Squashed merge 3 CLs.
1. "Change CdmResponseType from enum into a struct" Merged from http://go/wvgerrit/163199 Bug: 253271674 2. "Log request information when server returns 401" Bug: 260760387 Bug: 186031735 Merged from http://go/wvgerrit/162798 3. "Specify server version on the command line" Bug: 251599048 Merged from http://go/wvgerrit/158897 Test: build android.hardware.drm-service.widevine Test: Netflix and Play Movies & TV Test: build_and_run_all_unit_tests.sh Bug: 253271674 Change-Id: I70c950acce070609ee0343920ec68e66b058bc23
This commit is contained in:
Robert Shih
@@ -123,7 +123,7 @@ CdmResponseType CertificateProvisioning::SetSpoidParameter(
|
||||
ProvisioningRequest* request) {
|
||||
if (!request) {
|
||||
LOGE("Output parameter |request| is not provided");
|
||||
return PARAMETER_NULL;
|
||||
return CdmResponseType(PARAMETER_NULL);
|
||||
}
|
||||
if (!spoid.empty()) {
|
||||
// Use the SPOID that has been pre-provided
|
||||
@@ -133,7 +133,7 @@ CdmResponseType CertificateProvisioning::SetSpoidParameter(
|
||||
LOGE(
|
||||
"Failed to set provider ID: "
|
||||
"Service certificate provider ID is empty");
|
||||
return SERVICE_CERTIFICATE_PROVIDER_ID_EMPTY;
|
||||
return CdmResponseType(SERVICE_CERTIFICATE_PROVIDER_ID_EMPTY);
|
||||
}
|
||||
request->set_provider_id(service_certificate_->provider_id());
|
||||
} else if (origin != EMPTY_ORIGIN) {
|
||||
@@ -149,7 +149,7 @@ CdmResponseType CertificateProvisioning::SetSpoidParameter(
|
||||
}
|
||||
request->set_stable_id(device_unique_id + origin);
|
||||
} // No else clause, by design. It is valid to do nothing.
|
||||
return NO_ERROR;
|
||||
return CdmResponseType(NO_ERROR);
|
||||
}
|
||||
|
||||
// Return the provisioning protocol version - dictated by OEMCrypto
|
||||
@@ -191,7 +191,7 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequestInternal(
|
||||
if (!request || !default_url) {
|
||||
LOGE("Output parameter |%s| is not provided",
|
||||
request ? "default_url" : "request");
|
||||
return CERT_PROVISIONING_REQUEST_ERROR_1;
|
||||
return CdmResponseType(CERT_PROVISIONING_REQUEST_ERROR_1);
|
||||
}
|
||||
|
||||
default_url->assign(kProvisioningServerUrl);
|
||||
@@ -223,7 +223,7 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequestInternal(
|
||||
if (status != NO_ERROR) {
|
||||
LOGE("Failed to generate a nonce: status = %d", static_cast<int>(status));
|
||||
return status == NONCE_GENERATION_ERROR
|
||||
? CERT_PROVISIONING_NONCE_GENERATION_ERROR
|
||||
? CdmResponseType(CERT_PROVISIONING_NONCE_GENERATION_ERROR)
|
||||
: status;
|
||||
}
|
||||
|
||||
@@ -243,7 +243,7 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequestInternal(
|
||||
break;
|
||||
default:
|
||||
LOGE("Unknown certificate type: %d", static_cast<int>(cert_type));
|
||||
return CERT_PROVISIONING_INVALID_CERT_TYPE;
|
||||
return CdmResponseType(CERT_PROVISIONING_INVALID_CERT_TYPE);
