widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Source release v3.5.0

Browse Source
This commit is contained in:
Gene Morgan
2017-11-28 17:42:16 -08:00
parent 501c22890d
commit 31381a1311
155 changed files with 16680 additions and 3816 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/0ac99ac6565414c7f57a36bcf0c212327cc88ab3 Normal file
View File

Binary file not shown.

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/25adc5d13d39231afeb8ed3da76a18f9658c681a Normal file
View File

@@ -0,0 +1 @@
(c020:0d112d7ea200;

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/32556c2f870258f2b18c905c3cd017d7064927d7 Normal file
View File

@@ -0,0 +1 @@
(e2!0;u

BIN
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/3cec58166305818af41d10666b1538024cfbe4ec Normal file
View File

Binary file not shown.

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/3d152b926d295b49d73a968d1668c0b9125dd2da Normal file
View File

@@ -0,0 +1 @@
0a4c08001248000000020000101907d9ffde13aa95c122678053362136bdf8408f8276e4c2d87ec52b61aa1b9f646e58734930acebe899b3e464189a14a87202fb02570640bd22ef44b2d7e3912250a230a14080112100915007caa9b5931b76a3a85f046523e10011a09393837363534333231180120002a0c313838363738373430350000

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/4879965ec6be329dcc7697d913b2e8971a9729d8 Normal file
View File

@@ -0,0 +1 @@
(2dea200;u

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/4cd2f2c92b644ee1284cd082feb8e6773499ebe7 Normal file
View File

@@ -0,0 +1 @@
0a4c020:0d1190d79fef02570640bd22ef44b2d7e3912250a200

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/4d39a8df58267539e4db62ef45bda5d9573b00a4 Normal file
View File

@@ -0,0 +1 @@
e2!0;u

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/58e6b3a414a1e090dfc6029add0f3555ccba127f Normal file
View File

@@ -0,0 +1 @@
e

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/655668f52bfd904b9f658280d3f144491f1d2a36 Normal file
View File

@@ -0,0 +1 @@
(ea200;u

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/6923a33a0bb5c0694734b3063ecb212aa7873f5d Normal file
View File

@@ -0,0 +1 @@
0a(c020:0d112d7ea200;

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/71e064e7c3959c15c4b39d22e836fbfdc6b046b5 Normal file
View File

@@ -0,0 +1 @@
0a4c000000200:0101907d9ffde02570640bd22ef44b2d7e3912250a230a1407363534333231180120002a0c313838363738373430350000

BIN
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/8edb36d75f26dc46aae4520b02deea1a645cfbc3 Normal file
View File

Binary file not shown.

BIN
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/a121ddeb222a383990a85dfd75c93e3db6630a41 Normal file
View File

Binary file not shown.

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/ad95e413da295fa777257154ed40dfcd8e32ba2b Normal file
View File

@@ -0,0 +1 @@
0a4c000000220:01019dd79fef02570640bd22ef44b2d7e3912250a200

BIN
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/b65818237816f961d1138ef352d0b905d3eb9330 Normal file
View File

Binary file not shown.

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/bcadfd6aacc62927bdb3e0a9f04b9aa11c192b6d Normal file
View File

@@ -0,0 +1 @@
e;

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/c6f546c378e78c5a74b45ce792c88f925f34000f Normal file
View File

@@ -0,0 +1 @@
0a4c000000200:010197d9ffde02570640bd22ef44b2d7e3912250a230a1407363534333231180120002a0c313838363738373430350000

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/d6b1a032205b2b9ddeced35d07a9d7c7f27bbef2 Normal file
View File

@@ -0,0 +1 @@
0a4c00000020000101907d9ffde02570640bd22ef44b2d7e3912250a230a14080112100915007caa9b5931b76a3a85f046523e10011a09393837363534333231180120002a0c313838363738373430350000

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/d7d4218b6a3c59f80d1fe0ece07ca13e5a2c209c Normal file
View File

@@ -0,0 +1 @@
0a4c020:0d112d7e3912250a200;

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/d992e60874495b187bc157e0f24d4fd8ad957094 Normal file
View File

@@ -0,0 +1 @@
0a4c08001248000000020000101907d9ffde02570640bd22ef44b2d7e3912250a230a14080112100915007caa9b5931b76a3a85f046523e10011a09393837363534333231180120002a0c313838363738373430350000

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/e7064f0b80f61dbc65915311032d27baa569ae2a Normal file
View File

@@ -0,0 +1 @@
)

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/ead485157c8b58596faa57d6c0818e6c5b652a9e Normal file
View File

@@ -0,0 +1 @@
e2;

BIN
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/ecca89819d61866b1f41e756edc08510f8f70747 Normal file
View File

Binary file not shown.

1
oemcrypto/test/fuzz_tests/GenerateSignatureCorpus/example.txt Normal file
View File

@@ -0,0 +1 @@
0a4c08001248000000020000101907d9ffde13aa95c122678053362136bdf8408f8276e4c2d87ec52b61aa1b9f646e58734930acebe899b3e464189a14a87202fb02574e70640bd22ef44b2d7e3912250a230a14080112100915007caa9b5931b76a3a85f046523e10011a09393837363534333231180120002a0c313838363738373430350000

25
oemcrypto/test/fuzz_tests/oemcrypto_fuzztests.gyp Normal file
View File

@@ -0,0 +1,25 @@
# Copyright 2017 Google Inc. All Rights Reserved.
#
# Builds under the CDM ./build.py (target platform) build system
# Refer to the distribution package's README for details.
{
'variables': {
'oemcrypto_lib%': '',
'oemcrypto_stubs%': '',
'openssl_config%': 'system',
'openssl_target%': '',
},
'targets': [
{
'target_name': 'wv_ce_cdm_oemcrypto_generate_signature_fuzz_test',
'type': 'executable',
'sources': [
# The test runner and the testing device certificate.
'oemcrypto_generate_signature.cc',
],
'includes': [
'oemcrypto_fuzztests.gypi',
],
},
],
}

54
oemcrypto/test/fuzz_tests/oemcrypto_fuzztests.gypi Normal file
View File

@@ -0,0 +1,54 @@
# Copyright 2017 Google Inc. All Rights Reserved.
#
# Include this in any custom unit test targets.
# Does not include the test runner main.
{
'sources': [
'../oec_device_features.cpp',
'../oec_session_util.cpp',
'../oemcrypto_session_tests_helper.cpp',
'../oemcrypto_session_tests_helper.h',
'../../../cdm/test/device_cert.cpp',
'../../../cdm/test/device_cert.h',
],
'include_dirs': [
'../../../core/include', # log.h
'../../include',
'../../mock/src', # oemcrypto_key_mock.h
'../',
'../../../cdm/test',
],
'defines': [
'OEMCRYPTO_TESTS',
'OEMCRYPTO_FUZZ_TESTS',
],
'libraries': [
'../../../third_party/fuzz/platforms/x86-64/libFuzzer.a',
'-lpthread', # gtest
],
'dependencies': [
'../../../cdm/cdm.gyp:widevine_ce_cdm_shared',
'../../../third_party/gmock.gyp:gmock',
'../../../third_party/gmock.gyp:gtest',
],
'conditions': [
['oemcrypto_stubs!=""', {
'dependencies': [
'../../stubs/stubs.gyp:oec_stubs_v<(oemcrypto_version)',
],
}, {
'conditions': [
['oemcrypto_lib==""', {
'dependencies': [
'../../mock/oec_mock.gyp:oec_mock',
],
}, {
'libraries': [
'../../../third_party/fuzz/platforms/x86-64/libFuzzer.a',
'<(oemcrypto_lib)',
],
}],
],
}],
],
}

38
oemcrypto/test/fuzz_tests/oemcrypto_generate_signature.cc Normal file
View File

@@ -0,0 +1,38 @@
#include "properties.h"
#include "oemcrypto_session_tests_helper.h"
using namespace wvoec;
static bool is_init = false;
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
SessionUtil session_helper;
if (!is_init) {
bool is_cast_receiver = false;
bool force_load_test_keybox = false;
wvoec::global_features.Initialize(is_cast_receiver, force_load_test_keybox);
wvoec::global_features.RestrictFilter("*");
wvcdm::Properties::Init();
is_init = true;
}
OEMCrypto_Initialize();
session_helper.EnsureTestKeys();
Session s;
s.open();
s.GenerateDerivedKeysFromKeybox();
static const uint32_t SignatureBufferMaxLength = size;
vector<uint8_t> signature(SignatureBufferMaxLength);
size_t signature_length = signature.size();
OEMCryptoResult sts;
sts = OEMCrypto_GenerateSignature(s.session_id(), data, size,
&signature[0], &signature_length);
s.close();
OEMCrypto_Terminate();
return 0;
}

76
oemcrypto/test/fuzz_tests/platforms/x86-64/fuzzer_settings.gypi Normal file
View File

@@ -0,0 +1,76 @@
# Copyright 2017 Google Inc. All rights reserved.
{
# Here you can set platform-specific compiler settings.
'target_defaults': {
# These are flags passed to the compiler for all C & C++ files.
'cflags': [
'-fsanitize=address',
'-fsanitize-coverage=trace-pc-guard',
'-fPIC',
],
# These are flags passed to the compiler for plain C only.
'cflags_c': [
'-fsanitize-coverage=trace-pc-guard',
'-fsanitize=address',
'-fPIC',
],
# These are flags passed to the compiler for C++ only.
'cflags_cc': [
'-fsanitize-coverage=trace-pc-guard',
'-fsanitize=address',
'-fPIC',
],
# These are flags passed to the linker.
'ldflags': [
'-fsanitize=address',
],
# These are macros set by the compiler.
'defines': [
#'EXAMPLE_MACRO_WITH_NO_VALUE',
#'EXAMPLE_KEY=EXAMPLE_VALUE',
],
# These are additional include paths to search for headers.
'include_dirs': [
],
'target_conditions': [
['_toolset == "host"', {
# These are settings specifically for the host toolchain.
# The extra equals sign in the key name instructs gyp to replace
# the generic settings above rather than append to them.
'cflags=': [
'-fsanitize-coverage=trace-pc-guard',
'-fsanitize=address',
'-fPIC',
],
'cflags_c=': [
'-fsanitize-coverage=trace-pc-guard',
'-fsanitize=address',
'-fPIC',
],
'cflags_cc=': [
'-fsanitize-coverage=trace-pc-guard',
'-fsanitize=address',
'-fPIC',
],
'ldflags=': [
'-fsanitize=address',
],
'defines=': [
],
'include_dirs=': [
],
}], # end _toolset == "host" condition
], # end target_conditions
}, # end target_defaults
}

10
oemcrypto/test/fuzz_tests/sample_test.cc Normal file
View File

@@ -0,0 +1,10 @@
#include <stddef.h>
#include <stdint.h>
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
if (size > 0 && data[0] == 'H')
if (size > 1 && data[1] == 'I')
if (size > 2 && data[2] == '!')
__builtin_trap();
return 0;
}

