diff options
author | Edwin Wong | 2017-11-03 00:42:54 -0500 |
---|---|---|
committer | android-build-merger | 2017-11-03 00:42:54 -0500 |
commit | 36c9c34bdb5da94763da347220997cb13c3bb512 (patch) | |
tree | ccd366823d395fb041cefada53b40fb2a0a84bd1 | |
parent | c6141a99322203bff38473aa52cca4a42a39ae3b (diff) | |
parent | 01802815eb90d8dda9c9d443cbb5a6dbe1666d9f (diff) | |
download | platform-hardware-interfaces-36c9c34bdb5da94763da347220997cb13c3bb512.tar.gz platform-hardware-interfaces-36c9c34bdb5da94763da347220997cb13c3bb512.tar.xz platform-hardware-interfaces-36c9c34bdb5da94763da347220997cb13c3bb512.zip |
Add tests to validate key length for clearkey plugin. am: cc77a50e96
am: 01802815eb
Change-Id: I298891316951cc6ba5f000b796fb60c0b4f76290
-rw-r--r-- | drm/1.0/vts/functional/drm_hal_clearkey_test.cpp | 117 |
1 files changed, 105 insertions, 12 deletions
diff --git a/drm/1.0/vts/functional/drm_hal_clearkey_test.cpp b/drm/1.0/vts/functional/drm_hal_clearkey_test.cpp index 4652c76d..a110eb15 100644 --- a/drm/1.0/vts/functional/drm_hal_clearkey_test.cpp +++ b/drm/1.0/vts/functional/drm_hal_clearkey_test.cpp | |||
@@ -89,6 +89,10 @@ static const uint8_t kInvalidUUID[16] = { | |||
89 | 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80, | 89 | 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80, |
90 | 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80}; | 90 | 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80}; |
91 | 91 | ||
92 | static const uint32_t k256SubSampleByteCount = 256; | ||
93 | static const uint32_t k512SubSampleClearBytes = 512; | ||
94 | static const uint32_t k512SubSampleEncryptedBytes = 512; | ||
95 | |||
92 | class DrmHalClearkeyFactoryTest : public ::testing::VtsHalHidlTargetTestBase { | 96 | class DrmHalClearkeyFactoryTest : public ::testing::VtsHalHidlTargetTestBase { |
93 | public: | 97 | public: |
94 | virtual void SetUp() override { | 98 | virtual void SetUp() override { |
@@ -965,6 +969,8 @@ class DrmHalClearkeyDecryptTest : public DrmHalClearkeyPluginTest { | |||
965 | const hidl_vec<SubSample>& subSamples, const vector<uint8_t>& key); | 969 | const hidl_vec<SubSample>& subSamples, const vector<uint8_t>& key); |
966 | void aes_cbc_decrypt(uint8_t* dest, uint8_t* src, uint8_t* iv, | 970 | void aes_cbc_decrypt(uint8_t* dest, uint8_t* src, uint8_t* iv, |
967 | const hidl_vec<SubSample>& subSamples, const vector<uint8_t>& key); | 971 | const hidl_vec<SubSample>& subSamples, const vector<uint8_t>& key); |
972 | void decryptWithInvalidKeys(hidl_vec<uint8_t>& invalidResponse, | ||
973 | vector<uint8_t>& iv, const Pattern& noPattern, const vector<SubSample>& subSamples); | ||
968 | }; | 974 | }; |
969 | 975 | ||
970 | void DrmHalClearkeyDecryptTest::fillRandom(const sp<IMemory>& memory) { | 976 | void DrmHalClearkeyDecryptTest::fillRandom(const sp<IMemory>& memory) { |
