Vicky Min
f47c5bf05a
Refactor cast oemcrypto unit tests
...
Refactor the cast related oemcrypto unit tests into a separate file.
Bug: 253779846
Merged from https://widevine-internal-review.googlesource.com/176930
Change-Id: I937042f786d1cc973e186d76bd276cbc792dfc19
2024-02-01 13:40:50 -08:00
Vicky Min
5317ce1c63
Refactor generic crypto unit tests
...
Refactor the generic crypto oemcrypto unit tests into a separate file.
Bug: 253779846
Merged from https://widevine-internal-review.googlesource.com/176730
Change-Id: I343ee19ef979a9bedbc528a4533711a137ffb5e9
2024-02-01 13:40:50 -08:00
Vicky Min
51c57c9e11
Small refactoring changes
...
1) Move some provisioning unit tests into
oemcrypto_provisioning_test.cpp
2) Remove some test group comments
Bug: 253779846
Merged from https://widevine-internal-review.googlesource.com/176735
Change-Id: I3d02c23b63eb7949fbc6abf60a7dbe32086ef2c9
2024-02-01 13:40:50 -08:00
Matt Feddersen
4fa979b43d
Fix CastReceiver unit tests
...
Test: opk_ta, opk_ta_p40
Bug: 259454969
Merged from https://widevine-internal-review.googlesource.com/175370
Change-Id: I6cefe7fb85db539ecb066498b51525a04b8bbd51
2024-02-01 13:40:50 -08:00
Matt Feddersen
27421a9161
Add OEMCrypto tests for Cast prov 4 flow
...
Expected flow, which begins with a device that has already been
provisioned with Prov 4 stage 1:
1. OEMCrypto_InstallOEMPrivateKey()
2. OEMCrypto_GenerateCertificateKeyPair() -> wrapped_csr_priv
3. OEMCrypto_LoadDRMPrivateKey(wrapped_csr_priv)
4. OEMCrypto_PrepAndSignProvisioningRequest() to create a Prov 4
provisioning request message type with a CAST request in the
message body
5. Server sends a Prov 2 response. Server side derivation uses CSR keys
to derive session key, mac keys, and encryption keys.
6. OEMCrypto_DeriveKeysFromSessionKey(), same derivation as server side
7. OEMCrypto_LoadProvisioning(), use derived keys to verify + decrypt
The OEMCrypto_LoadDRMPrivateKey() step can happen before or after the
PrepAndSignProvisioningRequest() call.
Test: tests fail
Bug: 259452440
Merged from https://widevine-internal-review.googlesource.com/172310
Change-Id: Id5e6737b187339ec93e3d0d03c28e2b379d60747
2024-02-01 13:40:50 -08:00
Cong Lin
5a17d8ebd9
OEMCrypto_ReassociateEntitledKeySession() to check key policy
...
OEMCrypto_ReassociateEntitledKeySession() should prevent an entitled key
session from being associated to an arbitrary entitlement session.
Validations added/updated in this CL:
1. at least one entitled key is supposed to have matching entitlement
key in the new session;
2. the key control block in the new entitlement key should remain
unchanged compared to the existing entitlement key.
Updated OPK and ref/testbed implementations.
Test: jenkins/opk_ta, jenkins/run_fake_l1_tests
Bug: 262795590
Merged from https://widevine-internal-review.googlesource.com/171192
Change-Id: I3868aa0d3c5ffb818ed83b9c49313125803939e0
2024-02-01 13:40:49 -08:00
Cong Lin
ab7c39a450
OEMCrypto_ReassociateEntitledKeySession() to verify entitlement key IDs
...
OEMCrypto_ReassociateEntitledKeySession() should prevent an entitled key
session from being associated to an arbitrary entitlement session. The
target entitlement session is supposed to have all the entitlement keys
that the entitled key session uses.
Updated OPK and ref/testbed implementations.
Test: jenkins/opk_ta entitlement tests
Bug: 262795590
Merged from https://widevine-internal-review.googlesource.com/169774
Change-Id: I4322422f01f7094c3862f33ef3199ff3a44995b0
2024-02-01 13:40:49 -08:00
Ian Benz
b9d857649e
Add clang-tidy support for the OPK Linux port
...
