Fixed loading mac keys in mock and Level3
Merge of http://go/wvgerrit/45521/ Bug: b/73818548 Test: request_license_tests and GTS tests on sailfish and taimen This change loads the mac keys into the session to be used in GenerateSignature from the last call to one of: DeriveKeysFromSessionKey, GenerateDerivedKeys, LoadKeys, and LoadUsageEntry. OEMCrypto tests are changed to reflect this as well (specifically the order in which we call the above methods).
This commit is contained in:
Srujan Gaddam
@@ -4643,13 +4643,13 @@ TEST_F(UsageTableTest, TwoHundredEntries) {
|
||||
sleep(kShortSleep);
|
||||
for (size_t i = 0; i < ENTRY_COUNT; i++) {
|
||||
ASSERT_NO_FATAL_FAILURE(sessions[i].open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&sessions[i]));
|
||||
std::string pst = "pst ";
|
||||
char c1 = 'A' + (i/26);
|
||||
char c2 = 'A' + (i%26);
|
||||
pst = pst + c1 + c2;
|
||||
// Reuse license message created above.
|
||||
ASSERT_NO_FATAL_FAILURE(sessions[i].ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&sessions[i]));
|
||||
ASSERT_NO_FATAL_FAILURE(sessions[i].LoadTestKeys(pst, new_mac_keys_))
|
||||
<< "Failed to reload license " << i << " with pst = " << pst;
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
@@ -4860,10 +4860,10 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicense) {
|
||||
ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// We will reuse the encrypted and signed message, so we don't call
|
||||
// FillSimpleMessage again.
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.UpdateUsageEntry(&encrypted_usage_header_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateVerifyReport(pst, kUnused));
|
||||
@@ -4880,10 +4880,10 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicenseWithRefresh) {
|
||||
time_t loaded = time(NULL);
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// We will reuse the encrypted and signed message, so we don't call
|
||||
// FillSimpleMessage again.
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.UpdateUsageEntry(&encrypted_usage_header_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateVerifyReport(pst, kUnused, loaded, 0, 0));
|
||||
@@ -4918,10 +4918,10 @@ TEST_P(UsageTableTestWithMAC, ReloadOfflineLicenseWithTerminate) {
|
||||
encrypted_usage_header_.size()));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// We will reuse the encrypted and signed message, so we don't call
|
||||
// FillSimpleMessage again.
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.UpdateUsageEntry(&encrypted_usage_header_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateVerifyReport(pst, kUnused));
|
||||
@@ -4958,8 +4958,8 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) {
|
||||
|
||||
// Offline license with same mac keys should still be OK.
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.UpdateUsageEntry(&encrypted_usage_header_));
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
@@ -5033,8 +5033,8 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) {
|
||||
ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
s.LoadTestKeys(pst, new_mac_keys_)); // Reload the license
|
||||
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR()); // Should be able to decrypt.
|
||||
@@ -5138,8 +5138,8 @@ class UsageTableDefragTest : public UsageTableTest {
|
||||
|
||||
void ReloadLicense(Session* s, time_t start) {
|
||||
ASSERT_NO_FATAL_FAILURE(s->open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(s));
|
||||
ASSERT_NO_FATAL_FAILURE(s->ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(s));
|
||||
ASSERT_NO_FATAL_FAILURE(s->LoadTestKeys(s->pst(), new_mac_keys_));
|
||||
ASSERT_NO_FATAL_FAILURE(s->UpdateUsageEntry(&encrypted_usage_header_));
|
||||
ASSERT_NO_FATAL_FAILURE(s->TestDecryptCTR());
|
||||
@@ -5353,10 +5353,10 @@ TEST_F(UsageTableTest, ReloadUsageTableWithSkew) {
|
||||
|
||||
// Reload the license, and save the header.
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// We will reuse the encrypted and signed message, so we don't call
|
||||
// FillSimpleMessage again.
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.UpdateUsageEntry(&encrypted_usage_header_));
|
||||
vector<uint8_t> old_usage_header_2_ = encrypted_usage_header_;
|
||||
@@ -5372,14 +5372,13 @@ TEST_F(UsageTableTest, ReloadUsageTableWithSkew) {
|
||||
OEMCrypto_LoadUsageTableHeader(NULL,
|
||||
old_usage_header_2_.size()));
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// Cannot load an entry with if header didn't load.
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_ERROR_UNKNOWN_FAILURE,
|
||||
OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(),
|
||||
&s.encrypted_usage_entry()[0],
|
||||
s.encrypted_usage_entry().size()));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
|
||||
// Modified header generates error.
|
||||
@@ -5389,14 +5388,13 @@ TEST_F(UsageTableTest, ReloadUsageTableWithSkew) {
|
||||
OEMCrypto_LoadUsageTableHeader(&bad_header[0],
|
||||
bad_header.size()));
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// Cannot load an entry with if header didn't load.