@@ -1119,16 +1125,14 @@ TEST_F(DrmHalClearkeyDecryptTest, TestQueryKeyStatus) { | |||
1119 | closeSession(sessionId); | 1125 | closeSession(sessionId); |
1120 | } | 1126 | } |
1121 | 1127 | ||
1122 | |||
1123 | /** | 1128 | /** |
1124 | * Positive decrypt test. "Decrypt" a single clear segment | 1129 | * Positive decrypt test. "Decrypt" a single clear segment |
1125 | */ | 1130 | */ |
1126 | TEST_F(DrmHalClearkeyDecryptTest, ClearSegmentTest) { | 1131 | TEST_F(DrmHalClearkeyDecryptTest, ClearSegmentTest) { |
1127 | vector<uint8_t> iv(AES_BLOCK_SIZE, 0); | 1132 | vector<uint8_t> iv(AES_BLOCK_SIZE, 0); |
1128 | const Pattern noPattern = {0, 0}; | 1133 | const Pattern noPattern = {0, 0}; |
1129 | const uint32_t kByteCount = 256; | ||
1130 | const vector<SubSample> subSamples = { | 1134 | const vector<SubSample> subSamples = { |
1131 | {.numBytesOfClearData = kByteCount, | 1135 | {.numBytesOfClearData = k256SubSampleByteCount, |
1132 | .numBytesOfEncryptedData = 0}}; | 1136 | .numBytesOfEncryptedData = 0}}; |
1133 | auto sessionId = openSession(); | 1137 | auto sessionId = openSession(); |
1134 | loadKeys(sessionId); | 1138 | loadKeys(sessionId); |
@@ -1138,7 +1142,7 @@ TEST_F(DrmHalClearkeyDecryptTest, ClearSegmentTest) { | |||
1138 | 1142 | ||
1139 | uint32_t byteCount = decrypt(Mode::UNENCRYPTED, &iv[0], subSamples, | 1143 | uint32_t byteCount = decrypt(Mode::UNENCRYPTED, &iv[0], subSamples, |
1140 | noPattern, Status::OK); | 1144 | noPattern, Status::OK); |
1141 | EXPECT_EQ(kByteCount, byteCount); | 1145 | EXPECT_EQ(k256SubSampleByteCount, byteCount); |
1142 | 1146 | ||
1143 | closeSession(sessionId); | 1147 | closeSession(sessionId); |
1144 | } | 1148 | } |
@@ -1150,12 +1154,9 @@ TEST_F(DrmHalClearkeyDecryptTest, ClearSegmentTest) { | |||
1150 | TEST_F(DrmHalClearkeyDecryptTest, EncryptedAesCtrSegmentTest) { | 1154 | TEST_F(DrmHalClearkeyDecryptTest, EncryptedAesCtrSegmentTest) { |
1151 | vector<uint8_t> iv(AES_BLOCK_SIZE, 0); | 1155 | vector<uint8_t> iv(AES_BLOCK_SIZE, 0); |
1152 | const Pattern noPattern = {0, 0}; | 1156 | const Pattern noPattern = {0, 0}; |
1153 | const uint32_t kClearBytes = 512; | ||
1154 | const uint32_t kEncryptedBytes = 512; | ||
1155 | const vector<SubSample> subSamples = { | 1157 | const vector<SubSample> subSamples = { |
1156 | {.numBytesOfClearData = kClearBytes, | 1158 | {.numBytesOfClearData = k512SubSampleClearBytes, |
1157 | .numBytesOfEncryptedData = kEncryptedBytes | 1159 | .numBytesOfEncryptedData = k512SubSampleEncryptedBytes}}; |
1158 | }}; | ||
1159 | auto sessionId = openSession(); | 1160 | auto sessionId = openSession(); |
1160 | loadKeys(sessionId); | 1161 | loadKeys(sessionId); |
1161 | 1162 | ||
