widevine-partner/provisioning_sdk_source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
84f66d232086ad01057b6885027f74aef2d8a8b1
provisioning_sdk_source/provisioning_sdk/public/python/new_session_test.py
Kongqun Yang 84f66d2320 NewProvisioningSession expects pkcs8 private key and SHA race fix 
-------------
Fix SHA hashing to remove race condition. This change
fixes the implementation by passing in the digest buffer.

-------------
The input to ProvisioningEngine::NewProvisioningSession should be
pkcs8 private key instead of pkcs1 private key

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=151273394

Change-Id: Ibcdff7757b2ac2878ee8b1b88365083964bfa10a
2017-03-28 14:51:50 -07:00

110 lines
4.5 KiB
Python
Raw Blame History

################################################################################
# Copyright 2016 Google Inc.
#
# This software is licensed under the terms defined in the Widevine Master
# License Agreement. For a copy of this agreement, please contact
# widevine-licensing@google.com.
################################################################################
import unittest
import crypto_utility
import pywrapcertificate_type
import pywrapprovisioning_engine
import pywrapprovisioning_status
import test_data_provider
import test_data_utility
from protos.public import certificate_provisioning_pb2
from protos.public import signed_device_certificate_pb2
class NewSessionTest(unittest.TestCase):
def setUp(self):
self._engine = pywrapprovisioning_engine.ProvisioningEngine()
test_data_utility.InitProvisionEngineWithTestData(
self._engine, verify_success=True)
test_data_utility.SetCertificateStatusListWithTestData(
self._engine, 0, verify_success=True)
self._data_provider = test_data_provider.TestDataProvider(
pywrapcertificate_type.kCertTesting)
def testNewSessionSuccess(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(_, new_session) = test_data_utility.NewProvisioningSessionWithTestData(
self._engine, verify_success=True)
(status, raw_response,
_) = new_session.ProcessMessage(self._data_provider.message)
test_data_utility.AssertSuccess(status, 'Failed to create session.')
signed_request = test_data_utility.ConvertToSignedProvisioningMessage(
self._data_provider.message)
unsigned_request = certificate_provisioning_pb2.ProvisioningRequest()
unsigned_request.ParseFromString(signed_request.message)
signed_response = test_data_utility.ConvertToSignedProvisioningMessage(
raw_response)
self._VerifyMessageSignature(self._data_provider.service_public_key,
signed_response)
unsigned_response = certificate_provisioning_pb2.ProvisioningResponse()
unsigned_response.ParseFromString(signed_response.message)
self._VerifyProvisioningResponse(unsigned_request, unsigned_response)
def testProcessInvalidMessage(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(_, new_session
) = test_data_utility.NewProvisioningSessionWithTestData(self._engine)
(status, _, _) = new_session.ProcessMessage('INVALID_MESSAGE')
self.assertEqual(pywrapprovisioning_status.INVALID_REQUEST_MESSAGE, status)
def testNewSessionWithoutIntermediateCert(self):
(_, new_session) = test_data_utility.NewProvisioningSessionWithTestData(
self._engine, verify_success=True)
(status, _, _) = new_session.ProcessMessage(
self._data_provider.message)
self.assertEqual(pywrapprovisioning_status.MISSING_DRM_INTERMEDIATE_CERT,
status)
def testNewSessionInvalidDevicePublicKey(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(session_status, _) = self._engine.NewProvisioningSession(
'INVALID_PUBLIC_KEY', self._data_provider.device_private_key)
self.assertEqual(pywrapprovisioning_status.INVALID_DEVICE_PUBLIC_KEY,
session_status)
def testNewSessionInvalidDevicePrivateKey(self):
test_data_utility.AddDrmIntermediateCertificateWithTestData(
self._engine, 2001, verify_success=True)
(session_status, _) = self._engine.NewProvisioningSession(
self._data_provider.device_public_key, 'INVALID_PRIVATE_KEY')
self.assertEqual(pywrapprovisioning_status.INVALID_DEVICE_PRIVATE_KEY,
session_status)
def _VerifyMessageSignature(self, public_key, signed_response):
crypto_utility.VerifySignature(public_key, signed_response.signature,
signed_response.message)
def _VerifyCertSignature(self, public_key, signed_cert):
crypto_utility.VerifySignature(public_key, signed_cert.signature,
signed_cert.drm_certificate)
def _VerifyProvisioningResponse(self, request, response):
self.assertEqual(request.nonce, response.nonce)
signed_cert = signed_device_certificate_pb2.SignedDrmDeviceCertificate()
signed_cert.ParseFromString(response.device_certificate)
self._VerifyCertSignature(self._data_provider.ca_public_key,
signed_cert)
if __name__ == '__main__':
unittest.main()
Reference in New Issue View Git Blame Copy Permalink