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_ERROR_UNKNOWN_FAILURE,
|
||||
OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(),
|
||||
&s.encrypted_usage_entry()[0],
|
||||
s.encrypted_usage_entry().size()));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
|
||||
// Old by 2 generation numbers is error.
|
||||
@@ -5404,14 +5402,13 @@ TEST_F(UsageTableTest, ReloadUsageTableWithSkew) {
|
||||
OEMCrypto_LoadUsageTableHeader(&old_usage_header_2_[0],
|
||||
old_usage_header_2_.size()));
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// Cannot load an entry with if header didn't load.
|
||||
ASSERT_NE(
|
||||
OEMCrypto_SUCCESS,
|
||||
OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(),
|
||||
&s.encrypted_usage_entry()[0],
|
||||
s.encrypted_usage_entry().size()));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
|
||||
// Old by 1 generation numbers is just warning.
|
||||
@@ -5420,12 +5417,12 @@ TEST_F(UsageTableTest, ReloadUsageTableWithSkew) {
|
||||
old_usage_header_1_.size()));
|
||||
// Everything else should still work. Skew by 1 is just a warning.
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_EQ(
|
||||
OEMCrypto_WARNING_GENERATION_SKEW,
|
||||
OEMCrypto_LoadUsageEntry(s.session_id(), s.usage_entry_number(),
|
||||
&s.encrypted_usage_entry()[0],
|
||||
s.encrypted_usage_entry().size()));
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, new_mac_keys_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.UpdateUsageEntry(&encrypted_usage_header_));
|
||||
ASSERT_NO_FATAL_FAILURE(s.close());
|
||||
@@ -5462,15 +5459,15 @@ TEST_F(UsageTableTest, TimingTest) {
|
||||
|
||||
sleep(kLongSleep);
|
||||
ASSERT_NO_FATAL_FAILURE(s1.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s1));
|
||||
ASSERT_NO_FATAL_FAILURE(s1.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s1));
|
||||
ASSERT_NO_FATAL_FAILURE(s1.LoadTestKeys(pst1, new_mac_keys_));
|
||||
time_t first_decrypt1 = time(NULL);
|
||||
ASSERT_NO_FATAL_FAILURE(s1.TestDecryptCTR());
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(s2.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2));
|
||||
ASSERT_NO_FATAL_FAILURE(s2.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2));
|
||||
ASSERT_NO_FATAL_FAILURE(s2.LoadTestKeys(pst2, new_mac_keys_));
|
||||
time_t first_decrypt2 = time(NULL);
|
||||
ASSERT_NO_FATAL_FAILURE(s2.TestDecryptCTR());
|
||||
@@ -5500,8 +5497,8 @@ TEST_F(UsageTableTest, TimingTest) {
|
||||
sleep(kLongSleep);
|
||||
time_t third_decrypt = time(NULL);
|
||||
ASSERT_NO_FATAL_FAILURE(s2.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2));
|
||||
ASSERT_NO_FATAL_FAILURE(s2.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s2));
|
||||
ASSERT_NO_FATAL_FAILURE(s2.LoadTestKeys(pst2, new_mac_keys_));
|
||||
ASSERT_NO_FATAL_FAILURE(s2.TestDecryptCTR());
|
||||
ASSERT_NO_FATAL_FAILURE(s2.UpdateUsageEntry(&encrypted_usage_header_));
|
||||
@@ -5628,10 +5625,10 @@ TEST_F(UsageTableTest, LoadSharedLicense) {
|
||||
ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// We will reuse the encrypted and signed message, so we don't call
|
||||
// FillSimpleMessage again.
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, true));
|
||||
|
||||
// The second set of keys are in the shared license. They will have the
|
||||
@@ -5658,8 +5655,8 @@ TEST_F(UsageTableTest, LoadSharedLicenseWithNoMaster) {
|
||||
ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
// This time, we do NOT load the master license. This should
|
||||
// generate an error below.
|
||||
// ASSERT_NO_FATAL_FAILURE(s.LoadTestKeys(pst, true));
|
||||
@@ -5694,8 +5691,8 @@ TEST_F(UsageTableTest, PSTLargeBuffer) {
|
||||
ASSERT_NO_FATAL_FAILURE(LoadOfflineLicense(s, pst));
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.ReloadUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestSessionKeys(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
s.LoadTestKeys(pst, new_mac_keys_)); // Reload the license
|
||||
ASSERT_NO_FATAL_FAILURE(s.TestDecryptCTR()); // Should be able to decrypt.
|
||||
|
||||
Reference in New Issue
Block a user