Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 0de4aa3c2207d8059ffef7414fe0e312648da364 / . / drm / aidl / vts / drm_hal_test.cpp
blob: 847a4dc26278d31b279fd0da46da9f61c2cf1e3f [file] [log] [blame]
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]1/*
2 * Copyright (C) 2021 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#define LOG_TAG "drm_hal_test"
18
19#include <gtest/gtest.h>
20#include <log/log.h>
21#include <openssl/aes.h>
22
23#include <memory>
24#include <vector>
25
26#include "drm_hal_common.h"
27
28using ::aidl::android::hardware::drm::EventType;
29using ::aidl::android::hardware::drm::HdcpLevels;
30using ::aidl::android::hardware::drm::KeyRequest;
31using ::aidl::android::hardware::drm::HdcpLevel;
32using ::aidl::android::hardware::drm::IDrmPluginListener;
33using ::aidl::android::hardware::drm::KeyRequestType;
34using ::aidl::android::hardware::drm::KeySetId;
35using ::aidl::android::hardware::drm::KeyStatus;
36using ::aidl::android::hardware::drm::KeyStatusType;
37using ::aidl::android::hardware::drm::KeyType;
38using ::aidl::android::hardware::drm::Mode;
39using ::aidl::android::hardware::drm::OfflineLicenseState;
40using ::aidl::android::hardware::drm::Pattern;
41using ::aidl::android::hardware::drm::SecurityLevel;
42using ::aidl::android::hardware::drm::Status;
43using ::aidl::android::hardware::drm::SubSample;
44using ::aidl::android::hardware::drm::Uuid;
45
46using ::aidl::android::hardware::drm::vts::DrmErr;
47using ::aidl::android::hardware::drm::vts::DrmHalClearkeyTest;
48using ::aidl::android::hardware::drm::vts::DrmHalPluginListener;
49using ::aidl::android::hardware::drm::vts::DrmHalTest;
50using ::aidl::android::hardware::drm::vts::ListenerArgs;
51using ::aidl::android::hardware::drm::vts::kCallbackKeysChange;
52using ::aidl::android::hardware::drm::vts::kCallbackLostState;
53
54using std::string;
55using std::vector;
56
57static const char* const kVideoMp4 = "video/mp4";
58static const char* const kBadMime = "video/unknown";
59static const char* const kDrmErrorTestKey = "drmErrorTest";
60static const char* const kDrmErrorInvalidState = "invalidState";
61static const char* const kDrmErrorResourceContention = "resourceContention";
62static constexpr SecurityLevel kSwSecureCrypto = SecurityLevel::SW_SECURE_CRYPTO;
63static constexpr SecurityLevel kHwSecureAll = SecurityLevel::HW_SECURE_ALL;
64
65/**
66 * Ensure drm factory supports module UUID Scheme
67 */
68TEST_P(DrmHalTest, VendorUuidSupported) {
Robert Shih2389ce22022-02-09 14:14:25 -0800[diff] [blame]69 bool result = isCryptoSchemeSupported(getAidlUUID(), kSwSecureCrypto, kVideoMp4);
70 ALOGI("kVideoMp4 = %s res %d", kVideoMp4, result);
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]71 EXPECT_TRUE(result);
72}
73
74/**
75 * Ensure drm factory doesn't support an invalid scheme UUID
76 */
77TEST_P(DrmHalTest, InvalidPluginNotSupported) {
78 const vector<uint8_t> kInvalidUUID = {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80,
79 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80};
Robert Shih2389ce22022-02-09 14:14:25 -0800[diff] [blame]80 auto result = isCryptoSchemeSupported(toAidlUuid(kInvalidUUID), kSwSecureCrypto, kVideoMp4);
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]81 EXPECT_FALSE(result);
82}
83
84/**
85 * Ensure drm factory doesn't support an empty UUID
86 */
87TEST_P(DrmHalTest, EmptyPluginUUIDNotSupported) {
88 vector<uint8_t> emptyUUID(16);
89 memset(emptyUUID.data(), 0, 16);
Robert Shih2389ce22022-02-09 14:14:25 -0800[diff] [blame]90 auto result = isCryptoSchemeSupported(toAidlUuid(emptyUUID), kSwSecureCrypto, kVideoMp4);
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]91 EXPECT_FALSE(result);