33
oemcrypto/test/oec_device_features.cpp
View File

@@ -8,10 +8,12 @@
#include <cstring>
#include "oec_test_data.h"
#include "test_keybox.h"
namespace wvoec {
using namespace wvcdm_test_auth;
DeviceFeatures global_features;
void DeviceFeatures::Initialize(bool is_cast_receiver,
@@ -22,6 +24,7 @@ void DeviceFeatures::Initialize(bool is_cast_receiver,
loads_certificate = false;
generic_crypto = false;
usage_table = false;
supports_rsa_3072 = false;
api_version = 0;
derive_key_method = NO_METHOD;
if (OEMCrypto_SUCCESS != OEMCrypto_Initialize()) {
@@ -70,13 +73,24 @@ void DeviceFeatures::Initialize(bool is_cast_receiver,
OEMCrypto_CloseSession(session);
api_version = OEMCrypto_APIVersion();
printf("api_version = %d.\n", api_version);
usage_table = OEMCrypto_SupportsUsageTable();
// These unit tests only work with new usage tables. We do not test v12
// usage tables.
if (api_version > 12) usage_table = OEMCrypto_SupportsUsageTable();
printf("usage_table = %s.\n", usage_table ? "true" : "false");
if (force_load_test_keybox) {
derive_key_method = FORCE_TEST_KEYBOX;
} else {
PickDerivedKey();
}
if (api_version >= 13) {
uint32_t supported_cert = OEMCrypto_SupportedCertificates();
if (supported_cert & OEMCrypto_Supports_RSA_CAST) {
cast_receiver = true;
}
if (supported_cert & OEMCrypto_Supports_RSA_3072bit) {
supports_rsa_3072 = true;
}
}
printf("cast_receiver = %s.\n", cast_receiver ? "true" : "false");
switch (derive_key_method) {
case NO_METHOD:
@@ -120,9 +134,12 @@ std::string DeviceFeatures::RestrictFilter(const std::string& initial_filter) {
if (derive_key_method == NO_METHOD) FilterOut(&filter, "*SessionTest*");
if (provisioning_method
!= OEMCrypto_OEMCertificate) FilterOut(&filter, "*Prov30*");
if (!supports_rsa_3072) FilterOut(&filter, "*RSAKey3072*");
if (api_version < 9) FilterOut(&filter, "*API09*");
if (api_version < 10) FilterOut(&filter, "*API10*");
if (api_version < 11) FilterOut(&filter, "*API11*");
if (api_version < 12) FilterOut(&filter, "*API12*");
if (api_version < 13) FilterOut(&filter, "*API13*");
// Performance tests take a long time. Filter them out if they are not
// specifically requested.
if (filter.find("Performance") == std::string::npos) {
@@ -170,17 +187,18 @@ bool DeviceFeatures::IsTestKeyboxInstalled() {
size_t key_data_len = sizeof(key_data);
if (OEMCrypto_GetKeyData(key_data, &key_data_len) != OEMCrypto_SUCCESS)
return false;
if (key_data_len != sizeof(kTestKeybox.data_)) return false;
if (memcmp(key_data, kTestKeybox.data_, key_data_len)) return false;
if (key_data_len != kKeyboxDataSize) return false;
if (memcmp(key_data, &kKeybox[kKeyboxDataOffset], key_data_len)) return false;
uint8_t dev_id[128] = {0};
size_t dev_id_len = 128;
if (OEMCrypto_GetDeviceID(dev_id, &dev_id_len) != OEMCrypto_SUCCESS)
return false;
// We use strncmp instead of memcmp because we don't really care about the
// multiple '\0' characters at the end of the device id.
return 0 == strncmp(reinterpret_cast<const char*>(dev_id),
reinterpret_cast<const char*>(kTestKeybox.device_id_),
sizeof(kTestKeybox.device_id_));
return 0 == strncmp(
reinterpret_cast<const char*>(dev_id),
reinterpret_cast<const char*>(&kKeybox[kKeyboxDeviceIdOffset]),
kKeyboxDeviceIdSize);
}
void DeviceFeatures::FilterOut(std::string* current_filter,
@@ -203,6 +221,7 @@ const char* ProvisioningMethodName(OEMCrypto_ProvisioningMethod method) {
case OEMCrypto_OEMCertificate:
return "OEMCrypto_OEMCertificate";
}
// Not reachable
return "";
}

1
oemcrypto/test/oec_device_features.h
View File

@@ -26,6 +26,7 @@ class DeviceFeatures {
bool generic_crypto; // Device supports generic crypto.
bool cast_receiver; // Device supports alternate rsa signature padding.
bool usage_table; // Device saves usage information.
bool supports_rsa_3072; // Device supports 3072 bit RSA keys.
uint32_t api_version;
OEMCrypto_ProvisioningMethod provisioning_method;

