widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7496c1c84c65c076601c2224f4cda34e8cca6895
android/libwvdrmengine/test/java/FullDecryptPathTesting/README.md
Fred Gylys-Colwell ea539673a4 FDPT: Full Decrypt Path Testing Application 
Cherry pick of http://go/ag/9326830

This is a merge of the full decrypt path testing CLs from the Widevine
repo: http://go/wvgerrit/q/topic:FDPT-subsamples

This is the Full Decrypt Path Testing application that can be used by
device makers to verify that OEMCrypto is correctly decrypting content
to secure buffers.

Testing: Ran App.
Bug: 113594822

Change-Id: Icbb1e2f2e762bac3cc1b7b20749922c14ea24449
2019-10-28 14:57:22 -07:00

3.3 KiB
Raw Blame History

Full Decrypt Path Testing Application

Released August, 2019.

This is the Full Decrypt Path Testing application. The application is used to test the full decrypt path of OEMCrypto.

The app computes a hash of a clear frame, encrypts the frame, and sends both to OEMCrypto. OEMCrypto should decrypt, compute a hash, and then verify the hash. The app will display any errors in the hash.

Getting Started

If OEMCrypto on the device supports CRC32 hash, then the application should work "out of the box". Install it using adb install FullDecryptPathTesting.apk

To start a batch of tests, click on the "Start" button. The device needs to be connected to WiFi to fetch a license. Once the license is installed, it should cycle through a set of predefined tests and a bunch of random tests. The video surface should display a single frame, which is the FDPT logo.

Press the "Clear" button to clear the logs if you want to run the tests again.

Settings

To change which test to run, click on the "Setup" button. The default settings run two of the four standard modes, "cenc" and "cbcs" with 5000 randomly generated tests for each mode.

Running on a production device

This application is intended to test decryption on a device running the full Android stack. However, most Level 1 OEMCrypto implementations will not support the decrypt hash feature on a production device. The feature will be optimized out on production devices. For this reason, it should not be suprising if no tests run when the settings for "Use Level 1" and "Use Secure Buffer" are set to true.

Running the application from adb

The settings filed are stored on the device in the shared preferences directory. You can pull the XML file from the device, edit it, and push it back to the device:

DIR=/data/data/com.google.widevine.fulldecryptpathtesting/shared_prefs
FILE=com.google.widevine.fulldecryptpathtesting_preferences.xml
adb pull $DIR/$FILE

Now edit the xml file on your host computer. You can then push the file back to the directory. You might have to force-stop the application first, to force the preferences to be read again.

adb shell am force-stop com.google.widevine.fulldecryptpathtesting
adb push $FILE $DIR/$FILE

Now that the settings have been updated, you can start the application from the command line:

adb shell am start -n "com.google.widevine.fulldecryptpathtesting/.MainActivity" \
           -d "start"

Repeatable Tests

If you want to re-run a test with the exact same test cases, you may change the random seed in the settings. Each run prints the random seed that it uses in the logcat. If you don't set the seed, the application picks a random seed using a secure random number generator.

Source Code

The app builds with Android Studio.

Vendors who wish to supply their own hashing function instead of using CRC32 should edit the file HashGenerator.java or the C++ file native-lib.cpp.

BUILD ERRORS: If you see the error below you might not have CMake installed.

>>    * What went wrong:
>>    A problem occurred configuring project ':mobile'.
>>    > java.lang.NullPointerException (no error message)

Because the app includes native code written in C++, it requires CMake. From the tools menu, select Android and Android SDK Manager. On the tab "SDK Tools", make sure that Cmake is selected.