Source release 15.0.0

oemcrypto/test/oec_device_features.cpp

@@ -29,6 +29,7 @@ void DeviceFeatures::Initialize(bool is_cast_receiver,
   supports_rsa_3072 = false;
   api_version = 0;
   derive_key_method = NO_METHOD;
+  OEMCrypto_SetSandbox(kTestSandbox, sizeof(kTestSandbox));
   if (OEMCrypto_SUCCESS != OEMCrypto_Initialize()) {
     printf("OEMCrypto_Initialize failed. All tests will fail.\n");
     return;
@@ -94,6 +95,19 @@ void DeviceFeatures::Initialize(bool is_cast_receiver,
     }
   }
   printf("cast_receiver = %s.\n", cast_receiver ? "true" : "false");
+  resource_rating = OEMCrypto_ResourceRatingTier();
+  printf("resource_rating = %d, security level %s.\n", resource_rating,
+         OEMCrypto_SecurityLevel());
+  uint32_t decrypt_hash_type = OEMCrypto_SupportsDecryptHash();
+  supports_crc = (decrypt_hash_type == OEMCrypto_CRC_Clear_Buffer);
+  if (supports_crc) {
+    printf("Decrypt hashes will be tested.\n");
+  } else {
+    printf("Decrypt hashes will not be tested -- %s.\n",
+           decrypt_hash_type == OEMCrypto_Hash_Not_Supported
+               ? "not supported"
+               : "partner defined hash");
+  }
   switch (derive_key_method) {
     case NO_METHOD:
       printf("NO_METHOD: Cannot derive known session keys.\n");
@@ -119,7 +133,7 @@ void DeviceFeatures::Initialize(bool is_cast_receiver,
   }
   std::string security_level = OEMCrypto_SecurityLevel();
   supports_level_1 = (security_level == "L1");
-  printf("SecurityLevel is %s (%s)",
+  printf("SecurityLevel is %s (%s)\n",
          supports_level_1 ? "Level 1" : "Not Level 1",
          security_level.c_str());
   OEMCrypto_Terminate();
@@ -139,12 +153,33 @@ std::string DeviceFeatures::RestrictFilter(const std::string& initial_filter) {
   if (provisioning_method
       != OEMCrypto_OEMCertificate)    FilterOut(&filter, "*Prov30*");
   if (!supports_rsa_3072)             FilterOut(&filter, "*RSAKey3072*");
-  if (api_version <  9)               FilterOut(&filter, "*API09*");
-  if (api_version < 10)               FilterOut(&filter, "*API10*");
-  if (api_version < 11)               FilterOut(&filter, "*API11*");
-  if (api_version < 12)               FilterOut(&filter, "*API12*");
-  if (api_version < 13)               FilterOut(&filter, "*API13*");
-  if (api_version < 14)               FilterOut(&filter, "*API14*");
+  if (api_version < 14) {
+    // Because API 13 uses an old hard coded test keybox, none of these tests
+    // will pass.  Partners who wish to test with a v13 OEMCrypto should use
+    // code on an older v13 branch.
+    printf("These unit tests are designed for OEMCrypto API 15 and above.\n");
+    printf("This device has an OEMCrypto with API version %d.\n", api_version);
+    printf("To verify correctness, please build unit tests from a "
+         "compatible branch.\n");
+    FilterOut(&filter, "*API09*");
+    FilterOut(&filter, "*API10*");
+    FilterOut(&filter, "*API11*");
+    FilterOut(&filter, "*API12*");
+    FilterOut(&filter, "*API13*");
+    FilterOut(&filter, "*API14*");
+    FilterOut(&filter, "*TestKeyboxTest*");
+    FilterOut(&filter, "*SessionTest*");
+    FilterOut(&filter, "*UsageTable*");
+    FilterOut(&filter, "*GenericCrypto*");
+    FilterOut(&filter, "*LoadsCertificate*");
+    FilterOut(&filter, "*UsesCertificate*");
+    // We also expect some CDM tests to fail without a new test keybox:
+    FilterOut(&filter, "*WvCdmRequestLicenseTest*");
+    FilterOut(&filter, "*WvGenericOperations*");
+    FilterOut(&filter, "*WvCdmEngine*");
+    FilterOut(&filter, "*Cdm/WvCdm*");
+    FilterOut(&filter, "*Cdm/WvHls*");
+  }
   if (api_version < 15)               FilterOut(&filter, "*API15*");
   // Some tests may require root access. If user is not root, filter these tests
   // out.