widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Squashed merge 3 CLs.

Browse Source 
1. "Change CdmResponseType from enum into a struct"
Merged from http://go/wvgerrit/163199
Bug: 253271674

2. "Log request information when server returns 401"
Bug: 260760387
Bug: 186031735
Merged from http://go/wvgerrit/162798

3. "Specify server version on the command line"
Bug: 251599048
Merged from http://go/wvgerrit/158897

Test: build android.hardware.drm-service.widevine
Test: Netflix and Play Movies & TV
Test: build_and_run_all_unit_tests.sh

Bug: 253271674
Change-Id: I70c950acce070609ee0343920ec68e66b058bc23
This commit is contained in:
Robert Shih
2022-11-16 10:02:18 -08:00
committed by Edwin Wong
parent ac9641ae13
commit 096b0eda5a
46 changed files with 1726 additions and 1443 deletions
Download Patch File Download Diff File Expand all files Collapse all files

339
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -33,22 +33,36 @@
// Example: STRINGIFY(this_argument) -> "this_argument"
#define STRINGIFY(PARAM) #PARAM
namespace {
bool WrapIfNecessary(bool ret_value) { return ret_value; }
wvcdm::CdmResponseType WrapIfNecessary(wvcdm::CdmResponseEnum ret_value) {
return wvcdm::CdmResponseType(ret_value);
}
wvcdm::CdmSecurityLevel WrapIfNecessary(wvcdm::CdmSecurityLevel ret_value) {
return ret_value;
}
OEMCryptoResult WrapIfNecessary(OEMCryptoResult ret_value) { return ret_value; }
} // namespace
#define RETURN_IF_NULL(PARAM, ret_value) \
if ((PARAM) == nullptr) { \
LOGE("Output parameter |" STRINGIFY(PARAM) "| not provided"); \
return ret_value; \
return WrapIfNecessary(ret_value); \
}
#define RETURN_IF_UNINITIALIZED(ret_value) \
if (!IsInitialized()) { \
LOGE("Crypto session is not initialized"); \
return ret_value; \
return WrapIfNecessary(ret_value); \
}
#define RETURN_IF_NOT_OPEN(ret_value) \
if (!open_) { \
LOGE("Crypto session is not open"); \
return ret_value; \
return WrapIfNecessary(ret_value); \
}
#ifdef HAS_DUAL_KEY
@@ -104,7 +118,7 @@ constexpr size_t kMaxExternalDeviceIdLength = 64;
// are not universal but are OEMCrypto method specific. Those will be
// specified in the CryptoSession method rather than here.
CdmResponseType MapOEMCryptoResult(OEMCryptoResult result,
CdmResponseType default_status,
CdmResponseEnum default_status,
const char* crypto_session_method) {
if (result != OEMCrypto_SUCCESS) {
LOGE("Mapping OEMCrypto result: crypto_session_method = %s, result = %d",
@@ -114,17 +128,17 @@ CdmResponseType MapOEMCryptoResult(OEMCryptoResult result,
switch (result) {
case OEMCrypto_SUCCESS:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_NOT_IMPLEMENTED:
return NOT_IMPLEMENTED_ERROR;
return CdmResponseType(NOT_IMPLEMENTED_ERROR);
case OEMCrypto_ERROR_TOO_MANY_SESSIONS:
return INSUFFICIENT_CRYPTO_RESOURCES;
return CdmResponseType(INSUFFICIENT_CRYPTO_RESOURCES);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return default_status;
return CdmResponseType(default_status);
}
}
@@ -323,10 +337,10 @@ CdmResponseType CryptoSession::GetProvisioningMethod(
LOGE("OEMCrypto_GetProvisioningMethod failed: method = %d",
static_cast<int>(method));
metrics_->oemcrypto_provisioning_method_.SetError(method);
return GET_PROVISIONING_METHOD_ERROR;
