widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Require 20 keys per session and 10 sessions

Browse Source 
Merge from widevine repo of http://go/wvgerrit/20981

OMECrypto v12 requires at least 20 keys per session and at least 10
sessions.  This CL updates the unit tests to verify this, and updates
level 3 and mock code to conform.

This CL also updates the level 3 oemcrypto to support 16 sessions and
320 keys total.

b/30140448 Minimum 20 keys per OEMCrypto_Session

Change-Id: Idd38d8f2cdfd6acde6fa7622b5912372bee9e488
This commit is contained in:
Fred Gylys-Colwell
2016-11-28 21:36:03 -08:00
parent 97c2c74556
commit f0cee3ad20
3 changed files with 80 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -211,8 +211,8 @@ TEST_F(OEMCryptoClientTest, MaxSessionsOpenCloseAPI10) {
ASSERT_EQ(0u, sessions_count);
size_t max_sessions;
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_GetMaxNumberOfSessions(&max_sessions));
// We expect OEMCrypto implementations support at least 8 sessions.
const size_t kMinimumSupportedMaxNumberOfSessions = 8u;
// We expect OEMCrypto implementations support at least 10 sessions.
const size_t kMinimumSupportedMaxNumberOfSessions = 10u;
ASSERT_GE(max_sessions, kMinimumSupportedMaxNumberOfSessions);
// We allow GetMaxNumberOfSessions to return an estimate. This tests with a
// pad of 5%. Even if it's just an estimate, we still require 8 sessions.
@@ -643,7 +643,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange1) {
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
&mac_keys[0], // Not pointing into buffer.
kNumKeys, s.key_array(), NULL, 0);
s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -661,7 +661,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) {
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(),
&mac_key_iv[0], // bad.
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -679,7 +679,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange3) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -698,7 +698,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange4) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -715,7 +715,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange5) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -735,7 +735,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange6) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -755,7 +755,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange7) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -770,7 +770,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadNonce) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -795,7 +795,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -811,7 +811,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -828,7 +828,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithFutureVerification) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -842,7 +842,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -855,7 +855,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeysWithNoDerivedKeys) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -927,7 +927,7 @@ TEST_F(OEMCryptoSessionTests, AntiRollbackHardwareRequired) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
if (OEMCrypto_IsAntiRollbackHwPresent()) {
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
} else {
@@ -949,7 +949,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), sizeof(MessageData),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0));
if (patch_level < 0x3F) {
Session s;
@@ -964,7 +964,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), sizeof(MessageData),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0));
}
if (patch_level > 0) {
@@ -980,11 +980,26 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), sizeof(MessageData),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), NULL, 0));
}
}
TEST_F(OEMCryptoSessionTests, Minimum20Keys) {
Session s;
ASSERT_NO_FATAL_FAILURE(s.open());
s.set_num_keys(kMaxNumKeys);
ASSERT_NO_FATAL_FAILURE(s.GenerateTestSessionKeys());
ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0));
ASSERT_NO_FATAL_FAILURE(s.EncryptAndSign());
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys());
for (int key_index=0; key_index < kMaxNumKeys; key_index++) {
bool kSelectKeyFirst = true;
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR(kSelectKeyFirst, OEMCrypto_SUCCESS,
key_index));
}
}
class SessionTestDecryptWithHDCP : public OEMCryptoSessionTests,
public WithParamInterface<int> {
public:
@@ -1035,7 +1050,7 @@ class SessionTestRefreshKeyTest
protected:
bool new_mac_keys_;
