From f0cee3ad20a3321668378b2ba4509f3d30d7fc4e Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Mon, 28 Nov 2016 21:36:03 -0800 Subject: [PATCH] Require 20 keys per session and 10 sessions Merge from widevine repo of http://go/wvgerrit/20981 OMECrypto v12 requires at least 20 keys per session and at least 10 sessions. This CL updates the unit tests to verify this, and updates level 3 and mock code to conform. This CL also updates the level 3 oemcrypto to support 16 sessions and 320 keys total. b/30140448 Minimum 20 keys per OEMCrypto_Session Change-Id: Idd38d8f2cdfd6acde6fa7622b5912372bee9e488 --- .../oemcrypto/test/oec_session_util.cpp | 30 ++++--- .../oemcrypto/test/oec_session_util.h | 13 ++- .../oemcrypto/test/oemcrypto_test.cpp | 88 ++++++++++++------- 3 files changed, 80 insertions(+), 51 deletions(-) diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp index ac07d4ca..100e6fb0 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.cpp +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.cpp @@ -75,7 +75,9 @@ Session::Session() mac_key_server_(wvcdm::MAC_KEY_SIZE), mac_key_client_(wvcdm::MAC_KEY_SIZE), enc_key_(wvcdm::KEY_SIZE), - public_rsa_(0) {} + public_rsa_(0), + num_keys_(4) {} // Most tests only use 4 keys. + // Other tests will explicitly call set_num_keys. Session::~Session() { if (!forced_session_id_ && open_) close(); @@ -200,7 +202,7 @@ void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) { session_id(), message_ptr(), sizeof(MessageData), &signature_[0], signature_.size(), encrypted_license_.mac_key_iv, encrypted_license_.mac_keys, - kNumKeys, key_array_, pst_ptr, pst.length())); + num_keys_, key_array_, pst_ptr, pst.length())); // Update new generated keys. memcpy(&mac_key_server_[0], license_.mac_keys, wvcdm::MAC_KEY_SIZE); memcpy(&mac_key_client_[0], license_.mac_keys + wvcdm::MAC_KEY_SIZE, @@ -210,13 +212,13 @@ void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) { OEMCrypto_SUCCESS, OEMCrypto_LoadKeys(session_id(), message_ptr(), sizeof(MessageData), &signature_[0], signature_.size(), NULL, NULL, - kNumKeys, key_array_, pst_ptr, pst.length())); + num_keys_, key_array_, pst_ptr, pst.length())); } VerifyTestKeys(); } void Session::VerifyTestKeys() { - for (unsigned int i = 0; i < kNumKeys; i++) { + for (unsigned int i = 0; i < num_keys_; i++) { KeyControlBlock block; size_t size = sizeof(block); OEMCryptoResult sts = OEMCrypto_QueryKeyControl( @@ -268,15 +270,14 @@ void Session::SetKeyId(int index, const string& key_id) { memcpy(key.key_id, key_id.data(), key.key_id_length); } -void Session::FillSimpleMessage( - uint32_t duration, uint32_t control, uint32_t nonce, - const std::string& pst) { +void Session::FillSimpleMessage(uint32_t duration, uint32_t control, + uint32_t nonce, const std::string& pst) { EXPECT_EQ(OEMCrypto_SUCCESS, OEMCrypto_GetRandom(license_.mac_key_iv, sizeof(license_.mac_key_iv))); EXPECT_EQ(OEMCrypto_SUCCESS, OEMCrypto_GetRandom(license_.mac_keys, sizeof(license_.mac_keys))); - for (unsigned int i = 0; i < kNumKeys; i++) { + for (unsigned int i = 0; i < num_keys_; i++) { memset(license_.keys[i].key_id, 0, kTestKeyIdMaxLength); license_.keys[i].key_id_length = kDefaultKeyIdLength; memset(license_.keys[i].key_id, i, license_.keys[i].key_id_length); @@ -331,7 +332,7 @@ void Session::EncryptAndSign() { AES_cbc_encrypt(&license_.mac_keys[0], &encrypted_license_.mac_keys[0], 2 * wvcdm::MAC_KEY_SIZE, &aes_key, iv_buffer, AES_ENCRYPT); - for (unsigned int i = 0; i < kNumKeys; i++) { + for (unsigned int i = 0; i < num_keys_; i++) { memcpy(iv_buffer, &license_.keys[i].control_iv[0], wvcdm::KEY_IV_SIZE); AES_set_encrypt_key(&license_.keys[i].key_data[0], 128, &aes_key); AES_cbc_encrypt( @@ -397,7 +398,7 @@ void Session::ClientSignMessage(const vector& data, void Session::FillKeyArray(const