return CdmResponseType(GET_PROVISIONING_METHOD_ERROR);
}
*token_type = type;
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
void CryptoSession::Init() {
@@ -531,7 +545,7 @@ CdmResponseType CryptoSession::GetTokenFromKeybox(
if (requested_security_level_ != kLevelDefault) return false;
return needs_keybox_provisioning_;
});
if (keybox_provisioning_required) return NEED_PROVISIONING;
if (keybox_provisioning_required) return CdmResponseType(NEED_PROVISIONING);
size_t key_data_length = KEYBOX_KEY_DATA_SIZE;
key_data->assign(key_data_length, '\0');
@@ -545,7 +559,7 @@ CdmResponseType CryptoSession::GetTokenFromKeybox(
});
if (OEMCrypto_SUCCESS == status) {
key_data->resize(key_data_length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
key_data->clear();
return MapOEMCryptoResult(status, GET_TOKEN_FROM_KEYBOX_ERROR,
@@ -567,7 +581,7 @@ CdmResponseType CryptoSession::GetTokenFromOemCert(
oem_cert->assign(oem_token_);
return true;
});
if (cache_success) return NO_ERROR;
if (cache_success) return CdmResponseType(NO_ERROR);
size_t oem_cert_length = CERTIFICATE_DATA_SIZE;
oem_cert->assign(oem_cert_length, '\0');
@@ -592,7 +606,7 @@ CdmResponseType CryptoSession::GetTokenFromOemCert(
oem_cert->resize(oem_cert_length);
WithOecSessionLock("GetTokenFromOemCert - set cache",
[&] { oem_token_ = *oem_cert; });
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
oem_cert->clear();
return MapOEMCryptoResult(status, GET_TOKEN_FROM_OEM_CERT_ERROR,
@@ -610,17 +624,18 @@ CdmResponseType CryptoSession::GetProvisioningToken(
RequestedSecurityLevel requested_security_level, std::string* token,
std::string* additional_token) {
if (token == nullptr || additional_token == nullptr) {
metrics_->crypto_session_get_token_.Increment(PARAMETER_NULL);
metrics_->crypto_session_get_token_.Increment(
CdmResponseType(PARAMETER_NULL));
RETURN_IF_NULL(token, PARAMETER_NULL);
RETURN_IF_NULL(additional_token, PARAMETER_NULL);
}
if (!IsInitialized()) {
metrics_->crypto_session_get_token_.Increment(
CRYPTO_SESSION_NOT_INITIALIZED);
return CRYPTO_SESSION_NOT_INITIALIZED;
CdmResponseType(CRYPTO_SESSION_NOT_INITIALIZED));
return CdmResponseType(CRYPTO_SESSION_NOT_INITIALIZED);
}
CdmResponseType status = UNKNOWN_CLIENT_TOKEN_TYPE;
CdmResponseType status(UNKNOWN_CLIENT_TOKEN_TYPE);
if (pre_provision_token_type_ == kClientTokenKeybox) {
status = GetTokenFromKeybox(requested_security_level, token);
} else if (pre_provision_token_type_ == kClientTokenOemCert) {
@@ -703,7 +718,7 @@ CdmResponseType CryptoSession::GetInternalDeviceUniqueId(
// implemented, so the OEMCrypto can continue to report the same device ID.
if (sts == OEMCrypto_SUCCESS) {
device_id->resize(device_id_length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
device_id->clear();
@@ -728,7 +743,7 @@ CdmResponseType CryptoSession::GetInternalDeviceUniqueId(
LOGD("Using null device ID");
constexpr size_t kKeyboxDeviceIdLength = 32;
device_id->assign(kKeyboxDeviceIdLength, '\0');
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
return MapOEMCryptoResult(sts, GET_DEVICE_ID_ERROR,
@@ -746,7 +761,7 @@ CdmResponseType CryptoSession::GetExternalDeviceUniqueId(
// the large OEM Public Cert to a smaller value.