Bug: 256230932
Change-Id: I4f46e285376101ff129c1fca5c80a259c70cc0c7
2024-02-01 13:40:49 -08:00
Vicky Min
269d1527cb
Filter keybox tests with GTEST_SKIP
...
Bug: 288404945, 251240681
Merged from https://widevine-internal-review.googlesource.com/183630
Merged from https://widevine-internal-review.googlesource.com/183730
Change-Id: I9f6a4045f9b554589e25338accecb0d338fad5ce
2024-02-01 13:40:49 -08:00
Fred Gylys-Colwell
981c7e97d9
Replace reference to SelectKey with GetKeyHandle in docs
...
Bug: 300514029
Merged from https://widevine-internal-review.googlesource.com/187930
Change-Id: I3134f9d12692dbd2916c576a872c79c87ad192fe
2024-01-30 16:09:41 -08:00
Vicky Min
a012466156
Use GTEST_SKIP for non keybox devices
...
Bug: 251240681
Merged from https://widevine-internal-review.googlesource.com/179090
Change-Id: I8c539bfbccde7f22fb732951a95715935935858f
2024-01-30 16:09:41 -08:00
Robert Shih
dd1c01c9dd
Merge cdm core changes into Android main
...
Merged commit:
- short link: go/wvgerrit/177661
hash: a3cd4bd
subject: Fix policy engine unittest issues from clang-tidy
submitted: 2023-07-06
Change-Id: I7f079fccdd2f296d51b08b0a7005a0bb7c930ccb
2024-01-30 16:04:12 -08:00
Robert Shih
cc8f885e2b
Merge oemcrypto fuzz tests into Android main
...
Change-Id: If7fb815fa6193ddfe9a94e925356cc177ae3bacc
2024-01-30 16:03:00 -08:00
Cong Lin
7277331f92
Update ODK version to 18.4 and unit tests
...
Test: odk tests, opk_ta, fake_l1_tests
Bug: 294440012
Merged from https://widevine-internal-review.googlesource.com/181150
Change-Id: Ia33962f9d244333b1ca17c9a64efc29de35db093
2024-01-29 12:40:11 -08:00
Fred Gylys-Colwell
06ad24bce0
Update ODK and test version to 18.3
...
PiperOrigin-RevId: 546349606
Merged from
https://widevine-internal-review.googlesource.com/178000
and
https://widevine-internal-review.googlesource.com/178061
Bug: 290252863
Change-Id: I0d6d9a0214d556ae39efe8a720df8ac60c1e67fb
2024-01-29 12:39:46 -08:00
Matt Feddersen
2e7c68440b
Bump OEMCrypto API to 18.2 to match ODK
...
Merged from https://widevine-internal-review.googlesource.com/170295
Change-Id: I9e9cc0c7c3296db71ac31518cf2d3d8608066686
2024-01-29 12:38:34 -08:00
Vicky Min
ff80927f90
Allow server to send license with larger ODK_MAX_NUM_KEYS
...
PiperOrigin-RevId: 538676411
Merged from https://widevine-internal-review.googlesource.com/175915
Change-Id: Iadef2115fe3f9001034223e647cbfa6228484281
2024-01-29 12:31:03 -08:00
Rahul Frias
0cd3d185c7
Cleanup vendor projects are proprietary.
...
[ Merge of http://go/ag/21276850 ]
Test: m droid dist
Merged from https://widevine-internal-review.googlesource.com/166674
Merged from https://widevine-internal-review.googlesource.com/167234
Change-Id: I0bdec38c4d12710fa97b91665d211ba6c0d4b24d
2024-01-26 17:39:30 -08:00
Ian Benz
14c5d6ee5f
Move internal fuzz target naming scheme to g3doc
...
Change-Id: I400b0a34c670673aba9dd347ec41060b4b23897a
2024-01-26 16:26:25 -08:00
Ian Benz
e19927f4bf
Update OEMCrypto fuzzing documentation
...
- Add details for triaging crashes and writing fuzz tests.
- Move internal documentation not needed by partners to g3doc.
- Remove infrastructure details covered in the design document.
