Always generate nonce before signing license
The v16 state diagram says that a nonce should be included in all license requests. The unit tests were not honoring this requirement. This CL updates the unit tests to match the spec. Bug: 186565384
This commit is contained in:
Fred Gylys-Colwell
@@ -204,6 +204,9 @@ RoundTrip<CoreRequest, PrepAndSignRequest, CoreResponse, ResponseData>::
|
||||
size_t gen_signature_length = 0;
|
||||
size_t core_message_length = 0;
|
||||
constexpr size_t small_size = 42; // arbitrary.
|
||||
if (RequestHasNonce()) {
|
||||
session()->GenerateNonce();
|
||||
}
|
||||
uint32_t session_id = session()->session_id();
|
||||
GetDefaultRequestSignatureAndCoreMessageLengths<PrepAndSignRequest>(
|
||||
session_id, small_size, &gen_signature_length, &core_message_length);
|
||||
@@ -294,7 +297,6 @@ OEMCrypto_Substring RoundTrip<CoreRequest, PrepAndSignRequest, CoreResponse,
|
||||
void ProvisioningRoundTrip::PrepareSession(
|
||||
const wvoec::WidevineKeybox& keybox) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_->open());
|
||||
session_->GenerateNonce();
|
||||
if (global_features.provisioning_method == OEMCrypto_Keybox) {
|
||||
session_->GenerateDerivedKeysFromKeybox(keybox);
|
||||
encryptor_ = session_->key_deriver();
|
||||
|
||||
@@ -218,6 +218,9 @@ class RoundTrip {
|
||||
}
|
||||
|
||||
protected:
|
||||
// Returns true if the a nonce should be generated before signing the request.
|
||||
virtual bool RequestHasNonce() = 0;
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Specialized functionality for each message type.
|
||||
|
||||
@@ -281,6 +284,7 @@ class ProvisioningRoundTrip
|
||||
void InjectFuzzedResponseData(const uint8_t* data, size_t size);
|
||||
|
||||
protected:
|
||||
bool RequestHasNonce() override { return true; }
|
||||
void VerifyRequestSignature(const vector<uint8_t>& data,
|
||||
const vector<uint8_t>& generated_signature,
|
||||
size_t core_message_length) override;
|
||||
@@ -388,6 +392,7 @@ class LicenseRoundTrip
|
||||
void SetKeyId(size_t index, const string& key_id);
|
||||
|
||||
protected:
|
||||
bool RequestHasNonce() override { return true; }
|
||||
void VerifyRequestSignature(const vector<uint8_t>& data,
|
||||
const vector<uint8_t>& generated_signature,
|
||||
size_t core_message_length) override;
|
||||
@@ -451,6 +456,7 @@ class RenewalRoundTrip
|
||||
void set_is_release(bool is_release) { is_release_ = is_release; }
|
||||
|
||||
protected:
|
||||
bool RequestHasNonce() override { return false; }
|
||||
void VerifyRequestSignature(const vector<uint8_t>& data,
|
||||
const vector<uint8_t>& generated_signature,
|
||||
size_t core_message_length) override;
|
||||
@@ -508,6 +514,8 @@ class Session {
|
||||
// Returns the most recently generated nonce.
|
||||
// Valid after call to GenerateNonce.
|
||||
uint32_t nonce() const { return nonce_; }
|
||||
// The nonce can be overridden.
|
||||
void set_nonce(uint32_t nonce) { nonce_ = nonce; }
|
||||
// Valid after call to open().
|
||||
uint32_t session_id() const { return (uint32_t)session_id_; }
|
||||
// Call OEMCrypto_OpenSession, with GTest ASSERTs.
