ce_cdm/oemcrypto/test/oec_device_features.h

#ifndef CDM_OEC_DEVICE_FEATURES_H_
#define CDM_OEC_DEVICE_FEATURES_H_

#include <string>
#include <vector>

#include "OEMCryptoCENC.h"
#include "oemcrypto_types.h"

namespace wvoec {

// These tests are designed to work for this version:
constexpr unsigned int kCurrentAPI = 18;
// The API version when Core Messages were introduced.
constexpr unsigned int kCoreMessagesAPI = 16;
// The API version when we stopped encrypting key control blocks.
constexpr unsigned int kClearControlBlockAPIMajor = 16;
constexpr unsigned int kClearControlBlockAPIMinor = 5;

// An output type for testing. The type field is secure, clear, or direct.  If
// the type is clear, then decrypt_inplace could be true. Otherwise,
// decrypt_inplace is false.
struct OutputType {
  bool decrypt_inplace;
  OEMCryptoBufferType type;
};

// Keeps track of which features are supported by the version of OEMCrypto being
// tested.  See the integration guide for a list of optional features.
class DeviceFeatures {
 public:
  // There are several possible methods used to derive a set of known session
  // keys.  For example, the test can install a known test keybox, or it can
  // parse the OEM certificate.
  enum DeriveMethod {   // Method to use derive session keys.
    NO_METHOD,          // Cannot derive known session keys.
    LOAD_TEST_KEYBOX,   // Call LoadTestKeybox before deriving keys.
    LOAD_TEST_RSA_KEY,  // Call LoadTestRSAKey before deriving keys.
    TEST_PROVISION_30,  // Device has OEM Certificate installed.
    TEST_PROVISION_40,  // Device has Boot Certificate Chain installed.
  };

  enum DeriveMethod derive_key_method;
  bool uses_keybox;          // Device uses a keybox to derive session keys.
  bool loads_certificate;    // Device can load a certificate from the server.
  bool generic_crypto;       // Device supports generic crypto.
  bool cast_receiver;        // Device supports alternate rsa signature padding.
  bool usage_table;          // Device saves usage information.
  bool supports_rsa_3072;    // Device supports 3072 bit RSA keys.
  bool supports_secp256r1;   // Device supports secp256r1 ECC keys.
  bool supports_level_1;     // Device supports Level 1 security.
  uint32_t resource_rating;  // Device's resource rating tier.
  bool supports_crc;         // Supported decrypt hash type CRC.
  bool test_secure_buffers;  // If we can create a secure buffer for testing.
  bool supports_cas;         // Device supports CAS (Condition Access System).
  uint32_t api_version;
  OEMCrypto_ProvisioningMethod provisioning_method;

  // This should be called from the test program's main procedure.
  void Initialize();
  void set_cast_receiver(bool is_cast_receiver) {
    cast_receiver = is_cast_receiver;
  }
  // Generate a GTest filter of tests that should not be run. This should be
  // called after Initialize.  Tests are filtered out based on which features
  // are not supported.  For example, a device that uses Provisioning 3.0 will
  // have all keybox tests filtered out.
  std::string RestrictFilter(const std::string& initial_filter);

  // Get a list of output types that should be tested.
  const std::vector<OutputType>& GetOutputTypes();

 private:
  // Decide which method should be used to derive session keys, based on
  // supported featuers.
  void PickDerivedKey();
  // Decide if secure buffers can be created, and initialize output_types_.
  void CheckSecureBuffers();
  // Add a GTest filter restriction to the current filter.
  void FilterOut(std::string* current_filter, const std::string& new_filter);

  // A list of possible output types.
  std::vector<OutputType> output_types_;
  bool initialized_ = false;
};

// There is one global set of features for the version of OEMCrypto being
// tested.  This should be initialized in the test program's main procedure.
extern DeviceFeatures global_features;
const char* ProvisioningMethodName(OEMCrypto_ProvisioningMethod method);

}  // namespace wvoec

#endif  // CDM_OEC_DEVICE_FEATURES_H_