Change-Id: Ib60b2bea954f4371595b0f891434e2274366fdd2
2024-01-26 16:26:23 -08:00
Ian Benz
9a24732f5b
Replace entitled key session fuzzer
...
Enable multiple OEMCrypto calls in arbitrary order, multiple OEMCrypto
sessions, and OEMCrypto_ReassociateEntitledKeySession fuzzing.
Merged from https://widevine-internal-review.googlesource.com/174990
Merged from https://widevine-internal-review.googlesource.com/178330
Change-Id: Ic1ac754c74bf0299c8c9f04ffdbfe82cf9f7569d
2024-01-26 16:25:06 -08:00
Ian Benz
79c809840e
Add OEMCrypto_QueryKeyControl fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/177111
Merged from https://widevine-internal-review.googlesource.com/177117
Change-Id: Iea28155a369f71557a32cc34da7bd328f78e2413
2024-01-26 16:21:38 -08:00
Ian Benz
078682a897
Simplify fuzz tests using LicenseWithUsageEntryFuzz
...
Merged from https://widevine-internal-review.googlesource.com/175060
Change-Id: I2f245ac998883e2a31cde361e30b36f00681262c
2024-01-26 16:21:25 -08:00
Ian Benz
5c5433a8d8
Update OEMCrypto_LoadLicense corpus for ODK_Packing_ParsedLicense
...
- Regenerate corpus files.
- Change nonce endianness.
Merged from https://widevine-internal-review.googlesource.com/177010
Change-Id: I5f288a054325097d6ea696cd755fc0557d0eadd1
2024-01-26 16:20:39 -08:00
Vicky Min
28e68a866b
Fix crash in wvoec::LicenseRoundTrip::InjectFuzzedResponseData
...
After the ODK_MAX_NUM_KEYS change, the core response is a pointer to an
array instead of an array. This check should ensure the index of the key
array can always be accessed.
Bug: 286531859
Change-Id: I44604eb977be722ef692de2b61e1f626266a42a7
2024-01-26 16:18:40 -08:00
Ian Benz
ed55c511a3
Add OEMCrypto_GenerateCertificateKeyPair second stage fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/176771
Change-Id: I8afee6636a44f46a573be5a94f6c12161b57eace
2024-01-26 15:27:29 -08:00
Ian Benz
4aa2bcde49
Fix OEMCrypto_LoadEntitledContentKeys fuzzer
...
- Pass entitled key session to OEMCrypto_LoadEntitledContentKeys.
- Refresh corpus files.
Merged from https://widevine-internal-review.googlesource.com/176750
Merged from https://widevine-internal-review.googlesource.com/176758
Change-Id: I7edb081933d37897e3b9d83dd00a627b5de64bc9
2024-01-26 15:26:46 -08:00
Ian Benz
3a05989920
Add OEMCrypto_GetDeviceSignedCsrPayload fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/175050
Change-Id: I28e4b1bc1f82deaf5644d0b2e31d916bf65365d3
2024-01-26 15:23:50 -08:00
Ian Benz
ea43147a08
Add OEMCrypto_GetDeviceInformation fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/174936
Change-Id: I79bbb8506a13d3142a8b323a7c67d0155973a3f4
2024-01-26 15:22:49 -08:00
Ian Benz
4f29280b3e
Remove unused OEMCrypto_GenerateSignature fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/174772
Merged from https://widevine-internal-review.googlesource.com/176633
Merged from https://widevine-internal-review.googlesource.com/176634
Merged from https://widevine-internal-review.googlesource.com/176670
Change-Id: I36438c102bfe68ff16eab3db301377e858f533c1
2024-01-26 15:21:21 -08:00
Ian Benz
09e6f1c60f
Add OEMCrypto_GetKeyHandle fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/174934
Change-Id: If44423ed51cc2ff10c1b471d39db962a653d8c14
2024-01-26 15:18:06 -08:00
Ian Benz
31a2f09792
Enable OEMCrypto_MoveEntry/ReuseUsageEntry fuzzers
...
