NewProvisioningSession expects pkcs8 private key and SHA race fix

-------------
Fix SHA hashing to remove race condition. This change
fixes the implementation by passing in the digest buffer.

-------------
The input to ProvisioningEngine::NewProvisioningSession should be
pkcs8 private key instead of pkcs1 private key

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=151273394

Change-Id: Ibcdff7757b2ac2878ee8b1b88365083964bfa10a

provisioning_sdk/public/python/new_session_test.py

@@ -9,8 +9,10 @@
 import unittest
 
 import crypto_utility
+import pywrapcertificate_type
 import pywrapprovisioning_engine
 import pywrapprovisioning_status
+import test_data_provider
 import test_data_utility
 from protos.public import certificate_provisioning_pb2
 from protos.public import signed_device_certificate_pb2
@@ -24,6 +26,8 @@ class NewSessionTest(unittest.TestCase):
         self._engine, verify_success=True)
     test_data_utility.SetCertificateStatusListWithTestData(
         self._engine, 0, verify_success=True)
+    self._data_provider = test_data_provider.TestDataProvider(
+        pywrapcertificate_type.kCertTesting)
 
   def testNewSessionSuccess(self):
     test_data_utility.AddDrmIntermediateCertificateWithTestData(
@@ -32,11 +36,11 @@ class NewSessionTest(unittest.TestCase):
     (_, new_session) = test_data_utility.NewProvisioningSessionWithTestData(
         self._engine, verify_success=True)
     (status, raw_response,
-     _) = new_session.ProcessMessage(test_data_utility.MESSAGE)
+     _) = new_session.ProcessMessage(self._data_provider.message)
     test_data_utility.AssertSuccess(status, 'Failed to create session.')
 
     signed_request = test_data_utility.ConvertToSignedProvisioningMessage(
-        test_data_utility.MESSAGE)
+        self._data_provider.message)
 
     unsigned_request = certificate_provisioning_pb2.ProvisioningRequest()
     unsigned_request.ParseFromString(signed_request.message)
@@ -44,7 +48,7 @@ class NewSessionTest(unittest.TestCase):
     signed_response = test_data_utility.ConvertToSignedProvisioningMessage(
         raw_response)
 
-    self._VerifyMessageSignature(test_data_utility.SERVICE_PUBLIC_KEY,
+    self._VerifyMessageSignature(self._data_provider.service_public_key,
                                  signed_response)
 
     unsigned_response = certificate_provisioning_pb2.ProvisioningResponse()
@@ -63,7 +67,8 @@ class NewSessionTest(unittest.TestCase):
   def testNewSessionWithoutIntermediateCert(self):
     (_, new_session) = test_data_utility.NewProvisioningSessionWithTestData(
         self._engine, verify_success=True)
-    (status, _, _) = new_session.ProcessMessage(test_data_utility.MESSAGE)
+    (status, _, _) = new_session.ProcessMessage(
+        self._data_provider.message)
     self.assertEqual(pywrapprovisioning_status.MISSING_DRM_INTERMEDIATE_CERT,
                      status)
 
@@ -71,7 +76,7 @@ class NewSessionTest(unittest.TestCase):
     test_data_utility.AddDrmIntermediateCertificateWithTestData(
         self._engine, 2001, verify_success=True)
     (session_status, _) = self._engine.NewProvisioningSession(
-        'INVALID_PUBLIC_KEY', test_data_utility.DEVICE_PRIVATE_KEY)
+        'INVALID_PUBLIC_KEY', self._data_provider.device_private_key)
     self.assertEqual(pywrapprovisioning_status.INVALID_DEVICE_PUBLIC_KEY,
                      session_status)
 
@@ -79,7 +84,7 @@ class NewSessionTest(unittest.TestCase):
     test_data_utility.AddDrmIntermediateCertificateWithTestData(
         self._engine, 2001, verify_success=True)
     (session_status, _) = self._engine.NewProvisioningSession(
-        test_data_utility.DEVICE_PUBLIC_KEY, 'INVALID_PRIVATE_KEY')
+        self._data_provider.device_public_key, 'INVALID_PRIVATE_KEY')
     self.assertEqual(pywrapprovisioning_status.INVALID_DEVICE_PRIVATE_KEY,
                      session_status)
 
@@ -97,7 +102,8 @@ class NewSessionTest(unittest.TestCase):
     signed_cert = signed_device_certificate_pb2.SignedDrmDeviceCertificate()
     signed_cert.ParseFromString(response.device_certificate)
 
-    self._VerifyCertSignature(test_data_utility.CA_PUBLIC_KEY, signed_cert)
+    self._VerifyCertSignature(self._data_provider.ca_public_key,
+                              signed_cert)
 
 if __name__ == '__main__':
   unittest.main()