Export media_cas_packager_sdk

common/drm_root_certificate_test.cc

@@ -0,0 +1,101 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright 2013 Google LLC.
+//
+// This software is licensed under the terms defined in the Widevine Master
+// License Agreement. For a copy of this agreement, please contact
+// widevine-licensing@google.com.
+////////////////////////////////////////////////////////////////////////////////
+//
+// Description:
+//   Unit tests for drm_root_certificate.cc
+
+#include "common/drm_root_certificate.h"
+
+#include <memory>
+
+#include "testing/gunit.h"
+#include "common/rsa_key.h"
+#include "common/rsa_test_keys.h"
+#include "protos/public/drm_certificate.pb.h"
+#include "protos/public/errors.pb.h"
+#include "protos/public/signed_drm_certificate.pb.h"
+
+namespace widevine {
+
+class DrmRootCertificateTest : public testing::Test {
+ protected:
+  DrmRootCertificateTest() {}
+  util::Status DrmRootCertificateCreate(
+      const std::string& signed_drm_certificate,
+      std::unique_ptr<DrmRootCertificate>* cert) {
+    return DrmRootCertificate::Create(signed_drm_certificate, cert);
+  }
+};
+
+TEST_F(DrmRootCertificateTest, DrmRootCertificateCreation) {
+  RsaTestKeys test_keys;
+  std::unique_ptr<DrmRootCertificate> root_cert;
+
+  // First, invalid serialized cert. Should fail.
+  EXPECT_EQ(INVALID_DRM_CERTIFICATE,
+            DrmRootCertificateCreate("bad_cert", &root_cert).error_code());
+  SignedDrmCertificate signed_cert;
+  std::string serialized;
+  // Serialized empty cert. Should fail.
+  ASSERT_TRUE(signed_cert.SerializeToString(&serialized));
+  EXPECT_NE(util::OkStatus(),
+            DrmRootCertificateCreate(serialized, &root_cert));
+  // Add public key. Should still fail.
+  DrmCertificate drm_cert;
+  drm_cert.set_public_key(test_keys.public_test_key_1_3072_bits());
+  ASSERT_TRUE(
+      drm_cert.SerializeToString(signed_cert.mutable_drm_certificate()));
+  ASSERT_TRUE(signed_cert.SerializeToString(&serialized));
+  EXPECT_EQ(INVALID_DRM_CERTIFICATE,
+            DrmRootCertificateCreate(serialized, &root_cert).error_code());
+  // Now self-sign the cert. Should succeed.
+  std::unique_ptr<RsaPrivateKey> private_key(
+      RsaPrivateKey::Create(test_keys.private_test_key_1_3072_bits()));
+  ASSERT_TRUE(private_key.get());
+  ASSERT_TRUE(private_key->GenerateSignature(signed_cert.drm_certificate(),
+                                             signed_cert.mutable_signature()));
+  ASSERT_TRUE(signed_cert.SerializeToString(&serialized));
+  EXPECT_EQ(util::OkStatus(),
+            DrmRootCertificateCreate(serialized, &root_cert));
+  ASSERT_TRUE(root_cert);
+  // Verify the public key.
+  EXPECT_EQ(test_keys.public_test_key_1_3072_bits(), root_cert->public_key());
+}
+
+TEST_F(DrmRootCertificateTest, DrmRootCertificateCreationByType) {
+  std::unique_ptr<DrmRootCertificate> root_cert;
+  EXPECT_EQ(util::OkStatus(), DrmRootCertificate::CreateByType(
+                                    kCertificateTypeTesting, &root_cert));
+  ASSERT_TRUE(root_cert != nullptr);
+  EXPECT_EQ(util::OkStatus(), DrmRootCertificate::CreateByType(
+                                    kCertificateTypeDevelopment, &root_cert));
+  ASSERT_TRUE(root_cert != nullptr);
+  EXPECT_EQ(util::OkStatus(), DrmRootCertificate::CreateByType(
+                                    kCertificateTypeProduction, &root_cert));
+  ASSERT_TRUE(root_cert != nullptr);
+}
+
+TEST_F(DrmRootCertificateTest, DrmRootCertificateDigest) {
+  const std::string test_cert_hash(
+      "49f917b1bdfed78002a58e799a58e940"
+      "1fffaaed9d8d80752782b066757e2c8c");
+  const std::string dev_cert_hash(
+      "0e25ee95476a770f30b98ac5ef778b3f"
+      "137b66c29385b84f547a361b4724b17d");
+  const std::string prod_cert_hash(
+      "d62fdabc9286648a81f7d3bedaf2f5a5"
+      "27bbad39bc38da034ba98a21569adb9b");
+  EXPECT_EQ(test_cert_hash,
+            DrmRootCertificate::GetDigest(kCertificateTypeTesting));
+  EXPECT_EQ(dev_cert_hash,
+            DrmRootCertificate::GetDigest(kCertificateTypeDevelopment));
+  EXPECT_EQ(prod_cert_hash,
+            DrmRootCertificate::GetDigest(kCertificateTypeProduction));
+}
+
+}  // namespace widevine