406
oemcrypto/test/oec_session_util.cpp
View File

@@ -23,8 +23,8 @@
#include "OEMCryptoCENC.h"
#include "log.h"
#include "oec_device_features.h"
#include "oec_test_data.h"
#include "oemcrypto_key_mock.h"
#include "test_rsa_key.h"
#include "string_conversions.h"
#include "wv_cdm_constants.h"
#include "wv_cdm_types.h"
@@ -35,18 +35,31 @@ using namespace std;
// GTest requires PrintTo to be in the same namespace as the thing it prints,
// which is std::vector in this case.
namespace std {
void PrintTo(const vector<uint8_t>& value, ostream* os) {
*os << wvcdm::b2a_hex(value);
}
} // namespace std
void PrintTo(const PatternTestVariant& param, ostream* os) {
*os << ((param.mode == OEMCrypto_CipherMode_CTR) ? "CTR mode" : "CBC mode")
<< ", encrypt=" << param.pattern.encrypt
<< ", skip=" << param.pattern.skip;
namespace {
int GetRandBytes(unsigned char* buf, int num) {
// returns 1 on success, -1 if not supported, or 0 if other failure.
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
return RAND_pseudo_bytes(buf, num);
#else
return RAND_bytes(buf, num);
#endif
}
} // namespace std
#ifdef OPENSSL_IS_BORINGSSL
void DeleteX509Stack(STACK_OF(X509)* stack) {
sk_X509_pop_free(stack, X509_free);
}
typedef size_t X509Count;
#else
typedef int X509Count;
#endif
} // namespace
namespace wvoec {
@@ -82,7 +95,7 @@ class openssl_ptr {
T& operator*() const { return *ptr_; }
T* operator->() const { return ptr_; }
T* get() const { return ptr_; }
bool NotNull() { return ptr_; }
bool NotNull() const { return ptr_; }
private:
T* ptr_;
@@ -181,8 +194,10 @@ void Session::GenerateDerivedKeysFromKeybox() {
// with test keybox "installed".
mac_key_server_ = wvcdm::a2b_hex(
"3CFD60254786AF350B353B4FBB700AB382558400356866BA16C256BCD8C502BF");
mac_key_client_ = wvcdm::a2b_hex(
"A9DE7B3E4E199ED8D1FBC29CD6B4C772CC4538C8B0D3E208B3E76F2EC0FD6F47");
enc_key_ = wvcdm::a2b_hex("D0BFC35DA9E33436E81C4229E78CB9F4");
}
@@ -191,7 +206,7 @@ void Session::GenerateDerivedKeysFromSessionKey() {
GenerateNonce();
vector<uint8_t> session_key;
vector<uint8_t> enc_session_key;
PreparePublicKey();
if (public_rsa_ == NULL) PreparePublicKey();
ASSERT_TRUE(GenerateRSASessionKey(&session_key, &enc_session_key));
vector<uint8_t> mac_context;
vector<uint8_t> enc_context;
@@ -222,22 +237,23 @@ void Session::LoadTestKeys(const std::string& pst, bool new_mac_keys) {
&signature_[0], signature_.size(),
encrypted_license().mac_key_iv,
encrypted_license().mac_keys, num_keys_,
key_array_, pst_ptr, pst.length()));
key_array_, pst_ptr, pst.length(), NULL));
// Update new generated keys.
memcpy(&mac_key_server_[0], license_.mac_keys, wvcdm::MAC_KEY_SIZE);
memcpy(&mac_key_client_[0], license_.mac_keys + wvcdm::MAC_KEY_SIZE,
wvcdm::MAC_KEY_SIZE);
} else {
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_LoadKeys(session_id(), message_ptr(), message_size_,
&signature_[0], signature_.size(), NULL, NULL,
num_keys_, key_array_, pst_ptr, pst.length()));
ASSERT_EQ(
OEMCrypto_SUCCESS,
OEMCrypto_LoadKeys(session_id(), message_ptr(), message_size_,
&signature_[0], signature_.size(), NULL, NULL,
num_keys_, key_array_, pst_ptr, pst.length(), NULL));
}
VerifyTestKeys();
}
void Session::VerifyTestKeys() {
for (int i = 0; i < num_keys_; i++) {
for (unsigned int i = 0; i < num_keys_; i++) {
KeyControlBlock block;
size_t size = sizeof(block);
OEMCryptoResult sts = OEMCrypto_QueryKeyControl(
@@ -262,6 +278,7 @@ void Session::RefreshTestKeys(const size_t key_count, uint32_t control_bits,
uint32_t nonce, OEMCryptoResult expected_result) {
// Note: we store the message in encrypted_license_, but the refresh key
// message is not actually encrypted. It is, however, signed.
// FillRefreshMessage fills the message with a duration of kLongDuration.
FillRefreshMessage(key_count, control_bits, nonce);
ServerSignBuffer(reinterpret_cast<const uint8_t*>(&padded_message_),
message_size_, &signature_);
@@ -273,9 +290,14 @@ void Session::RefreshTestKeys(const size_t key_count, uint32_t control_bits,
ASSERT_EQ(expected_result, sts);
ASSERT_NO_FATAL_FAILURE(TestDecryptCTR());
sleep(kShortSleep); // Should still be valid key.
// This should still be valid key, even if the refresh failed, because this
// is before the original license duration.
sleep(kShortSleep);
ASSERT_NO_FATAL_FAILURE(TestDecryptCTR(false));
sleep(kShortSleep + kLongSleep); // Should be after first expiration.
// This should be after duration of the original license, but before the
// expiration of the refresh message. This should succeed if and only if the
// refresh succeeded.
sleep(kShortSleep + kLongSleep);
if (expected_result == OEMCrypto_SUCCESS) {
ASSERT_NO_FATAL_FAILURE(TestDecryptCTR(false, OEMCrypto_SUCCESS));
} else {
@@ -294,21 +316,24 @@ void Session::SetKeyId(int index, const string& key_id) {
void Session::FillSimpleMessage(uint32_t duration, uint32_t control,
uint32_t nonce, const std::string& pst) {
EXPECT_EQ(
1, RAND_pseudo_bytes(license_.mac_key_iv, sizeof(license_.mac_key_iv)));
EXPECT_EQ(1, RAND_pseudo_bytes(license_.mac_keys, sizeof(license_.mac_keys)));
for (int i = 0; i < num_keys_; i++) {
1, GetRandBytes(license_.mac_key_iv, sizeof(license_.mac_key_iv)));
EXPECT_EQ(1, GetRandBytes(license_.mac_keys, sizeof(license_.mac_keys)));
for (unsigned int i = 0; i < num_keys_; i++) {
memset(license_.keys[i].key_id, 0, kTestKeyIdMaxLength);
license_.keys[i].key_id_length = kDefaultKeyIdLength;
memset(license_.keys[i].key_id, i, license_.keys[i].key_id_length);
EXPECT_EQ(1, RAND_pseudo_bytes(license_.keys[i].key_data,
EXPECT_EQ(1, GetRandBytes(license_.keys[i].key_data,
sizeof(license_.keys[i].key_data)));
license_.keys[i].key_data_length = wvcdm::KEY_SIZE;
EXPECT_EQ(1, RAND_pseudo_bytes(license_.keys[i].key_iv,
EXPECT_EQ(1, GetRandBytes(license_.keys[i].key_iv,
sizeof(license_.keys[i].key_iv)));
EXPECT_EQ(1, RAND_pseudo_bytes(license_.keys[i].control_iv,
EXPECT_EQ(1, GetRandBytes(license_.keys[i].control_iv,
sizeof(license_.keys[i].control_iv)));
// For version 12, we require OEMCrypto to handle kc12 for all licenses.
if (global_features.api_version == 12) {
if (global_features.api_version == 13) {
// For version 13, we require OEMCrypto to handle kc13 for all licenses.
memcpy(license_.keys[i].control.verification, "kc13", 4);
} else if (global_features.api_version == 12) {
// For version 12, we require OEMCrypto to handle kc12 for all licenses.
memcpy(license_.keys[i].control.verification, "kc12", 4);
} else if (control & wvoec_mock::kControlSecurityPatchLevelMask) {
// For versions before 12, we require the special key control block only
@@ -328,6 +353,7 @@ void Session::FillSimpleMessage(uint32_t duration, uint32_t control,
license_.keys[i].cipher_mode = OEMCrypto_CipherMode_CTR;
}
memcpy(license_.pst, pst.c_str(), min(sizeof(license_.pst), pst.length()));
pst_ = pst;
}
void Session::FillRefreshMessage(size_t key_count, uint32_t control_bits,
@@ -336,7 +362,10 @@ void Session::FillRefreshMessage(size_t key_count, uint32_t control_bits,
encrypted_license().keys[i].key_id_length = license_.keys[i].key_id_length;
memcpy(encrypted_license().keys[i].key_id, license_.keys[i].key_id,
encrypted_license().keys[i].key_id_length);
if (global_features.api_version == 12) {
if (global_features.api_version == 13) {
// For version 13, we require OEMCrypto to handle kc13 for all licenses.
memcpy(encrypted_license().keys[i].control.verification, "kc13", 4);
} else if (global_features.api_version == 12) {
// For version 12, we require OEMCrypto to handle kc12 for all licenses.
memcpy(encrypted_license().keys[i].control.verification, "kc12", 4);
} else {
@@ -360,7 +389,7 @@ void Session::EncryptAndSign() {
AES_cbc_encrypt(&license_.mac_keys[0], &encrypted_license().mac_keys[0],
2 * wvcdm::MAC_KEY_SIZE, &aes_key, iv_buffer, AES_ENCRYPT);
for (int i = 0; i < num_keys_; i++) {
for (unsigned int i = 0; i < num_keys_; i++) {
memcpy(iv_buffer, &license_.keys[i].control_iv[0], wvcdm::KEY_IV_SIZE);
AES_set_encrypt_key(&license_.keys[i].key_data[0], 128, &aes_key);
AES_cbc_encrypt(
@@ -436,7 +465,7 @@ void Session::VerifyClientSignature(size_t data_length) {
void Session::FillKeyArray(const MessageData& data,
OEMCrypto_KeyObject* key_array) {
for (int i = 0; i < num_keys_; i++) {
for (unsigned int i = 0; i < num_keys_; i++) {
key_array[i].key_id = data.keys[i].key_id;
key_array[i].key_id_length = data.keys[i].key_id_length;
key_array[i].key_data_iv = data.keys[i].key_iv;
@@ -502,9 +531,9 @@ void Session::TestDecryptCTR(bool select_key_first,
vector<uint8_t> unencryptedData(256);
for (size_t i = 0; i < unencryptedData.size(); i++)
unencryptedData[i] = i % 256;
EXPECT_EQ(1, RAND_pseudo_bytes(&unencryptedData[0], unencryptedData.size()));
EXPECT_EQ(1, GetRandBytes(&unencryptedData[0], unencryptedData.size()));
vector<uint8_t> encryptionIv(wvcdm::KEY_IV_SIZE);
EXPECT_EQ(1, RAND_pseudo_bytes(&encryptionIv[0], wvcdm::KEY_IV_SIZE));
EXPECT_EQ(1, GetRandBytes(&encryptionIv[0], wvcdm::KEY_IV_SIZE));
vector<uint8_t> encryptedData(unencryptedData.size());
EncryptCTR(unencryptedData, license_.keys[key_index].key_data,
&encryptionIv[0], &encryptedData);
@@ -528,32 +557,74 @@ void Session::TestDecryptCTR(bool select_key_first,
if (expected_result == OEMCrypto_SUCCESS) { // No error.
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
ASSERT_EQ(unencryptedData, outputBuffer);
} else if (expected_result == OEMCrypto_ERROR_KEY_EXPIRED) {
// Report stale keys.
ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, sts);
ASSERT_NE(unencryptedData, outputBuffer);
} else if (expected_result == OEMCrypto_ERROR_INSUFFICIENT_HDCP) {
// Report HDCP errors.
ASSERT_EQ(OEMCrypto_ERROR_INSUFFICIENT_HDCP, sts);
ASSERT_NE(unencryptedData, outputBuffer);
} else {
// OEM's can fine tune other error codes for debugging.
ASSERT_NE(OEMCrypto_SUCCESS, sts);
ASSERT_NO_FATAL_FAILURE(TestDecryptResult(expected_result, sts));
ASSERT_NE(unencryptedData, outputBuffer);
}
}
void Session::TestDecryptResult(OEMCryptoResult expected_result,
OEMCryptoResult actual_result) {
if (expected_result == OEMCrypto_SUCCESS) { // No error.
ASSERT_EQ(OEMCrypto_SUCCESS, actual_result);
} else if (expected_result == OEMCrypto_ERROR_KEY_EXPIRED &&
global_features.api_version >= 9) {
// Report stale keys, required in v9 and beyond.
ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, actual_result);
} else if (expected_result == OEMCrypto_ERROR_INSUFFICIENT_HDCP) {
// Report HDCP errors.
ASSERT_EQ(OEMCrypto_ERROR_INSUFFICIENT_HDCP, actual_result);
} else if (expected_result == OEMCrypto_ERROR_ANALOG_OUTPUT) {
// Report analog errors.
ASSERT_EQ(OEMCrypto_ERROR_ANALOG_OUTPUT, actual_result);
} else {
// OEM's can fine tune other error codes for debugging.
ASSERT_NE(OEMCrypto_SUCCESS, actual_result);
}
}
void Session::TestSelectExpired(unsigned int key_index) {
if (global_features.api_version >= 13) {
OEMCryptoResult status =
OEMCrypto_SelectKey(session_id(), license().keys[key_index].key_id,
license().keys[key_index].key_id_length);
// It is OK for SelectKey to succeed with an expired key, but if there is
// an error, it must be OEMCrypto_ERROR_KEY_EXIRED.
if (status != OEMCrypto_SUCCESS) {
ASSERT_EQ(OEMCrypto_ERROR_KEY_EXPIRED, status);
}
}
}
void Session::LoadOEMCert(bool verify_cert) {
// Get the OEM Public Cert from OEMCrypto
vector<uint8_t> public_cert;
size_t public_cert_length = 0;
ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER,
OEMCrypto_GetOEMPublicCertificate(session_id(), NULL,
&public_cert_length));
ASSERT_GT((int)public_cert_length, 0);
ASSERT_LT(0u, public_cert_length);
public_cert.resize(public_cert_length);
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_GetOEMPublicCertificate(session_id(), &public_cert[0],
&public_cert_length));
// Load the certificate chain into an OpenSSL X509 Stack
#ifdef OPENSSL_IS_BORINGSSL
const openssl_ptr<STACK_OF(X509), DeleteX509Stack> x509_stack(
sk_X509_new_null());
ASSERT_TRUE(x509_stack.NotNull()) << "Unable to allocate X509 stack.";
CBS pkcs7;
CBS_init(&pkcs7, public_cert.data(), public_cert.size());
if (!PKCS7_get_certificates(x509_stack.get(), &pkcs7)) {
dump_openssl_error();
FAIL() << "Unable to deserialize certificate chain.";
}
STACK_OF(X509)* certs = x509_stack.get();
#else
// load the cert into rsa_key_.
openssl_ptr<BIO, BIO_vfree> bio(
BIO_new_mem_buf(&public_cert[0], public_cert_length));
@@ -564,7 +635,10 @@ void Session::LoadOEMCert(bool verify_cert) {
EXPECT_EQ(OBJ_obj2nid(cert->type), NID_pkcs7_signed);
STACK_OF(X509)* certs = cert->d.sign->cert;
for (int i = 0; certs && i < sk_X509_num(certs); i++) {
#endif
// Load the public cert's key into public_rsa_ and verify, if requested
for (X509Count i = 0; certs && i < sk_X509_num(certs); i++) {
X509* x509_cert = sk_X509_value(certs, i);
openssl_ptr<EVP_PKEY, EVP_PKEY_free> pubkey(X509_get_pubkey(x509_cert));
ASSERT_TRUE(pubkey.NotNull());
@@ -589,13 +663,27 @@ void Session::LoadOEMCert(bool verify_cert) {
ASSERT_TRUE(store_ctx.NotNull());
X509_STORE_CTX_init(store_ctx.get(), store.get(), x509_cert, NULL);