|
||||
}
|
||||
|
||||
cert_type_ = cert_type;
|
||||
@@ -269,7 +269,7 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequestInternal(
|
||||
|
||||
if (request_signature.empty()) {
|
||||
LOGE("Request signature is empty");
|
||||
return CERT_PROVISIONING_REQUEST_ERROR_4;
|
||||
return CdmResponseType(CERT_PROVISIONING_REQUEST_ERROR_4);
|
||||
}
|
||||
|
||||
SignedProvisioningMessage signed_provisioning_msg;
|
||||
@@ -289,7 +289,7 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequestInternal(
|
||||
} else {
|
||||
*request = std::move(serialized_request);
|
||||
}
|
||||
return NO_ERROR;
|
||||
return CdmResponseType(NO_ERROR);
|
||||
}
|
||||
|
||||
CdmResponseType CertificateProvisioning::GetProvisioning40RequestInternal(
|
||||
@@ -298,19 +298,19 @@ CdmResponseType CertificateProvisioning::GetProvisioning40RequestInternal(
|
||||
std::string* default_url) {
|
||||
if (!crypto_session_->IsOpen()) {
|
||||
LOGE("Crypto session is not open");
|
||||
return PROVISIONING_4_CRYPTO_SESSION_NOT_OPEN;
|
||||
return CdmResponseType(PROVISIONING_4_CRYPTO_SESSION_NOT_OPEN);
|
||||
}
|
||||
|
||||
if (file_system == nullptr) {
|
||||
LOGE("file_system is nullptr but is required in provisioning 4");
|
||||
return PROVISIONING_4_FILE_SYSTEM_IS_NULL;
|
||||
return CdmResponseType(PROVISIONING_4_FILE_SYSTEM_IS_NULL);
|
||||
}
|
||||
const CdmSecurityLevel security_level = crypto_session_->GetSecurityLevel();
|
||||
wvutil::FileSystem global_file_system;
|
||||
DeviceFiles global_file_handle(&global_file_system);
|
||||
if (!global_file_handle.Init(security_level)) {
|
||||
LOGE("Failed to initialize global DeviceFiles");
|
||||
return PROVISIONING_4_FAILED_TO_INITIALIZE_DEVICE_FILES;
|
||||
return CdmResponseType(PROVISIONING_4_FAILED_TO_INITIALIZE_DEVICE_FILES);
|
||||
}
|
||||
|
||||
ProvisioningRequest provisioning_request;
|
||||
@@ -415,7 +415,7 @@ CdmResponseType CertificateProvisioning::GetProvisioning40RequestInternal(
|
||||
} else {
|
||||
*request = std::move(serialized_request);
|
||||
}
|
||||
return NO_ERROR;
|
||||
return CdmResponseType(NO_ERROR);
|
||||
}
|
||||
|
||||
CdmResponseType CertificateProvisioning::FillEncryptedClientId(
|
||||
@@ -433,7 +433,7 @@ CertificateProvisioning::FillEncryptedClientIdWithAdditionalParameter(
|
||||
ProvisioningRequest& provisioning_request,
|
||||
const ServiceCertificate& service_certificate) {
|
||||
if (!crypto_session_->IsOpen()) {
|
||||
return UNKNOWN_ERROR;
|
||||
return CdmResponseType(UNKNOWN_ERROR);
|
||||
}
|
||||
|
||||
wvcdm::ClientIdentification id;
|
||||
@@ -447,7 +447,7 @@ CertificateProvisioning::FillEncryptedClientIdWithAdditionalParameter(
|
||||
|
||||
if (!service_certificate.has_certificate()) {
|
||||
LOGE("Service certificate not staged");
|
||||
return CERT_PROVISIONING_EMPTY_SERVICE_CERTIFICATE;
|
||||