MessageData& data, OEMCrypto_KeyObject* key_array) { - for (unsigned int i = 0; i < kNumKeys; i++) { + for (unsigned int i = 0; i < num_keys_; i++) { key_array[i].key_id = data.keys[i].key_id; key_array[i].key_id_length = data.keys[i].key_id_length; key_array[i].key_data_iv = data.keys[i].key_iv; @@ -451,12 +452,13 @@ void Session::EncryptCTR( } void Session::TestDecryptCTR(bool select_key_first, - OEMCryptoResult expected_result) { + OEMCryptoResult expected_result, + int key_index) { OEMCryptoResult sts; if (select_key_first) { // Select the key (from FillSimpleMessage) - sts = OEMCrypto_SelectKey(session_id(), license_.keys[0].key_id, - license_.keys[0].key_id_length); + sts = OEMCrypto_SelectKey(session_id(), license_.keys[key_index].key_id, + license_.keys[key_index].key_id_length); ASSERT_EQ(OEMCrypto_SUCCESS, sts); } @@ -468,7 +470,7 @@ void Session::TestDecryptCTR(bool select_key_first, EXPECT_EQ(OEMCrypto_SUCCESS, OEMCrypto_GetRandom(&encryptionIv[0], wvcdm::KEY_IV_SIZE)); vector encryptedData(unencryptedData.size()); - EncryptCTR(unencryptedData, license_.keys[0].key_data, &encryptionIv[0], + EncryptCTR(unencryptedData, license_.keys[key_index].key_data, &encryptionIv[0], &encryptedData); // Describe the output diff --git a/libwvdrmengine/oemcrypto/test/oec_session_util.h b/libwvdrmengine/oemcrypto/test/oec_session_util.h index 4a2bcc10..29967dd5 100644 --- a/libwvdrmengine/oemcrypto/test/oec_session_util.h +++ b/libwvdrmengine/oemcrypto/test/oec_session_util.h @@ -36,7 +36,7 @@ void PrintTo(const PatternTestVariant& param, ostream* os); namespace wvoec { -const size_t kNumKeys = 4; +const size_t kMaxNumKeys = 20; namespace { #if defined(TEST_SPEED_MULTIPLIER) // Can slow test time limits when @@ -83,7 +83,7 @@ typedef struct { // This structure will be signed to simulate a message from the server. struct MessageData { - MessageKeyData keys[kNumKeys]; + MessageKeyData keys[kMaxNumKeys]; uint8_t mac_key_iv[wvcdm::KEY_IV_SIZE]; uint8_t mac_keys[2 * wvcdm::MAC_KEY_SIZE]; uint8_t pst[kTestKeyIdMaxLength]; @@ -154,7 +154,8 @@ class Session { const vector& in_buffer, const uint8_t *key, const uint8_t* starting_iv, vector* out_buffer); void TestDecryptCTR(bool select_key_first = true, - OEMCryptoResult expected_result = OEMCrypto_SUCCESS); + OEMCryptoResult expected_result = OEMCrypto_SUCCESS, + int key_index = 0); void MakeRSACertificate( struct RSAPrivateKeyMessage* encrypted, std::vector* signature, uint32_t allowed_schemes, const vector& rsa_key); @@ -186,6 +187,9 @@ class Session { OEMCrypto_KeyObject* key_array() { return key_array_; } std::vector& signature() { return signature_; } + void set_num_keys(int num_keys) { num_keys_ = num_keys; } + int num_keys() const { return num_keys_; } + private: bool open_; bool forced_session_id_; @@ -198,8 +202,9 @@ class Session { vector pst_report_buffer_; MessageData license_; MessageData encrypted_license_; - OEMCrypto_KeyObject key_array_[kNumKeys]; + OEMCrypto_KeyObject key_array_[kMaxNumKeys]; std::vector signature_; + int num_keys_; }; } // namespace wvoec diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index d3d09d01..2f635e73 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -211,8 +211,8 @@ TEST_F(OEMCryptoClientTest, MaxSessionsOpenCloseAPI10) { ASSERT_EQ(0u, sessions_count); size_t max_sessions; ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_GetMaxNumberOfSessions(&max_sessions)); - // We expect OEMCrypto implementations support at least 8 sessions. - const size_t kMinimumSupportedMaxNumberOfSessions = 8u; + // We expect OEMCrypto implementations support at least 10 sessions. + const size_t kMinimumSupportedMaxNumberOfSessions = 10u; ASSERT_GE(max_sessions, kMinimumSupportedMaxNumberOfSessions); // We allow GetMaxNumberOfSessions to return an estimate. This tests with a // pad of 5%. Even if it's just an