reenc_testing.html
9.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:w="urn:schemas-microsoft-com:office:word"
xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta name=ProgId content=Word.Document>
<meta name=Generator content="Microsoft Word 9">
<meta name=Originator content="Microsoft Word 9">
<link rel=File-List href="./reenc_testing_files/filelist.xml">
<title>Recrypt Test Plan</title>
<!--[if gte mso 9]><xml>
<o:DocumentProperties>
<o:Author>pramila</o:Author>
<o:Template>Normal</o:Template>
<o:LastAuthor>pramila</o:LastAuthor>
<o:Revision>8</o:Revision>
<o:TotalTime>36</o:TotalTime>
<o:Created>2003-08-28T22:38:00Z</o:Created>
<o:LastSaved>2003-08-28T22:51:00Z</o:LastSaved>
<o:Pages>3</o:Pages>
<o:Words>613</o:Words>
<o:Characters>3498</o:Characters>
<o:Company>RouteFree</o:Company>
<o:Lines>29</o:Lines>
<o:Paragraphs>6</o:Paragraphs>
<o:CharactersWithSpaces>4295</o:CharactersWithSpaces>
<o:Version>9.2720</o:Version>
</o:DocumentProperties>
</xml><![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0in;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;
mso-header-margin:.5in;
mso-footer-margin:.5in;
mso-paper-source:0;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:667556550;
mso-list-type:hybrid;
mso-list-template-ids:-1778322718 67698703 67698689 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
-->
</style>
</head>
<body lang=EN-US style='tab-interval:.5in'>
<div class=Section1>
<h1>Reencryption Testing</h1>
<h2>API Calls</h2>
<p class=MsoNormal><i>int skRecryptListValid(void *pList)</i>,<br>
<i><br>
int skRecryptBegin(BbTicketBundle *ticketBundle, BbAppLaunchCrls *crls, void
*pList)</i>, <br>
<br>
<i>int skRecryptData(u8 *data, u32 size)</i>, <br>
<br>
<i>int skRecryptComputeState(u8 *data, u32 size)</i>,<br>
<br>
<i>int skRecryptEnd(void *pList)</i>, <br>
<br>
All calls return SK_API_SUCCESS or SK_API_FAIL</p>
<h2>Correct Sequence of Calls</h2>
<p class=MsoNormal>For a new piece of content:<br>
<br>
skRecryptBegin()<br>
while (!done) <br>
skRecryptData();<br>
skRecryptEnd();<br>
<br>
For case where reencryption was tried and failed for some reason<br>
<br>
skRecryptBegin()<br>
while (!atStart)<br>
skRecryptComputeState();<br>
while (!done)<br>
skRecryptData();</p>
<h2>Functional Test Coverage</h2>
<h3>General negative tests</h3>
<p class=MsoNormal>1. All cases of invalid addresses for each entry point. Use
full range of KSEG1.<br>
<br>
2. All case of invalid key list, size > 16k, signature invalid for each
entry point taking the Key list.</p>
<h3>skRecryptListValid()</h3>
<h4>Code Paths</h4>
<p class=MsoNormal>Invalid list covered by general negative tests<br>
Valid list</p>
<h3>skRecryptBegin()</h3>
<h4>Internal state used</h4>
<p class=MsoNormal>gCmdh set (in ticket processing)<br>
gRecryptState, set to RECRYPT_RECOVERY, or RECRYPT_DATA<br>
gRecryptKey set<br>
gSha reset<br>
gBytesProcessed set to 0<br>
gRecryptHwAesChain set to -<br>
gTikh set<br>
<br>
Assume ticket and revocation list testing is done in Launch, so not necessary
to test fully here, since call sequence is identical.</p>
<h4>Code Paths</h4>
<p class=MsoNormal>Ticket with no re-encryption required - should fail.<br>
Invalid key list - should start a new list of length 0 and add an entry<br>
Valid key list with no entry.<br>
<br>
Key list with entry that has SK_API_RECRYPT_INCOMPLETE<br>
this is treated as recovery case<br>
<br>
Key list with entry that is not SK_API_RECRYPT_INCOMPLETE <br>
this is treated as the case of starting from scratch</p>
<h3>skRecryptData()</h3>
<h4>Internal state used</h4>
<p class=MsoNormal>gRecryptState read and set<br>
gRecryptCipher read<br>
gRecryptHwAesChain, read and set<br>
gSha set<br>
gCmdh read<br>
gBytesProcessed set</p>
<h4>Code paths</h4>
<p class=MsoNormal style='margin-bottom:12.0pt'>If gRecryptState is
RECRYPT_RECOVERY or not.<br>
Input buffer size not a multiple of PI_BUFFER_DATA_SIZE/2, and greater than
buffer long.</p>
<h3>skRecryptComputeState()</h3>
<h4>Internal state use</h4>
<p class=MsoNormal>gRecryptCipher read<br>
gRecryptRecoverIv set<br>
gRRecryptKey read<br>
gRecryptHwAesChain, read and set<br>
gSha set<br>
gCmdh read<br>
gBytesProcessed set</p>