Merged from https://widevine-internal-review.googlesource.com/174893
Change-Id: Ia46e74450bc20302edaf1c5e2bbde957a1d31c95
2024-01-26 15:17:45 -08:00
Ian Benz
8a4160bf8a
Add OEMCrypto_GetRandom fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/174771
Merged from https://widevine-internal-review.googlesource.com/174854
Change-Id: Ia654123bcbe8fa2e7daadaab79c1149ff3cde6b0
2024-01-26 15:17:36 -08:00
Ian Benz
76cf1cd985
Simplify and enable create and remove entitled key session fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/174851
Change-Id: Iebddae2412c66dbaf5bac042518aea58f9b0c315
2024-01-26 15:17:12 -08:00
Ian Benz
708670c98b
Simplify OEMCrypto_InstallOemPrivateKey fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/174890
Merged from https://widevine-internal-review.googlesource.com/174856
Change-Id: If863e4a8f739ca5645311d7f7b08e6aec4cc7aca
2024-01-26 15:16:55 -08:00
Ian Benz
75d4778531
Fix spelling mistake
...
Merged from https://widevine-internal-review.googlesource.com/172590
Merged from https://widevine-internal-review.googlesource.com/172610
Merged from https://widevine-internal-review.googlesource.com/172650
Merged from https://widevine-internal-review.googlesource.com/174011
Change-Id: I88cb66704509010fa2e0bee5d0f580173db6fdcd
2024-01-26 15:16:55 -08:00
Ian Benz
a66143bec4
Fix OEMCrypto_GenerateRSASignature fuzzer
...
Ensure OEMCrypto is in the correct state before invoking
OEMCrypto_GenerateRSASignature.
Merged from https://widevine-internal-review.googlesource.com/168857
Merged from https://widevine-internal-review.googlesource.com/172171
Merged from https://widevine-internal-review.googlesource.com/172410
Merged from https://widevine-internal-review.googlesource.com/173130
Change-Id: I774f59af8044939c5a9618de348f2120a834e043
2024-01-26 15:16:55 -08:00
Ian Benz
57b391c8b9
Fix bugs impacting fuzzing coverage
...
- Update ConvertDataToValidEnum to not use FuzzedDataProvider since it
causes unexpected parsing results.
- Add OEMCryptoLicenseAPIFuzz::LoadLicenseWithGenericCryptoKeys so that
generic crypto fuzz tests can load appropriate keys.
- Remove custom mutator from oemcrypto_generic_verify_fuzz because it
provides minimal additional coverage.
- Refresh affected corpus files.
Merged from https://widevine-internal-review.googlesource.com/168557
Merged from https://widevine-internal-review.googlesource.com/171191
Merged from https://widevine-internal-review.googlesource.com/172170
Merged from https://widevine-internal-review.googlesource.com/172250
Change-Id: Ie676a36cbf4c12bdda9566fad3590a7b69168d9c
2024-01-26 15:15:36 -08:00
Ian Benz
55ef762c08
Improve fuzzers with FuzzedDataProvider inputs
...
- Remove redundant input size checks handled by FuzzedDataProvider.
- Allow passing null when buffer size is used as an in/out parameter.
Merged from https://widevine-internal-review.googlesource.com/168637
Merged from https://widevine-internal-review.googlesource.com/171190
Merged from https://widevine-internal-review.googlesource.com/172090
Merged from https://widevine-internal-review.googlesource.com/172251
Change-Id: Ib5779ab969f646f306088b3d75d513e1f07a3886
2024-01-26 13:40:22 -08:00
Ian Benz
53fe55cb72
Clean up fuzz helper classes
...
- Remove OEMCrypto state changes hidden in constructors and destructors.
- Use composition instead of inheritance to structure classes.
- Avoid calling non-trivial destructors for objects with static
lifetime.
Merged from https://widevine-internal-review.googlesource.com/168497
Merged from https://widevine-internal-review.googlesource.com/171170
Merged from https://widevine-internal-review.googlesource.com/171171
Merged from https://widevine-internal-review.googlesource.com/171870
Change-Id: I20476a7b1132d11f011b8650ec01e3c2dc3fc0e8
2024-01-26 13:40:22 -08:00
Ian Benz
af070601b0
Add OEMCrypto_SetDecryptHash/GetHashErrorCode fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/169021
Merged from https://widevine-internal-review.googlesource.com/170030
Change-Id: I209d280b0478620197fc514966af3c93fc2272aa
2024-01-26 13:40:20 -08:00
Ian Benz
7b592f1990
Add OEMCrypto_GenerateCertificateKeyPair fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/168817
Merged from https://widevine-internal-review.googlesource.com/169915
Change-Id: If4d3f4cd2b028765072a14c74781e9750dc3e38b
2024-01-26 13:39:28 -08:00
Ian Benz
c0c349cd28
Fix OEMCrypto_LoadUsageEntry fuzzer
...