|
||||
|
||||
@@ -1231,7 +1231,6 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest {
|
||||
Session s;
|
||||
s.open();
|
||||
InstallTestRSAKey(&s);
|
||||
s.GenerateNonce();
|
||||
LicenseRoundTrip license_messages(&s);
|
||||
f(message_length, &license_messages);
|
||||
OEMCryptoResult result =
|
||||
@@ -1244,7 +1243,6 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest {
|
||||
|
||||
OEMCryptoResult LoadLicense(Session& s, LicenseRoundTrip& license_messages) {
|
||||
InstallTestRSAKey(&s);
|
||||
s.GenerateNonce();
|
||||
license_messages.SignAndVerifyRequest();
|
||||
license_messages.CreateDefaultResponse();
|
||||
license_messages.EncryptAndSignResponse();
|
||||
@@ -1259,7 +1257,6 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest {
|
||||
LicenseRoundTrip license_messages(&s);
|
||||
s.open();
|
||||
InstallTestRSAKey(&s);
|
||||
s.GenerateNonce();
|
||||
bool verify_keys_loaded = true;
|
||||
license_messages.SignAndVerifyRequest();
|
||||
license_messages.CreateDefaultResponse();
|
||||
@@ -1292,7 +1289,6 @@ class OEMCryptoSessionTests : public OEMCryptoClientTest {
|
||||
LicenseRoundTrip license_messages(&s);
|
||||
s.open();
|
||||
InstallTestRSAKey(&s);
|
||||
s.GenerateNonce();
|
||||
license_messages.SignAndVerifyRequest();
|
||||
license_messages.CreateDefaultResponse();
|
||||
size_t message_length = sizeof(license_messages.response_data());
|
||||
@@ -1391,7 +1387,6 @@ class OEMCryptoMemoryLicenseTest : public OEMCryptoLicenseTestAPI16 {
|
||||
}
|
||||
|
||||
void LoadLicense() {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -1444,7 +1439,6 @@ class OEMCryptoLicenseTest : public OEMCryptoLicenseTestAPI16,
|
||||
}
|
||||
|
||||
void LoadLicense() {
|
||||
session_.GenerateNonce();
|
||||
license_messages_.SignAndVerifyRequest();
|
||||
license_messages_.CreateDefaultResponse();
|
||||
license_messages_.EncryptAndSignResponse();
|
||||
@@ -1564,11 +1558,6 @@ class OEMCryptoLicenseTestRangeAPI : public OEMCryptoLicenseTest {};
|
||||
|
||||
// Verify that a license may be signed.
|
||||
TEST_P(OEMCryptoLicenseTest, SignLicenseRequest) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, SignLicenseRequestNoNonce) {
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
}
|
||||
|
||||
@@ -1646,7 +1635,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNoRequestRentalDuration) {
|
||||
|
||||
// Verify that a license may be loaded with a nonce.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithNonce) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -1658,6 +1646,7 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNonce) {
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyNoNonceTwiceAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
license_messages_.set_control(0);
|
||||
license_messages_.skip_nonce_check();
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, license_messages_.LoadResponse());
|
||||
@@ -1667,7 +1656,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyNoNonceTwiceAPI16) {
|
||||
|
||||
// Verify that a second license may not be loaded in a session.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithNonceTwiceAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -1678,7 +1666,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNonceTwiceAPI16) {
|
||||
|
||||
// This verifies that entitlement keys and entitled content keys can be loaded.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysAPI14) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -1695,7 +1682,6 @@ TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysAPI14) {
|
||||
// This verifies that entitled content keys cannot be loaded if we have not yet
|
||||
// loaded the entitlement keys.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysNoEntitlementKeysAPI14) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -1709,7 +1695,6 @@ TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysNoEntitlementKeysAPI14) {
|
||||
// This verifies that entitled content keys cannot be loaded if we have loaded
|
||||
// the wrong entitlement keys.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadEntitlementKeysWrongEntitlementKeysAPI14) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
license_messages_.set_license_type(OEMCrypto_EntitlementLicense);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -1958,7 +1943,6 @@ TEST_F(OEMCryptoMemoryLicenseTest,
|
||||
|
||||
// This tests load license with an 8k license response.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyLargeBuffer) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
const size_t max_size = GetResourceValue(kLargeMessageSize);
|
||||
license_messages_.set_message_size(max_size);
|
||||
@@ -1969,7 +1953,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyLargeBuffer) {
|
||||
|
||||
// Verify that you can't use LoadKeys on a v16 license.