@@ -1164,10 +1165,11 @@ TEST_F(DrmHalClearkeyDecryptTest, EncryptedAesCtrSegmentTest) { | |||
1164 | 1165 | ||
1165 | uint32_t byteCount = decrypt(Mode::AES_CTR, &iv[0], subSamples, | 1166 | uint32_t byteCount = decrypt(Mode::AES_CTR, &iv[0], subSamples, |
1166 | noPattern, Status::OK); | 1167 | noPattern, Status::OK); |
1167 | EXPECT_EQ(kClearBytes + kEncryptedBytes, byteCount); | 1168 | EXPECT_EQ(k512SubSampleClearBytes + k512SubSampleEncryptedBytes, byteCount); |
1168 | 1169 | ||
1169 | closeSession(sessionId); | 1170 | closeSession(sessionId); |
1170 | } | 1171 | } |
1172 | |||
1171 | /** | 1173 | /** |
1172 | * Negative decrypt test. Decrypt without loading keys. | 1174 | * Negative decrypt test. Decrypt without loading keys. |
1173 | */ | 1175 | */ |
@@ -1175,8 +1177,8 @@ TEST_F(DrmHalClearkeyDecryptTest, EncryptedAesCtrSegmentTestNoKeys) { | |||
1175 | vector<uint8_t> iv(AES_BLOCK_SIZE, 0); | 1177 | vector<uint8_t> iv(AES_BLOCK_SIZE, 0); |
1176 | const Pattern noPattern = {0, 0}; | 1178 | const Pattern noPattern = {0, 0}; |
1177 | const vector<SubSample> subSamples = { | 1179 | const vector<SubSample> subSamples = { |
1178 | {.numBytesOfClearData = 256, | 1180 | {.numBytesOfClearData = k256SubSampleByteCount, |
1179 | .numBytesOfEncryptedData = 256}}; | 1181 | .numBytesOfEncryptedData = k256SubSampleByteCount}}; |
1180 | auto sessionId = openSession(); | 1182 | auto sessionId = openSession(); |
1181 | 1183 | ||
1182 | Status status = cryptoPlugin->setMediaDrmSession(sessionId); | 1184 | Status status = cryptoPlugin->setMediaDrmSession(sessionId); |
@@ -1188,3 +1190,94 @@ TEST_F(DrmHalClearkeyDecryptTest, EncryptedAesCtrSegmentTestNoKeys) { | |||
1188 | 1190 | ||
1189 | closeSession(sessionId); | 1191 | closeSession(sessionId); |
1190 | } | 1192 | } |
1193 | |||
1194 | /** | ||
1195 | * Helper method to test decryption with invalid keys is returned | ||
1196 | */ | ||
1197 | void DrmHalClearkeyDecryptTest::decryptWithInvalidKeys( | ||
1198 | hidl_vec<uint8_t>& invalidResponse, | ||
1199 | vector<uint8_t>& iv, | ||
1200 | const Pattern& noPattern, | ||
1201 | const vector<SubSample>& subSamples) { | ||
1202 | auto sessionId = openSession(); | ||
1203 | |||
1204 | auto res = drmPlugin->provideKeyResponse( | ||
1205 | sessionId, invalidResponse, | ||
1206 | [&](Status status, const hidl_vec<uint8_t>& myKeySetId) { | ||
1207 | EXPECT_EQ(Status::OK, status); | ||
1208 | EXPECT_EQ(0u, myKeySetId.size()); | ||
1209 | }); | ||
1210 | ASSERT_OK(res); | ||
1211 | |||
1212 | ASSERT_TRUE(cryptoPlugin->setMediaDrmSession(sessionId).isOk()); | ||
1213 | |||
1214 | uint32_t byteCount = decrypt(Mode::AES_CTR, &iv[0], subSamples, | ||
1215 | noPattern, Status::ERROR_DRM_NO_LICENSE); | ||
1216 | EXPECT_EQ(0u, byteCount); | ||
1217 | |||
1218 | closeSession(sessionId); | ||