- Ensure OEMCrypto is in the correct state before invoking
OEMCrypto_LoadUsageEntry.
- Do not use FuzzedDataProvider to parse usage_entry_number since it
causes unexpected parsing results.
Merged from https://widevine-internal-review.googlesource.com/168859
Merged from https://widevine-internal-review.googlesource.com/169293
Merged from https://widevine-internal-review.googlesource.com/169970
Merged from https://widevine-internal-review.googlesource.com/170011
Change-Id: I6c3ddfe457facef9c9d0fc524fc3cf76aba90f64
2024-01-26 13:36:26 -08:00
Ian Benz
fb1f3af60f
Add OEMCrypto_GetBootCertificateChain fuzzer
...
Merged from https://widevine-internal-review.googlesource.com/168818
Merged from https://widevine-internal-review.googlesource.com/169890
Change-Id: I2530555a1cf94726c82511504e480b843b244c7b
2024-01-26 13:36:21 -08:00
Ian Benz
8a9b3c5c75
Fix OEMCrypto_LoadEntitledContentKeys fuzzer
...
- Create an entitled key session for OEMCrypto v17 and later.
- Refresh corpus files.
Merged from https://widevine-internal-review.googlesource.com/168897
Merged from https://widevine-internal-review.googlesource.com/169292
Change-Id: Ied9fce445a837e417077381de71d2834f385f120
2024-01-26 12:19:08 -08:00
Kyle Zhang
6b60fc3a76
Add property to check if user forces L3
...
[ Merge of go/wvgerrit/186611 ]
Android user can set the property using the developer option.
Bug: 301669353
Change-Id: I730b635f6cc28dfb0471c1d679627c94b9e16af1
2023-11-09 19:59:46 +00:00
Vicky Min
6d494fa76c
Filter RSA 3072 tests
...
Merge from Widevine repo of http://go/wvgerrit/169089
We want to transition to using GTEST_SKIP to skip unit tests instead of
modifying the GTEST_FILTER variable. This does so for tests that require
RSA 3072 support. Note: I think part of this CL got lost in
go/wvgerrit/167740, so this is adding the rest in.
Bug: 251240681
Merged from https://widevine-internal-review.googlesource.com/168237
Change-Id: I3002f705f7e3f4b38d0e5efef355e5c3f3529218
2023-03-28 20:30:22 +00:00
Vicky Min
0972c59fc0
Filter CAS tests
...
Merge from Widevine repo of http://go/wvgerrit/169080
We want to transition to using GTEST_SKIP to skip unit tests instead of
modifying the GTEST_FILTER variable. This does so for tests that require
CAS support.
Bug: 251240681
Merged from https://widevine-internal-review.googlesource.com/167739
Change-Id: Ifb971bf01e2c21fe672bbe4bfa15c797456256ef
2023-03-28 20:30:22 +00:00
Vicky Min
f83698a164
Refactor missed provisioning and renewal tests
...
Merge from Widevine repo of http://go/wvgerrit/169079
Bug: 253779846
Merged from https://widevine-internal-review.googlesource.com/167738
Change-Id: If8fc484f02fc1544977f1fb3a5fe1fa42d7367d7
2023-03-28 20:30:22 +00:00
Vicky Min
225a3e50ed
Use GTEST_SKIP to skip prov40 tests
...
Merge from Widevine repo of http://go/wvgerrit/169076
We want to transition to using GTEST_SKIP to skip unit tests instead of
modifying the GTEST_FILTER variable. This does so for provisioning 4.0
tests.
Bug: 251240681
Merged from https://widevine-internal-review.googlesource.com/167497
Change-Id: I65a879fba24b199bd115980bdd556c123fcc1cdc
2023-03-28 20:30:22 +00:00