|
||||
TEST_F(OEMCryptoLicenseTestAPI16, UseWrongLoadAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -1990,7 +1973,6 @@ TEST_F(OEMCryptoLicenseTestAPI16, UseWrongLoadAPI16) {
|
||||
//---------------------------------------------------------------------------//
|
||||
//---------------------------------------------------------------------------//
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_enc_mac_keys) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
// See the comment in LicenseRoundTrip::LoadResponse for why we increment by
|
||||
@@ -2002,7 +1984,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_enc_mac_keys) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_enc_mac_keys_iv) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
// See the comment in LicenseRoundTrip::LoadResponse for why we increment by
|
||||
@@ -2014,7 +1995,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_enc_mac_keys_iv) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_id) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
// See the comment in LicenseRoundTrip::LoadResponse for why we increment by
|
||||
@@ -2026,7 +2006,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_id) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_data) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
// See the comment in LicenseRoundTrip::LoadResponse for why we increment by
|
||||
@@ -2038,7 +2017,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_data) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_data_iv) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
// See the comment in LicenseRoundTrip::LoadResponse for why we increment by
|
||||
@@ -2050,7 +2028,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_data_iv) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_control) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
// See the comment in LicenseRoundTrip::LoadResponse for why we increment by
|
||||
@@ -2062,7 +2039,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_control) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_control_iv) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
// See the comment in LicenseRoundTrip::LoadResponse for why we increment by
|
||||
@@ -2076,7 +2052,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_key_control_iv) {
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_pst) {
|
||||
license_messages_.set_control(wvoec::kControlNonceOrEntry);
|
||||
license_messages_.set_pst("my_pst");
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
// See the comment in LicenseRoundTrip::LoadResponse for why we increment by
|
||||
@@ -2097,7 +2072,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadRange_pst) {
|
||||
// This test is being restricted to v16 devices on rvc-dev branch because we
|
||||
// only required v15.1 on Android for Q.
|
||||
TEST_F(OEMCryptoLicenseTestAPI15, LoadKeyWithSuspiciousIVAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
|
||||
@@ -2113,7 +2087,6 @@ TEST_F(OEMCryptoLicenseTestAPI15, LoadKeyWithSuspiciousIVAPI16) {
|
||||
|
||||
// Test that LoadKeys fails when a key is loaded with no key control block.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithNullKeyControl) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
license_messages_.core_response().key_array[2].key_control.offset = 0;
|
||||
@@ -2124,7 +2097,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNullKeyControl) {
|
||||
|
||||
// Test that LoadKeys fails when the key control block encryption has a null IV.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithNullKeyControlIv) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
license_messages_.core_response().key_array[2].key_control_iv.offset = 0;
|
||||
@@ -2135,7 +2107,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithNullKeyControlIv) {
|
||||
|
||||
// Verify that LoadKeys fails when a key's nonce is wrong.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadNonce) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
for (unsigned int i = 0; i < license_messages_.num_keys(); i++)
|
||||
@@ -2146,7 +2117,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadNonce) {
|
||||
|
||||
// Verify that LoadKeys fails when the core message's nonce is wrong.
|
||||
TEST_F(OEMCryptoLicenseTestAPI16, LoadKeyWithBadNonce2) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
license_messages_.core_request().nonce ^= 42;
|
||||
@@ -2156,7 +2126,6 @@ TEST_F(OEMCryptoLicenseTestAPI16, LoadKeyWithBadNonce2) {
|
||||
|
||||
// Verify that LoadKeys fails when the core message's session is wrong.
|
||||
TEST_F(OEMCryptoLicenseTestAPI16, LoadKeyWithBadNonce3) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
license_messages_.core_request().session_id++;
|
||||
@@ -2166,9 +2135,8 @@ TEST_F(OEMCryptoLicenseTestAPI16, LoadKeyWithBadNonce3) {
|
||||
|
||||
// Verify that LoadKeys fails when an attempt is made to use a nonce twice.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithRepeatNonce) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
const uint32_t nonce = session_.nonce();
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
const uint32_t nonce = session_.nonce();
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
// This is the first attempt. It should succeed.
|
||||
@@ -2240,7 +2208,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyNonceWrongSession) {
|
||||
|
||||
// LoadKeys should fail if the key control block as a bad verification string.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadVerification) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
license_messages_.response_data().keys[1].control.verification[2] = 'Z';
|
||||
@@ -2251,7 +2218,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyWithBadVerification) {
|
||||
// This test verifies that LoadKeys still works when the message is not aligned
|
||||
// in memory on a word (2 or 4 byte) boundary.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyUnalignedMessageAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2296,7 +2262,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyUnalignedMessageAPI16) {
|
||||
// Verifies that a session can't reload a license without being closed and
|
||||
// reopened.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadLicenseAgainFailureAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2305,7 +2270,6 @@ TEST_P(OEMCryptoLicenseTest, LoadLicenseAgainFailureAPI16) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTestRangeAPI, LoadKeys) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
// Re-set the API version. The function VerifyRequestSignature sets the api to
|
||||
// be a sane value. But in this test, we want to verify an unsupported version
|
||||
@@ -2333,7 +2297,6 @@ INSTANTIATE_TEST_CASE_P(TestAll, OEMCryptoLicenseTestRangeAPI,
|
||||
Range<uint32_t>(10, kCurrentAPI + 2));
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeysBadSignatureAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2343,7 +2306,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeysBadSignatureAPI16) {
|
||||
}
|
||||
|
||||
TEST_F(OEMCryptoLicenseTestAPI16, BadCoreHashAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
license_messages_.BreakRequestHash();
|
||||
@@ -2367,7 +2329,6 @@ TEST_P(OEMCryptoLicenseTest, LoadKeyNoKeys) {
|
||||
|
||||
// Like the previous test, except we ask for a nonce first.
