Disable one oemcrypto v18 unit test which takes nlohmann-json dependency
for now, until the json dependency is fixed.
Test: build widevine and oemcrypto unit tests
Bug: 263397641
Change-Id: I065b28a81cc481b2b64bda27733640e0fdea0c2c
No-Typo-Check: From a third party header file
Bug: 260918793
Test: unit tests
Test: atp v2/widevine-eng/drm_compliance
Change-Id: I36effd6a10a99bdb2399ab1f4a0fad026d607c70
[ Merge of http://go/wvgerrit/153669 ]
The oemcrypto_decrypt_cenc_fuzz fuzz test found a null reference error.
This adds a check to ensure that the input_buffer vector used for the
sample descriptions is not empty before attempting to access it.
Bug: 192310854
Bug: 236317198
Change-Id: If3909b01d3bc19434bbd5b6b77e7cd76182b2bdf
[ Merge of http://go/wvgerrit/153121 ]
`run_oemcrypto_fuzz_tests` script was disabled while OPK was
transitioning between v16 and v17. Now that OPK is v17, the
fuzz tests can be re-enabled.
Some targets could not be built due to a missing header file.
`oemcrypto/ref/src/cppbor.cpp` was updated to include the missing
header.
Bug: 235414753
Bug: 229160033
Bug: 236317198
Test: run_oemcrypto_fuzz_tests
Change-Id: Ieeebae1f6d84c5735a669d44ea45875675fdb5a3
[ Merge of http://go/wvgerrit/153589 ]
Some unit tests call InstallTestRSAKey() a few times. In current
provision 2 with Keybox, the test RSA DRM key is hard coded. But for
provision 4, it will be generated by OEMCrypto.
When a test calls multiple times of InstallTestRSAKey(), we don't want
the key to be generated during each call, and we want to use the same
key in order for the decrytion to work.
The fix to cache the drm key once it is created for prov 4 tests.
Bug: 180530495
Bug: 236317198
Test: oemcrypto_test
Change-Id: I1b2d96a89e0619861492e6d9bc56862e2c440c86
[ Merge of http://go/wvgerrit/150349 ]
The device id for prov4 is hash of the encoded device public key
(COSE_key).
Also replaced a few bug numbers if it is prov3 specific (not related to prov4).
Bug: 225216277
Bug: 236317198
Test: oemcrypto_test
Change-Id: Ica1c8579c0a3ef83c70f331283c9cce629c6bb3f
[ Merge of http://go/wvgerrit/149849 ]
With ECC based DRM cert, the session key is expected to be 32, as
compared to 16 bytes in RSA case. This CL adds supports for 32 bytes
session key.
Bug: 236317198
Test: oemcrypto_test
Change-Id: I657fdd92d17736a23375ddcd457f83efa6ca6d1f
This is a merge from:
https://widevine-internal-review.googlesource.com/c/cdm/+/152897
and http://go/wvgerrit/153709
Adding a new OEMCrypto unit test will allow partners to correct a
problem earlier in their integration.
Verifies current oemcrypto implementation handles clear KCB in a
mocked 16.4 license response.
Unit test release date updated to 2022-06-17.
Test: run_x86_64_tests; opk_ta
Bug: 235870170
Bug: 234645065
Change-Id: I59fef2c25f5c007624447d4f46147d96adeddad9
[ Merge of http://go/wvgerrit/147275 ]
Swapped out use of OpenSSL/BoringSSL RSA and EC_KEY to use OEMCrypto
reference utility classes RsaPublicKey/EccPublicKey. This enables
further test development with ECC keys, and removes duplicate OpenSSL/
BoringSSL code.
For Android makefiles, only the minimally required files have been
added.
Bug: 205902021
Bug: 236317198
Test: run_prov30_test run_prov40_test oemcrypto_test
Change-Id: I64491018e8ffb69bf986083e3aae446eb9e5cf39
[ Merge of http://go/wvgerrit/150789 ]
We had two copies of the wvcrc32.h and wvcrc.cpp files: One in
oemcrypto/util/ and one in oemcrypto/test/. The two were identical
except for the namespaces used. However, this setup created confusion if
the compiler could see both files, as the wrong one could get included.
This patch removes the set from test/ in favor of the more-widely-used
set from util/ and updates the one piece of code using the old
namespace.
Update Android oemcrypto_test makefile for wvcrc32.
