Source release 17.1.0

2022-07-07 17:14:31 -07:00
parent 8c17574083
commit 694cf6fb25
2233 changed files with 272026 additions and 223371 deletions
--- a/oemcrypto/test/oemcrypto_session_tests_helper.cpp
+++ b/oemcrypto/test/oemcrypto_session_tests_helper.cpp
@@ -63,6 +63,9 @@ void SessionUtil::EnsureTestKeys() {
    case DeviceFeatures::TEST_PROVISION_30:
      // Can use oem certificate to install test rsa key.
      break;
+    case wvoec::DeviceFeatures::TEST_PROVISION_40:
+      // OEM certificate is retrieved from the server.
+      break;
    default:
      FAIL() << "Cannot run test without test keybox or RSA key installed.";
  }
@@ -71,6 +74,39 @@ void SessionUtil::EnsureTestKeys() {
 // This makes sure that the derived keys (encryption key and two mac keys)
 // are installed in OEMCrypto and in the test session.
 void SessionUtil::InstallTestRSAKey(Session* s) {
+  if (global_features.provisioning_method == OEMCrypto_BootCertificateChain) {
+    if (wrapped_rsa_key_.size() == 0) {
+      // If we don't have a wrapped key yet, create one.
+      // This wrapped key will be shared by all sessions in the test.
+      const size_t buffer_size = 5000;  // Make sure it is large enough.
+      std::vector<uint8_t> public_key(buffer_size);
+      size_t public_key_size = buffer_size;
+      std::vector<uint8_t> public_key_signature(buffer_size);
+      size_t public_key_signature_size = buffer_size;
+      std::vector<uint8_t> wrapped_private_key(buffer_size);
+      size_t wrapped_private_key_size = buffer_size;
+      OEMCrypto_PrivateKeyType key_type;
+      // Assume OEM cert has been loaded.
+      ASSERT_EQ(OEMCrypto_SUCCESS,
+                OEMCrypto_GenerateCertificateKeyPair(
+                    s->session_id(), public_key.data(), &public_key_size,
+                    public_key_signature.data(), &public_key_signature_size,
+                    wrapped_private_key.data(), &wrapped_private_key_size,
+                    &key_type));
+      // Assume the public key has been verified by the server and the DRM cert
+      // is returned.
+      wrapped_private_key.resize(wrapped_private_key_size);
+      public_key.resize(public_key_size);
+      wrapped_rsa_key_ = wrapped_private_key;
+      drm_public_key_ = public_key;
+      key_type_ = key_type;
+    }
+    ASSERT_NO_FATAL_FAILURE(s->LoadWrappedDrmKey(key_type_, wrapped_rsa_key_));
+    ASSERT_NO_FATAL_FAILURE(s->SetPublicKeyFromSubjectPublicKey(
+        key_type_, drm_public_key_.data(), drm_public_key_.size()));
+    return;
+  }
+
  if (global_features.loads_certificate) {
    if (wrapped_rsa_key_.size() == 0) {
      // If we don't have a wrapped key yet, create one.
@@ -78,9 +114,10 @@ void SessionUtil::InstallTestRSAKey(Session* s) {
      ASSERT_NO_FATAL_FAILURE(CreateWrappedRSAKey());
    }
    // Load the wrapped rsa test key.
-    ASSERT_NO_FATAL_FAILURE(s->InstallRSASessionTestKey(wrapped_rsa_key_));
+    ASSERT_NO_FATAL_FAILURE(s->LoadWrappedRsaDrmKey(wrapped_rsa_key_));
  }
  // Test RSA key should be loaded.
-  ASSERT_NO_FATAL_FAILURE(s->PreparePublicKey());
+  ASSERT_NO_FATAL_FAILURE(s->SetTestRsaPublicKey());
 }
+
 }  // namespace wvoec