estimate, we still require 8 sessions. @@ -643,7 +643,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange1) { s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, &mac_keys[0], // Not pointing into buffer. - kNumKeys, s.key_array(), NULL, 0); + s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -661,7 +661,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) { s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), &mac_key_iv[0], // bad. - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -679,7 +679,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange3) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -698,7 +698,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange4) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -715,7 +715,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange5) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -735,7 +735,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange6) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -755,7 +755,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange7) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -770,7 +770,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadNonce) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -795,7 +795,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -811,7 +811,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -828,7 +828,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithFutureVerification) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -842,7 +842,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -855,7 +855,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysWithNoDerivedKeys) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); } @@ -927,7 +927,7 @@ TEST_F(OEMCryptoSessionTests, AntiRollbackHardwareRequired) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); if (OEMCrypto_IsAntiRollbackHwPresent()) { ASSERT_EQ(OEMCrypto_SUCCESS, sts); } else { @@ -949,7 +949,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0)); if (patch_level < 0x3F) { Session s; @@ -964,7 +964,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0)); } if (patch_level > 0) { @@ -980,11 +980,26 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) { OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0)); } } +TEST_F(OEMCryptoSessionTests, Minimum20Keys) { + Session s; + ASSERT_NO_FATAL_FAILURE(s.open()); + s.set_num_keys(kMaxNumKeys); + ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys()); + ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); + ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign()); + ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys()); + for (int key_index=0; key_index < kMaxNumKeys; key_index++) { + bool kSelectKeyFirst = true; + ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR(kSelectKeyFirst, OEMCrypto_SUCCESS, + key_index)); + } +} + class SessionTestDecryptWithHDCP : public OEMCryptoSessionTests, public WithParamInterface { public: @@ -1035,7 +1050,7 @@ class SessionTestRefreshKeyTest protected: bool new_mac_keys_; - size_t num_keys_; + size_t num_keys_; // Number of keys to refresh. }; TEST_P(SessionTestRefreshKeyTest, RefreshWithNonce) { @@ -1102,8 +1117,8 @@ INSTANTIATE_TEST_CASE_P(TestRefreshAllKeys, SessionTestRefreshKeyTest, // If multiple key control blocks, we update each key separately. INSTANTIATE_TEST_CASE_P(TestRefreshEachKeys, SessionTestRefreshKeyTest, - Values(std::make_pair(true, kNumKeys), - std::make_pair(false, kNumKeys))); + Values(std::make_pair(true, 4), + std::make_pair(false, 4))); // // Decrypt Tests @@ -3695,19 +3710,22 @@ class GenericCryptoKeyIdLengthTest : public GenericCryptoTest { virtual void SetUp() { GenericCryptoTest::SetUp(); const uint32_t kNoNonce = 