// TODO(fredgc): Verify cert is signed by Google.
int result = X509_verify_cert(store_ctx.get());
ASSERT_GE(0, result) << " OEM Cert not valid. "
<< X509_verify_cert_error_string(store_ctx->error);
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
ASSERT_GE(0, result) << " OEM Cert not valid. " <<
X509_verify_cert_error_string(store_ctx->error);
#else
ASSERT_GE(0, result) << " OEM Cert not valid. " <<
X509_verify_cert_error_string(
X509_STORE_CTX_get_error(store_ctx.get()));
#endif
if (result == 0) {
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
printf("Cert not verified: %s.\n",
X509_verify_cert_error_string(store_ctx->error));
#else
printf("Cert not verified: %s.\n",
X509_verify_cert_error_string(
X509_STORE_CTX_get_error(store_ctx.get())));
#endif
}
}
}
@@ -619,7 +707,7 @@ void Session::MakeRSACertificate(struct RSAPrivateKeyMessage* encrypted,
memcpy(message.rsa_key, rsa_key.data(), rsa_key.size());
message.rsa_key_length = rsa_key.size();
}
EXPECT_EQ(1, RAND_pseudo_bytes(message.rsa_key_iv, wvcdm::KEY_IV_SIZE));
EXPECT_EQ(1, GetRandBytes(message.rsa_key_iv, wvcdm::KEY_IV_SIZE));
message.nonce = nonce_;
EncryptProvisioningMessage(&message, encrypted, *encryption_key);
@@ -652,10 +740,10 @@ void Session::RewrapRSAKey(const struct RSAPrivateKeyMessage& encrypted,
wrapped_key->clear();
}
}
void Session::RewrapRSAKey30(
const struct RSAPrivateKeyMessage& encrypted, size_t,
const std::vector<uint8_t>& encrypted_message_key,
vector<uint8_t>* wrapped_key, bool force) {
void Session::RewrapRSAKey30(const struct RSAPrivateKeyMessage& encrypted,
const std::vector<uint8_t>& encrypted_message_key,
vector<uint8_t>* wrapped_key, bool force) {
size_t wrapped_key_length = 0;
ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER,
OEMCrypto_RewrapDeviceRSAKey30(
@@ -679,8 +767,8 @@ void Session::RewrapRSAKey30(
void Session::PreparePublicKey(const uint8_t* rsa_key, size_t rsa_key_length) {
if (rsa_key == NULL) {
rsa_key = kTestRSAPKCS8PrivateKeyInfo2_2048;
rsa_key_length = sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048);
rsa_key = wvcdm_test_auth::kRsaPrivateKey_2048;
rsa_key_length = wvcdm_test_auth::kRsaPrivateKeySize_2048;
}
uint8_t* p = const_cast<uint8_t*>(rsa_key);
openssl_ptr<BIO, BIO_vfree> bio(BIO_new_mem_buf(p, rsa_key_length));
@@ -713,38 +801,43 @@ bool Session::VerifyPSSSignature(EVP_PKEY* pkey, const uint8_t* message,
size_t message_length,
const uint8_t* signature,
size_t signature_length) {
EVP_MD_CTX ctx;
EVP_MD_CTX_init(&ctx);
EVP_PKEY_CTX* pctx = NULL;
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
EVP_MD_CTX md_ctx_struct;
EVP_MD_CTX* md_ctx = &md_ctx_struct;
EVP_MD_CTX_init(md_ctx);
#else
EVP_MD_CTX* md_ctx = EVP_MD_CTX_new();
#endif
EVP_PKEY_CTX* pkey_ctx = NULL;
if (EVP_DigestVerifyInit(&ctx, &pctx, EVP_sha1(), NULL /* no ENGINE */,
if (EVP_DigestVerifyInit(md_ctx, &pkey_ctx, EVP_sha1(), NULL /* no ENGINE */,
pkey) != 1) {
LOGE("EVP_DigestVerifyInit failed in VerifyPSSSignature");
goto err;
}
if (EVP_PKEY_CTX_set_signature_md(pctx,
if (EVP_PKEY_CTX_set_signature_md(pkey_ctx,
const_cast<EVP_MD *>(EVP_sha1())) != 1) {
LOGE("EVP_PKEY_CTX_set_signature_md failed in VerifyPSSSignature");
goto err;
}
if (EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) != 1) {
if (EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) != 1) {
LOGE("EVP_PKEY_CTX_set_rsa_padding failed in VerifyPSSSignature");
goto err;
}
if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, SHA_DIGEST_LENGTH) != 1) {
if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, SHA_DIGEST_LENGTH) != 1) {
LOGE("EVP_PKEY_CTX_set_rsa_pss_saltlen failed in VerifyPSSSignature");
goto err;
}
if (EVP_DigestVerifyUpdate(&ctx, message, message_length) != 1) {
if (EVP_DigestVerifyUpdate(md_ctx, message, message_length) != 1) {
LOGE("EVP_DigestVerifyUpdate failed in VerifyPSSSignature");
goto err;
}
if (EVP_DigestVerifyFinal(&ctx, const_cast<uint8_t*>(signature),
if (EVP_DigestVerifyFinal(md_ctx, const_cast<uint8_t*>(signature),
signature_length) != 1) {
LOGE(
"EVP_DigestVerifyFinal failed in VerifyPSSSignature. (Probably a bad "
@@ -752,12 +845,20 @@ bool Session::VerifyPSSSignature(EVP_PKEY* pkey, const uint8_t* message,
goto err;
}
EVP_MD_CTX_cleanup(&ctx);
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
EVP_MD_CTX_cleanup(md_ctx);
#else
EVP_MD_CTX_free(md_ctx);
#endif
return true;
err:
dump_openssl_error();
EVP_MD_CTX_cleanup(&ctx);
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
EVP_MD_CTX_cleanup(md_ctx);
#else
EVP_MD_CTX_free(md_ctx);
#endif
return false;
}
@@ -821,8 +922,61 @@ void Session::InstallRSASessionTestKey(const vector<uint8_t>& wrapped_rsa_key) {
GenerateDerivedKeysFromSessionKey();
}
void Session::GenerateReport(const std::string& pst, bool expect_success,
void Session::CreateNewUsageEntry() {
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_CreateNewUsageEntry(session_id(), &usage_entry_number_));
}
void Session::UpdateUsageEntry(std::vector<uint8_t>* header_buffer) {
size_t header_buffer_length = 0;
size_t entry_buffer_length = 0;
ASSERT_EQ(
OEMCrypto_ERROR_SHORT_BUFFER,
OEMCrypto_UpdateUsageEntry(session_id(), NULL, &header_buffer_length,
NULL, &entry_buffer_length));
ASSERT_LT(0u, header_buffer_length);
header_buffer->resize(header_buffer_length);
ASSERT_LT(0u, entry_buffer_length);
encrypted_usage_entry_.resize(entry_buffer_length);
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_UpdateUsageEntry(
session_id(), &(header_buffer->front()), &header_buffer_length,
&encrypted_usage_entry_[0], &entry_buffer_length));
}
void Session::DeactivateUsageEntry(const std::string& pst) {
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_DeactivateUsageEntry(
session_id(), reinterpret_cast<const uint8_t*>(pst.c_str()),
pst.length()));
}
void Session::LoadUsageEntry(uint32_t index, const vector<uint8_t>& buffer) {
usage_entry_number_ = index;
encrypted_usage_entry_ = buffer;
ASSERT_EQ(
OEMCrypto_SUCCESS,
OEMCrypto_LoadUsageEntry(session_id(), index, &buffer[0], buffer.size()));
}
void Session::MoveUsageEntry(uint32_t new_index,
std::vector<uint8_t>* header_buffer,
OEMCryptoResult expect_result) {
ASSERT_NO_FATAL_FAILURE(open());
ASSERT_NO_FATAL_FAILURE(ReloadUsageEntry());
ASSERT_EQ(expect_result, OEMCrypto_MoveEntry(session_id(), new_index));
if (expect_result == OEMCrypto_SUCCESS) {
usage_entry_number_ = new_index;
ASSERT_NO_FATAL_FAILURE(UpdateUsageEntry(header_buffer));
}
ASSERT_NO_FATAL_FAILURE(close());
}
void Session::GenerateReport(const std::string& pst,
OEMCryptoResult expected_result,
Session* other) {
ASSERT_TRUE(open_);
if (other) { // If other is specified, copy mac keys.
mac_key_server_ = other->mac_key_server_;
mac_key_client_ = other->mac_key_client_;
@@ -830,54 +984,120 @@ void Session::GenerateReport(const std::string& pst, bool expect_success,
size_t length = 0;
OEMCryptoResult sts = OEMCrypto_ReportUsage(
session_id(), reinterpret_cast<const uint8_t*>(pst.c_str()), pst.length(),
pst_report(), &length);
if (expect_success) {
&pst_report_buffer_[0], &length);
if (expected_result == OEMCrypto_SUCCESS) {
ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
}
if (sts == OEMCrypto_ERROR_SHORT_BUFFER) {
ASSERT_LE(sizeof(OEMCrypto_PST_Report), length);
pst_report_buffer_.resize(length);
ASSERT_EQ(wvcdm::Unpacked_PST_Report::report_size(pst.length()), length);
pst_report_buffer_.assign(length, 0xFF); // Fill with garbage values.
}
sts = OEMCrypto_ReportUsage(session_id(),
reinterpret_cast<const uint8_t*>(pst.c_str()),
pst.length(), pst_report(), &length);
if (!expect_success) {
ASSERT_NE(OEMCrypto_SUCCESS, sts);
pst.length(), &pst_report_buffer_[0], &length);
ASSERT_EQ(expected_result, sts);
if (expected_result != OEMCrypto_SUCCESS) {
return;
}
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
ASSERT_EQ(pst_report_buffer_.size(), length);
vector<uint8_t> computed_signature(SHA_DIGEST_LENGTH);
unsigned int sig_len = SHA_DIGEST_LENGTH;
HMAC(EVP_sha1(), &mac_key_client_[0], mac_key_client_.size(),
reinterpret_cast<uint8_t*>(pst_report()) + SHA_DIGEST_LENGTH,
length - SHA_DIGEST_LENGTH, &computed_signature[0], &sig_len);
EXPECT_EQ(0, memcmp(&computed_signature[0], pst_report()->signature,
&pst_report_buffer_[SHA_DIGEST_LENGTH], length - SHA_DIGEST_LENGTH,
&computed_signature[0], &sig_len);
EXPECT_EQ(0, memcmp(&computed_signature[0], pst_report().signature(),
SHA_DIGEST_LENGTH));
EXPECT_GE(kInactive, pst_report()->status);
EXPECT_GE(kHardwareSecureClock, pst_report()->clock_security_level);
EXPECT_EQ(pst.length(), pst_report()->pst_length);
EXPECT_EQ(0, memcmp(pst.c_str(), pst_report()->pst, pst.length()));
EXPECT_GE(kInactiveUnused, pst_report().status());
EXPECT_GE(kHardwareSecureClock, pst_report().clock_security_level());
EXPECT_EQ(pst.length(), pst_report().pst_length());
EXPECT_EQ(0, memcmp(pst.c_str(), pst_report().pst(), pst.length()));
// Also, we the session to be able to sign the release message with the
// correct mac keys from the usage table entry.
ASSERT_NO_FATAL_FAILURE(VerifyClientSignature());
}
OEMCrypto_PST_Report* Session::pst_report() {
return reinterpret_cast<OEMCrypto_PST_Report*>(&pst_report_buffer_[0]);
void Session::VerifyPST(const Test_PST_Report& expected) {
wvcdm::Unpacked_PST_Report computed = pst_report();
EXPECT_EQ(expected.status, computed.status());
char* pst_ptr = reinterpret_cast<char *>(computed.pst());
std::string computed_pst(pst_ptr, pst_ptr + computed.pst_length());
ASSERT_EQ(expected.pst, computed_pst);
EXPECT_NEAR(expected.seconds_since_license_received,
computed.seconds_since_license_received(),
kTimeTolerance);
// Decrypt times only valid on licenses that have been active.
if (expected.status == kActive || expected.status == kInactiveUsed) {
EXPECT_NEAR(expected.seconds_since_first_decrypt,
computed.seconds_since_first_decrypt(),
kUsageTableTimeTolerance);
EXPECT_NEAR(expected.seconds_since_last_decrypt,
computed.seconds_since_last_decrypt(),
kUsageTableTimeTolerance);
}
std::vector<uint8_t> signature(SHA_DIGEST_LENGTH);
unsigned int md_len = SHA_DIGEST_LENGTH;
if (!HMAC(EVP_sha1(), &mac_key_client_[0], mac_key_client_.size(),
&pst_report_buffer_[0] + SHA_DIGEST_LENGTH,
pst_report_buffer_.size() - SHA_DIGEST_LENGTH,
&signature[0], &md_len)) {
cout << "Error computing HMAC.\n";
dump_openssl_error();
}
EXPECT_EQ(0, memcmp(computed.signature(), &signature[0],
SHA_DIGEST_LENGTH));
}
void Session::DeleteEntry(const std::string& pst) {
uint8_t* pst_ptr = encrypted_license().pst;
memcpy(pst_ptr, pst.c_str(), min(sizeof(license_.pst), pst.length()));
ServerSignBuffer(reinterpret_cast<const uint8_t*>(&padded_message_),
message_size_, &signature_);
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_DeleteUsageEntry(session_id(), pst_ptr, pst.length(),
message_ptr(), message_size_,
&signature_[0], signature_.size()));
// This might adjust t to be "seconds since now". If t is small, we assume it
// is "seconds since now", but if the value of t is large, assume it is
// "absolute time" and convert to "seconds since now".
static int64_t MaybeAdjustTime(int64_t t, time_t now) {
int64_t k10Minutes = 60 * 10; // in seconds.
if (t > k10Minutes) return now - t;
return t;
}
void Session::ForceDeleteEntry(const std::string& pst) {
ASSERT_EQ(OEMCrypto_SUCCESS,
OEMCrypto_ForceDeleteUsageEntry(
reinterpret_cast<const uint8_t*>(pst.c_str()), pst.length()));
void Session::GenerateVerifyReport(const std::string& pst,
OEMCrypto_Usage_Entry_Status status,
int64_t time_license_received,
int64_t time_first_decrypt,
int64_t time_last_decrypt) {
ASSERT_NO_FATAL_FAILURE(GenerateReport(pst));
Test_PST_Report expected(pst, status);
time_t now = time(NULL);
expected.seconds_since_license_received =
MaybeAdjustTime(time_license_received, now);
expected.seconds_since_first_decrypt =
MaybeAdjustTime(time_first_decrypt, now);
expected.seconds_since_last_decrypt = MaybeAdjustTime(time_last_decrypt, now);
ASSERT_NO_FATAL_FAILURE(VerifyPST(expected));
}
void Session::CreateOldEntry(const Test_PST_Report& report) {
OEMCryptoResult result = OEMCrypto_CreateOldUsageEntry(
report.seconds_since_license_received,
report.seconds_since_first_decrypt,
report.seconds_since_last_decrypt,
report.status, &mac_key_server_[0],
&mac_key_client_[0],
reinterpret_cast<const uint8_t*>(report.pst.c_str()),
report.pst.length());
if (result == OEMCrypto_ERROR_NOT_IMPLEMENTED) return;
ASSERT_EQ(OEMCrypto_SUCCESS, result);
}
void Session::CopyAndVerifyOldEntry(const Test_PST_Report& report,
std::vector<uint8_t>* header_buffer) {
ASSERT_NO_FATAL_FAILURE(CreateNewUsageEntry());
OEMCryptoResult result = OEMCrypto_CopyOldUsageEntry(
session_id(), reinterpret_cast<const uint8_t*>(report.pst.c_str()),
report.pst.length());
if (result == OEMCrypto_ERROR_NOT_IMPLEMENTED) {
cout << "WARNING: OEMCrypto CANNOT copy old usage table to new." << endl;
return;
}
ASSERT_NO_FATAL_FAILURE(UpdateUsageEntry(header_buffer));
ASSERT_NO_FATAL_FAILURE(GenerateReport(report.pst));
ASSERT_NO_FATAL_FAILURE(VerifyPST(report));
}
const uint8_t* Session::message_ptr() {

