Source release 15.2.0

2019-06-28 16:02:52 -07:00
parent 2b26dee09c
commit 2990f23065
1236 changed files with 166886 additions and 142315 deletions
--- a/oemcrypto/test/oec_session_util.cpp
+++ b/oemcrypto/test/oec_session_util.cpp
@@ -22,7 +22,6 @@
 #include <iostream>
 #include <memory>
 #include <string>
-#include <sstream>
 #include <vector>

 #include "OEMCryptoCENC.h"
@@ -539,6 +538,7 @@ void Session::FillSimpleMessage(uint32_t duration, uint32_t control,
                                uint32_t nonce, const std::string& pst) {
  EXPECT_EQ(
      1, GetRandBytes(license_.mac_key_iv, sizeof(license_.mac_key_iv)));
+  memset(license_.padding, 0, sizeof(license_.padding));
  EXPECT_EQ(1, GetRandBytes(license_.mac_keys, sizeof(license_.mac_keys)));
  for (unsigned int i = 0; i < num_keys_; i++) {
    memset(license_.keys[i].key_id, 0, kTestKeyIdMaxLength);
@@ -554,9 +554,9 @@ void Session::FillSimpleMessage(uint32_t duration, uint32_t control,
    if (global_features.api_version >= 12) {
      // For version 12 and above, we require OEMCrypto to handle kcNN for all
      // licenses.
-      std::stringstream stream;
-      stream << "kc" << global_features.api_version;
-      memcpy(license_.keys[i].control.verification, stream.str().c_str(), 4);
+      std::string kcVersion =
+          "kc" + std::to_string(global_features.api_version);
+      memcpy(license_.keys[i].control.verification, kcVersion.c_str(), 4);
    } else if (control & wvoec::kControlSecurityPatchLevelMask) {
      // For versions before 12, we require the special key control block only
      // when there are newer features present.
@@ -598,9 +598,9 @@ void Session::FillSimpleEntitlementMessage(
    if (global_features.api_version >= 12) {
      // For version 12 and above, we require OEMCrypto to handle kcNN for all
      // licenses.
-      std::stringstream stream;
-      stream << "kc" << global_features.api_version;
-      memcpy(license_.keys[i].control.verification, stream.str().c_str(), 4);
+      std::string kcVersion =
+          "kc" + std::to_string(global_features.api_version);
+      memcpy(license_.keys[i].control.verification, kcVersion.c_str(), 4);
    } else if (control & wvoec::kControlSecurityPatchLevelMask) {
      // For versions before 12, we require the special key control block only
      // when there are newer features present.
@@ -631,10 +631,10 @@ void Session::FillRefreshMessage(size_t key_count, uint32_t control_bits,
    if (global_features.api_version >= 12) {
      // For version 12 and above, we require OEMCrypto to handle kcNN for all
      // licenses.
-      std::stringstream stream;
-      stream << "kc" << global_features.api_version;
+      std::string kcVersion =
+          "kc" + std::to_string(global_features.api_version);
      memcpy(encrypted_license().keys[i].control.verification,
-             stream.str().c_str(), 4);
+             kcVersion.c_str(), 4);
    } else {
      // For versions before 12, we require the special key control block only
      // when there are newer features present.
@@ -1268,7 +1268,6 @@ void Session::GenerateReport(const std::string& pst,
    ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
  }
  if (sts == OEMCrypto_ERROR_SHORT_BUFFER) {
-    ASSERT_EQ(wvcdm::Unpacked_PST_Report::report_size(pst.length()), length);
    pst_report_buffer_.assign(length, 0xFF);  // Fill with garbage values.
  }
  sts = OEMCrypto_ReportUsage(session_id(),
@@ -1278,7 +1277,7 @@ void Session::GenerateReport(const std::string& pst,
  if (expected_result != OEMCrypto_SUCCESS) {
    return;
  }
-  ASSERT_EQ(pst_report_buffer_.size(), length);
+  EXPECT_EQ(wvcdm::Unpacked_PST_Report::report_size(pst.length()), length);
  vector<uint8_t> computed_signature(SHA_DIGEST_LENGTH);
  unsigned int sig_len = SHA_DIGEST_LENGTH;
  HMAC(EVP_sha1(), mac_key_client_.data(), mac_key_client_.size(),
@@ -1359,6 +1358,9 @@ void Session::GenerateVerifyReport(const std::string& pst,
  Test_PST_Report expected(pst, status);
  ASSERT_NO_FATAL_FAILURE(VerifyReport(expected, time_license_received,
                                       time_first_decrypt, time_last_decrypt));
+  // The PST report was signed above.  Below we verify that the entire message
+  // that is sent to the server will be signed by the right mac keys.
+  ASSERT_NO_FATAL_FAILURE(VerifyClientSignature());
 }

 void Session::CreateOldEntry(const Test_PST_Report& report) {