*device_id = Sha256Hash(*device_id);
}
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
bool CryptoSession::GetApiVersion(uint32_t* version) {
@@ -823,7 +838,7 @@ CdmResponseType CryptoSession::GetProvisioningId(std::string* provisioning_id) {
(*provisioning_id)[i] = ~value;
}
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
if (pre_provision_token_type_ == kClientTokenKeybox) {
std::string token;
@@ -834,15 +849,15 @@ CdmResponseType CryptoSession::GetProvisioningId(std::string* provisioning_id) {
if (token.size() < 24) {
LOGE("Keybox token size too small: %zu", token.size());
return KEYBOX_TOKEN_TOO_SHORT;
return CdmResponseType(KEYBOX_TOKEN_TOO_SHORT);
}
provisioning_id->assign(reinterpret_cast<char*>(&token[8]), 16);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
LOGE("Unsupported pre-provision token type: %d",
static_cast<int>(pre_provision_token_type_));
return UNKNOWN_CLIENT_TOKEN_TYPE;
return CdmResponseType(UNKNOWN_CLIENT_TOKEN_TYPE);
}
uint8_t CryptoSession::GetSecurityPatchLevel() {
@@ -859,7 +874,7 @@ CdmResponseType CryptoSession::Open(
LOGD("Opening crypto session: requested_security_level = %s",
RequestedSecurityLevelToString(requested_security_level));
RETURN_IF_UNINITIALIZED(CRYPTO_SESSION_NOT_INITIALIZED);
if (open_) return NO_ERROR;
if (open_) return CdmResponseType(NO_ERROR);
if (!SetUpUsageTableHeader(requested_security_level)) {
// Ignore errors since we do not know when a session is opened,
@@ -922,9 +937,9 @@ CdmResponseType CryptoSession::Open(
if (!GetApiVersion(&api_version_)) {
LOGE("Failed to get API version");
return USAGE_SUPPORT_GET_API_FAILED;
return CdmResponseType(USAGE_SUPPORT_GET_API_FAILED);
}
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
void CryptoSession::Close() {
@@ -992,7 +1007,7 @@ CdmResponseType CryptoSession::PrepareAndSignLicenseRequest(
if (static_cast<int>(sts) == kRsaSsaPssSignatureLengthError) {
LOGE("OEMCrypto PrepareAndSignLicenseRequest result = %d",
static_cast<int>(sts));
return NEED_PROVISIONING;
return CdmResponseType(NEED_PROVISIONING);
}
return MapOEMCryptoResult(sts, GENERATE_SIGNATURE_ERROR,
"PrepareAndSignLicenseRequest");
@@ -1019,7 +1034,7 @@ CdmResponseType CryptoSession::PrepareAndSignLicenseRequest(
*core_message = std::move(combined_message);
// Truncate combined message to only contain the core message.
core_message->resize(core_message_length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
// TODO(b/174412779): Remove when b/170704368 is fixed.
// Temporary workaround. If this error is returned the only way to
@@ -1027,7 +1042,7 @@ CdmResponseType CryptoSession::PrepareAndSignLicenseRequest(
if (static_cast<int>(sts) == kRsaSsaPssSignatureLengthError) {
LOGE("OEMCrypto PrepareAndSignLicenseRequest result = %d",
static_cast<int>(sts));
return NEED_PROVISIONING;
return CdmResponseType(NEED_PROVISIONING);
}
return MapOEMCryptoResult(sts, GENERATE_SIGNATURE_ERROR,
"PrepareAndSignLicenseRequest");
@@ -1042,7 +1057,7 @@ CdmResponseType CryptoSession::UseSecondaryKey(bool dual_key) {
return MapOEMCryptoResult(sts, LOAD_KEY_ERROR, "UseSecondaryKey");
#else
return NO_ERROR;
return CdmResponseType(NO_ERROR);
#endif
}
@@ -1070,13 +1085,13 @@ CdmResponseType CryptoSession::LoadLicense(const std::string& signed_message,
switch (sts) {
case OEMCrypto_SUCCESS:
return KEY_ADDED;
return CdmResponseType(KEY_ADDED);
case OEMCrypto_ERROR_BUFFER_TOO_LARGE:
LOGE("LoadLicense buffer too large: size = %zu", combined_message.size());
return LOAD_LICENSE_ERROR;
return CdmResponseType(LOAD_LICENSE_ERROR);
case OEMCrypto_ERROR_TOO_MANY_KEYS:
LOGE("Too many keys in license");
return INSUFFICIENT_CRYPTO_RESOURCES;
return CdmResponseType(INSUFFICIENT_CRYPTO_RESOURCES);
default:
break;
}
@@ -1089,11 +1104,11 @@ CdmResponseType CryptoSession::PrepareAndSignRenewalRequest(
LOGV("Preparing and signing renewal request: id = %u", oec_session_id_);
if (signature == nullptr) {
LOGE("Output parameter |signature| not provided");
return PARAMETER_NULL;
return CdmResponseType(PARAMETER_NULL);
}
if (core_message == nullptr) {
LOGE("Output parameter |core_message| not provided");
return PARAMETER_NULL;
return CdmResponseType(PARAMETER_NULL);
}
OEMCryptoResult sts;
@@ -1139,7 +1154,7 @@ CdmResponseType CryptoSession::PrepareAndSignRenewalRequest(
*core_message = std::move(combined_message);
// Truncate combined message to only contain the core message.