106
oemcrypto/test/oec_session_util.h
View File

@@ -10,6 +10,7 @@
#include <vector>
#include "oec_device_features.h"
#include "pst_report.h"
#include "wv_cdm_constants.h"
using namespace std;
@@ -18,19 +19,7 @@ using namespace std;
// which is std::vector in this case.
namespace std {
struct PatternTestVariant {
PatternTestVariant(size_t encrypt, size_t skip, OEMCryptoCipherMode mode_) {
this->pattern.encrypt = encrypt;
this->pattern.skip = skip;
this->pattern.offset = 0;
this->mode = mode_;
}
OEMCrypto_CENCEncryptPatternDesc pattern;
OEMCryptoCipherMode mode;
};
void PrintTo(const vector<uint8_t>& value, ostream* os);
void PrintTo(const PatternTestVariant& param, ostream* os);
} // namespace std
@@ -50,6 +39,7 @@ const int kLongSleep = 2 * kSpeedMultiplier;
const uint32_t kDuration = 2 * kSpeedMultiplier;
const uint32_t kLongDuration = 5 * kSpeedMultiplier;
const int32_t kTimeTolerance = 3 * kSpeedMultiplier;
const time_t kUsageTableTimeTolerance = 10 * kSpeedMultiplier;
} // namespace
typedef struct {
@@ -101,6 +91,18 @@ struct RSAPrivateKeyMessage {
uint32_t nonce;
};
struct Test_PST_Report {
Test_PST_Report(const std::string& pst_in,
OEMCrypto_Usage_Entry_Status status_in)
: status(status_in), pst(pst_in) {}
OEMCrypto_Usage_Entry_Status status;
int64_t seconds_since_license_received;
int64_t seconds_since_first_decrypt;
int64_t seconds_since_last_decrypt;
std::string pst;
};
// Increment counter for AES-CTR. The CENC spec specifies we increment only
// the low 64 bits of the IV counter, and leave the high 64 bits alone. This
// is different from the OpenSSL implementation, so we implement the CTR loop
@@ -203,6 +205,13 @@ class Session {
void TestDecryptCTR(bool select_key_first = true,
OEMCryptoResult expected_result = OEMCrypto_SUCCESS,
int key_index = 0);
// This compares the actual result with the expected result. If OEMCrypto is
// an older version, we allow it to report an equivalent error code.
void TestDecryptResult(OEMCryptoResult expected_result,
OEMCryptoResult actual_result);
// Verify that an attempt to select an expired key either succeeds, or gives
// an actionable error code.
void TestSelectExpired(unsigned int key_index);
// Calls OEMCrypto_GetOEMPublicCertificate and loads the OEM cert's public
// rsa key into public_rsa_.
void LoadOEMCert(bool verify_cert = false);
@@ -241,27 +250,68 @@ class Session {
// Calls OEMCrypto_RewrapDeviceRSAKey30 with the given provisioning response
// message. If force is true, we assert that the key loads successfully.
void RewrapRSAKey30(const struct RSAPrivateKeyMessage& encrypted,
size_t message_size,
const std::vector<uint8_t>& encrypted_message_key,
vector<uint8_t>* wrapped_key, bool force);
// Loads the specified wrapped_rsa_key into OEMCrypto, and then runs
// GenerateDerivedKeysFromSessionKey to install known encryption and mac keys.
void InstallRSASessionTestKey(const vector<uint8_t>& wrapped_rsa_key);
// Generates a usage report for the specified pst. If expect_success is true,
// Creates a new usage entry, and keeps track of the index.
void CreateNewUsageEntry();
// Copy encrypted usage entry from other session, and then load it.
// This session must already be open.
void LoadUsageEntry(uint32_t index, const vector<uint8_t>& buffer);
// Copy encrypted usage entry from other session.
// This session must already be open.
void LoadUsageEntry(const Session& other) {
LoadUsageEntry(other.usage_entry_number(), other.encrypted_usage_entry());
}
// Reload previously used usage entry.
void ReloadUsageEntry() { LoadUsageEntry(*this); }
// Update the usage entry and save the header to the specified buffer.
void UpdateUsageEntry(std::vector<uint8_t>* header_buffer);
// Deactivate this session's usage entry.
void DeactivateUsageEntry(const std::string& pst);
// The usage entry number for this session's usage entry.
uint32_t usage_entry_number() const { return usage_entry_number_; }
void set_usage_entry_number(uint32_t v) { usage_entry_number_ = v; }
// The encrypted buffer holding the recently updated and saved usage entry.
const vector<uint8_t>& encrypted_usage_entry() const {
return encrypted_usage_entry_;
}
// Generates a usage report for the specified pst. If there is success,
// the report's signature is verified, and several fields are given sanity
// checks. If other is not null, then the mac keys are copied from other in
// order to verify signatures.
void GenerateReport(const std::string& pst, bool expect_success = true,
void GenerateReport(const std::string& pst,
OEMCryptoResult expected_result = OEMCrypto_SUCCESS,
Session* other = 0);
// Returns a pointer to the usage report generated by the previous call to
// GenerateReport.
OEMCrypto_PST_Report* pst_report();
// Creates a signed delete usage table entry message and calls
// OEMCrypto_DeleteUsageEntry on it.
void DeleteEntry(const std::string& pst);
// Calls OEMCrypto_ForceDeleteUsageEntry to delete a usage table entry without
// a signed message.
void ForceDeleteEntry(const std::string& pst);
// Move this usage entry to a new index.
void MoveUsageEntry(uint32_t new_index, std::vector<uint8_t>* header_buffer,
OEMCryptoResult expect_result = OEMCrypto_SUCCESS);
// PST used in FillSimpleMesage.
string pst() const { return pst_; }
// Returns a pointer-like thing to the usage report generated by the previous
// call to GenerateReport.
wvcdm::Unpacked_PST_Report pst_report() {
return wvcdm::Unpacked_PST_Report(&pst_report_buffer_[0]);
}
// Verify the values in the PST report. The signature should have been
// verified in GenerateReport, above.
void VerifyPST(const Test_PST_Report& report);
// Generate and Verify the Usage Report. If any time is greater than 10
// minutes, it is assumed to be an absolute time, and time_since will be
// computed relative to now.
void GenerateVerifyReport(const std::string& pst,
OEMCrypto_Usage_Entry_Status status,
int64_t time_license_received = 0,
int64_t time_first_decrypt = 0,
int64_t time_last_decrypt = 0);
// Create an entry in the old usage table based on the given report.
void CreateOldEntry(const Test_PST_Report &report);
// Create a new entry and copy the old entry into it. Then very the report
// is right.
void CopyAndVerifyOldEntry(const Test_PST_Report &report,
std::vector<uint8_t>* header_buffer);
// The unencrypted license response or license renewal response.
MessageData& license() { return license_; }
@@ -281,8 +331,7 @@ class Session {
void set_num_keys(int num_keys) { num_keys_ = num_keys; }
// The current number of keys to use in the license(), encrypted_license()
// and key_array().
int num_keys() const { return num_keys_; }
size_t key_array_size() const { return num_keys_; }
unsigned int num_keys() const { return num_keys_; }
// Set the size of the buffer used the encrypted license.
// Must be between sizeof(MessageData) and kMaxMessageSize.
@@ -307,7 +356,10 @@ class Session {
size_t message_size_; // How much of the padded message to use.
OEMCrypto_KeyObject key_array_[kMaxNumKeys];
std::vector<uint8_t> signature_;
int num_keys_;
unsigned int num_keys_;
vector<uint8_t> encrypted_usage_entry_;
uint32_t usage_entry_number_;
string pst_;
};
} // namespace wvoec

