Source release 15.3.0

2020-02-11 14:22:17 -08:00
parent 2990f23065
commit 1ff9f8588a
29 changed files with 534 additions and 153 deletions
--- a/oemcrypto/test/oec_session_util.cpp
+++ b/oemcrypto/test/oec_session_util.cpp
@@ -823,13 +823,12 @@ void Session::EncryptCTR(const vector<uint8_t>& in_buffer, const uint8_t* key,

 void Session::TestDecryptCTR(bool select_key_first,
                             OEMCryptoResult expected_result, int key_index) {
-  OEMCryptoResult sts;
+  OEMCryptoResult select_result = OEMCrypto_SUCCESS;
  if (select_key_first) {
    // Select the key (from FillSimpleMessage)
-    sts = OEMCrypto_SelectKey(session_id(), license_.keys[key_index].key_id,
-                              license_.keys[key_index].key_id_length,
-                              OEMCrypto_CipherMode_CTR);
-    ASSERT_EQ(OEMCrypto_SUCCESS, sts);
+    select_result = OEMCrypto_SelectKey(
+        session_id(), license_.keys[key_index].key_id,
+        license_.keys[key_index].key_id_length, OEMCrypto_CipherMode_CTR);
  }

  vector<uint8_t> unencryptedData(256);
@@ -853,38 +852,42 @@ void Session::TestDecryptCTR(bool select_key_first,
  pattern.skip = 0;
  pattern.offset = 0;
  // Decrypt the data
-  sts = OEMCrypto_DecryptCENC(
+  const OEMCryptoResult decrypt_result = OEMCrypto_DecryptCENC(
      session_id(), encryptedData.data(), encryptedData.size(), true,
      encryptionIv.data(), 0, &destBuffer, &pattern,
      OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample);
  // We only have a few errors that we test are reported.
+  ASSERT_NO_FATAL_FAILURE(
+      TestDecryptResult(expected_result, select_result, decrypt_result))
+      << "Either SelectKey or DecryptCENC should return " << expected_result
+      << ", but they returned " << select_result << " and " << decrypt_result
+      << ", respectively.";
  if (expected_result == OEMCrypto_SUCCESS) {  // No error.
-    ASSERT_EQ(OEMCrypto_SUCCESS, sts);
    ASSERT_EQ(unencryptedData, outputBuffer);
  } else {
-    ASSERT_NO_FATAL_FAILURE(TestDecryptResult(expected_result, sts));
    ASSERT_NE(unencryptedData, outputBuffer);
  }
 }

 void Session::TestDecryptResult(OEMCryptoResult expected_result,
-                                OEMCryptoResult actual_result) {
-
+                                OEMCryptoResult actual_select_result,
+                                OEMCryptoResult actual_decrypt_result) {
+  // In most cases, we expect the result to come from either the select key or
+  // from the decrypt call.
  if (expected_result == OEMCrypto_SUCCESS) {  // No error.
-    ASSERT_EQ(OEMCrypto_SUCCESS, actual_result);
-  } else if (expected_result == OEMCrypto_ERROR_KEY_EXPIRED &&
-      global_features.api_version >= 9) {
-    // Report stale keys, required in v9 and beyond.
-    ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, actual_result);
-  } else if (expected_result == OEMCrypto_ERROR_INSUFFICIENT_HDCP) {
-    // Report HDCP errors.
-    ASSERT_EQ(OEMCrypto_ERROR_INSUFFICIENT_HDCP, actual_result);
-  } else if (expected_result == OEMCrypto_ERROR_ANALOG_OUTPUT) {
-    // Report analog errors.
-    ASSERT_EQ(OEMCrypto_ERROR_ANALOG_OUTPUT, actual_result);
+    ASSERT_EQ(OEMCrypto_SUCCESS, actual_select_result);
+    ASSERT_EQ(OEMCrypto_SUCCESS, actual_decrypt_result);
+  } else if (expected_result == OEMCrypto_ERROR_KEY_EXPIRED ||
+             expected_result == OEMCrypto_ERROR_INSUFFICIENT_HDCP ||
+             expected_result == OEMCrypto_ERROR_ANALOG_OUTPUT) {
+    // Key expired or output problems may be reported from select key or
+    // decrypt, but must be reported.
+    ASSERT_TRUE(actual_select_result == expected_result ||
+                actual_decrypt_result == expected_result);
  } else {
    // OEM's can fine tune other error codes for debugging.
-    ASSERT_NE(OEMCrypto_SUCCESS, actual_result);
+    ASSERT_TRUE(actual_select_result != OEMCrypto_SUCCESS ||
+                actual_decrypt_result != OEMCrypto_SUCCESS);
  }
 }