92}
93
94/**
95 * Ensure drm factory doesn't support an invalid mime type
96 */
97TEST_P(DrmHalTest, BadMimeNotSupported) {
Robert Shih2389ce22022-02-09 14:14:25 -0800[diff] [blame]98 auto result = isCryptoSchemeSupported(getAidlUUID(), kSwSecureCrypto, kBadMime);
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]99 EXPECT_FALSE(result);
100}
101
102/**
Robert Shih12030272022-02-14 16:08:06 -0800[diff] [blame]103 * getSupportedCryptoSchemes confidence check
104 */
105TEST_P(DrmHalTest, SupportedCryptoSchemes) {
106 aidl::android::hardware::drm::CryptoSchemes schemes{};
107 auto result = drmFactory->getSupportedCryptoSchemes(&schemes);
108 EXPECT_FALSE(schemes.uuids.empty());
109 for(auto ct : schemes.mimeTypes) {
110 EXPECT_LE(ct.minLevel, ct.maxLevel);
111 }
112 EXPECT_OK(result);
113}
114
115/**
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]116 * DrmPlugin tests
117 */
118
119/**
120 * Test that a DRM plugin can handle provisioning. While
121 * it is not required that a DRM scheme require provisioning,
122 * it should at least return appropriate status values. If
123 * a provisioning request is returned, it is passed to the
124 * vendor module which should provide a provisioning response
125 * that is delivered back to the HAL.
126 */
127TEST_P(DrmHalTest, DoProvisioning) {
128 for (auto level : {kHwSecureAll, kSwSecureCrypto}) {
129 Status err = Status::OK;
130 auto sid = openSession(level, &err);
131 if (err == Status::OK) {
132 closeSession(sid);
133 } else if (err == Status::ERROR_DRM_CANNOT_HANDLE) {
134 continue;
135 } else {
136 EXPECT_EQ(Status::ERROR_DRM_NOT_PROVISIONED, err);
137 provision();
138 }
139 }
140}
141
142/**
143 * A get key request should fail if no sessionId is provided
144 */
145TEST_P(DrmHalTest, GetKeyRequestNoSession) {
146 SessionId invalidSessionId;
147 vector<uint8_t> initData;
148 KeyedVector optionalParameters;
149 KeyRequest result;
150 auto ret = drmPlugin->getKeyRequest(invalidSessionId, initData, kVideoMp4, KeyType::STREAMING,
151 optionalParameters, &result);
152 EXPECT_TXN(ret);
153 EXPECT_EQ(Status::BAD_VALUE, DrmErr(ret));
154}
155
156/**
157 * Test that the plugin returns the documented error for the
158 * case of attempting to generate a key request using an
159 * invalid mime type
160 */
161TEST_P(DrmHalTest, GetKeyRequestBadMime) {
162 auto sessionId = openSession();
163 vector<uint8_t> initData;
164 KeyedVector optionalParameters;
165 KeyRequest result;
166 auto ret = drmPlugin->getKeyRequest(sessionId, initData, kBadMime, KeyType::STREAMING,
167 optionalParameters, &result);
168 EXPECT_EQ(EX_SERVICE_SPECIFIC, ret.getExceptionCode());
169 closeSession(sessionId);
170}
171
172/**
173 * Test drm plugin offline key support
174 */
175TEST_P(DrmHalTest, OfflineLicenseTest) {
176 auto sessionId = openSession();
177 vector<uint8_t> keySetId = loadKeys(sessionId, KeyType::OFFLINE);
178 closeSession(sessionId);
179
180 vector<KeySetId> result;
181 auto ret = drmPlugin->getOfflineLicenseKeySetIds(&result);
182 EXPECT_OK(ret);
183 bool found = false;
184 for (KeySetId keySetId2 : result) {
185 if (keySetId == keySetId2.keySetId) {
186 found = true;
187 break;
188 }
189 }
190 EXPECT_TRUE(found) << "keySetId not found";
191
192 ret = drmPlugin->removeOfflineLicense({keySetId});
193 EXPECT_OK(ret);
194
195 ret = drmPlugin->getOfflineLicenseKeySetIds(&result);
196 EXPECT_OK(ret);
197 for (KeySetId keySetId2 : result) {
198 EXPECT_NE(keySetId, keySetId2.keySetId);
199 }
200
Kyle Zhange0062332023-01-07 01:35:49 +0000[diff] [blame]201 for (auto level : {kHwSecureAll, kSwSecureCrypto}) {
202 Status err = Status::OK;