size_t num_keys_;
size_t num_keys_; // Number of keys to refresh.
};
TEST_P(SessionTestRefreshKeyTest, RefreshWithNonce) {
@@ -1102,8 +1117,8 @@ INSTANTIATE_TEST_CASE_P(TestRefreshAllKeys, SessionTestRefreshKeyTest,
// If multiple key control blocks, we update each key separately.
INSTANTIATE_TEST_CASE_P(TestRefreshEachKeys, SessionTestRefreshKeyTest,
Values(std::make_pair(true, kNumKeys),
std::make_pair(false, kNumKeys)));
Values(std::make_pair(true, 4),
std::make_pair(false, 4)));
//
// Decrypt Tests
@@ -3695,19 +3710,22 @@ class GenericCryptoKeyIdLengthTest : public GenericCryptoTest {
virtual void SetUp() {
GenericCryptoTest::SetUp();
const uint32_t kNoNonce = 0;
session_.set_num_keys(5);
ASSERT_NO_FATAL_FAILURE(session_.FillSimpleMessage(
kDuration, wvoec_mock::kControlAllowDecrypt, kNoNonce));
// We are testing that the key ids do not have to have the same length.
SetUniformKeyIdLength(16); // Start with all key ids being 16 bytes.
// But, we are testing that the key ids do not have to have the same length.
session_.SetKeyId(0, "123456789012"); // 12 bytes (common key id length).
session_.SetKeyId(1, "12345"); // short key id.
session_.SetKeyId(2, "1234567890123456"); // 16 byte key id. (default)
session_.SetKeyId(3, "12345678901234"); // 14 byte. (uncommon)
session_.SetKeyId(4, "1"); // very short key id.
ASSERT_EQ(2u, kLongKeyId);
}
// Make all four keys have the same length.
void SetUniformKeyIdLength(size_t key_id_length) {
for (unsigned int i = 0; i < 4; i++) {
for (unsigned int i = 0; i < session_.num_keys(); i++) {
string key_id;
key_id.resize(key_id_length, i + 'a');
session_.SetKeyId(i, key_id);
@@ -3715,7 +3733,7 @@ class GenericCryptoKeyIdLengthTest : public GenericCryptoTest {
}
void TestWithKey(unsigned int key_index) {
ASSERT_LE(key_index, kNumKeys);
ASSERT_LT(key_index, session_.num_keys());
EncryptAndLoadKeys();
vector<uint8_t> encrypted;
// To make sure OEMCrypto is not expecting the key_id to be zero padded, we
@@ -3748,6 +3766,10 @@ TEST_F(GenericCryptoKeyIdLengthTest, ShortKeyId) { TestWithKey(1); }
TEST_F(GenericCryptoKeyIdLengthTest, LongKeyId) { TestWithKey(2); }
TEST_F(GenericCryptoKeyIdLengthTest, FourteenByteKeyId) { TestWithKey(3); }
TEST_F(GenericCryptoKeyIdLengthTest, VeryShortKeyId) { TestWithKey(4); }
TEST_F(GenericCryptoKeyIdLengthTest, UniformShortKeyId) {
SetUniformKeyIdLength(5);
TestWithKey(2);
@@ -3910,7 +3932,7 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) {
OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), sizeof(MessageData),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length()));
ASSERT_NO_FATAL_FAILURE(s2.close());
}
@@ -3928,7 +3950,7 @@ TEST_F(UsageTableTest, OnlineEmptyPST) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -4523,7 +4545,7 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) {
OEMCrypto_LoadKeys(s2.session_id(), s2.message_ptr(), sizeof(MessageData),
&s2.signature()[0], s2.signature().size(),
s2.encrypted_license().mac_key_iv,
s2.encrypted_license().mac_keys, kNumKeys,
s2.encrypted_license().mac_keys, s.num_keys(),
s2.key_array(), pst_ptr, pst.length()));
ASSERT_NO_FATAL_FAILURE(s2.close());
@@ -4549,7 +4571,7 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), pst_ptr,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr,
pst.length());
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
@@ -4567,7 +4589,7 @@ TEST_P(UsageTableTestWithMAC, OfflineEmptyPST) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), sizeof(MessageData), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys, s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -4604,7 +4626,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) {
OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), sizeof(MessageData),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length()));
// But we can still generate a report.
Session s3;
@@ -4628,7 +4650,7 @@ TEST_P(UsageTableTestWithMAC, BadRange) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), sizeof(MessageData),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, kNumKeys,
s.encrypted_license().mac_keys, s.num_keys(),
s.key_array(), pst_ptr, pst.length()));
}
@@ -4848,7 +4870,7 @@ TEST_F(UsageTableTest, LoadSharedLicense) {
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, true));
ASSERT_NO_FATAL_FAILURE(s.FillSimpleMessage(0, 0, 0));
// The second set of keys are not loaded.
for (unsigned int i = 0; i < kNumKeys; i++) {
for (unsigned int i = 0; i < s.num_keys(); i++) {
memset(s.license().keys[i].key_id, 'A' + i,
s.license().keys[i].key_id_length);
}