1219 | } | ||
1220 | |||
1221 | /** | ||
1222 | * Negative decrypt test. Decrypt with invalid key. | ||
1223 | */ | ||
1224 | TEST_F(DrmHalClearkeyDecryptTest, DecryptWithEmptyKey) { | ||
1225 | vector<uint8_t> iv(AES_BLOCK_SIZE, 0); | ||
1226 | const Pattern noPattern = {0, 0}; | ||
1227 | const vector<SubSample> subSamples = { | ||
1228 | {.numBytesOfClearData = k512SubSampleClearBytes, | ||
1229 | .numBytesOfEncryptedData = k512SubSampleEncryptedBytes}}; | ||
1230 | |||
1231 | // base 64 encoded JSON response string, must not contain padding character '=' | ||
1232 | const hidl_string emptyKeyResponse = | ||
1233 | "{\"keys\":[" \ | ||
1234 | "{" \ | ||
1235 | "\"kty\":\"oct\"" \ | ||
1236 | "\"alg\":\"A128KW2\"" \ | ||
1237 | "\"k\":\"SGVsbG8gRnJpZW5kIQ\"" \ | ||
1238 | "\"kid\":\"Y2xlYXJrZXlrZXlpZDAyAy\"" \ | ||
1239 | "}" \ | ||
1240 | "{" \ | ||
1241 | "\"kty\":\"oct\"," \ | ||
1242 | "\"alg\":\"A128KW2\"" \ | ||
1243 | "\"kid\":\"Y2xlYXJrZXlrZXlpZDAzAy\"," \ | ||
1244 | // empty key follows | ||
1245 | "\"k\":\"R\"" \ | ||
1246 | "}]" \ | ||
1247 | "}"; | ||
1248 | const size_t kEmptyKeyResponseSize = emptyKeyResponse.size(); | ||
1249 | |||
1250 | hidl_vec<uint8_t> invalidResponse; | ||
1251 | invalidResponse.resize(kEmptyKeyResponseSize); | ||
1252 | memcpy(invalidResponse.data(), emptyKeyResponse.c_str(), kEmptyKeyResponseSize); | ||
1253 | decryptWithInvalidKeys(invalidResponse, iv, noPattern, subSamples); | ||
1254 | } | ||
1255 | |||
1256 | /** | ||
1257 | * Negative decrypt test. Decrypt with a key exceeds AES_BLOCK_SIZE. | ||
1258 | */ | ||
1259 | TEST_F(DrmHalClearkeyDecryptTest, DecryptWithKeyTooLong) { | ||
1260 | vector<uint8_t> iv(AES_BLOCK_SIZE, 0); | ||
1261 | const Pattern noPattern = {0, 0}; | ||
1262 | const vector<SubSample> subSamples = { | ||
1263 | {.numBytesOfClearData = k512SubSampleClearBytes, | ||
1264 | .numBytesOfEncryptedData = k512SubSampleEncryptedBytes}}; | ||
1265 | |||
1266 | // base 64 encoded JSON response string, must not contain padding character '=' | ||
1267 | const hidl_string keyTooLongResponse = | ||
1268 | "{\"keys\":[" \ | ||
1269 | "{" \ | ||
1270 | "\"kty\":\"oct\"," \ | ||
1271 | "\"alg\":\"A128KW2\"" \ | ||
1272 | "\"kid\":\"Y2xlYXJrZXlrZXlpZDAzAy\"," \ | ||
1273 | // key too long | ||
1274 | "\"k\":\"V2lubmllIHRoZSBwb29oIVdpbm5pZSB0aGUgcG9vaCE=\"" \ | ||
1275 | "}]" \ | ||
1276 | "}"; | ||
1277 | const size_t kKeyTooLongResponseSize = keyTooLongResponse.size(); | ||
1278 | |||
1279 | hidl_vec<uint8_t> invalidResponse; | ||
1280 | invalidResponse.resize(kKeyTooLongResponseSize); | ||
1281 | memcpy(invalidResponse.data(), keyTooLongResponse.c_str(), kKeyTooLongResponseSize); | ||
1282 | decryptWithInvalidKeys(invalidResponse, iv, noPattern, subSamples); | ||
1283 | } | ||