// Copyright 2020 Google LLC. All Rights Reserved. This file and proprietary // source code may only be used and distributed under the Widevine License // Agreement. // These tests perform various end-to-end actions similar to what an application // would do. They verify that policies specified on UAT are honored on the // device. #include #include #include #include #include "cdm_engine.h" #include "license_holder.h" #include "log.h" #include "oec_device_features.h" #include "test_base.h" #include "test_printers.h" #include "wv_cdm_types.h" namespace wvcdm { // Core Policy Integration Test class CorePIGTest : public WvCdmTestBaseWithEngine { protected: void SetUp() override { WvCdmTestBase::SetUp(); EnsureProvisioned(); } }; // An offline license with nonce not required. TEST_F(CorePIGTest, OfflineNoNonce) { LicenseHolder holder("CDM_OfflineNoNonce", &cdm_engine_, config_); holder.set_can_persist(true); const KeyId key_id = "0000000000000000"; ASSERT_NO_FATAL_FAILURE(holder.OpenSession()); ASSERT_NO_FATAL_FAILURE(holder.FetchLicense()); ASSERT_NO_FATAL_FAILURE(holder.LoadLicense()); EXPECT_EQ(NO_ERROR, holder.Decrypt(key_id)); ASSERT_NO_FATAL_FAILURE(holder.CloseSession()); // Should be able to close the previous session, open a new session, // and reload the license. ASSERT_NO_FATAL_FAILURE(holder.OpenSession()); ASSERT_NO_FATAL_FAILURE(holder.ReloadLicense()); EXPECT_EQ(NO_ERROR, holder.Decrypt(key_id)); ASSERT_NO_FATAL_FAILURE(holder.CloseSession()); } // An offline license with nonce and provider session token. TEST_F(CorePIGTest, OfflineWithPST) { LicenseHolder holder("CDM_OfflineWithPST", &cdm_engine_, config_); holder.set_can_persist(true); const KeyId key_id = "0000000000000000"; ASSERT_NO_FATAL_FAILURE(holder.OpenSession()); ASSERT_NO_FATAL_FAILURE(holder.FetchLicense()); ASSERT_NO_FATAL_FAILURE(holder.LoadLicense()); EXPECT_EQ(NO_ERROR, holder.Decrypt(key_id)); ASSERT_NO_FATAL_FAILURE(holder.CloseSession()); // Should be able to close the previous session, open a new session, // and reload the license. ASSERT_NO_FATAL_FAILURE(holder.OpenSession()); ASSERT_NO_FATAL_FAILURE(holder.ReloadLicense()); EXPECT_EQ(NO_ERROR, holder.Decrypt(key_id)); ASSERT_NO_FATAL_FAILURE(holder.CloseSession()); } // This test verifies that the system can download and install license with a // key that requires secure buffers. It also verifies that we cannot decrypt to // a non-secure buffer using this key, but that we can decrypt to a secure // buffer, if the test harness supports secure buffers. TEST_F(CorePIGTest, OfflineHWSecureRequired) { LicenseHolder holder("CDM_OfflineHWSecureRequired", &cdm_engine_, config_); holder.set_can_persist(true); const KeyId sw_key_id = "0000000000000000"; const KeyId hw_key_id = "0000000000000001"; ASSERT_NO_FATAL_FAILURE(holder.OpenSession()); ASSERT_NO_FATAL_FAILURE(holder.FetchLicense()); ASSERT_NO_FATAL_FAILURE(holder.LoadLicense()); EXPECT_EQ(NO_ERROR, holder.Decrypt(sw_key_id)); ASSERT_NO_FATAL_FAILURE(holder.FailDecrypt(hw_key_id, DECRYPT_ERROR)); // Next, if possible, we try to decrypt to a secure buffer, and verify // success. if (wvoec::global_features.test_secure_buffers) { ASSERT_NO_FATAL_FAILURE(holder.DecryptSecure(hw_key_id)); } else { LOGI("Test harness cannot create secure buffers. test skipped."); } ASSERT_NO_FATAL_FAILURE(holder.CloseSession()); // Should be able to close the previous session, open a new session, // and reload the license. ASSERT_NO_FATAL_FAILURE(holder.OpenSession()); ASSERT_NO_FATAL_FAILURE(holder.ReloadLicense()); EXPECT_EQ(NO_ERROR, holder.Decrypt(sw_key_id)); ASSERT_NO_FATAL_FAILURE(holder.FailDecrypt(hw_key_id, DECRYPT_ERROR)); // Next, if possible, we try to decrypt to a secure buffer, and verify // success. if (wvoec::global_features.test_secure_buffers) { ASSERT_NO_FATAL_FAILURE(holder.DecryptSecure(hw_key_id)); } else { LOGI("Test harness cannot create secure buffers. test skipped."); } ASSERT_NO_FATAL_FAILURE(holder.CloseSession()); } } // namespace wvcdm