0; + session_.set_num_keys(5); ASSERT_NO_FATAL_FAILURE(session_.FillSimpleMessage( kDuration, wvoec_mock::kControlAllowDecrypt, kNoNonce)); - // We are testing that the key ids do not have to have the same length. + SetUniformKeyIdLength(16); // Start with all key ids being 16 bytes. + // But, we are testing that the key ids do not have to have the same length. session_.SetKeyId(0, "123456789012"); // 12 bytes (common key id length). session_.SetKeyId(1, "12345"); // short key id. session_.SetKeyId(2, "1234567890123456"); // 16 byte key id. (default) session_.SetKeyId(3, "12345678901234"); // 14 byte. (uncommon) + session_.SetKeyId(4, "1"); // very short key id. ASSERT_EQ(2u, kLongKeyId); } // Make all four keys have the same length. void SetUniformKeyIdLength(size_t key_id_length) { - for (unsigned int i = 0; i < 4; i++) { + for (unsigned int i = 0; i < session_.num_keys(); i++) { string key_id; key_id.resize(key_id_length, i + 'a'); session_.SetKeyId(i, key_id); @@ -3715,7 +3733,7 @@ class GenericCryptoKeyIdLengthTest : public GenericCryptoTest { } void TestWithKey(unsigned int key_index) { - ASSERT_LE(key_index, kNumKeys); + ASSERT_LT(key_index, session_.num_keys()); EncryptAndLoadKeys(); vector encrypted; // To make sure OEMCrypto is not expecting the key_id to be zero padded, we @@ -3748,6 +3766,10 @@ TEST_F(GenericCryptoKeyIdLengthTest, ShortKeyId) { TestWithKey(1); } TEST_F(GenericCryptoKeyIdLengthTest, LongKeyId) { TestWithKey(2); } +TEST_F(GenericCryptoKeyIdLengthTest, FourteenByteKeyId) { TestWithKey(3); } + +TEST_F(GenericCryptoKeyIdLengthTest, VeryShortKeyId) { TestWithKey(4); } + TEST_F(GenericCryptoKeyIdLengthTest, UniformShortKeyId) { SetUniformKeyIdLength(5); TestWithKey(2); @@ -3910,7 +3932,7 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) { OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr, pst.length())); ASSERT_NO_FATAL_FAILURE(s2.close()); } @@ -3928,7 +3950,7 @@ TEST_F(UsageTableTest, OnlineEmptyPST) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_NO_FATAL_FAILURE(s.close()); } @@ -4523,7 +4545,7 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) { OEMCrypto_LoadKeys(s2.session_id(), s2.message_ptr(), sizeof(MessageData), &s2.signature()[0], s2.signature().size(), s2.encrypted_license().mac_key_iv, - s2.encrypted_license().mac_keys, kNumKeys, + s2.encrypted_license().mac_keys, s.num_keys(), s2.key_array(), pst_ptr, pst.length())); ASSERT_NO_FATAL_FAILURE(s2.close()); @@ -4549,7 +4571,7 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), pst_ptr, + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr, pst.length()); ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_NO_FATAL_FAILURE(s.close()); @@ -4567,7 +4589,7 @@ TEST_P(UsageTableTestWithMAC, OfflineEmptyPST) { OEMCryptoResult sts = OEMCrypto_LoadKeys( s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0); + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0); ASSERT_NE(OEMCrypto_SUCCESS, sts); ASSERT_NO_FATAL_FAILURE(s.close()); } @@ -4604,7 +4626,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) { OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr, pst.length())); // But we can still generate a report. Session s3; @@ -4628,7 +4650,7 @@ TEST_P(UsageTableTestWithMAC, BadRange) { OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0], s.signature().size(), s.encrypted_license().mac_key_iv, - s.encrypted_license().mac_keys, kNumKeys, + s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr, pst.length())); } @@ -4848,7 +4870,7 @@ TEST_F(UsageTableTest, LoadSharedLicense) { ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, true)); ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0)); // The second set of keys are not loaded. - for (unsigned int i = 0; i < kNumKeys; i++) { + for (unsigned int i = 0; i < s.num_keys(); i++) { memset(s.license().keys[i].key_id, 'A' + i, s.license().keys[i].key_id_length); }