Code Drop Three (Update Two)
In this update we have:
- Added the verified platform tests. These tests show how some
platforms, when verified are allowed to by pass the normal policy
restrictions. This is done with ChromeOS, thus the name of the
tests use "chrome_os".
- Removed WB_RESULT_INVALID_PADDING. This error was when we the
non-license APIs exposed a AES function with padding. However,
those functions have been removed from the API and this error is
no longer used by the API.
- Tests have been updated to avoid signed-vs-unsigned comparison
and to use the Chromium path to gTest (which is mocked in this
library).
- Tests have been updated to use a new test base and golden data
system to make them easier to read.
This commit is contained in:
Aaron Vaage
@@ -8,13 +8,13 @@
|
||||
#include <vector>
|
||||
|
||||
#include "api/golden_data.h"
|
||||
#include "api/license_builder.h"
|
||||
#include "api/license_whitebox_test_base.h"
|
||||
#include "api/test_data.h"
|
||||
#include "api/test_license_builder.h"
|
||||
#include "base/logging.h"
|
||||
#include "crypto_utils/crypto_util.h"
|
||||
#include "crypto_utils/rsa_key.h"
|
||||
#include "testing/include/gtest/gtest.h"
|
||||
#include "testing/gtest/include/gtest/gtest.h"
|
||||
|
||||
namespace widevine {
|
||||
|
||||
@@ -39,7 +39,7 @@ class LicenseWhiteboxMaskedDecryptTest : public LicenseWhiteboxTestBase {
|
||||
}
|
||||
|
||||
void LoadLicense(const std::vector<uint8_t>& padding) {
|
||||
LicenseBuilder builder;
|
||||
TestLicenseBuilder builder;
|
||||
|
||||
builder.AddContentKey(golden_data_.CBCCryptoKey().level,
|
||||
golden_data_.CBCCryptoKey().id,
|
||||
@@ -87,7 +87,7 @@ class LicenseWhiteboxMaskedDecryptTest : public LicenseWhiteboxTestBase {
|
||||
};
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, DecodeKeyWithCbcDataInCbcMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -121,7 +121,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, DecodeKeyWithCbcDataInCbcMode) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, DecodeKeyWithCtrDataInCtrMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -157,7 +157,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, DecodeKeyWithCtrDataInCtrMode) {
|
||||
// We try to decrypt CBC encrypted data in CTR mode. All operations should be
|
||||
// successful, but the resulting plaintext should not match.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, DecodeKeyWithCbcDataInCtrMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -192,7 +192,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, DecodeKeyWithCbcDataInCtrMode) {
|
||||
// We try to decrypt CTR encrypted data in CBC mode. All operations should be
|
||||
// successful, but the resulting plaintext should not match.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, DecodeKeyWithCtrDataInCbcMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -225,7 +225,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, DecodeKeyWithCtrDataInCbcMode) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCbcDataInCbcMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -259,7 +259,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCbcDataInCbcMode) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCtrDataInCtrMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -295,7 +295,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCtrDataInCtrMode) {
|
||||
// We try to decrypt CBC encrypted data in CTR mode. All operations should be
|
||||
// successful, but the resulting plaintext should not match.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCbcDataInCtrMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -330,7 +330,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCbcDataInCtrMode) {
|
||||
// We try to decrypt CTR encrypted data in CBC mode. All operations should be
|
||||
// successful, but the resulting plaintext should not match.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCtrDataInCbcMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -363,7 +363,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCtrDataInCbcMode) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCbcDataAndPKCS8Padding) {
|
||||
LoadLicense(LicenseBuilder::PKSC8Padding());
|
||||
LoadLicense(TestLicenseBuilder::PKSC8Padding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -397,7 +397,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCbcDataAndPKCS8Padding) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCtrDataAndPKCS8Padding) {
|
||||
LoadLicense(LicenseBuilder::PKSC8Padding());
|
||||
LoadLicense(TestLicenseBuilder::PKSC8Padding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -436,7 +436,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, CryptoKeyWithCtrDataAndPKCS8Padding) {
|
||||
// Since we have two CBC keys, try using the decode key and then the crypto
|
||||
// key.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, SuccessWithMultipleKeys) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -508,7 +508,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, SuccessWithMultipleKeys) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullWhitebox) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -523,7 +523,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullWhitebox) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForInvalidCipherMode) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
// In order to trick the compiler into letting us pass an invalid enum value
|
||||
// to WB__License_MaskedDecrypt(), we need to cast it. If we don't do this,
|
||||
@@ -542,7 +542,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForInvalidCipherMode) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullKeyId) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(WB_License_MaskedDecrypt(
|
||||
whitebox_, WB_CIPHER_MODE_CBC, nullptr,
|
||||
@@ -556,7 +556,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullKeyId) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullZeroKeyIdSize) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -570,7 +570,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullZeroKeyIdSize) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullInputData) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -587,7 +587,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullInputData) {
|
||||
// not care.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest,
|
||||
InvalidParameterForInvalidCBCInputDataSize) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -602,7 +602,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest,
|
||||
|
||||
// The white-box (using any cipher mode) should reject input with size zero.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForZeroInputDataSize) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -616,7 +616,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForZeroInputDataSize) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullIV) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -631,7 +631,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullIV) {
|
||||
|
||||
// IV size should be 16. Any number other than 16 should fail.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForInvalidIVSize) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -645,7 +645,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForInvalidIVSize) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullOutput) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -660,7 +660,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullOutput) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullOutputSize) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(
|
||||
WB_License_MaskedDecrypt(
|
||||
@@ -678,7 +678,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidParameterForNullOutputSize) {
|
||||
// in the license to start with. This is different than "non content key"
|
||||
// and "dropped content key", as those keys were in the license but ignored.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, KeyUnavailableForMissingKeyId) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(WB_License_MaskedDecrypt(
|
||||
whitebox_, WB_CIPHER_MODE_CBC, missing_key_id_.data(),
|
||||
@@ -692,7 +692,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, KeyUnavailableForMissingKeyId) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, KeyUnavailableForNonContentKey) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(WB_License_MaskedDecrypt(
|
||||
whitebox_, WB_CIPHER_MODE_CBC, non_content_key_id_.data(),
|
||||
@@ -709,7 +709,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, KeyUnavailableForNonContentKey) {
|
||||
// to this rule is on ChromeOS with a special license.
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest,
|
||||
InsufficientSecurityLevelForHardwareContentKey) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
ASSERT_EQ(WB_License_MaskedDecrypt(
|
||||
whitebox_, WB_CIPHER_MODE_CBC,
|
||||
@@ -740,7 +740,7 @@ TEST_F(LicenseWhiteboxMaskedDecryptTest, InvalidState) {
|
||||
}
|
||||
|
||||
TEST_F(LicenseWhiteboxMaskedDecryptTest, BufferTooSmall) {
|
||||
LoadLicense(LicenseBuilder::NoPadding());
|
||||
LoadLicense(TestLicenseBuilder::NoPadding());
|
||||
|
||||
// Our ciphertext will be large enough that we should not need to worry about
|
||||
// using a constant here.
|
||||
|
||||
Reference in New Issue
Block a user