//////////////////////////////////////////////////////////////////////////////// // Copyright 2013 Google LLC. // // This software is licensed under the terms defined in the Widevine Master // License Agreement. For a copy of this agreement, please contact // widevine-licensing@google.com. //////////////////////////////////////////////////////////////////////////////// // // Description: // Unit tests for drm_root_certificate.cc #include "common/drm_root_certificate.h" #include #include "testing/gunit.h" #include "common/rsa_key.h" #include "common/rsa_test_keys.h" #include "protos/public/drm_certificate.pb.h" #include "protos/public/errors.pb.h" #include "protos/public/signed_drm_certificate.pb.h" namespace widevine { class DrmRootCertificateTest : public testing::Test { protected: DrmRootCertificateTest() {} util::Status DrmRootCertificateCreate( const std::string& signed_drm_certificate, std::unique_ptr* cert) { return DrmRootCertificate::Create(signed_drm_certificate, cert); } }; TEST_F(DrmRootCertificateTest, DrmRootCertificateCreation) { RsaTestKeys test_keys; std::unique_ptr root_cert; // First, invalid serialized cert. Should fail. EXPECT_EQ(INVALID_DRM_CERTIFICATE, DrmRootCertificateCreate("bad_cert", &root_cert).error_code()); SignedDrmCertificate signed_cert; std::string serialized; // Serialized empty cert. Should fail. ASSERT_TRUE(signed_cert.SerializeToString(&serialized)); EXPECT_NE(util::OkStatus(), DrmRootCertificateCreate(serialized, &root_cert)); // Add public key. Should still fail. DrmCertificate drm_cert; drm_cert.set_public_key(test_keys.public_test_key_1_3072_bits()); ASSERT_TRUE( drm_cert.SerializeToString(signed_cert.mutable_drm_certificate())); ASSERT_TRUE(signed_cert.SerializeToString(&serialized)); EXPECT_EQ(INVALID_DRM_CERTIFICATE, DrmRootCertificateCreate(serialized, &root_cert).error_code()); // Now self-sign the cert. Should succeed. std::unique_ptr private_key( RsaPrivateKey::Create(test_keys.private_test_key_1_3072_bits())); ASSERT_TRUE(private_key.get()); ASSERT_TRUE(private_key->GenerateSignature(signed_cert.drm_certificate(), signed_cert.mutable_signature())); ASSERT_TRUE(signed_cert.SerializeToString(&serialized)); EXPECT_EQ(util::OkStatus(), DrmRootCertificateCreate(serialized, &root_cert)); ASSERT_TRUE(root_cert); // Verify the public key. EXPECT_EQ(test_keys.public_test_key_1_3072_bits(), root_cert->public_key()); } TEST_F(DrmRootCertificateTest, DrmRootCertificateCreationByType) { std::unique_ptr root_cert; EXPECT_EQ(util::OkStatus(), DrmRootCertificate::CreateByType( kCertificateTypeTesting, &root_cert)); ASSERT_TRUE(root_cert != nullptr); EXPECT_EQ(util::OkStatus(), DrmRootCertificate::CreateByType( kCertificateTypeDevelopment, &root_cert)); ASSERT_TRUE(root_cert != nullptr); EXPECT_EQ(util::OkStatus(), DrmRootCertificate::CreateByType( kCertificateTypeProduction, &root_cert)); ASSERT_TRUE(root_cert != nullptr); } TEST_F(DrmRootCertificateTest, DrmRootCertificateDigest) { const std::string test_cert_hash( "49f917b1bdfed78002a58e799a58e940" "1fffaaed9d8d80752782b066757e2c8c"); const std::string dev_cert_hash( "0e25ee95476a770f30b98ac5ef778b3f" "137b66c29385b84f547a361b4724b17d"); const std::string prod_cert_hash( "d62fdabc9286648a81f7d3bedaf2f5a5" "27bbad39bc38da034ba98a21569adb9b"); EXPECT_EQ(test_cert_hash, DrmRootCertificate::GetDigest(kCertificateTypeTesting)); EXPECT_EQ(dev_cert_hash, DrmRootCertificate::GetDigest(kCertificateTypeDevelopment)); EXPECT_EQ(prod_cert_hash, DrmRootCertificate::GetDigest(kCertificateTypeProduction)); } } // namespace widevine