return CdmResponseType(CERT_PROVISIONING_EMPTY_SERVICE_CERTIFICATE);
|
||||
}
|
||||
|
||||
// Encrypt client identification
|
||||
@@ -461,7 +461,7 @@ CdmResponseType CertificateProvisioning::HandleProvisioning40Response(
|
||||
ProvisioningResponse provisioning_response;
|
||||
if (response_message.empty() ||
|
||||
!provisioning_response.ParseFromString(response_message)) {
|
||||
return PROVISIONING_4_RESPONSE_FAILED_TO_PARSE_MESSAGE;
|
||||
return CdmResponseType(PROVISIONING_4_RESPONSE_FAILED_TO_PARSE_MESSAGE);
|
||||
}
|
||||
if (provisioning_response.has_status() &&
|
||||
provisioning_response.status() != ProvisioningResponse::NO_ERROR) {
|
||||
@@ -469,9 +469,9 @@ CdmResponseType CertificateProvisioning::HandleProvisioning40Response(
|
||||
switch (provisioning_response.status()) {
|
||||
case ProvisioningResponse::REVOKED_DEVICE_CREDENTIALS:
|
||||
case ProvisioningResponse::REVOKED_DEVICE_SERIES:
|
||||
return DEVICE_REVOKED;
|
||||
return CdmResponseType(DEVICE_REVOKED);
|
||||
default:
|
||||
return PROVISIONING_4_RESPONSE_HAS_ERROR_STATUS;
|
||||
return CdmResponseType(PROVISIONING_4_RESPONSE_HAS_ERROR_STATUS);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -479,12 +479,12 @@ CdmResponseType CertificateProvisioning::HandleProvisioning40Response(
|
||||
provisioning_response.device_certificate();
|
||||
if (device_certificate.empty()) {
|
||||
LOGE("Provisioning response has no certificate");
|
||||
return PROVISIONING_4_RESPONSE_HAS_NO_CERTIFICATE;
|
||||
return CdmResponseType(PROVISIONING_4_RESPONSE_HAS_NO_CERTIFICATE);
|
||||
}
|
||||
|
||||
if (provisioning_40_wrapped_private_key_.empty()) {
|
||||
LOGE("No private key was generated");
|
||||
return PROVISIONING_4_NO_PRIVATE_KEY;
|
||||
return CdmResponseType(PROVISIONING_4_NO_PRIVATE_KEY);
|
||||
}
|
||||
const CryptoWrappedKey private_key(provisioning_40_key_type_,
|
||||
provisioning_40_wrapped_private_key_);
|
||||
@@ -495,7 +495,7 @@ CdmResponseType CertificateProvisioning::HandleProvisioning40Response(
|
||||
DeviceFiles global_file_handle(&global_file_system);
|
||||
if (!global_file_handle.Init(security_level)) {
|
||||
LOGE("Failed to initialize global DeviceFiles");
|
||||
return PROVISIONING_4_FAILED_TO_INITIALIZE_DEVICE_FILES_2;
|
||||
return CdmResponseType(PROVISIONING_4_FAILED_TO_INITIALIZE_DEVICE_FILES_2);
|
||||
}
|
||||
|
||||
// Check the stage of the provisioning by checking if an OEM cert is already
|
||||
@@ -505,23 +505,24 @@ CdmResponseType CertificateProvisioning::HandleProvisioning40Response(
|
||||
if (!global_file_handle.StoreOemCertificate(device_certificate,
|
||||
private_key)) {
|
||||
LOGE("Failed to store provisioning 4 OEM certificate");
|
||||
return PROVISIONING_4_FAILED_TO_STORE_OEM_CERTIFICATE;
|
||||
return CdmResponseType(PROVISIONING_4_FAILED_TO_STORE_OEM_CERTIFICATE);
|
||||
}
|
||||
} else {
|
||||
// The response is assumed to be an DRM cert.