[ Merge of http://go/wvgerrit/153657 ]
Duplicated wvcrc files were removed in http://go/wvgerrit/150632,
however, the Android-specific makefile for oemcrypto_test was not
updated with the new source and include directory. This CL makes
the necessary changes to the makefile to build with the OEC ref util
version of wvcrc32.
Bug: 229160397
Bug: 236317198
Test: oemcrypto_test
Change-Id: I0b53255122172fb514e7e0602b59f3ab704e52da
[ Merge of http://go/wvgerrit/151191 ]
Within the CDM and OEMCrypto tests, there were a few OEMCrypto function
calls where the final size of the output buffers were not being
resized. For several of these functions, an initial call is made with
zero-length output buffers, expecting OEMCrypto to return
ERROR_SHORT_BUFFER; followed by a call with buffers at least as large
as specified by OEMCrypto. However, for some operations, OEMCrypto
makes an estimate on the final size on the first call, specifying the
exact size only after performing the operations.
This is the case for the wrapped key returned by
OEMCrypto_LoadProvisioning(). The provisioning response contains a
padded + encrypted DRM key. OEMCrypto does not know the actual size
of the key until decrypted, and the actual DRM key might be smaller.
There was a OEMCrypto test for OEMCrypto_BuildInformation() which
was enforcing the wrong behaviour. This has been updated.
Bug: 230661565
Test: oemcrypto_test
Change-Id: Iad297d56ffbb085894641fdf8698ce5fd18edbf2
In TestLoadLicenseForOutOfRangeSubStringOffSetAndLengths(),
LoadResponse() should be called after EncryptAndSignResponse() so this
is moved in this CL.
Bug: 231368221
Test: OEMCryptoMemoryLoadLicense tests
Change-Id: I7a0224afb21c3ab1d896ce3cfb64e1ad544a581a
Merge from Widevine repo of http://go/wvgerrit/151254
Test: Ran tests on reference oemcrypto
Bug: 228996670
Change-Id: I6ea69bad49fa2d4272fc8bb02895c17f314c7f49
Merge from Widevine repo of http://go/wvgerrit/151253
This updates the OEMCrypto unit test filters to remove
CasOnly tests if the device does not implement the cas
function OEMCrypto_LoadCasECMKeys.
Test: unit tests on Luci
Bug: 221256887
Change-Id: I7026c4318153ada1d85055704e87b2cef397ffca
[ Merge of http://go/wvgerrit/149469 ]
Created a new test for stressing OEMCrypto's ability to generate
OTA Keybox provisioning requests. This forces the TA to retrieve
keys from KM, generate certificate and sign the request. This is
intended to find any unexpected system degradation within the
device's TA(s).
Bug: 227542259
Test: oemcrypto_test
Change-Id: Ib34f2f801a7fe74ca67aa0a16f68f9ae326de24e
[ Merge of http://go/wvgerrit/148157 ]
Fail the test if the returned type is other values.
Bug: 224375138
Test: GtsMediaDrmTests
Change-Id: I4abad9d69865cac99654d3dedd443463dd728a58
* changes:
Change the signature format requirement of OEMCrypto_GenerateCertificateKeyPair
Fix EnsureProvisioned for double provisioning
Update fuzz tests to match output desriptor struct
Use default url to inform app of prov40 stages
Fix key_control_iv in OEMCrypto tests
Fix jenkins/opk_optee after v17 merge
Remove old test license holder
Generic crypto tests: use license holder
Reboot tests: verify offline license is valid after reboot
Policy integration tests: use license holder
Integration tests: add license holder
Reboot test: Initialize fake clock
Reboot test: save large files
Test max number of DRM private keys
Merge oemcrypto-v17 to master
Update cipher mode elsewhere
Fix 1 ClangTidyBuild finding:
Add out of bounds testing for LoadKeys()
Separate invalid session test for ReuseUsageEntry
[ Merge of http://go/wvgerrit/147110 ]
The OEMCrypto_DestBufferDesc had fields address/address_length renamed
to clear_buffer/clear_buffer_length in v17. However this was not updated
for the fuzz tests thus causing some code coverage errors. This should
fix those errors.
Merged from https://widevine-internal-review.googlesource.com/146889
Bug: 220946359, 220946990
Test: GtsMediaTestCases on sunfish
Change-Id: I2837de2f79c0e731d072e3712d6b769df17a1c7e
[ Merge of http://go/wvgerrit/145989 ]
The key_control_iv field is used with an encrypted KCB. With v17, the
KCB is in the clear and this field should have a length of 0. This
updates the tests to set the field correctly.