203 auto sid = openSession(level, &err);
204 if (err == Status::OK) {
205 closeSession(sid);
206 } else if (err == Status::ERROR_DRM_CANNOT_HANDLE) {
207 continue;
208 } else {
209 EXPECT_EQ(Status::ERROR_DRM_NOT_PROVISIONED, err);
210 provision();
211 }
212 }
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]213 ret = drmPlugin->removeOfflineLicense({keySetId});
214 EXPECT_TXN(ret);
215 EXPECT_EQ(Status::BAD_VALUE, DrmErr(ret));
216}
217
218/**
219 * Test drm plugin offline key state
220 */
221TEST_P(DrmHalTest, OfflineLicenseStateTest) {
222 auto sessionId = openSession();
223 DrmHalVTSVendorModule_V1::ContentConfiguration content = getContent(KeyType::OFFLINE);
224 vector<uint8_t> keySetId = loadKeys(sessionId, content, KeyType::OFFLINE);
225 closeSession(sessionId);
226
227 OfflineLicenseState result{};
228 auto ret = drmPlugin->getOfflineLicenseState({keySetId}, &result);
229 EXPECT_OK(ret);
230 EXPECT_EQ(OfflineLicenseState::USABLE, result);
231
232 vector<uint8_t> keyRequest = getKeyRequest(keySetId, content, KeyType::RELEASE);
233 ret = drmPlugin->getOfflineLicenseState({keySetId}, &result);
234 EXPECT_OK(ret);
235 EXPECT_EQ(OfflineLicenseState::INACTIVE, result);
236
237 /**
238 * Get key response from vendor module
239 */
240 vector<uint8_t> keyResponse = vendorModule->handleKeyRequest(keyRequest, content.serverUrl);
241 EXPECT_GT(keyResponse.size(), 0u);
242
243 result = OfflineLicenseState::UNKNOWN;
244 provideKeyResponse(keySetId, keyResponse);
245 ret = drmPlugin->getOfflineLicenseState({keySetId}, &result);
246 EXPECT_TXN(ret);
247 EXPECT_EQ(Status::BAD_VALUE, DrmErr(ret));
248 EXPECT_EQ(OfflineLicenseState::UNKNOWN, result);
249}
250
251/**
252 * Negative offline license test. Remove empty keySetId
253 */
254TEST_P(DrmHalTest, RemoveEmptyKeySetId) {
255 KeySetId emptyKeySetId;
256 auto ret = drmPlugin->removeOfflineLicense(emptyKeySetId);
257 EXPECT_TXN(ret);
258 EXPECT_EQ(Status::BAD_VALUE, DrmErr(ret));
259}
260
261/**
262 * Negative offline license test. Get empty keySetId state
263 */
264TEST_P(DrmHalTest, GetEmptyKeySetIdState) {
265 KeySetId emptyKeySetId;
266 OfflineLicenseState result;
267 auto ret = drmPlugin->getOfflineLicenseState(emptyKeySetId, &result);
268 EXPECT_TXN(ret);
269 EXPECT_EQ(Status::BAD_VALUE, DrmErr(ret));
270 EXPECT_EQ(OfflineLicenseState::UNKNOWN, result);
271}
272
273/**
274 * Test that the plugin returns valid connected and max HDCP levels
275 */
276TEST_P(DrmHalTest, GetHdcpLevels) {
277 HdcpLevels result;
278 auto ret = drmPlugin->getHdcpLevels(&result);
279 EXPECT_OK(ret);
280 EXPECT_GE(result.connectedLevel, HdcpLevel::HDCP_NONE);
281 EXPECT_LE(result.maxLevel, HdcpLevel::HDCP_V2_3);
282}
283
284/**
285 * CryptoPlugin Decrypt tests
286 */
287
288/**
289 * Positive decrypt test. "Decrypt" a single clear segment
290 */
291TEST_P(DrmHalTest, ClearSegmentTest) {
292 for (const auto& config : contentConfigurations) {
293 for (const auto& key : config.keys) {
294 const size_t kSegmentSize = 1024;
295 vector<uint8_t> iv(AES_BLOCK_SIZE, 0);
296 const Pattern noPattern = {0, 0};
297 const vector<SubSample> subSamples = {
298 {.numBytesOfClearData = kSegmentSize, .numBytesOfEncryptedData = 0}};
299 auto sessionId = openSession();
300 loadKeys(sessionId, config);
301
302 auto ret = cryptoPlugin->setMediaDrmSession(sessionId);
303 EXPECT_OK(ret);
304
305 uint32_t byteCount =
306 decrypt(Mode::UNENCRYPTED, key.isSecure, toStdArray(key.keyId), &iv[0],
307 subSamples, noPattern, key.clearContentKey, Status::OK);
308 EXPECT_EQ(kSegmentSize, byteCount);
309
310 closeSession(sessionId);
311 }
312 }
313}
314
315/**
316 * Positive decrypt test. Decrypt a single segment using aes_ctr.
