widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Source release v3.4.1

Browse Source
This commit is contained in:
Gene Morgan
2017-09-01 14:17:56 -07:00
parent 8082775924
commit 183aacf0a3
50 changed files with 1508 additions and 2342 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
oemcrypto/include/OEMCryptoCENC.h
View File

@@ -1626,7 +1626,7 @@ OEMCryptoResult OEMCrypto_GetRandom(uint8_t* randomData, size_t dataLength);
*
* Parameters:
* session (in) - crypto session identifier.
* nonce (in) - The nonce provided in the provisioning response.
* unaligned_nonce (in) - The nonce provided in the provisioning response.
* encrypted_message_key (in) - message_key encrypted by private key
* - from OEM cert.
* encrypted_message_key_length (in) - length of encrypted_message_key in
@@ -1669,7 +1669,7 @@ OEMCryptoResult OEMCrypto_GetRandom(uint8_t* randomData, size_t dataLength);
* This method is new in API version 12.
*/
OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(
OEMCrypto_SESSION session, const uint32_t* nonce,
OEMCrypto_SESSION session, const uint32_t* unaligned_nonce,
const uint8_t* encrypted_message_key, size_t encrypted_message_key_length,
const uint8_t* enc_rsa_key, size_t enc_rsa_key_length,
const uint8_t* enc_rsa_key_iv, uint8_t* wrapped_rsa_key,
@@ -1759,7 +1759,7 @@ OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(
* - signature for message, received from the
* - provisioning server.
* signature_length (in) - length of the signature, in bytes.
* nonce (in) - The nonce provided in the provisioning response.
* unaligned_nonce (in) - The nonce provided in the provisioning response.
* enc_rsa_key (in) - Encrypted device private RSA key received from
* - the provisioning server. Format is PKCS#8
* - binary DER encoded, encrypted with the derived
@@ -1800,10 +1800,10 @@ OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(
OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey(
OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
const uint8_t* signature, size_t signature_length, const uint32_t* nonce,
const uint8_t* enc_rsa_key, size_t enc_rsa_key_length,
const uint8_t* enc_rsa_key_iv, uint8_t* wrapped_rsa_key,
size_t* wrapped_rsa_key_length);
const uint8_t* signature, size_t signature_length,
const uint32_t* unaligned_nonce, const uint8_t* enc_rsa_key,
size_t enc_rsa_key_length, const uint8_t* enc_rsa_key_iv,
uint8_t* wrapped_rsa_key, size_t* wrapped_rsa_key_length);
/*
* OEMCrypto_LoadDeviceRSAKey

1
oemcrypto/test/oec_session_util.h
View File

@@ -282,6 +282,7 @@ class Session {
// The current number of keys to use in the license(), encrypted_license()
// and key_array().
int num_keys() const { return num_keys_; }
size_t key_array_size() const { return num_keys_; }
// Set the size of the buffer used the encrypted license.
// Must be between sizeof(MessageData) and kMaxMessageSize.

67
oemcrypto/test/oemcrypto_test.cpp
View File

@@ -937,7 +937,7 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange1) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
&mac_keys[0], // Not pointing into buffer.
s.num_keys(), s.key_array(), NULL, 0);
s.key_array_size(), s.key_array(), NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -955,7 +955,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange2) {
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(),
&mac_key_iv[0], // bad.
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -973,7 +974,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange3) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -992,7 +994,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange4) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1009,7 +1012,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange5) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1028,7 +1032,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange6) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1047,7 +1052,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadRange7) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1062,7 +1068,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadNonce) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1087,7 +1094,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithRepeatNonce) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1102,7 +1110,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeyWithBadVerification) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1136,7 +1145,8 @@ TEST_P(SessionTestAlternateVerification, LoadKeys) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
// If this is a future API, then LoadKeys should fail.
if (global_features.api_version < target_api_) {
ASSERT_NE(OEMCrypto_SUCCESS, sts);
@@ -1162,7 +1172,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeysBadSignature) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1175,7 +1186,8 @@ TEST_F(OEMCryptoSessionTests, LoadKeysWithNoDerivedKeys) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
}
@@ -1247,7 +1259,8 @@ TEST_F(OEMCryptoSessionTests, AntiRollbackHardwareRequired) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
if (OEMCrypto_IsAntiRollbackHwPresent()) {
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
} else {
@@ -1270,7 +1283,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.encrypted_license().mac_keys, s.key_array_size(),
s.key_array(), NULL, 0));
}
if (patch_level < 0x3F) {
@@ -1286,7 +1299,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.encrypted_license().mac_keys, s.key_array_size(),
s.key_array(), NULL, 0));
}
if (patch_level > 0) {
@@ -1302,7 +1315,7 @@ TEST_F(OEMCryptoSessionTests, CheckMinimumPatchLevel) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.encrypted_license().mac_keys, s.key_array_size(),
s.key_array(), NULL, 0));
}
}
@@ -4457,7 +4470,7 @@ TEST_F(UsageTableTest, RepeatOnlineLicense) {
OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.encrypted_license().mac_keys, s.key_array_size(),
s.key_array(), pst_ptr, pst.length()));
ASSERT_NO_FATAL_FAILURE(s2.close());
}
@@ -4475,7 +4488,8 @@ TEST_F(UsageTableTest, OnlineEmptyPST) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -5160,7 +5174,7 @@ TEST_P(UsageTableTestWithMAC, BadReloadOfflineLicense) {
OEMCrypto_LoadKeys(s2.session_id(), s2.message_ptr(), s2.message_size(),
&s2.signature()[0], s2.signature().size(),
s2.encrypted_license().mac_key_iv,
s2.encrypted_license().mac_keys, s.num_keys(),
s2.encrypted_license().mac_keys, s.key_array_size(),
s2.key_array(), pst_ptr, pst.length()));
ASSERT_NO_FATAL_FAILURE(s2.close());
@@ -5186,8 +5200,8 @@ TEST_P(UsageTableTestWithMAC, OfflineBadNonce) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), pst_ptr,
pst.length());
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
pst_ptr, pst.length());
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -5204,7 +5218,8 @@ TEST_P(UsageTableTestWithMAC, OfflineEmptyPST) {
OEMCryptoResult sts = OEMCrypto_LoadKeys(
s.session_id(), s.message_ptr(), s.message_size(), &s.signature()[0],
s.signature().size(), s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(), s.key_array(), NULL, 0);
s.encrypted_license().mac_keys, s.key_array_size(), s.key_array(),
NULL, 0);
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(s.close());
}
@@ -5241,7 +5256,7 @@ TEST_P(UsageTableTestWithMAC, DeactivateOfflineLicense) {
OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.encrypted_license().mac_keys, s.key_array_size(),
s.key_array(), pst_ptr, pst.length()));
// But we can still generate a report.
Session s3;
@@ -5265,7 +5280,7 @@ TEST_P(UsageTableTestWithMAC, BadRange) {
OEMCrypto_LoadKeys(s.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.encrypted_license().mac_keys, s.key_array_size(),
s.key_array(), pst_ptr, pst.length()));
}
@@ -5531,7 +5546,7 @@ TEST_F(UsageTableTest, PSTLargeBuffer) {
OEMCrypto_LoadKeys(s2.session_id(), s.message_ptr(), s.message_size(),
&s.signature()[0], s.signature().size(),
s.encrypted_license().mac_key_iv,
s.encrypted_license().mac_keys, s.num_keys(),
s.encrypted_license().mac_keys, s.key_array_size(),
s.key_array(), pst_ptr, pst.length()));
// But we can still generate a report.
Session s3;