|
||||
TEST_P(OEMCryptoLicenseTest, LoadKeyNoKeyWithNonce) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
license_messages_.set_num_keys(0);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -2497,7 +2458,6 @@ TEST_P(OEMCryptoLicenseTest,
|
||||
// This test should pass for v15 devices, except that the exact error code was
|
||||
// not specified until v16.
|
||||
TEST_P(OEMCryptoLicenseTest, SelectKeyNotThereAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2535,7 +2495,6 @@ TEST_P(OEMCryptoLicenseTest, SelectKeyNotThereAPI16) {
|
||||
|
||||
// 'cens' mode is no longer supported in v16
|
||||
TEST_P(OEMCryptoLicenseTest, RejectCensAPI16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2566,7 +2525,6 @@ TEST_P(OEMCryptoLicenseTest, RejectCensAPI16) {
|
||||
|
||||
// 'cbc1' mode is no longer supported in v16
|
||||
TEST_P(OEMCryptoLicenseTest, RejectCbc1API16) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2596,7 +2554,6 @@ TEST_P(OEMCryptoLicenseTest, RejectCbc1API16) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, RejectCbcsWithBlockOffset) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2627,7 +2584,6 @@ TEST_P(OEMCryptoLicenseTest, RejectCbcsWithBlockOffset) {
|
||||
}
|
||||
|
||||
TEST_P(OEMCryptoLicenseTest, RejectOversizedBlockOffset) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2667,7 +2623,6 @@ TEST_P(OEMCryptoLicenseTest, RejectOversizedBlockOffset) {
|
||||
// attempt to query a key that has not been loaded, the error should be
|
||||
// NO_CONTENT_KEY.
|
||||
TEST_P(OEMCryptoLicenseTest, QueryKeyControl) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -2699,7 +2654,6 @@ TEST_F(OEMCryptoSessionTests,
|
||||
LicenseRoundTrip license_messages(&s);
|
||||
s.open();
|
||||
InstallTestRSAKey(&s);
|
||||
s.GenerateNonce();
|
||||
license_messages.SignAndVerifyRequest();
|
||||
license_messages.CreateDefaultResponse();
|
||||
license_messages.EncryptAndSignResponse();
|
||||
@@ -3214,7 +3168,6 @@ TEST_F(OEMCryptoSessionTests,
|
||||
// accept a key control block with the anti-rollback hardware bit set.
|
||||
// Otherwise, it should reject that key control block.
|
||||
TEST_P(OEMCryptoLicenseTest, AntiRollbackHardwareRequired) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
license_messages_.set_control(wvoec::kControlRequireAntiRollbackHardware);
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -3233,7 +3186,6 @@ TEST_P(OEMCryptoLicenseTest, MinimumKeys) {
|
||||
const size_t num_keys = GetResourceValue(kMaxKeysPerSession);
|
||||
ASSERT_LE(num_keys, kMaxNumKeys) << "Test constants need updating.";
|
||||
license_messages_.set_num_keys(num_keys);
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -3264,7 +3216,6 @@ void TestMaxKeys(SessionUtil* util, size_t num_keys_per_session) {
|
||||
total_keys += num_keys;
|
||||
ASSERT_NO_FATAL_FAILURE(sessions[i]->open());
|
||||
ASSERT_NO_FATAL_FAILURE(util->InstallTestRSAKey(sessions[i].get()));
|
||||
ASSERT_NO_FATAL_FAILURE(sessions[i]->GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(licenses[i]->SignAndVerifyRequest());
|
||||
}
|
||||
for (size_t i = 0; i < licenses.size(); i++) {
|
||||
@@ -3437,12 +3388,6 @@ class OEMCryptoRefreshTest : public OEMCryptoLicenseTest {
|
||||
}
|
||||
|
||||
void LoadLicense() {
|
||||
// If we require a nonce, then generate one.