317 * Verify data matches.
318 */
319TEST_P(DrmHalTest, EncryptedAesCtrSegmentTest) {
320 for (const auto& config : contentConfigurations) {
321 for (const auto& key : config.keys) {
322 const size_t kSegmentSize = 1024;
323 vector<uint8_t> iv(AES_BLOCK_SIZE, 0);
324 const Pattern noPattern = {0, 0};
325 const vector<SubSample> subSamples = {
326 {.numBytesOfClearData = kSegmentSize, .numBytesOfEncryptedData = 0}};
327 auto sessionId = openSession();
328 loadKeys(sessionId, config);
329
330 auto ret = cryptoPlugin->setMediaDrmSession(sessionId);
331 EXPECT_OK(ret);
332
333 uint32_t byteCount = decrypt(Mode::AES_CTR, key.isSecure, toStdArray(key.keyId), &iv[0],
334 subSamples, noPattern, key.clearContentKey, Status::OK);
335 EXPECT_EQ(kSegmentSize, byteCount);
336
337 closeSession(sessionId);
338 }
339 }
340}
341
342/**
343 * Negative decrypt test. Decrypted frame too large to fit in output buffer
344 */
345TEST_P(DrmHalTest, ErrorFrameTooLarge) {
346 for (const auto& config : contentConfigurations) {
347 for (const auto& key : config.keys) {
348 const size_t kSegmentSize = 1024;
349 vector<uint8_t> iv(AES_BLOCK_SIZE, 0);
350 const Pattern noPattern = {0, 0};
351 const vector<SubSample> subSamples = {
352 {.numBytesOfClearData = kSegmentSize, .numBytesOfEncryptedData = 0}};
353 auto sessionId = openSession();
354 loadKeys(sessionId, config);
355
356 auto ret = cryptoPlugin->setMediaDrmSession(sessionId);
357 EXPECT_OK(ret);
358
359 decrypt(Mode::UNENCRYPTED, key.isSecure, toStdArray(key.keyId), &iv[0], subSamples,
360 noPattern, key.clearContentKey, Status::ERROR_DRM_FRAME_TOO_LARGE);
361
362 closeSession(sessionId);
363 }
364 }
365}
366
367/**
368 * Negative decrypt test. Decrypt without loading keys.
