widevine-partner/whitebox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial Code Drop

Browse Source 
This is the initial code drop of the reference implementation and
test cases for the Widevine Whitebox API.

In this drop, the full reference implementation for the AEAD
white-box is provided and all test cases verifying the top-level
behave have are enabled. Since the implementations can vary so much
the testing is mostly left to verifying the return codes for specific
parameter conditions.

A full reference implementation for the license white-box is provided,
however not all tests are implemented or enabled. A number of tests
have been disabled as they required a loaded license and test licenses
are still being worked on.

The two license white-box API functions that are the further from
competition are ProcessLicenseResponse() and MaskedDecryt().
ProcessLicenseResponse() is still being worked on and MaskedDecrypt()
is waiting on Decrypt() to be fully functional.

Most tests focus on verifying return code for specific parameter
conditions, but as test licenses are created, tests looking to test
the internal behaviour of license management will be added to
ProcessLicenseResponse(), Decrypt(), and MaskedDecrypt().
This commit is contained in:
Aaron Vaage
2020-05-18 19:45:53 -07:00
commit 77f7ef98c0
91 changed files with 9597 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
api/license_whitebox_verify_renewal_response_test.cc Normal file
View File

@@ -0,0 +1,142 @@
// Copyright 2020 Google LLC. All Rights Reserved.
#include "api/license_whitebox.h"
#include <memory>
#include <string>
#include <vector>
#include "api/test_data.h"
#include "testing/include/gtest/gtest.h"
namespace {
// TODO: This needs to be the real response.
const uint8_t kResponse[] = {
0x1e, 0x70, 0xbd, 0xeb, 0x24, 0xf2, 0x9d, 0x05, 0xc5, 0xb5,
0xf4, 0xca, 0xe6, 0x1d, 0x01, 0x97, 0x29, 0xf4, 0xe0, 0x7c,
0xfd, 0xcc, 0x97, 0x8d, 0xc2, 0xbb, 0x2d, 0x9b, 0x6b, 0x45,
0x06, 0xbd, 0x2c, 0x66, 0x10, 0x42, 0x73, 0x8d, 0x88, 0x9b,
0x18, 0xcc, 0xcb, 0x7e, 0x43, 0x23, 0x06, 0xe9, 0x8f, 0x8f,
};
const size_t kResponseSize = sizeof(kResponse);
// TODO: This needs to be the actual signature.
const uint8_t kSignature[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
const uint8_t kSignatureSize = sizeof(kSignature);
// These tests assume that WB_License_Create() and
// WB_License_ProcessLicenseResponse() work as all tests will require a valid
// white-box instance with a valid license already loaded.
class LicenseWhiteboxVerifyRenewalResponseTest : public ::testing::Test {
protected:
void SetUp() override {
const std::vector<uint8_t> init_data_ = GetLicenseInitData();
ASSERT_EQ(
WB_License_Create(init_data_.data(), init_data_.size(), &whitebox_),
WB_RESULT_OK);
}
void TearDown() override { WB_License_Delete(whitebox_); }
void LoadLicense() {
// TODO: Load the license here. It would be nice if we could do it in
// SetUp(), but since we need to support the WB_RESULT_INVALID_STATE test
// case, we need a way to not load a license.
}
WB_License_Whitebox* whitebox_ = nullptr;
};
// TODO: Implement the success test case.
TEST_F(LicenseWhiteboxVerifyRenewalResponseTest,
InvalidParameterForNullWhitebox) {
LoadLicense();
ASSERT_EQ(WB_License_VerifyRenewalResponse(nullptr, kResponse, kResponseSize,
kSignature, kSignatureSize),
WB_RESULT_INVALID_PARAMETER);
}
TEST_F(LicenseWhiteboxVerifyRenewalResponseTest,
InvalidParameterForNullMessage) {
LoadLicense();
ASSERT_EQ(WB_License_VerifyRenewalResponse(whitebox_, nullptr, kResponseSize,
kSignature, kSignatureSize),
WB_RESULT_INVALID_PARAMETER);
}
TEST_F(LicenseWhiteboxVerifyRenewalResponseTest,
InvalidParameterForZeroMessageSize) {
LoadLicense();
ASSERT_EQ(WB_License_VerifyRenewalResponse(whitebox_, kResponse, 0,
kSignature, kSignatureSize),
WB_RESULT_INVALID_PARAMETER);
}
TEST_F(LicenseWhiteboxVerifyRenewalResponseTest,
InvalidParameterForNullSignature) {
LoadLicense();
ASSERT_EQ(WB_License_VerifyRenewalResponse(
whitebox_, kResponse, kResponseSize, nullptr, kSignatureSize),
WB_RESULT_INVALID_PARAMETER);
}
TEST_F(LicenseWhiteboxVerifyRenewalResponseTest,
InvalidParameterForInvalidSignatureSize) {
// TODO: This test needs to be skipped for now as the check for signature size
// is done after we compute the signature. This requires a valid license to
// have been loaded.
GTEST_SKIP();
// We need an invalid signature size, the easiest way to do this is to take
// the expected signature size and trim a bit off the end.
const size_t invalid_signature_size = kSignatureSize - 1;
LoadLicense();
ASSERT_EQ(
WB_License_VerifyRenewalResponse(whitebox_, kResponse, kResponseSize,
kSignature, invalid_signature_size),
WB_RESULT_INVALID_PARAMETER);
}
TEST_F(LicenseWhiteboxVerifyRenewalResponseTest,
InvalidSignatureForInvalidSignature) {
// TODO: This test needs to be skipped for now as comparing signatures
// requires a key provided by a valid license.
GTEST_SKIP();
// In order to create an invalid signature, copy the valid signature and flip
// one byte. This will ensure that our invalid signature is always different
// from the valid signature.
std::vector<uint8_t> invalid_signature(kSignature,
kSignature + kSignatureSize);
invalid_signature[0] = ~invalid_signature[0];
LoadLicense();
ASSERT_EQ(WB_License_VerifyRenewalResponse(
whitebox_, kResponse, kResponseSize, invalid_signature.data(),
invalid_signature.size()),
WB_RESULT_INVALID_SIGNATURE);
}
TEST_F(LicenseWhiteboxVerifyRenewalResponseTest, InvalidStateForNoLicense) {
// Unlike the other tests, we do not call LoadLicense() as the criteria for
// WB_RESULT_INVALID_STATE is that no key can be found and keys are provided
// via a license.
ASSERT_EQ(
WB_License_VerifyRenewalResponse(whitebox_, kResponse, kResponseSize,
kSignature, kSignatureSize),
WB_RESULT_INVALID_STATE);
}
} // namespace