277
oemcrypto/test/oec_test_data.h
View File

@@ -1,277 +0,0 @@
// Copyright 2016 Google Inc. All Rights Reserved.
//
// Test data for OEMCrypto unit tests.
//
#ifndef CDM_OEC_TEST_DATA_H_
#define CDM_OEC_TEST_DATA_H_
#include <string>
#if 0
#include "OEMCryptoCENC.h"
#include "wv_keybox.h"
#endif
namespace wvoec {
// These are test keyboxes. They will not be accepted by production systems.
// By using known keyboxes for these tests, the results for a given set of
// inputs to a test are predictable and can be compared to the actual results.
// The first keybox, kTestKeybox, with deviceID "TestKey01" is used for most of
// the tests. It should be loaded by OEMCrypto when OEMCrypto_LoadTestKeybox
// is called.
const wvoec_mock::WidevineKeybox kTestKeybox = {
// Sample keybox used for test vectors
{
// deviceID
0x54, 0x65, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x30, // TestKey01
0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
}, {
// key
0xfb, 0xda, 0x04, 0x89, 0xa1, 0x58, 0x16, 0x0e,
0xa4, 0x02, 0xe9, 0x29, 0xe3, 0xb6, 0x8f, 0x04,
}, {
// data
0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x10, 0x19,
0x07, 0xd9, 0xff, 0xde, 0x13, 0xaa, 0x95, 0xc1,
0x22, 0x67, 0x80, 0x53, 0x36, 0x21, 0x36, 0xbd,
0xf8, 0x40, 0x8f, 0x82, 0x76, 0xe4, 0xc2, 0xd8,
0x7e, 0xc5, 0x2b, 0x61, 0xaa, 0x1b, 0x9f, 0x64,
0x6e, 0x58, 0x73, 0x49, 0x30, 0xac, 0xeb, 0xe8,
0x99, 0xb3, 0xe4, 0x64, 0x18, 0x9a, 0x14, 0xa8,
0x72, 0x02, 0xfb, 0x02, 0x57, 0x4e, 0x70, 0x64,
0x0b, 0xd2, 0x2e, 0xf4, 0x4b, 0x2d, 0x7e, 0x39,
}, {
// magic
0x6b, 0x62, 0x6f, 0x78,
}, {
// Crc
0x0a, 0x7a, 0x2c, 0x35,
}
};
static wvoec_mock::WidevineKeybox kValidKeybox02 = {
// Sample keybox used for test vectors
{
// deviceID
0x54, 0x65, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x30, // TestKey02
0x32, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
}, {
// key
0x76, 0x5d, 0xce, 0x01, 0x04, 0x89, 0xb3, 0xd0,
0xdf, 0xce, 0x54, 0x8a, 0x49, 0xda, 0xdc, 0xb6,
}, {
// data
0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x10, 0x19,
0x92, 0x27, 0x0b, 0x1f, 0x1a, 0xd5, 0xc6, 0x93,
0x19, 0x3f, 0xaa, 0x74, 0x1f, 0xdd, 0x5f, 0xb4,
0xe9, 0x40, 0x2f, 0x34, 0xa4, 0x92, 0xf4, 0xae,
0x9a, 0x52, 0x39, 0xbc, 0xb7, 0x24, 0x38, 0x13,
0xab, 0xf4, 0x92, 0x96, 0xc4, 0x81, 0x60, 0x33,
0xd8, 0xb8, 0x09, 0xc7, 0x55, 0x0e, 0x12, 0xfa,
0xa8, 0x98, 0x62, 0x8a, 0xec, 0xea, 0x74, 0x8a,
0x4b, 0xfa, 0x5a, 0x9e, 0xb6, 0x49, 0x0d, 0x80,
}, {
// magic
0x6b, 0x62, 0x6f, 0x78,
}, {
// Crc
0x2a, 0x3b, 0x3e, 0xe4,
}
};
static wvoec_mock::WidevineKeybox kValidKeybox03 = {
// Sample keybox used for test vectors
{
// deviceID
0x54, 0x65, 0x73, 0x74, 0x4b, 0x65, 0x79, 0x30, // TestKey03
0x33, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ........
}, {
// key
0x25, 0xe5, 0x2a, 0x02, 0x29, 0x68, 0x04, 0xa2,
0x92, 0xfd, 0x7c, 0x67, 0x0b, 0x67, 0x1f, 0x31,
}, {
// data
0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x10, 0x19,
0xf4, 0x0a, 0x0e, 0xa2, 0x0a, 0x71, 0xd5, 0x92,
0xfa, 0xa3, 0x25, 0xc6, 0x4b, 0x76, 0xf1, 0x64,
0xf4, 0x60, 0xa0, 0x30, 0x72, 0x23, 0xbe, 0x03,
0xcd, 0xde, 0x7a, 0x06, 0xd4, 0x01, 0xeb, 0xdc,
0xe0, 0x50, 0xc0, 0x53, 0x0a, 0x50, 0xb0, 0x37,
0xe5, 0x05, 0x25, 0x0e, 0xa4, 0xc8, 0x5a, 0xff,
0x46, 0x6e, 0xa5, 0x31, 0xf3, 0xdd, 0x94, 0xb7,
0xe0, 0xd3, 0xf9, 0x04, 0xb2, 0x54, 0xb1, 0x64,
}, {
// magic
0x6b, 0x62, 0x6f, 0x78,
}, {
// Crc
0xa1, 0x99, 0x5f, 0x46,
}
};
// A 2048 bit RSA key in PKCS#8 PrivateKeyInfo format
// Used to verify the functions that manipulate RSA keys.
static const uint8_t kTestRSAPKCS8PrivateKeyInfo2_2048[] = {
0x30, 0x82, 0x04, 0xbc, 0x02, 0x01, 0x00, 0x30,
0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
0x04, 0xa6, 0x30, 0x82, 0x04, 0xa2, 0x02, 0x01,
0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xa7, 0x00,
0x36, 0x60, 0x65, 0xdc, 0xbd, 0x54, 0x5a, 0x2a,
0x40, 0xb4, 0xe1, 0x15, 0x94, 0x58, 0x11, 0x4f,
0x94, 0x58, 0xdd, 0xde, 0xa7, 0x1f, 0x3c, 0x2c,
0xe0, 0x88, 0x09, 0x29, 0x61, 0x57, 0x67, 0x5e,
0x56, 0x7e, 0xee, 0x27, 0x8f, 0x59, 0x34, 0x9a,
0x2a, 0xaa, 0x9d, 0xb4, 0x4e, 0xfa, 0xa7, 0x6a,
0xd4, 0xc9, 0x7a, 0x53, 0xc1, 0x4e, 0x9f, 0xe3,
0x34, 0xf7, 0x3d, 0xb7, 0xc9, 0x10, 0x47, 0x4f,
0x28, 0xda, 0x3f, 0xce, 0x31, 0x7b, 0xfd, 0x06,
0x10, 0xeb, 0xf7, 0xbe, 0x92, 0xf9, 0xaf, 0xfb,
0x3e, 0x68, 0xda, 0xee, 0x1a, 0x64, 0x4c, 0xf3,
0x29, 0xf2, 0x73, 0x9e, 0x39, 0xd8, 0xf6, 0x6f,
0xd8, 0xb2, 0x80, 0x82, 0x71, 0x8e, 0xb5, 0xa4,
0xf2, 0xc2, 0x3e, 0xcd, 0x0a, 0xca, 0xb6, 0x04,
0xcd, 0x9a, 0x13, 0x8b, 0x54, 0x73, 0x54, 0x25,
0x54, 0x8c, 0xbe, 0x98, 0x7a, 0x67, 0xad, 0xda,
0xb3, 0x4e, 0xb3, 0xfa, 0x82, 0xa8, 0x4a, 0x67,
0x98, 0x56, 0x57, 0x54, 0x71, 0xcd, 0x12, 0x7f,
0xed, 0xa3, 0x01, 0xc0, 0x6a, 0x8b, 0x24, 0x03,
0x96, 0x88, 0xbe, 0x97, 0x66, 0x2a, 0xbc, 0x53,
0xc9, 0x83, 0x06, 0x51, 0x5a, 0x88, 0x65, 0x13,
0x18, 0xe4, 0x3a, 0xed, 0x6b, 0xf1, 0x61, 0x5b,
0x4c, 0xc8, 0x1e, 0xf4, 0xc2, 0xae, 0x08, 0x5e,
0x2d, 0x5f, 0xf8, 0x12, 0x7f, 0xa2, 0xfc, 0xbb,
0x21, 0x18, 0x30, 0xda, 0xfe, 0x40, 0xfb, 0x01,
0xca, 0x2e, 0x37, 0x0e, 0xce, 0xdd, 0x76, 0x87,
0x82, 0x46, 0x0b, 0x3a, 0x77, 0x8f, 0xc0, 0x72,
0x07, 0x2c, 0x7f, 0x9d, 0x1e, 0x86, 0x5b, 0xed,
0x27, 0x29, 0xdf, 0x03, 0x97, 0x62, 0xef, 0x44,
0xd3, 0x5b, 0x3d, 0xdb, 0x9c, 0x5e, 0x1b, 0x7b,
0x39, 0xb4, 0x0b, 0x6d, 0x04, 0x6b, 0xbb, 0xbb,
0x2c, 0x5f, 0xcf, 0xb3, 0x7a, 0x05, 0x02, 0x03,
0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x00, 0x5e,
0x79, 0x65, 0x49, 0xa5, 0x76, 0x79, 0xf9, 0x05,
0x45, 0x0f, 0xf4, 0x03, 0xbd, 0xa4, 0x7d, 0x29,
