The extra call to OEMCrypto_GenerateNonce is not needed. And it would
also lead to failure when the fuzzers are linked with the OPK
serialization layer.
Bug: 324666282
Change-Id: I43941fd5ee1f15f7106e6f0be2b65dce206225cf
The output_descriptor parameter of OEMCrypto_FreeSecureBuffer should be
marked as [in,out].
Bug: 321346771
Change-Id: I4ba1a7f0b0f12a068d655a0d0b8b43a0818980dc
This CL is created as a best effort to migrate test targets
to the new android ownership model. If you find incorrect or unnecessary
attribution in this CL, please create a separate CL to fix that.
For more details please refer to the link below,
<add g3 doc link>
Bug: 304529413
Test: N/A
Change-Id: I204c137da43a021bcebe316759d1aadaec99fe2a
- Initialize allowed_schemes_ since it is used by CreateDefaultResponse.
- Issue was detected by Coverity.
Change-Id: I368c4773f6316b65196aaa39e23e70717299c570
OEMCrypto_ERROR_INVALID_RSA_KEY is deprecated in v17. But
v16 oemcrypto can still return it. Unit test should allow
this error for now.
Test: run_dynamic_oemcrypto_v16.4, run_dynamic_oemcrypto_v16.3
Bug: 307668988
Change-Id: I950b62c8b3e02ea09d4795839a3d69573ab718aa
This CL adds unit tests to verify that the following
forbidden uses of an RSA private key do not work:
- ForbidPrepAndSign -- A cast cert key cannot sign a license
request.
- ForbidUseAsDRMCert -- A cast cert cannot be used with the
DRM cert's padding scheme and it cannot be used to derive
keys from a session key.
- *ForbidRSASignatureForDRMKey* -- A DRM cert key cannot be
used with GenerateRSASignature.
- *OEMCertForbidGenerateRSASignature* -- An OEM cert key
cannot be used with GenerateRSASignature.
Bug: 251875110
Change-Id: Ic2b23e3fd279e878c190a8294078a8d092126a29
This tool will soon be used in LUCI tests. It seemed necessary to
clean it up to make the build cop's job easier if there is a problem.
The following was completed:
* Removed stub for install XML based keyboxes
* This is handled externally
* Improved error checking
* Replace C-style prints with C++ styled prints
* Keybox information is still printed to stdout
* Major erros are printed to stderr
* Updated to follow Google style guide
* Fixed header includes
* Removed unused headers
* Added headers that are used, but were included indirectly
* Ensures OEMCrypto_Terminate() is called
* Particularly if there is an error encountered.
Bug: 299108238
Test: Tested in later CL
Change-Id: Ie6dafc44d050d0c6ae288f88cd5d6f3737d4a88c
The unit test helper function LoadWithAllowedSchemes should
only be used to load a Cast Certificate. So it has been
renamed to make that clear.
The only unit test that used the old function with the
non-cast padding scheme has been removed. A replacement will
be added in the next CL of the chain.
Change-Id: Id4aa2f420435baff664324ee4b3dcb74ab9ffe8a
There was some confusion about which tests loaded a cert and
which ones just used a cert. This distinction is important
when testing devices with a baked-in-cert.
Merged from https://widevine-internal-review.googlesource.com/183333
Change-Id: I3c2b119c3355b3a9190799637ff0860b6153b35b
This adds an install keybox tool to the OEMCrypto unit test
directory. It is built when we build the OPK w/linux IPC.
This CL also adds some scripts to use this tool when running
the OPK Linux TA, and then runs the standard tests.
Bug: 295371549
Change-Id: I11e59faa3b24d906f573bcd3f4855e73a4aa5fdf
Adds a new `cas` directory to the ports/linux project. This contains
an end-to-end demo of OEMCrypto CAS functionality, using the Linux
tee_simulator as a base.
Test: from ports/linux/cas dir: `CDM_DIR=~/work/cdm-dupe ./scripts/build.sh && CDM_DIR=~/work/cdm-dupe ./scripts/run.sh`
Merged from https://widevine-internal-review.googlesource.com/178250
Change-Id: I781b403100ad2e069d99650d9ddae8e7acbc309a
We want to transition to using GTEST_SKIP to skip unit tests instead of
modifying the GTEST_FILTER variable. This does so for tests that require
RSA 3072 support.
Bug: 251240681
Change-Id: I048d31e25316d621771efb5d472f651bff40bf75
Changes the OPK session state machine to allow API_MOVEENTRY in
the same circumstances as API_CREATENEWUSAGEENTRY. Adds a test
to trigger the same situation as the linked bug.
The test cases in the bug fail because OEMCrypto_MoveEntry() is
called immediately after OEMCrypto_CreateNewUsageEntry(), but the
session state machine has different filters for the two calls.
Furthermore, OEMCrypto_CreateNewUsageEntry() doesn't change the
state machine, so we should align the two filters to allow
OEMCrypto_MoveEntry() to be called immediately after
OEMCrypto_CreateNewUsageEntry() in all situations where
OEMCrypto_CreateNewUsageEntry() is allowed.
The existing OEMCrypto defrag tests did not catch this edge case
because the test helper functions always do something to modify the
state machine after calling OEMCrypto_CreateNewUsageEntry().
Test: OEMCryptoUsageTableDefragTest.MakeAndMoveEntry
Bug: 286938572
Merged from https://widevine-internal-review.googlesource.com/178013
(cherry picked from commit a87d66ccb7b2fc5f549142e64a7e45531dd95db6)
Change-Id: I8a8465b2b7479effe4055a014bc94b166178a693
1) Move some provisioning unit tests into
oemcrypto_provisioning_test.cpp
2) Remove some test group comments
Bug: 253779846
Merged from https://widevine-internal-review.googlesource.com/176735
Change-Id: I3d02c23b63eb7949fbc6abf60a7dbe32086ef2c9
Expected flow, which begins with a device that has already been
provisioned with Prov 4 stage 1:
1. OEMCrypto_InstallOEMPrivateKey()
2. OEMCrypto_GenerateCertificateKeyPair() -> wrapped_csr_priv
3. OEMCrypto_LoadDRMPrivateKey(wrapped_csr_priv)
4. OEMCrypto_PrepAndSignProvisioningRequest() to create a Prov 4
provisioning request message type with a CAST request in the
message body
5. Server sends a Prov 2 response. Server side derivation uses CSR keys
to derive session key, mac keys, and encryption keys.
6. OEMCrypto_DeriveKeysFromSessionKey(), same derivation as server side
7. OEMCrypto_LoadProvisioning(), use derived keys to verify + decrypt
The OEMCrypto_LoadDRMPrivateKey() step can happen before or after the
PrepAndSignProvisioningRequest() call.
Test: tests fail
Bug: 259452440
Merged from https://widevine-internal-review.googlesource.com/172310
Change-Id: Id5e6737b187339ec93e3d0d03c28e2b379d60747
OEMCrypto_ReassociateEntitledKeySession() should prevent an entitled key
session from being associated to an arbitrary entitlement session.
Validations added/updated in this CL:
1. at least one entitled key is supposed to have matching entitlement
key in the new session;
2. the key control block in the new entitlement key should remain
unchanged compared to the existing entitlement key.
Updated OPK and ref/testbed implementations.
Test: jenkins/opk_ta, jenkins/run_fake_l1_tests
Bug: 262795590
Merged from https://widevine-internal-review.googlesource.com/171192
Change-Id: I3868aa0d3c5ffb818ed83b9c49313125803939e0
