS#1 v1.5 Signature Example 15.5
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_5) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex("bda3a1c79059eae598308d3df609");
   vector<uint8_t> signature = wvutil::a2b_hex(
       "a156176cb96777c7fb96105dbd913bc4"
@@ -456,7 +442,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_5) {
 // # PKCS#1 v1.5 Signature Example 15.6
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_6) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "c187915e4e87da81c08ed4356a0cceac"
       "1c4fb5c046b45281b387ec28f1abfd56"
@@ -488,7 +474,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_6) {
 // # PKCS#1 v1.5 Signature Example 15.7
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_7) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "abfa2ecb7d29bd5bcb9931ce2bad2f74"
       "383e95683cee11022f08e8e7d0b8fa05"
@@ -521,7 +507,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_7) {
 // # PKCS#1 v1.5 Signature Example 15.8
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_8) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "df4044a89a83e9fcbf1262540ae3038b"
       "bc90f2b2628bf2a4467ac67722d8546b"
@@ -560,7 +546,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_8) {
 // # PKCS#1 v1.5 Signature Example 15.9
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_9) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "ea941ff06f86c226927fcf0e3b11b087"
       "2676170c1bfc33bda8e265c77771f9d0"
@@ -597,7 +583,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_9) {
 // # PKCS#1 v1.5 Signature Example 15.10
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_10) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "d8b81645c13cd7ecf5d00ed2c91b9acd"
       "46c15568e5303c4a9775ede76b48403d"
@@ -627,7 +613,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_10) {
 // # PKCS#1 v1.5 Signature Example 15.11
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_11) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "e5739b6c14c92d510d95b826933337ff"
       "0d24ef721ac4ef64c2bad264be8b44ef"
@@ -661,7 +647,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_11) {
 // # PKCS#1 v1.5 Signature Example 15.12
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_12) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "7af42835917a88d6b3c6716ba2f5b0d5"
       "b20bd4e2e6e574e06af1eef7c81131be"
@@ -702,7 +688,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_12) {
 // # PKCS#1 v1.5 Signature Example 15.13
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_13) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "ebaef3f9f23bdfe5fa6b8af4c208c189"
       "f2251bf32f5f137b9de4406378686b3f"
@@ -731,7 +717,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_13) {
 // # PKCS#1 v1.5 Signature Example 15.14
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_14) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "c5a2711278761dfcdd4f0c99e6f5619d"
       "6c48b5d4c1a80982faa6b4cf1cf7a60f"
@@ -767,7 +753,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_14) {
 // # PKCS#1 v1.5 Signature Example 15.15
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_15) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "9bf8aa253b872ea77a7e23476be26b23"
       "29578cf6ac9ea2805b357f6fc3ad130d"
@@ -806,7 +792,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_15) {
 // # PKCS#1 v1.5 Signature Example 15.16
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_16) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "32474830e2203754c8bf0681dc4f842a"
       "fe360930378616c108e833656e5640c8"
@@ -847,7 +833,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_16) {
 // # PKCS#1 v1.5 Signature Example 15.17
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_17) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "008e59505eafb550aae5e845584cebb0"
       "0b6de1733e9f95d42c882a5bbeb5ce1c"
@@ -876,7 +862,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_17) {
 // # PKCS#1 v1.5 Signature Example 15.18
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_18) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "6abc54cf8d1dff1f53b17d8160368878"
       "a8788cc6d22fa5c2258c88e660b09a89"
@@ -906,7 +892,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_18) {
 // # PKCS#1 v1.5 Signature Example 15.19
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_19) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "af2d78152cf10efe01d274f217b177f6"
       "b01b5e749f1567715da324859cd3dd88"
@@ -943,7 +929,7 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_19) {
 // # PKCS#1 v1.5 Signature Example 15.20
 TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_20) {
   BuildRSAKey();
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
+  LoadCastCertificateKey(true);
   vector<uint8_t> message = wvutil::a2b_hex(
       "40ee992458d6f61486d25676a96dd2cb"
       "93a37f04b178482f2b186cf88215270d"

libwvdrmengine/oemcrypto/test/oemcrypto_cast_test.h

@@ -72,7 +72,9 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
   }
 
   // If force is true, we assert that the key loads successfully.
-  void LoadWithAllowedSchemes(uint32_t schemes, bool force) {
+  void LoadCastCertificateKey(bool force) {
+    // Padding scheme used to sign cast data.
+    constexpr uint32_t schemes = kSign_PKCS1_Block1;
     // prov 2 or prov 3
     if (global_features.provisioning_method == OEMCrypto_Keybox ||
         global_features.provisioning_method == OEMCrypto_OEMCertificate) {

libwvdrmengine/oemcrypto/test/oemcrypto_security_test.cpp

@@ -796,7 +796,7 @@ TEST_F(OEMCryptoLoadsCertificateAlternates,
     GTEST_SKIP() << "Test for non Prov 4.0 devices only.";
   }
   OEMCryptoResult sts;
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
+  LoadCastCertificateKey(false);
   // If the device is a cast receiver, then this scheme is required.
   if (global_features.cast_receiver) {
     ASSERT_TRUE(key_loaded_);
@@ -835,7 +835,7 @@ TEST_F(OEMCryptoLoadsCertificateAlternates,
       global_features.provisioning_method == OEMCrypto_BootCertificateChain) {
     GTEST_SKIP() << "Test for non Prov 4.0 devices only.";
   }
-  LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
+  LoadCastCertificateKey(false);
   // If the device is a cast receiver, then this scheme is required.
   if (global_features.cast_receiver) {
     ASSERT_TRUE(key_loaded_);