<h4>Code paths</h4>
<p class=MsoNormal>Input buffer size not a multiple of PI_BUFFER_DATA_SIZE/2,
and greater than buffer long.</p>
<h3>skRecryptEnd()</h3>
<h4>Internal state used</h4>
<p class=MsoNormal>gSha read<br>
gCmdh read</p>
<h4>Code paths</h4>
<p class=MsoNormal style='margin-bottom:12.0pt'>Hash miscompare<br>
Fail to update reencryption list entry <br>
Invalid list covered by general negative tests<br>
No entry on the list which matches<br>
Matching hash, valid list.</p>
<h2>Tests</h2>
<h3>Functional Tests for Complete Code Path Coverage</h3>
<h3>Method:</h3>
<p class=MsoNormal>Test using the library calls, using the following entry
points repeatedly with different files:</p>
<p class=MsoNormal>osBbSaGamePreLaunch to call skRecryptBegin and skRecryptData</p>
<p class=MsoNormal>osBbSaGamePersonalize to call skRecryptComputeState and skRecryptData</p>
<p class=MsoNormal><![if !supportEmptyParas]> <![endif]><o:p></o:p></p>
<p class=MsoNormal>The following tests will exercise the code paths listed
above:</p>
<p class=MsoNormal><![if !supportEmptyParas]> <![endif]><o:p></o:p></p>
<ol style='margin-top:0in' start=1 type=1>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Exercise
all null pointer tests at API level.</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Exercise
skRecryptListValid(?) at API level, positive and negative test for
signature.</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Ticket
says no reencryption required, check return code FAIL.</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>No key
list, new content piece, invalid ticket (alter signature), check return
code FAIL</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>No key
list, new content piece, good ticket bundle, let reenc proceed and check
SUCCESS. Save key list.</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Start
reenc with above key list, stop randomly before completion, restart and
proceed to completion. Try a few random points of stopping before
completion. In each case check return code.</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Start
reenc, stop randomly before completion with different CIDs to populate the
key list.</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Search
for each cid on the list and ensure the number of entries on list did not
change. (if seach failed, it wipes out the list).</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Corrupt
sign on key list, start reenc and proceed to completion, check that only
one item on key list. Check CID. (it has been wiped out and new one
created in its place).</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Check
various content sizes, to exercise integer and non-integer multiples of
PI_BUFFER_DATA_SIZE</li>
<li class=MsoNormal style='mso-list:l0 level1 lfo1;tab-stops:list .5in'>Start
with good key list, stop reenc, replace with another sometime before
skRecryptEnd is called: all negative cases:</li>
<ul style='margin-top:0in' type=disc>
<li class=MsoNormal style='mso-list:l0 level2 lfo1;tab-stops:list 1.0in'>Good
key list but that cid is not there</li>
<li class=MsoNormal style='mso-list:l0 level2 lfo1;tab-stops:list 1.0in'>Bad
signature on key list</li>
<li class=MsoNormal style='mso-list:l0 level2 lfo1;tab-stops:list 1.0in'>Status
not incomplete.</li>
<li class=MsoNormal style='mso-list:l0 level2 lfo1;tab-stops:list 1.0in'>Ticket
is otherwise good, but hash is incorrect.</li>
</ul>
</ol>
<p class=MsoNormal><![if !supportEmptyParas]> <![endif]><o:p></o:p></p>
<p class=MsoNormal>Additional tests to cover corner cases on the library:</p>
<p class=MsoNormal><![if !supportEmptyParas]> <![endif]><o:p></o:p></p>
<h3>Random API testing</h3>
<p class=MsoNormal style='margin-bottom:12.0pt'>To ensure that there is no
possibility of internal issues, make random API calls using random input data,
then run a correct functional test.<br>
This should probably extend to all API's, since some internal state may be used
by other SK functions?<br style='mso-special-character:line-break'>
<![if !supportLineBreakNewLine]><br style='mso-special-character:line-break'>
<![endif]></p>
</div>
</body>
</html>