369 */
370TEST_P(DrmHalTest, EncryptedAesCtrSegmentTestNoKeys) {
371 for (const auto& config : contentConfigurations) {
372 for (const auto& key : config.keys) {
373 vector<uint8_t> iv(AES_BLOCK_SIZE, 0);
374 const Pattern noPattern = {0, 0};
375 const vector<SubSample> subSamples = {
376 {.numBytesOfClearData = 256, .numBytesOfEncryptedData = 256}};
377 auto sessionId = openSession();
378
379 auto ret = cryptoPlugin->setMediaDrmSession(sessionId);
380 EXPECT_OK(ret);
381
382 uint32_t byteCount =
383 decrypt(Mode::AES_CTR, key.isSecure, toStdArray(key.keyId), &iv[0], subSamples,
384 noPattern, key.clearContentKey, Status::ERROR_DRM_NO_LICENSE);
385 EXPECT_EQ(0u, byteCount);
386
387 closeSession(sessionId);
388 }
389 }
390}
391
392/**
393 * Ensure clearkey drm factory doesn't support security level higher than supported
394 */
395TEST_P(DrmHalClearkeyTest, BadLevelNotSupported) {
Robert Shih2389ce22022-02-09 14:14:25 -0800[diff] [blame]396 auto result = isCryptoSchemeSupported(getAidlUUID(), kHwSecureAll, kVideoMp4);
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]397 EXPECT_FALSE(result);
398}
399
400/**
401 * Test resource contention during attempt to generate key request
402 */
403TEST_P(DrmHalClearkeyTest, GetKeyRequestResourceContention) {
404 auto ret = drmPlugin->setPropertyString(kDrmErrorTestKey, kDrmErrorResourceContention);
405 EXPECT_OK(ret);
406
407 auto sessionId = openSession();
408 vector<uint8_t> initData;
409 KeyedVector optionalParameters;
410 KeyRequest result;
411 ret = drmPlugin->getKeyRequest(sessionId, initData, kVideoMp4, KeyType::STREAMING,
412 optionalParameters, &result);
413 EXPECT_TXN(ret);
414 EXPECT_EQ(Status::ERROR_DRM_RESOURCE_CONTENTION, DrmErr(ret));
415
416 ret = drmPlugin->closeSession(sessionId);
417 EXPECT_TXN(ret);
418 EXPECT_NE(Status::OK, DrmErr(ret));
419}
420
421/**
422 * Test clearkey plugin offline key with mock error
423 */
424TEST_P(DrmHalClearkeyTest, OfflineLicenseInvalidState) {
425 auto sessionId = openSession();
426 vector<uint8_t> keySetId = loadKeys(sessionId, KeyType::OFFLINE);
427 auto ret = drmPlugin->setPropertyString(kDrmErrorTestKey, kDrmErrorInvalidState);
428 EXPECT_OK(ret);
429
430 // everything should start failing
431 const Status kInvalidState = Status::ERROR_DRM_INVALID_STATE;
432 vector<KeySetId> result;
433 ret = drmPlugin->getOfflineLicenseKeySetIds(&result);
434 EXPECT_TXN(ret);
435 EXPECT_EQ(kInvalidState, DrmErr(ret));
436 EXPECT_EQ(0u, result.size());
437
438 OfflineLicenseState state = OfflineLicenseState::UNKNOWN;
439 ret = drmPlugin->getOfflineLicenseState({keySetId}, &state);
440 EXPECT_TXN(ret);
441 EXPECT_EQ(kInvalidState, DrmErr(ret));
442 EXPECT_EQ(OfflineLicenseState::UNKNOWN, state);
443
444 ret = drmPlugin->removeOfflineLicense({keySetId});
445 EXPECT_TXN(ret);
446 EXPECT_EQ(kInvalidState, DrmErr(ret));
447 closeSession(sessionId);
448}
449
450/**
451 * Test listener is triggered on key response
452 */
453TEST_P(DrmHalClearkeyTest, ListenerCallbacks) {
454 auto listener = ndk::SharedRefBase::make<DrmHalPluginListener>();
455 auto res = drmPlugin->setListener(listener);
456 EXPECT_OK(res);
457
458 auto sessionId = openSession();
459 loadKeys(sessionId, KeyType::STREAMING);
460 closeSession(sessionId);
461
462 auto args = listener->getEventArgs();
463 EXPECT_EQ(EventType::VENDOR_DEFINED, args.eventType);
464 EXPECT_EQ(sessionId, args.data);
465 EXPECT_EQ(sessionId, args.sessionId);
466
467 args = listener->getExpirationUpdateArgs();
468 EXPECT_EQ(sessionId, args.sessionId);
469 EXPECT_EQ(100, args.expiryTimeInMS);
470
471 args = listener->getKeysChangeArgs();
472 const vector<KeyStatus> keyStatusList = {
473 {{0xa, 0xb, 0xc}, KeyStatusType::USABLE},
474 {{0xd, 0xe, 0xf}, KeyStatusType::EXPIRED},
Robert Shih2389ce22022-02-09 14:14:25 -0800[diff] [blame]475 {{0x0, 0x1, 0x2}, KeyStatusType::USABLE_IN_FUTURE},
Robert Shih5904a722022-01-14 12:43:22 -0800[diff] [blame]476 };
477 EXPECT_EQ(sessionId, args.sessionId);
478 EXPECT_EQ(keyStatusList, args.keyStatusList);
479 EXPECT_TRUE(args.hasNewUsableKey);
480}
481
482/**
483 * Test SessionLostState is triggered on error
484 */
485TEST_P(DrmHalClearkeyTest, SessionLostState) {
486 auto listener = ndk::SharedRefBase::make<DrmHalPluginListener>();
487 auto res = drmPlugin->setListener(listener);
488 EXPECT_OK(res);
489
490 res = drmPlugin->setPropertyString(kDrmErrorTestKey, kDrmErrorInvalidState);
491 EXPECT_OK(res);
492
493 auto sessionId = openSession();
494 auto ret = drmPlugin->closeSession(sessionId);
495
496 auto args = listener->getSessionLostStateArgs();
497 EXPECT_EQ(sessionId, args.sessionId);
498}
499
500/**
501 * Negative decrypt test. Decrypt with invalid key.
