113 lines
4.1 KiB
C++
113 lines
4.1 KiB
C++
// Copyright 2020 Google LLC. All Rights Reserved. This file and proprietary
|
|
// source code may only be used and distributed under the Widevine License
|
|
// Agreement.
|
|
|
|
// These tests perform various end-to-end actions similar to what an application
|
|
// would do. They verify that policies specified on UAT are honored on the
|
|
// device.
|
|
|
|
#include <string>
|
|
#include <vector>
|
|
|
|
#include <gmock/gmock.h>
|
|
#include <gtest/gtest.h>
|
|
|
|
#include "cdm_engine.h"
|
|
#include "license_holder.h"
|
|
#include "log.h"
|
|
#include "oec_device_features.h"
|
|
#include "test_base.h"
|
|
#include "test_printers.h"
|
|
|
|
#include "wv_cdm_types.h"
|
|
|
|
namespace wvcdm {
|
|
// Core Policy Integration Test
|
|
class CorePIGTest : public WvCdmTestBaseWithEngine {
|
|
protected:
|
|
void SetUp() override {
|
|
WvCdmTestBase::SetUp();
|
|
EnsureProvisioned();
|
|
}
|
|
};
|
|
|
|
// An offline license with nonce not required.
|
|
TEST_F(CorePIGTest, OfflineNoNonce) {
|
|
LicenseHolder holder("CDM_OfflineNoNonce", &cdm_engine_, config_);
|
|
holder.set_can_persist(true);
|
|
const KeyId key_id = "0000000000000000";
|
|
|
|
ASSERT_NO_FATAL_FAILURE(holder.OpenSession());
|
|
ASSERT_NO_FATAL_FAILURE(holder.FetchLicense());
|
|
ASSERT_NO_FATAL_FAILURE(holder.LoadLicense());
|
|
EXPECT_EQ(NO_ERROR, holder.Decrypt(key_id));
|
|
ASSERT_NO_FATAL_FAILURE(holder.CloseSession());
|
|
// Should be able to close the previous session, open a new session,
|
|
// and reload the license.
|
|
ASSERT_NO_FATAL_FAILURE(holder.OpenSession());
|
|
ASSERT_NO_FATAL_FAILURE(holder.ReloadLicense());
|
|
EXPECT_EQ(NO_ERROR, holder.Decrypt(key_id));
|
|
ASSERT_NO_FATAL_FAILURE(holder.CloseSession());
|
|
}
|
|
|
|
// An offline license with nonce and provider session token.
|
|
TEST_F(CorePIGTest, OfflineWithPST) {
|
|
LicenseHolder holder("CDM_OfflineWithPST", &cdm_engine_, config_);
|
|
holder.set_can_persist(true);
|
|
const KeyId key_id = "0000000000000000";
|
|
|
|
ASSERT_NO_FATAL_FAILURE(holder.OpenSession());
|
|
ASSERT_NO_FATAL_FAILURE(holder.FetchLicense());
|
|
ASSERT_NO_FATAL_FAILURE(holder.LoadLicense());
|
|
EXPECT_EQ(NO_ERROR, holder.Decrypt(key_id));
|
|
ASSERT_NO_FATAL_FAILURE(holder.CloseSession());
|
|
// Should be able to close the previous session, open a new session,
|
|
// and reload the license.
|
|
ASSERT_NO_FATAL_FAILURE(holder.OpenSession());
|
|
ASSERT_NO_FATAL_FAILURE(holder.ReloadLicense());
|
|
EXPECT_EQ(NO_ERROR, holder.Decrypt(key_id));
|
|
ASSERT_NO_FATAL_FAILURE(holder.CloseSession());
|
|
}
|
|
|
|
// This test verifies that the system can download and install license with a
|
|
// key that requires secure buffers. It also verifies that we cannot decrypt to
|
|
// a non-secure buffer using this key, but that we can decrypt to a secure
|
|
// buffer, if the test harness supports secure buffers.
|
|
TEST_F(CorePIGTest, OfflineHWSecureRequired) {
|
|
LicenseHolder holder("CDM_OfflineHWSecureRequired", &cdm_engine_, config_);
|
|
holder.set_can_persist(true);
|
|
const KeyId sw_key_id = "0000000000000000";
|
|
const KeyId hw_key_id = "0000000000000001";
|
|
|
|
ASSERT_NO_FATAL_FAILURE(holder.OpenSession());
|
|
ASSERT_NO_FATAL_FAILURE(holder.FetchLicense());
|
|
ASSERT_NO_FATAL_FAILURE(holder.LoadLicense());
|
|
EXPECT_EQ(NO_ERROR, holder.Decrypt(sw_key_id));
|
|
ASSERT_NO_FATAL_FAILURE(holder.FailDecrypt(hw_key_id, DECRYPT_ERROR));
|
|
// Next, if possible, we try to decrypt to a secure buffer, and verify
|
|
// success.
|
|
if (wvoec::global_features.test_secure_buffers) {
|
|
ASSERT_NO_FATAL_FAILURE(holder.DecryptSecure(hw_key_id));
|
|
} else {
|
|
LOGI("Test harness cannot create secure buffers. test skipped.");
|
|
}
|
|
ASSERT_NO_FATAL_FAILURE(holder.CloseSession());
|
|
|
|
// Should be able to close the previous session, open a new session,
|
|
// and reload the license.
|
|
ASSERT_NO_FATAL_FAILURE(holder.OpenSession());
|
|
ASSERT_NO_FATAL_FAILURE(holder.ReloadLicense());
|
|
EXPECT_EQ(NO_ERROR, holder.Decrypt(sw_key_id));
|
|
ASSERT_NO_FATAL_FAILURE(holder.FailDecrypt(hw_key_id, DECRYPT_ERROR));
|
|
// Next, if possible, we try to decrypt to a secure buffer, and verify
|
|
// success.
|
|
if (wvoec::global_features.test_secure_buffers) {
|
|
ASSERT_NO_FATAL_FAILURE(holder.DecryptSecure(hw_key_id));
|
|
} else {
|
|
LOGI("Test harness cannot create secure buffers. test skipped.");
|
|
}
|
|
ASSERT_NO_FATAL_FAILURE(holder.CloseSession());
|
|
}
|
|
|
|
} // namespace wvcdm
|