0xd5, 0xde, 0x33, 0x63, 0xd8, 0xb8, 0xac, 0x97,
0xeb, 0x3f, 0x5e, 0x55, 0xe8, 0x7d, 0xf3, 0xe7,
0x3b, 0x5c, 0x2d, 0x54, 0x67, 0x36, 0xd6, 0x1d,
0x46, 0xf5, 0xca, 0x2d, 0x8b, 0x3a, 0x7e, 0xdc,
0x45, 0x38, 0x79, 0x7e, 0x65, 0x71, 0x5f, 0x1c,
0x5e, 0x79, 0xb1, 0x40, 0xcd, 0xfe, 0xc5, 0xe1,
0xc1, 0x6b, 0x78, 0x04, 0x4e, 0x8e, 0x79, 0xf9,
0x0a, 0xfc, 0x79, 0xb1, 0x5e, 0xb3, 0x60, 0xe3,
0x68, 0x7b, 0xc6, 0xef, 0xcb, 0x71, 0x4c, 0xba,
0xa7, 0x79, 0x5c, 0x7a, 0x81, 0xd1, 0x71, 0xe7,
0x00, 0x21, 0x13, 0xe2, 0x55, 0x69, 0x0e, 0x75,
0xbe, 0x09, 0xc3, 0x4f, 0xa9, 0xc9, 0x68, 0x22,
0x0e, 0x97, 0x8d, 0x89, 0x6e, 0xf1, 0xe8, 0x88,
0x7a, 0xd1, 0xd9, 0x09, 0x5d, 0xd3, 0x28, 0x78,
0x25, 0x0b, 0x1c, 0x47, 0x73, 0x25, 0xcc, 0x21,
0xb6, 0xda, 0xc6, 0x24, 0x5a, 0xd0, 0x37, 0x14,
0x46, 0xc7, 0x94, 0x69, 0xe4, 0x43, 0x6f, 0x47,
0xde, 0x00, 0x33, 0x4d, 0x8f, 0x95, 0x72, 0xfa,
0x68, 0x71, 0x17, 0x66, 0x12, 0x1a, 0x87, 0x27,
0xf7, 0xef, 0x7e, 0xe0, 0x35, 0x58, 0xf2, 0x4d,
0x6f, 0x35, 0x01, 0xaa, 0x96, 0xe2, 0x3d, 0x51,
0x13, 0x86, 0x9c, 0x79, 0xd0, 0xb7, 0xb6, 0x64,
0xe8, 0x86, 0x65, 0x50, 0xbf, 0xcc, 0x27, 0x53,
0x1f, 0x51, 0xd4, 0xca, 0xbe, 0xf5, 0xdd, 0x77,
0x70, 0x98, 0x0f, 0xee, 0xa8, 0x96, 0x07, 0x5f,
0x45, 0x6a, 0x7a, 0x0d, 0x03, 0x9c, 0x4f, 0x29,
0xf6, 0x06, 0xf3, 0x5d, 0x58, 0x6c, 0x47, 0xd0,
0x96, 0xa9, 0x03, 0x17, 0xbb, 0x4e, 0xc9, 0x21,
0xe0, 0xac, 0xcd, 0x78, 0x78, 0xb2, 0xfe, 0x81,
0xb2, 0x51, 0x53, 0xa6, 0x1f, 0x98, 0x45, 0x02,
0x81, 0x81, 0x00, 0xcf, 0x73, 0x8c, 0xbe, 0x6d,
0x45, 0x2d, 0x0c, 0x0b, 0x5d, 0x5c, 0x6c, 0x75,
0x78, 0xcc, 0x35, 0x48, 0xb6, 0x98, 0xf1, 0xb9,
0x64, 0x60, 0x8c, 0x43, 0xeb, 0x85, 0xab, 0x04,
0xb6, 0x7d, 0x1b, 0x71, 0x75, 0x06, 0xe2, 0xda,
0x84, 0x68, 0x2e, 0x7f, 0x4c, 0xe3, 0x73, 0xb4,
0xde, 0x51, 0x4b, 0xb6, 0x51, 0x86, 0x7b, 0xd0,
0xe6, 0x4d, 0xf3, 0xd1, 0xcf, 0x1a, 0xfe, 0x7f,
0x3a, 0x83, 0xba, 0xb3, 0xe1, 0xff, 0x54, 0x13,
0x93, 0xd7, 0x9c, 0x27, 0x80, 0xb7, 0x1e, 0x64,
0x9e, 0xf7, 0x32, 0x2b, 0x46, 0x29, 0xf7, 0xf8,
0x18, 0x6c, 0xf7, 0x4a, 0xbe, 0x4b, 0xee, 0x96,
0x90, 0x8f, 0xa2, 0x16, 0x22, 0x6a, 0xcc, 0x48,
0x06, 0x74, 0x63, 0x43, 0x7f, 0x27, 0x22, 0x44,
0x3c, 0x2d, 0x3b, 0x62, 0xf1, 0x1c, 0xb4, 0x27,
0x33, 0x85, 0x26, 0x60, 0x48, 0x16, 0xcb, 0xef,
0xf8, 0xcd, 0x37, 0x02, 0x81, 0x81, 0x00, 0xce,
0x15, 0x43, 0x6e, 0x4b, 0x0f, 0xf9, 0x3f, 0x87,
0xc3, 0x41, 0x45, 0x97, 0xb1, 0x49, 0xc2, 0x19,
0x23, 0x87, 0xe4, 0x24, 0x1c, 0x64, 0xe5, 0x28,
0xcb, 0x43, 0x10, 0x14, 0x14, 0x0e, 0x19, 0xcb,
0xbb, 0xdb, 0xfd, 0x11, 0x9d, 0x17, 0x68, 0x78,
0x6d, 0x61, 0x70, 0x63, 0x3a, 0xa1, 0xb3, 0xf3,
0xa7, 0x5b, 0x0e, 0xff, 0xb7, 0x61, 0x11, 0x54,
0x91, 0x99, 0xe5, 0x91, 0x32, 0x2d, 0xeb, 0x3f,
0xd8, 0x3e, 0xf7, 0xd4, 0xcb, 0xd2, 0xa3, 0x41,
0xc1, 0xee, 0xc6, 0x92, 0x13, 0xeb, 0x7f, 0x42,
0x58, 0xf4, 0xd0, 0xb2, 0x74, 0x1d, 0x8e, 0x87,
0x46, 0xcd, 0x14, 0xb8, 0x16, 0xad, 0xb5, 0xbd,
0x0d, 0x6c, 0x95, 0x5a, 0x16, 0xbf, 0xe9, 0x53,
0xda, 0xfb, 0xed, 0x83, 0x51, 0x67, 0xa9, 0x55,
0xab, 0x54, 0x02, 0x95, 0x20, 0xa6, 0x68, 0x17,
0x53, 0xa8, 0xea, 0x43, 0xe5, 0xb0, 0xa3, 0x02,
0x81, 0x80, 0x67, 0x9c, 0x32, 0x83, 0x39, 0x57,
0xff, 0x73, 0xb0, 0x89, 0x64, 0x8b, 0xd6, 0xf0,
0x0a, 0x2d, 0xe2, 0xaf, 0x30, 0x1c, 0x2a, 0x97,
0xf3, 0x90, 0x9a, 0xab, 0x9b, 0x0b, 0x1b, 0x43,
0x79, 0xa0, 0xa7, 0x3d, 0xe7, 0xbe, 0x8d, 0x9c,
0xeb, 0xdb, 0xad, 0x40, 0xdd, 0xa9, 0x00, 0x80,
0xb8, 0xe1, 0xb3, 0xa1, 0x6c, 0x25, 0x92, 0xe4,
0x33, 0xb2, 0xbe, 0xeb, 0x4d, 0x74, 0x26, 0x5f,
0x37, 0x43, 0x9c, 0x6c, 0x17, 0x76, 0x0a, 0x81,
0x20, 0x82, 0xa1, 0x48, 0x2c, 0x2d, 0x45, 0xdc,
0x0f, 0x62, 0x43, 0x32, 0xbb, 0xeb, 0x59, 0x41,
0xf9, 0xca, 0x58, 0xce, 0x4a, 0x66, 0x53, 0x54,
0xc8, 0x28, 0x10, 0x1e, 0x08, 0x71, 0x16, 0xd8,
0x02, 0x71, 0x41, 0x58, 0xd4, 0x56, 0xcc, 0xf5,
0xb1, 0x31, 0xa3, 0xed, 0x00, 0x85, 0x09, 0xbf,
0x35, 0x95, 0x41, 0x29, 0x40, 0x19, 0x83, 0x35,
0x24, 0x69, 0x02, 0x81, 0x80, 0x55, 0x10, 0x0b,
0xcc, 0x3b, 0xa9, 0x75, 0x3d, 0x16, 0xe1, 0xae,
0x50, 0x76, 0x63, 0x94, 0x49, 0x4c, 0xad, 0x10,
0xcb, 0x47, 0x68, 0x7c, 0xf0, 0xe5, 0xdc, 0xb8,
0x6a, 0xab, 0x8e, 0xf7, 0x9f, 0x08, 0x2c, 0x1b,
0x8a, 0xa2, 0xb9, 0x8f, 0xce, 0xec, 0x5e, 0x61,
0xa8, 0xcd, 0x1c, 0x87, 0x60, 0x4a, 0xc3, 0x1a,
0x5f, 0xdf, 0x87, 0x26, 0xc6, 0xcb, 0x7c, 0x69,
0xe4, 0x8b, 0x01, 0x06, 0x59, 0x22, 0xfa, 0x34,
0x4b, 0x81, 0x87, 0x3c, 0x03, 0x6d, 0x02, 0x0a,
0x77, 0xe6, 0x15, 0xd8, 0xcf, 0xa7, 0x68, 0x26,
0x6c, 0xfa, 0x2b, 0xd9, 0x83, 0x5a, 0x2d, 0x0c,
0x3b, 0x70, 0x1c, 0xd4, 0x48, 0xbe, 0xa7, 0x0a,
0xd9, 0xbe, 0xdc, 0xc3, 0x0c, 0x21, 0x33, 0xb3,
0x66, 0xff, 0x1c, 0x1b, 0xc8, 0x96, 0x76, 0xe8,
0x6f, 0x44, 0x74, 0xbc, 0x9b, 0x1c, 0x7d, 0xc8,
0xac, 0x21, 0xa8, 0x6e, 0x37, 0x02, 0x81, 0x80,
0x2c, 0x7c, 0xad, 0x1e, 0x75, 0xf6, 0x69, 0x1d,
0xe7, 0xa6, 0xca, 0x74, 0x7d, 0x67, 0xc8, 0x65,
0x28, 0x66, 0xc4, 0x43, 0xa6, 0xbd, 0x40, 0x57,
0xae, 0xb7, 0x65, 0x2c, 0x52, 0xf9, 0xe4, 0xc7,
0x81, 0x7b, 0x56, 0xa3, 0xd2, 0x0d, 0xe8, 0x33,
0x70, 0xcf, 0x06, 0x84, 0xb3, 0x4e, 0x44, 0x50,
0x75, 0x61, 0x96, 0x86, 0x4b, 0xb6, 0x2b, 0xad,
0xf0, 0xad, 0x57, 0xd0, 0x37, 0x0d, 0x1d, 0x35,
0x50, 0xcb, 0x69, 0x22, 0x39, 0x29, 0xb9, 0x3a,
0xd3, 0x29, 0x23, 0x02, 0x60, 0xf7, 0xab, 0x30,
0x40, 0xda, 0x8e, 0x4d, 0x45, 0x70, 0x26, 0xf4,
0xa2, 0x0d, 0xd0, 0x64, 0x5d, 0x47, 0x3c, 0x18,
0xf4, 0xd4, 0x52, 0x95, 0x00, 0xae, 0x84, 0x6b,
0x47, 0xb2, 0x3c, 0x82, 0xd3, 0x72, 0x53, 0xde,
0x72, 0x2c, 0xf7, 0xc1, 0x22, 0x36, 0xd9, 0x18,
0x56, 0xfe, 0x39, 0x28, 0x33, 0xe0, 0xdb, 0x03 };
} // namespace wvoec
#endif // CDM_OEC_TEST_DATA_H_