502 */
503TEST_P(DrmHalClearkeyTest, DecryptWithEmptyKey) {
504 vector<uint8_t> iv(AES_BLOCK_SIZE, 0);
505 const Pattern noPattern = {0, 0};
506 const uint32_t kClearBytes = 512;
507 const uint32_t kEncryptedBytes = 512;
508 const vector<SubSample> subSamples = {
509 {.numBytesOfClearData = kClearBytes, .numBytesOfEncryptedData = kEncryptedBytes}};
510
511 // base 64 encoded JSON response string, must not contain padding character '='
512 const string emptyKeyResponse =
513 "{\"keys\":["
514 "{"
515 "\"kty\":\"oct\""
516 "\"alg\":\"A128KW2\""
517 "\"k\":\"SGVsbG8gRnJpZW5kIQ\""
518 "\"kid\":\"Y2xlYXJrZXlrZXlpZDAyAy\""
519 "}"
520 "{"
521 "\"kty\":\"oct\","
522 "\"alg\":\"A128KW2\""
523 "\"kid\":\"Y2xlYXJrZXlrZXlpZDAzAy\"," // empty key follows
524 "\"k\":\"R\""
525 "}]"
526 "}";
527 const size_t kEmptyKeyResponseSize = emptyKeyResponse.size();
528
529 vector<uint8_t> invalidResponse;
530 invalidResponse.resize(kEmptyKeyResponseSize);
531 memcpy(invalidResponse.data(), emptyKeyResponse.c_str(), kEmptyKeyResponseSize);
532 decryptWithInvalidKeys(invalidResponse, iv, noPattern, subSamples);
533}
534
535/**
536 * Negative decrypt test. Decrypt with a key exceeds AES_BLOCK_SIZE.
537 */
538TEST_P(DrmHalClearkeyTest, DecryptWithKeyTooLong) {
539 vector<uint8_t> iv(AES_BLOCK_SIZE, 0);
540 const Pattern noPattern = {0, 0};
541 const uint32_t kClearBytes = 512;
542 const uint32_t kEncryptedBytes = 512;
543 const vector<SubSample> subSamples = {
544 {.numBytesOfClearData = kClearBytes, .numBytesOfEncryptedData = kEncryptedBytes}};
545
546 // base 64 encoded JSON response string, must not contain padding character '='
547 const string keyTooLongResponse =
548 "{\"keys\":["
549 "{"
550 "\"kty\":\"oct\","
551 "\"alg\":\"A128KW2\""
552 "\"kid\":\"Y2xlYXJrZXlrZXlpZDAzAy\"," // key too long
553 "\"k\":\"V2lubmllIHRoZSBwb29oIVdpbm5pZSB0aGUgcG9vaCE=\""
554 "}]"
555 "}";
556 const size_t kKeyTooLongResponseSize = keyTooLongResponse.size();
557
558 vector<uint8_t> invalidResponse;
559 invalidResponse.resize(kKeyTooLongResponseSize);
560 memcpy(invalidResponse.data(), keyTooLongResponse.c_str(), kKeyTooLongResponseSize);
561 decryptWithInvalidKeys(invalidResponse, iv, noPattern, subSamples);
562}