--- a/oemcrypto/test/oec_session_util.h
+++ b/oemcrypto/test/oec_session_util.h
@@ -253,10 +253,6 @@ class Session {
  void TestDecryptCTR(bool select_key_first = true,
                      OEMCryptoResult expected_result = OEMCrypto_SUCCESS,
                      int key_index = 0);
-  // This compares the actual result with the expected result.  If OEMCrypto is
-  // an older version, we allow it to report an equivalent error code.
-  void TestDecryptResult(OEMCryptoResult expected_result,
-                         OEMCryptoResult actual_result);
  // Verify that an attempt to select an expired key either succeeds, or gives
  // an actionable error code.
  void TestSelectExpired(unsigned int key_index);
@@ -414,6 +410,11 @@ class Session {
  const uint8_t* encrypted_entitled_message_ptr();

 private:
+  // This compares the actual result with the expected result.  If OEMCrypto is
+  // an older version, we allow it to report an equivalent error code.
+  void TestDecryptResult(OEMCryptoResult expected_result,
+                         OEMCryptoResult actual_select_result,
+                         OEMCryptoResult actual_decryt_result);
  // Generate mac and enc keys give the master key.
  void DeriveKeys(const uint8_t* master_key,
                  const vector<uint8_t>& mac_key_context,
--- a/oemcrypto/test/oemcrypto_test.cpp
+++ b/oemcrypto/test/oemcrypto_test.cpp
@@ -4773,8 +4773,7 @@ TEST_F(GenericCryptoTest, KeyDurationEncrypt) {
  OEMCryptoResult status = OEMCrypto_Generic_Encrypt(
      session_.session_id(), clear_buffer_.data(), clear_buffer_.size(), iv_,
      OEMCrypto_AES_CBC_128_NO_PADDING, encrypted.data());
-  ASSERT_NO_FATAL_FAILURE(
-      session_.TestDecryptResult(OEMCrypto_ERROR_KEY_EXPIRED, status));
+  ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, status);
  ASSERT_NE(encrypted, expected_encrypted);
  ASSERT_NO_FATAL_FAILURE(session_.TestSelectExpired(key_index));
 }
@@ -4808,8 +4807,7 @@ TEST_F(GenericCryptoTest, KeyDurationDecrypt) {
  OEMCryptoResult status = OEMCrypto_Generic_Decrypt(
      session_.session_id(), encrypted.data(), encrypted.size(), iv_,
      OEMCrypto_AES_CBC_128_NO_PADDING, resultant.data());
-  ASSERT_NO_FATAL_FAILURE(
-      session_.TestDecryptResult(OEMCrypto_ERROR_KEY_EXPIRED, status));
+  ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, status);
  ASSERT_NE(clear_buffer_, resultant);
  ASSERT_NO_FATAL_FAILURE(session_.TestSelectExpired(key_index));
 }
@@ -4845,8 +4843,7 @@ TEST_F(GenericCryptoTest, KeyDurationSign) {
  OEMCryptoResult status = OEMCrypto_Generic_Sign(
      session_.session_id(), clear_buffer_.data(), clear_buffer_.size(),
      OEMCrypto_HMAC_SHA256, signature.data(), &signature_length);
-  ASSERT_NO_FATAL_FAILURE(
-      session_.TestDecryptResult(OEMCrypto_ERROR_KEY_EXPIRED, status));
+  ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, status);
  ASSERT_NE(expected_signature, signature);
  ASSERT_NO_FATAL_FAILURE(session_.TestSelectExpired(key_index));
 }
@@ -4879,8 +4876,7 @@ TEST_F(GenericCryptoTest, KeyDurationVerify) {
  OEMCryptoResult status = OEMCrypto_Generic_Verify(
      session_.session_id(), clear_buffer_.data(), clear_buffer_.size(),
      OEMCrypto_HMAC_SHA256, signature.data(), signature.size());
-  ASSERT_NO_FATAL_FAILURE(
-      session_.TestDecryptResult(OEMCrypto_ERROR_KEY_EXPIRED, status));
+  ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, status);
  ASSERT_NO_FATAL_FAILURE(session_.TestSelectExpired(key_index));
 }