|
||||
if (license_messages_.control() &
|
||||
(wvoec::kControlNonceEnabled | wvoec::kControlNonceOrEntry |
|
||||
wvoec::kControlNonceRequired)) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
}
|
||||
license_messages_.core_response().timer_limits = timer_limits_;
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
@@ -3578,7 +3523,6 @@ TEST_P(OEMCryptoLicenseTest, HashForbiddenAPI15) {
|
||||
// If hash is not supported, or is vendor defined, don't try to test it.
|
||||
if (hash_type != OEMCrypto_CRC_Clear_Buffer) return;
|
||||
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.EncryptAndSignResponse());
|
||||
@@ -3625,7 +3569,6 @@ TEST_P(OEMCryptoLicenseTest, DecryptHashForOutOfRangeFrameNumber) {
|
||||
// Decrypt Tests -- these test Decrypt CTR mode only.
|
||||
//
|
||||
TEST_P(OEMCryptoLicenseTest, Decrypt) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
license_messages_.core_response()
|
||||
.timer_limits.total_playback_duration_seconds = kDuration;
|
||||
@@ -3637,7 +3580,6 @@ TEST_P(OEMCryptoLicenseTest, Decrypt) {
|
||||
|
||||
// Verify that a zero duration means infinite license duration.
|
||||
TEST_P(OEMCryptoLicenseTest, DecryptZeroDuration) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
license_messages_.core_response()
|
||||
.timer_limits.total_playback_duration_seconds = 0;
|
||||
@@ -3896,7 +3838,6 @@ class OEMCryptoSessionTestsDecryptTests
|
||||
}
|
||||
|
||||
void LoadLicense() {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
uint32_t control = wvoec::kControlNonceEnabled;
|
||||
if (verify_crc_) control |= kControlAllowHashVerification;
|
||||
if (output_buffer_type_ == OEMCrypto_BufferType_Secure)
|
||||
@@ -4387,7 +4328,6 @@ INSTANTIATE_TEST_CASE_P(
|
||||
// A request to decrypt data to a clear buffer when the key control block
|
||||
// requires a secure data path.
|
||||
TEST_P(OEMCryptoLicenseTest, DecryptSecureToClear) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
license_messages_.set_control(wvoec::kControlObserveDataPath |
|
||||
wvoec::kControlDataPathSecure);
|
||||
@@ -4400,7 +4340,6 @@ TEST_P(OEMCryptoLicenseTest, DecryptSecureToClear) {
|
||||
|
||||
// Test that key duration is honored.
|
||||
TEST_P(OEMCryptoLicenseTest, KeyDuration) {
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
license_messages_.core_response()
|
||||
.timer_limits.total_playback_duration_seconds = kDuration;
|
||||
@@ -4431,7 +4370,6 @@ class OEMCryptoLoadsCertificate : public OEMCryptoSessionTestKeyboxTest {
|
||||
auto oemcrypto_function = [&](size_t message_length) {
|
||||
Session s;
|
||||
s.open();
|
||||
s.GenerateNonce();
|
||||
if (global_features.provisioning_method == OEMCrypto_OEMCertificate) {
|
||||
s.LoadOEMCert(true);
|
||||
} else {
|
||||
@@ -4509,7 +4447,6 @@ TEST_F(OEMCryptoLoadsCertificate, SignProvisioningRequest) {
|
||||
EXPECT_EQ(global_features.provisioning_method, OEMCrypto_Keybox);
|
||||
s.GenerateDerivedKeysFromKeybox(keybox_);
|
||||
}
|
||||
s.GenerateNonce();
|
||||
ProvisioningRoundTrip provisioning_messages(&s, encoded_rsa_key_);
|
||||
ASSERT_NO_FATAL_FAILURE(provisioning_messages.SignAndVerifyRequest());
|
||||
}
|
||||
@@ -4524,7 +4461,6 @@ TEST_F(OEMCryptoLoadsCertificate, SignLargeProvisioningRequestAPI16) {
|
||||
EXPECT_EQ(global_features.provisioning_method, OEMCrypto_Keybox);
|
||||
s.GenerateDerivedKeysFromKeybox(keybox_);
|
||||
}
|
||||
s.GenerateNonce();
|
||||
ProvisioningRoundTrip provisioning_messages(&s, encoded_rsa_key_);
|
||||
const size_t max_size = GetResourceValue(kLargeMessageSize);
|
||||
provisioning_messages.set_message_size(max_size);
|
||||
@@ -4997,7 +4933,6 @@ class OEMCryptoLoadsCertVariousKeys : public OEMCryptoLoadsCertificate {
|
||||
ASSERT_NO_FATAL_FAILURE(s.InstallRSASessionTestKey(wrapped_rsa_key_));
|
||||
|
||||
LicenseRoundTrip license_messages(&s);
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages.EncryptAndSignResponse());
|
||||
@@ -5081,7 +5016,6 @@ TEST_F(OEMCryptoLoadsCertificate, TestMultipleRSAKeys) {
|
||||
s2.PreparePublicKey(encoded_rsa_key_.data(), encoded_rsa_key_.size()));
|
||||
ASSERT_NO_FATAL_FAILURE(s2.InstallRSASessionTestKey(wrapped_rsa_key_));
|
||||
LicenseRoundTrip license_messages2(&s2);
|
||||
ASSERT_NO_FATAL_FAILURE(s2.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages2.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages2.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages2.EncryptAndSignResponse());
|
||||
@@ -5091,7 +5025,6 @@ TEST_F(OEMCryptoLoadsCertificate, TestMultipleRSAKeys) {
|
||||
|
||||
// After s2 has loaded its rsa key, we continue using s1's key.