core_message->resize(core_message_length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
return MapOEMCryptoResult(sts, GENERATE_SIGNATURE_ERROR,
"PrepareAndSignRenewalRequest");
@@ -1161,11 +1176,11 @@ CdmResponseType CryptoSession::LoadRenewal(const std::string& signed_message,
metrics_, oemcrypto_load_renewal_, sts);
});
if (sts == OEMCrypto_SUCCESS) {
return KEY_ADDED;
return CdmResponseType(KEY_ADDED);
}
if (sts == OEMCrypto_ERROR_BUFFER_TOO_LARGE) {
LOGE("Buffer too large: size = %zu", combined_message.size());
return LOAD_RENEWAL_ERROR;
return CdmResponseType(LOAD_RENEWAL_ERROR);
}
return MapOEMCryptoResult(sts, LOAD_RENEWAL_ERROR, "LoadRenewal");
}
@@ -1176,11 +1191,11 @@ CdmResponseType CryptoSession::PrepareAndSignProvisioningRequest(
LOGV("Preparing and signing provisioning request: id = %u", oec_session_id_);
if (signature == nullptr) {
LOGE("Output parameter |signature| not provided");
return PARAMETER_NULL;
return CdmResponseType(PARAMETER_NULL);
}
if (core_message == nullptr) {
LOGE("Output parameter |core_message| not provided");
return PARAMETER_NULL;
return CdmResponseType(PARAMETER_NULL);
}
if (pre_provision_token_type_ == kClientTokenKeybox) {
@@ -1194,7 +1209,7 @@ CdmResponseType CryptoSession::PrepareAndSignProvisioningRequest(
}
} else {
LOGE("Unknown method %d", pre_provision_token_type_);
return UNKNOWN_CLIENT_TOKEN_TYPE;
return CdmResponseType(UNKNOWN_CLIENT_TOKEN_TYPE);
}
OEMCryptoResult sts;
@@ -1240,7 +1255,7 @@ CdmResponseType CryptoSession::PrepareAndSignProvisioningRequest(
*core_message = std::move(combined_message);
// Truncate combined message to only contain the core message.