Bug: 224375138
Test: GtsMediaTestCases on sunfish
Change-Id: I2973bc064705557c878bb1fe943e5fde92977dcc
[ Merge of http://go/wvgerrit/143909 ]
The max. number of DRM keys that can be loaded depends on the resource
rating.
Add a test to verify:
1. We can load up to MAX. drm keys
2. Loading the MAX+1 key can fail
3. The loaded keys should work even if loading other keys failed
Bug: 209084113
Test: opk_ta, run_x86_64_tests, run_level3_static_tests,
run_fake_l1_tests
Test: GtsMediaTestCases on sunfish
Change-Id: Ib9821e8a1994d41d3e9c2063440c109a2332ba89
[ Merge of http://go/wvgerrit/144696 ]
In v17,
OEMCrypto_CipherMode_CTR renamed to OEMCrypto_CipherMode_CENC
OEMCrypto_CipherMode_CBC renamed to OEMCrypto_CipherMode_CBCS
Bug: 224375138
Test: GtsMediaTestCases on sunfish
Change-Id: I2d96e9c6d22a9d9e2fbbd15a8aea3f2d5dac6dcb
[ Merge of http://go/wvgerrit/146249 ]
Update the OEMCryptoMemoryLoadLicense* tests so they cover LoadKeys()
for v15 and prior and LoadLicense() for v16 and later versions.
Merged from https://widevine-internal-review.googlesource.com/145951
Bug: 190749256
Test: GtsMediaTestCases on sunfish
Change-Id: If90f7afd82819375f52a2fe619675bf0c4c4dd3a
[ Merge of http://go/wvgerrit/144729 ]
Since OEMCrypto_ReuseUsageEntry() was introduced in v17, splitting the
test case for an invalid session from the other usage entry methods
since they were implemented in v15/16 as well.
Bug: 216193739
Test: GtsMediaTestCases on a sunfish
Change-Id: I7f4399c07a19227495a15807228b930066f6a794
Merged from http://go/wvgerrit/147689
The default is to build for AIDL Widevine service.
Use "-t hidl" in build_and_run_all_unit_tests.sh or
build_all_unit_tests.sh to build for HIDL service.
Test: ./build_all_unit_tests -t hidl
Test: ./build_and_run_all_unit_tests -t hidl
Test: ./build_all_unit_tests
Test: ./build_and_run_all_unit_tests
Bug: 217247987
Change-Id: Ie7c51033f4aba341c829ccc8f846a6cfeab76df3
The interface is defined in
hardware/interfaces/drm/aidl(http://go/ag/15329852).
Test: build
m android.hardware.drm-service.widevine -j128
Test: build_and_run_all_unit_tests.sh
for hidl tests
Test: atest VtsAidlHalDrmTargetTest
Bug: 200055138
Bug: 170964303
Change-Id: If2f2a129914436ba5cef1c46f6cb9415e12c3d1c
(This is a merge of http://go/wvgerrit/140850.)
This patch fixes a number of minor issues in the codebase (mostly
instances of 0-as-nullptr, but also some member shadowing and a missing
override) that were being hidden by the fact that depending on Protobuf
disables these diagnostics. And which will be unhidden when a later
patch removes that behavior from Protobuf.
Bug: 208304830
Test: x86-64
Change-Id: I4b0b1264748880b3726a6388d589868d898f949e
(This is a merge of http://go/wvgerrit/139630.)
This patch fixes a few places that were using NULL or 0 instead of
nullptr.
Bug: 207702482
Test: x86-64 build
Change-Id: I10e19febebd093fe4445208a082216002d9a4482
(This is a merge of http://go/wvgerrit/134316.)
This patch fixes code that would trigger -Wshorten-64-to-32 by
implicitly narrowing a variable from 64 to 32 bits. Most of the time, it
does this by making the implicit conversion explicit. Occasionally,
where it makes sense, it does this by expanding the code to operate on a
64-bit value.
This patch removes LicenseKeysTest::NumContentKeys(), which no one was
using, as all the tests access content_key_count_ directly.
Bug: 194971260
Test: x86-64
Change-Id: Iae7685c10b9db989253b349cab693728b438798d
(This is a merge of http://go/wvgerrit/133650.)
Several places in the OEMCrypto tests refer to entitled keys as
entitlement keys. This patch fixes those references. It does not change
places that were actually meant to refer to entitlement keys.
Test: x86-64 platform tests
Bug: 203697187
Change-Id: I2ad2d82a666fd0cc08662e39177313cf36c2ad43