|
||||
LicenseRoundTrip license_messages1(&s1);
|
||||
ASSERT_NO_FATAL_FAILURE(s1.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages1.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages1.CreateDefaultResponse());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages1.EncryptAndSignResponse());
|
||||
@@ -6476,7 +6409,6 @@ class OEMCryptoGenericCryptoTest : public OEMCryptoRefreshTest {
|
||||
|
||||
void SetUp() override {
|
||||
OEMCryptoRefreshTest::SetUp();
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
license_messages_.CreateResponseWithGenericCryptoKeys());
|
||||
@@ -7369,7 +7301,6 @@ class LicenseWithUsageEntry {
|
||||
license_messages_.set_control(control);
|
||||
ASSERT_NO_FATAL_FAILURE(session_.open());
|
||||
ASSERT_NO_FATAL_FAILURE(util->InstallTestRSAKey(&session_));
|
||||
ASSERT_NO_FATAL_FAILURE(session_.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages_.SignAndVerifyRequest());
|
||||
if (generic_crypto_) {
|
||||
ASSERT_NO_FATAL_FAILURE(
|
||||
@@ -7813,7 +7744,6 @@ TEST_P(OEMCryptoUsageTableTest, OnlineBadNonce) {
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.CreateNewUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages.CreateDefaultResponse());
|
||||
for (uint32_t i = 0; i < license_messages.num_keys(); i++)
|
||||
@@ -7827,7 +7757,6 @@ TEST_P(OEMCryptoUsageTableTest, OnlineEmptyPST) {
|
||||
Session s;
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateNonce());
|
||||
LicenseRoundTrip license_messages(&s);
|
||||
license_messages.set_api_version(license_api_version_);
|
||||
license_messages.set_control(wvoec::kControlNonceEnabled |
|
||||
@@ -7845,7 +7774,6 @@ TEST_P(OEMCryptoUsageTableTest, OnlineMissingEntry) {
|
||||
Session s;
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateNonce());
|
||||
LicenseRoundTrip license_messages(&s);
|
||||
license_messages.set_api_version(license_api_version_);
|
||||
license_messages.set_control(wvoec::kControlNonceEnabled |
|
||||
@@ -8203,7 +8131,6 @@ TEST_P(OEMCryptoUsageTableTest, OfflineBadNonce) {
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.CreateNewUsageEntry());
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateNonce());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages.SignAndVerifyRequest());
|
||||
ASSERT_NO_FATAL_FAILURE(license_messages.CreateDefaultResponse());
|
||||
for (size_t i = 0; i < license_messages.num_keys(); i++)
|
||||
@@ -8217,7 +8144,6 @@ TEST_P(OEMCryptoUsageTableTest, OfflineEmptyPST) {
|
||||
Session s;
|
||||
ASSERT_NO_FATAL_FAILURE(s.open());
|
||||
ASSERT_NO_FATAL_FAILURE(InstallTestRSAKey(&s));
|
||||
ASSERT_NO_FATAL_FAILURE(s.GenerateNonce());
|
||||
LicenseRoundTrip license_messages(&s);
|
||||
license_messages.set_api_version(license_api_version_);
|
||||
license_messages.set_control(wvoec::kControlNonceOrEntry);
|
||||
|
||||
Reference in New Issue
Block a user