core_message->resize(core_message_length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
return MapOEMCryptoResult(sts, GENERATE_SIGNATURE_ERROR,
"PrepareAndSignProvisioningRequest");
@@ -1254,19 +1269,19 @@ CdmResponseType CryptoSession::LoadEntitledContentKeys(
switch (sts) {
case OEMCrypto_SUCCESS:
return KEY_ADDED;
return CdmResponseType(KEY_ADDED);
case OEMCrypto_ERROR_INSUFFICIENT_RESOURCES:
return INSUFFICIENT_CRYPTO_RESOURCES;
return CdmResponseType(INSUFFICIENT_CRYPTO_RESOURCES);
case OEMCrypto_ERROR_INVALID_CONTEXT:
return NOT_AN_ENTITLEMENT_SESSION;
return CdmResponseType(NOT_AN_ENTITLEMENT_SESSION);
case OEMCrypto_KEY_NOT_ENTITLED:
return NO_MATCHING_ENTITLEMENT_KEY;
return CdmResponseType(NO_MATCHING_ENTITLEMENT_KEY);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return LOAD_ENTITLED_CONTENT_KEYS_ERROR;
return CdmResponseType(LOAD_ENTITLED_CONTENT_KEYS_ERROR);
}
}
@@ -1310,11 +1325,12 @@ CdmResponseType CryptoSession::GetBootCertificateChain(
LOGV("requested_security_level = %s",
RequestedSecurityLevelToString(requested_security_level));
if (pre_provision_token_type_ != kClientTokenBootCertChain) {
return PROVISIONING_TYPE_IS_NOT_BOOT_CERTIFICATE_CHAIN_ERROR;
return CdmResponseType(
PROVISIONING_TYPE_IS_NOT_BOOT_CERTIFICATE_CHAIN_ERROR);
}
if (requested_security_level != kLevelDefault) {
LOGE("CDM only supports L1 BCC");
return NOT_IMPLEMENTED_ERROR;
return CdmResponseType(NOT_IMPLEMENTED_ERROR);
}
size_t bcc_length = 0;
@@ -1340,7 +1356,7 @@ CdmResponseType CryptoSession::GetBootCertificateChain(
}
bcc->resize(bcc_length);
additional_signature->resize(additional_signature_length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
CdmResponseType CryptoSession::GenerateCertificateKeyPair(
@@ -1402,10 +1418,10 @@ CdmResponseType CryptoSession::GenerateCertificateKeyPair(
} else {
LOGE("Unexpected key type returned from GenerateCertificateKeyPair: %d",
static_cast<int>(oemcrypto_key_type));
return GENERATE_CERTIFICATE_KEY_PAIR_UNKNOWN_TYPE_ERROR;
return CdmResponseType(GENERATE_CERTIFICATE_KEY_PAIR_UNKNOWN_TYPE_ERROR);
}
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
CdmResponseType CryptoSession::LoadOemCertificatePrivateKey(
@@ -1442,36 +1458,36 @@ CdmResponseType CryptoSession::SelectKey(const std::string& key_id,
switch (sts) {
// SelectKey errors.
case OEMCrypto_SUCCESS:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_KEY_EXPIRED:
return NEED_KEY;
return CdmResponseType(NEED_KEY);
case OEMCrypto_ERROR_INVALID_SESSION:
return INVALID_SESSION_1;
return CdmResponseType(INVALID_SESSION_1);
case OEMCrypto_ERROR_NO_DEVICE_KEY:
return NO_DEVICE_KEY_1;
return CdmResponseType(NO_DEVICE_KEY_1);
case OEMCrypto_ERROR_NO_CONTENT_KEY:
return NO_CONTENT_KEY_2;
return CdmResponseType(NO_CONTENT_KEY_2);
case OEMCrypto_ERROR_CONTROL_INVALID:
case OEMCrypto_ERROR_KEYBOX_INVALID:
return UNKNOWN_SELECT_KEY_ERROR_2;
return CdmResponseType(UNKNOWN_SELECT_KEY_ERROR_2);
case OEMCrypto_ERROR_INSUFFICIENT_RESOURCES:
return INSUFFICIENT_CRYPTO_RESOURCES;
return CdmResponseType(INSUFFICIENT_CRYPTO_RESOURCES);
case OEMCrypto_ERROR_UNKNOWN_FAILURE:
return UNKNOWN_SELECT_KEY_ERROR_1;
return CdmResponseType(UNKNOWN_SELECT_KEY_ERROR_1);
case OEMCrypto_ERROR_ANALOG_OUTPUT:
return ANALOG_OUTPUT_ERROR;
return CdmResponseType(ANALOG_OUTPUT_ERROR);
case OEMCrypto_ERROR_INSUFFICIENT_HDCP:
return INSUFFICIENT_OUTPUT_PROTECTION;
return CdmResponseType(INSUFFICIENT_OUTPUT_PROTECTION);
// LoadEntitledContentKeys errors.