|
||||
DeviceFiles per_origin_file_handle(file_system);
|
||||
if (!per_origin_file_handle.Init(security_level)) {
|
||||
LOGE("Failed to initialize per-origin DeviceFiles");
|
||||
return PROVISIONING_4_FAILED_TO_INITIALIZE_DEVICE_FILES_3;
|
||||
return CdmResponseType(
|
||||
PROVISIONING_4_FAILED_TO_INITIALIZE_DEVICE_FILES_3);
|
||||
}
|
||||
if (!per_origin_file_handle.StoreCertificate(device_certificate,
|
||||
private_key)) {
|
||||
LOGE("Failed to store provisioning 4 DRM certificate");
|
||||
return PROVISIONING_4_FAILED_TO_STORE_DRM_CERTIFICATE;
|
||||
return CdmResponseType(PROVISIONING_4_FAILED_TO_STORE_DRM_CERTIFICATE);
|
||||
}
|
||||
}
|
||||
|
||||
return NO_ERROR;
|
||||
return CdmResponseType(NO_ERROR);
|
||||
}
|
||||
|
||||
// The response message consists of a device certificate and the
|
||||
@@ -537,7 +538,7 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
std::string* wrapped_key) {
|
||||
if (response_message.empty()) {
|
||||
LOGE("Provisioning response message is empty");
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_1;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_1);
|
||||
}
|
||||
|
||||
std::string response;
|
||||
@@ -551,7 +552,7 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
if (!result || response.empty()) {
|
||||
LOGE("Provisioning response message is an invalid JSON/base64 string: %s",
|
||||
response.c_str());
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_1;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_1);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -561,7 +562,7 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
SignedProvisioningMessage signed_response;
|
||||
if (!signed_response.ParseFromString(response)) {
|
||||
LOGE("Failed to parse signed provisioining response");
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_2;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_2);
|
||||
}
|
||||
|
||||
if (signed_response.provisioning_type() ==
|
||||
@@ -585,7 +586,7 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
error = true;
|
||||
}
|
||||
|
||||
if (error) return CERT_PROVISIONING_RESPONSE_ERROR_3;
|
||||
if (error) return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_3);
|
||||
|
||||
const std::string& signed_message = signed_response.message();
|
||||
const std::string& signature = signed_response.signature();
|
||||
@@ -594,7 +595,7 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
ProvisioningResponse provisioning_response;
|
||||
if (!provisioning_response.ParseFromString(signed_message)) {
|
||||
LOGE("Failed to parse provisioning response");
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_4;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_4);
|
||||
}
|
||||
|
||||
if (provisioning_response.has_status()) {
|
||||
@@ -607,9 +608,9 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
break;
|
||||
case ProvisioningResponse::REVOKED_DEVICE_CREDENTIALS:
|
||||
case ProvisioningResponse::REVOKED_DEVICE_SERIES:
|
||||
return DEVICE_REVOKED;
|
||||
return CdmResponseType(DEVICE_REVOKED);
|
||||
default:
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_10;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_10);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -632,19 +633,19 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
if (cert_type_ == kCertificateX509) {
|
||||
*cert = device_cert_data;
|
||||
*wrapped_key = private_key.key();
|
||||
return NO_ERROR;
|
||||
return CdmResponseType(NO_ERROR);
|
||||
}
|
||||
|
||||
// Need to parse cert for key type.
|
||||
SignedDrmCertificate signed_device_cert;
|
||||
if (!signed_device_cert.ParseFromString(device_cert_data)) {
|
||||
LOGE("Failed to parse signed DRM certificate");
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_9;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_9);
|
||||
}
|
||||
DrmCertificate device_cert;
|
||||
if (!device_cert.ParseFromString(signed_device_cert.drm_certificate())) {
|
||||
LOGE("Failed to parse DRM certificate");
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_9;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_9);
|
||||
}
|
||||
if (!device_cert.has_algorithm()) {
|
||||
LOGW("DRM certificate does not specify algorithm type, assuming RSA");
|
||||
@@ -662,7 +663,7 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
default:
|
||||
LOGE("Unknown DRM key type: algorithm = %d",
|
||||
static_cast<int>(device_cert.algorithm()));
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_9;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_9);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -671,14 +672,14 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
|
||||
DeviceFiles handle(file_system);
|
||||
if (!handle.Init(security_level)) {
|
||||
LOGE("Failed to initialize DeviceFiles");
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_7;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_7);
|
||||
}
|
||||
if (!handle.StoreCertificate(device_cert_data, private_key)) {
|
||||
LOGE("Failed to store provisioning certificate");
|
||||
return CERT_PROVISIONING_RESPONSE_ERROR_8;
|
||||
return CdmResponseType(CERT_PROVISIONING_RESPONSE_ERROR_8);
|
||||
}
|
||||
|
||||
return NO_ERROR;
|
||||
return CdmResponseType(NO_ERROR);
|
||||
}
|
||||
|
||||
// Provisioning response is a base64-encoded protobuf, optionally within a
|
||||
|
||||
Reference in New Issue
Block a user