147
oemcrypto/test/oemcrypto_session_tests_helper.cpp Normal file
View File

@@ -0,0 +1,147 @@
#include "oemcrypto_session_tests_helper.h"
#include <gtest/gtest.h>
#include "test_keybox.h"
using namespace std;
using namespace wvoec;
namespace wvoec {
// Make this function available when in Fuzz mode because we are not inheriting
// from OEMCryptoClientTest.
const uint8_t* find(const vector<uint8_t>& message,
const vector<uint8_t>& substring) {
vector<uint8_t>::const_iterator pos = search(
message.begin(), message.end(), substring.begin(), substring.end());
if (pos == message.end()) {
return NULL;
}
return &(*pos);
}
// If force is true, we assert that the key loads successfully.
void SessionUtil::CreateWrappedRSAKeyFromKeybox(uint32_t allowed_schemes,
bool force) {
Session s;
ASSERT_NO_FATAL_FAILURE(s.open());
ASSERT_NO_FATAL_FAILURE(s.GenerateDerivedKeysFromKeybox());
// Provisioning request would be signed by the client and verified by the
// server.
ASSERT_NO_FATAL_FAILURE(s.VerifyClientSignature());
struct RSAPrivateKeyMessage encrypted;
std::vector<uint8_t> signature;
ASSERT_NO_FATAL_FAILURE(
s.MakeRSACertificate(&encrypted, sizeof(encrypted),
&signature, allowed_schemes,
encoded_rsa_key_));
ASSERT_NO_FATAL_FAILURE(s.RewrapRSAKey(
encrypted, sizeof(encrypted), signature, &wrapped_rsa_key_, force));
// Verify that the clear key is not contained in the wrapped key.
// It should be encrypted.
ASSERT_EQ(NULL, find(wrapped_rsa_key_, encoded_rsa_key_));
}
// If force is true, we assert that the key loads successfully.
void SessionUtil::CreateWrappedRSAKeyFromOEMCert(
uint32_t allowed_schemes, bool force) {
Session s;
ASSERT_NO_FATAL_FAILURE(s.open());
ASSERT_NO_FATAL_FAILURE(s.LoadOEMCert());
s.GenerateNonce();
struct RSAPrivateKeyMessage encrypted;
std::vector<uint8_t> signature;
std::vector<uint8_t> message_key;
std::vector<uint8_t> encrypted_message_key;
s.GenerateRSASessionKey(&message_key, &encrypted_message_key);
ASSERT_NO_FATAL_FAILURE(
s.MakeRSACertificate(&encrypted, sizeof(encrypted), &signature,
allowed_schemes, encoded_rsa_key_, &message_key));
ASSERT_NO_FATAL_FAILURE(
s.RewrapRSAKey30(encrypted, encrypted_message_key,
&wrapped_rsa_key_, force));
// Verify that the clear key is not contained in the wrapped key.
// It should be encrypted.
ASSERT_EQ(NULL, find(wrapped_rsa_key_, encoded_rsa_key_));
}
// If force is true, we assert that the key loads successfully.
void SessionUtil::CreateWrappedRSAKey(uint32_t allowed_schemes,
bool force) {
switch (global_features.provisioning_method) {
case OEMCrypto_OEMCertificate:
CreateWrappedRSAKeyFromOEMCert(allowed_schemes, force);
break;
case OEMCrypto_Keybox:
CreateWrappedRSAKeyFromKeybox(allowed_schemes, force);
break;
default:
FAIL() << "Cannot generate wrapped RSA key if provision method = "
<< wvoec::ProvisioningMethodName(
global_features.provisioning_method);
}
}
void SessionUtil::InstallKeybox(const uint8_t* keybox, bool good) {
const size_t keybox_size = wvcdm_test_auth::kKeyboxSize;
uint8_t wrapped[keybox_size];
size_t length = keybox_size;
ASSERT_EQ(
OEMCrypto_SUCCESS,
OEMCrypto_WrapKeybox(keybox, keybox_size, wrapped, &length, NULL, 0));
OEMCryptoResult sts = OEMCrypto_InstallKeybox(wrapped, length);
if (good) {
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
} else {
// Can return error now, or return error on IsKeyboxValid.
}
}
void SessionUtil::EnsureTestKeys() {
switch (global_features.derive_key_method) {
case DeviceFeatures::LOAD_TEST_KEYBOX:
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadTestKeybox());
break;
case DeviceFeatures::LOAD_TEST_RSA_KEY:
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadTestRSAKey());
break;
case DeviceFeatures::EXISTING_TEST_KEYBOX:
// already has test keybox.
break;
case DeviceFeatures::FORCE_TEST_KEYBOX:
InstallKeybox(wvcdm_test_auth::kKeybox, true);
break;
case DeviceFeatures::TEST_PROVISION_30:
// Can use oem certificate to install test rsa key.
break;
default:
FAIL() << "Cannot run test without test keybox or RSA key installed.";
}
}
// This makes sure that the derived keys (encryption key and two mac keys)
// are installed in OEMCrypto and in the test session.
void SessionUtil::InstallTestSessionKeys(Session* s) {
if (global_features.uses_certificate) {
if (global_features.loads_certificate) {
if (wrapped_rsa_key_.size() == 0) {
// If we don't have a wrapped key yet, create one.
// This wrapped key will be shared by all sessions in the test.
ASSERT_NO_FATAL_FAILURE(
CreateWrappedRSAKey(kSign_RSASSA_PSS, true));
}
// Load the wrapped rsa test key.
ASSERT_NO_FATAL_FAILURE(
s->InstallRSASessionTestKey(wrapped_rsa_key_));
}
// Test RSA key should be loaded.
ASSERT_NO_FATAL_FAILURE(
s->GenerateDerivedKeysFromSessionKey());
} else { // Just uses keybox. Test keybox should already be installed.
ASSERT_NO_FATAL_FAILURE(
s->GenerateDerivedKeysFromKeybox());
}
}
}

40
oemcrypto/test/oemcrypto_session_tests_helper.h Normal file
View File

@@ -0,0 +1,40 @@
#include <assert.h>
#include <algorithm>
#include <iostream>
#include <openssl/aes.h>
#include <openssl/rand.h>
#include "oec_session_util.h"
#include "OEMCryptoCENC.h"
#include "test_rsa_key.h"
namespace wvoec {
class SessionUtil {
public:
SessionUtil()
: encoded_rsa_key_(wvcdm_test_auth::kRsaPrivateKey_2048,
wvcdm_test_auth::kRsaPrivateKey_2048 +
wvcdm_test_auth::kRsaPrivateKeySize_2048) {}
// If force is true, we assert that the key loads successfully.
void CreateWrappedRSAKeyFromKeybox(uint32_t allowed_schemes, bool force);
// If force is true, we assert that the key loads successfully.
void CreateWrappedRSAKeyFromOEMCert(uint32_t allowed_schemes, bool force);
// If force is true, we assert that the key loads successfully.
void CreateWrappedRSAKey(uint32_t allowed_schemes, bool force);
void InstallKeybox(const uint8_t* keybox, bool good);
void EnsureTestKeys();
void InstallTestSessionKeys(Session* s);
std::vector<uint8_t> encoded_rsa_key_;
std::vector<uint8_t> wrapped_rsa_key_;
};
} // namespace wvoec

2196
oemcrypto/test/oemcrypto_test.cpp
View File

File diff suppressed because it is too large Load Diff

23
oemcrypto/test/oemcrypto_test_android.cpp
View File

@@ -16,6 +16,8 @@
#include "OEMCryptoCENC.h"
#include "log.h"
namespace wvoec {
// These tests are required for LollyPop Android devices.
@@ -101,9 +103,18 @@ TEST_F(OEMCryptoAndroidMNCTest, MinVersionNumber10) {
ASSERT_GE(version, 10u);
}
TEST_F(OEMCryptoAndroidMNCTest, LoadsTestKeyboxImplemented) {
TEST_F(OEMCryptoAndroidMNCTest, LoadTestKeybox) {
if (OEMCrypto_Keybox == OEMCrypto_GetProvisioningMethod()) {
ASSERT_EQ(OEMCrypto_SUCCESS, OEMCrypto_LoadTestKeybox());
OEMCryptoResult status = OEMCrypto_LoadTestKeybox();
// OEMCrypto may return success or not implemented.
if (status == OEMCrypto_SUCCESS) {
LOGV("OEMCrypto_LoadTestKeybox is implemented.");
} else if (status == OEMCrypto_ERROR_NOT_IMPLEMENTED) {
LOGV("OEMCrypto_LoadTestKeybox is NOT implemented.");
} else {
// Bad status - fail.
ASSERT_EQ(status, OEMCrypto_SUCCESS);
}
} else {
// Android should use keybox or provisioning 3.0.
ASSERT_EQ(OEMCrypto_OEMCertificate, OEMCrypto_GetProvisioningMethod());
@@ -130,4 +141,12 @@ TEST_F(OEMCryptoAndroidNYCTest, MinVersionNumber11) {
ASSERT_GE(version, 11u);
}
// These tests are required for O MR1 Android devices.
class OEMCryptoAndroidOCTest : public OEMCryptoAndroidNYCTest {};
TEST_F(OEMCryptoAndroidOCTest, MinVersionNumber13) {
uint32_t version = OEMCrypto_APIVersion();
ASSERT_GE(version, 13u);
}
} // namespace wvoec