Remove error OEMCrypto_KEY_NOT_LOADED

Merge from master branch of Widevine repo of http://go/wvgerrit/66066 Merge from oemcrypto-v15 branch of Widevine repo of http://go/wvgerrit/63628 The error code OEMCrypto_KEY_NOT_LOADED is redundant with OEMCrypto_ERROR_NO_CONTENT_KEY and OEMCrypto_KEY_NOT_ENTITLED. The function LoadEntitledContentKey should return KEY_NOT_ENTITLED if it does not find the corresponding entitlement key in its key table. All other functions that do not find a key id in the key table should return OEMCrypto_ERROR_NO_CONTENT_KEY. This includes QueryKeyControl, SelectKey, and RefreshKeys. Test: unit tests Test: tested as part of http://go/ag/5501993 Bug: 115574797 Change-Id: Ida2111f32e331b99f3f0c77fa404a42654d0870c
2018-11-12 14:12:26 -08:00
parent f3e9d84484
commit ef067572bc
9 changed files with 62 additions and 18 deletions
--- a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp
+++ b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp
@@ -282,7 +282,7 @@ void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) {
  VerifyTestKeys();
 }

-void Session::LoadEnitlementTestKeys(const std::string& pst,
+void Session::LoadEntitlementTestKeys(const std::string& pst,
                                     bool new_mac_keys,
                                     OEMCryptoResult expected_sts) {
  uint8_t* pst_ptr = NULL;
@@ -347,7 +347,7 @@ void Session::LoadEntitledContentKeys(OEMCryptoResult expected_sts) {
  memcpy(&encrypted_entitled_key_array[0], &entitled_key_array_[0],
         sizeof(OEMCrypto_EntitledContentKeyObject) * num_keys_);

-  // Create a encrypted version of all of the content keys stored in
+  // Create an encrypted version of all of the content keys stored in
  // |entitled_key_array_|.
  std::vector<std::vector<uint8_t> > encrypted_content_keys;
  encrypted_content_keys.resize(num_keys_);
--- a/libwvdrmengine/oemcrypto/test/oec_session_util.h
+++ b/libwvdrmengine/oemcrypto/test/oec_session_util.h
@@ -165,12 +165,12 @@ class Session {
  // using OEMCrypto_LoadKeys.  This message should have already been created
  // by FillSimpleEntitlementMessage, modified if needed, and then encrypted
  // and signed by the server's mac key in EncryptAndSign.
-  void LoadEnitlementTestKeys(const std::string& pst = "",
+  void LoadEntitlementTestKeys(const std::string& pst = "",
                              bool new_mac_keys = true,
                              OEMCryptoResult expected_sts = OEMCrypto_SUCCESS);
  // Fills an OEMCrypto_EntitledContentKeyObject using the information from
  // the license_ and randomly generated content keys. This method should be
-  // called after LoadEnitlementTestKeys.
+  // called after LoadEntitlementTestKeys.
  void FillEntitledKeyArray();
  // Encrypts and loads the entitled content keys via
  // OEMCrypto_LoadEntitledContentKeys.
@@ -196,7 +196,7 @@ class Session {
                         const std::string& pst = "");
  // This fills the data structure license_ with entitlement key information.
  // This data can be modified, and then should be encrypted and signed in
-  // EncryptAndSign before being loaded in LoadEnitlementTestKeys.
+  // EncryptAndSign before being loaded in LoadEntitlementTestKeys.
  void FillSimpleEntitlementMessage(
      uint32_t duration, uint32_t control,
      uint32_t nonce, const std::string& pst = "");
@@ -364,6 +364,12 @@ class Session {

  // An array of key objects for use in LoadKeys.
  OEMCrypto_KeyObject* key_array() { return key_array_; }
+
+  // An array of key objects for LoadEntitledContentKeys.
+  OEMCrypto_EntitledContentKeyObject* entitled_key_array() {
+    return entitled_key_array_;
+  }
+
  // The last signature generated with the server's mac key.
  std::vector<uint8_t>& signature() { return signature_; }

--- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
+++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
@@ -850,7 +850,7 @@ TEST_F(OEMCryptoSessionTests, LoadEntitlementKeysAPI14) {
  ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
  ASSERT_NO_FATAL_FAILURE(s.FillSimpleEntitlementMessage(0, 0, 0));
  ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
-  ASSERT_NO_FATAL_FAILURE(s.LoadEnitlementTestKeys());
+  ASSERT_NO_FATAL_FAILURE(s.LoadEntitlementTestKeys());
  s.FillEntitledKeyArray();
  ASSERT_NO_FATAL_FAILURE(s.LoadEntitledContentKeys());
  s.FillEntitledKeyArray();
@@ -863,10 +863,26 @@ TEST_F(OEMCryptoSessionTests, LoadEntitlementKeysNoEntitlementKeysAPI14) {
  ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
  ASSERT_NO_FATAL_FAILURE(s.FillSimpleEntitlementMessage(0, 0, 0));
  ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
+  // We do NOT call LoadEntitlementTestKeys.
  s.FillEntitledKeyArray();
  s.LoadEntitledContentKeys(OEMCrypto_ERROR_INVALID_CONTEXT);
 }

+TEST_F(OEMCryptoSessionTests, LoadEntitlementKeysWrongEntitlementKeysAPI14) {
+  Session s;
+  ASSERT_NO_FATAL_FAILURE(s.open());
+  ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
+  ASSERT_NO_FATAL_FAILURE(s.FillSimpleEntitlementMessage(0, 0, 0));
+  ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
+  ASSERT_NO_FATAL_FAILURE(s.LoadEntitlementTestKeys());
+  s.FillEntitledKeyArray();
+  const std::string key_id = "no_key";
+  s.entitled_key_array()[0].entitlement_key_id =
+      reinterpret_cast<const uint8_t*>(key_id.c_str());
+  s.entitled_key_array()[0].entitlement_key_id_length = key_id.length();
+  s.LoadEntitledContentKeys(OEMCrypto_KEY_NOT_ENTITLED);
+}
+
 // This tests GenerateSignature with an 8k licnese request.
 TEST_F(OEMCryptoSessionTests, ClientSignatureLargeBuffer) {
  Session s;
@@ -1267,6 +1283,21 @@ TEST_F(OEMCryptoSessionTests, LoadKeyNoKeyWithNonce) {
                         OEMCrypto_ContentLicense));
 }

+TEST_F(OEMCryptoSessionTests, SelectKeyNotThere) {
+  Session s;
+  ASSERT_NO_FATAL_FAILURE(s.open());
+  ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
+  ASSERT_NO_FATAL_FAILURE(
+      s.FillSimpleMessage(0, wvoec::kControlNonceEnabled, s.get_nonce()));
+  ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
+  ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys());
+  const char* key_id = "no_key";
+  ASSERT_EQ(OEMCrypto_ERROR_NO_CONTENT_KEY,
+            OEMCrypto_SelectKey(
+                s.session_id(), reinterpret_cast<const uint8_t*>(key_id),
+                strlen(key_id), OEMCrypto_CipherMode_CTR));
+}
+
 TEST_F(OEMCryptoSessionTests, QueryKeyControl) {
  Session s;
  ASSERT_NO_FATAL_FAILURE(s.open());
@@ -1288,7 +1319,7 @@ TEST_F(OEMCryptoSessionTests, QueryKeyControl) {
  ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
  const char* key_id = "no_key";
  size = sizeof(block);
-  ASSERT_NE(OEMCrypto_SUCCESS,
+  ASSERT_EQ(OEMCrypto_ERROR_NO_CONTENT_KEY,
            OEMCrypto_QueryKeyControl(
                s.session_id(), reinterpret_cast<const uint8_t*>(key_id),
                strlen(key_id), reinterpret_cast<uint8_t*>(&block), &size));