// |key_session_| may make calls to OEMCrypto_LoadEntitledContentKeys
// if the key selected has not yet been loaded.
case OEMCrypto_ERROR_INVALID_CONTEXT:
return NOT_AN_ENTITLEMENT_SESSION;
return CdmResponseType(NOT_AN_ENTITLEMENT_SESSION);
case OEMCrypto_KEY_NOT_ENTITLED:
return NO_MATCHING_ENTITLEMENT_KEY;
return CdmResponseType(NO_MATCHING_ENTITLEMENT_KEY);
// Obsolete errors.
case OEMCrypto_KEY_NOT_LOADED:
return NO_CONTENT_KEY_3;
return CdmResponseType(NO_CONTENT_KEY_3);
// Catch all else.
default:
return MapOEMCryptoResult(sts, UNKNOWN_SELECT_KEY_ERROR_2, "SelectKey");
@@ -1524,7 +1540,7 @@ CdmResponseType CryptoSession::GenerateRsaSignature(const std::string& message,
if (OEMCrypto_SUCCESS == sts) {
// Trim signature buffer and done
signature->resize(length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
if (OEMCrypto_ERROR_SHORT_BUFFER != sts) {
break;
@@ -1565,22 +1581,23 @@ size_t CryptoSession::GetMaxSubsampleRegionSize() {
CdmResponseType CryptoSession::Decrypt(
const CdmDecryptionParametersV16& params) {
if (!is_destination_buffer_type_valid_) {
if (!SetDestinationBufferType()) return UNKNOWN_ERROR;
if (!SetDestinationBufferType()) return CdmResponseType(UNKNOWN_ERROR);
}
OEMCryptoBufferType output_descriptor_type =
params.is_secure ? destination_buffer_type_ : OEMCrypto_BufferType_Clear;
if (params.is_secure &&
output_descriptor_type == OEMCrypto_BufferType_Clear) {
return SECURE_BUFFER_REQUIRED;
return CdmResponseType(SECURE_BUFFER_REQUIRED);
}
if (params.samples.size() == 0) return CANNOT_DECRYPT_ZERO_SAMPLES;
if (params.samples.size() == 0)
return CdmResponseType(CANNOT_DECRYPT_ZERO_SAMPLES);
if (std::any_of(std::begin(params.samples), std::end(params.samples),
[](const CdmDecryptionSample& sample) -> bool {
return sample.subsamples.size() == 0;
})) {
return CANNOT_DECRYPT_ZERO_SUBSAMPLES;
return CdmResponseType(CANNOT_DECRYPT_ZERO_SUBSAMPLES);
}
// Convert all the sample and subsample definitions to OEMCrypto structs.
@@ -1671,11 +1688,12 @@ CdmResponseType CryptoSession::Decrypt(
// Check that the total size is valid
if (sample_size != oec_sample.buffers.input_data_length)
return SAMPLE_AND_SUBSAMPLE_SIZE_MISMATCH;
return CdmResponseType(SAMPLE_AND_SUBSAMPLE_SIZE_MISMATCH);
// Set up the sample's IV
if (is_any_subsample_protected) {
if (sizeof(oec_sample.iv) != sample.iv.size()) return INVALID_IV_SIZE;
if (sizeof(oec_sample.iv) != sample.iv.size())
return CdmResponseType(INVALID_IV_SIZE);
memcpy(oec_sample.iv, sample.iv.data(), sizeof(oec_sample.iv));
} else {
memset(oec_sample.iv, 0, sizeof(oec_sample.iv));
@@ -1732,28 +1750,28 @@ CdmResponseType CryptoSession::Decrypt(
switch (sts) {
case OEMCrypto_SUCCESS:
case OEMCrypto_WARNING_MIXED_OUTPUT_PROTECTION:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_INSUFFICIENT_RESOURCES:
return INSUFFICIENT_CRYPTO_RESOURCES;
return CdmResponseType(INSUFFICIENT_CRYPTO_RESOURCES);
case OEMCrypto_ERROR_KEY_EXPIRED:
return NEED_KEY;
return CdmResponseType(NEED_KEY);
case OEMCrypto_ERROR_INVALID_SESSION:
return INVALID_SESSION_2;
return CdmResponseType(INVALID_SESSION_2);
case OEMCrypto_ERROR_DECRYPT_FAILED:
case OEMCrypto_ERROR_UNKNOWN_FAILURE:
return DECRYPT_ERROR;
return CdmResponseType(DECRYPT_ERROR);
case OEMCrypto_ERROR_INSUFFICIENT_HDCP:
return INSUFFICIENT_OUTPUT_PROTECTION;
return CdmResponseType(INSUFFICIENT_OUTPUT_PROTECTION);
case OEMCrypto_ERROR_ANALOG_OUTPUT:
return ANALOG_OUTPUT_ERROR;
return CdmResponseType(ANALOG_OUTPUT_ERROR);
case OEMCrypto_ERROR_OUTPUT_TOO_LARGE:
return OUTPUT_TOO_LARGE_ERROR;
return CdmResponseType(OUTPUT_TOO_LARGE_ERROR);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return UNKNOWN_ERROR;
return CdmResponseType(UNKNOWN_ERROR);
}
}
@@ -1816,15 +1834,15 @@ CdmResponseType CryptoSession::DeactivateUsageInformation(
switch (status) {
case OEMCrypto_SUCCESS:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_INVALID_CONTEXT:
return KEY_CANCELED;
return CdmResponseType(KEY_CANCELED);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return DEACTIVATE_USAGE_ENTRY_ERROR;
return CdmResponseType(DEACTIVATE_USAGE_ENTRY_ERROR);
}
}
@@ -1880,12 +1898,13 @@ CdmResponseType CryptoSession::GenerateUsageReport(
"Parsed usage report smaller than expected: "
"usage_length = %zu, report_size = %zu",
usage_length, pst_report.report_size());
return NO_ERROR; // usage report available but no duration information
return CdmResponseType(
NO_ERROR); // usage report available but no duration information
}
if (kUnused == pst_report.status()) {
*usage_duration_status = kUsageDurationPlaybackNotBegun;
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
LOGV("OEMCrypto_PST_Report.status: %d\n",
static_cast<int>(pst_report.status()));
@@ -1905,7 +1924,7 @@ CdmResponseType CryptoSession::GenerateUsageReport(
if (kInactiveUnused == pst_report.status()) {
*usage_duration_status = kUsageDurationPlaybackNotBegun;
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
// Before OEMCrypto v13, When usage report state is inactive, we have to
// deduce whether the license was ever used.
@@ -1914,13 +1933,13 @@ CdmResponseType CryptoSession::GenerateUsageReport(
pst_report.seconds_since_license_received() <
pst_report.seconds_since_first_decrypt())) {
*usage_duration_status = kUsageDurationPlaybackNotBegun;
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
*usage_duration_status = kUsageDurationsValid;
*seconds_since_started = pst_report.seconds_since_first_decrypt();
*seconds_since_last_played = pst_report.seconds_since_last_decrypt();
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
bool CryptoSession::IsAntiRollbackHwPresent() {
@@ -1965,7 +1984,7 @@ CdmResponseType CryptoSession::LoadProvisioning(
LOGV("Loading provisioning certificate: id = %u", oec_session_id_);
if (wrapped_private_key == nullptr) {
LOGE("Missing wrapped |wrapped_private_key|");
return PARAMETER_NULL;
return CdmResponseType(PARAMETER_NULL);
}
const std::string combined_message = core_message + signed_message;
@@ -2003,7 +2022,7 @@ CdmResponseType CryptoSession::LoadProvisioning(
if (status == OEMCrypto_SUCCESS) {
wrapped_private_key->resize(wrapped_private_key_length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
wrapped_private_key->clear();
return MapOEMCryptoResult(status, LOAD_PROVISIONING_ERROR,
@@ -2137,13 +2156,13 @@ CdmResponseType CryptoSession::GetSrmVersion(uint16_t* srm_version) {
// returned.
switch (status) {
case OEMCrypto_SUCCESS:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_LOCAL_DISPLAY_ONLY:
LOGD("No SRM: Local display only");
return NO_SRM_VERSION;
return CdmResponseType(NO_SRM_VERSION);
case OEMCrypto_ERROR_NOT_IMPLEMENTED:
LOGD("No SRM: Not implemented");
return NO_SRM_VERSION;
return CdmResponseType(NO_SRM_VERSION);
default:
return MapOEMCryptoResult(status, GET_SRM_VERSION_ERROR,
"GetCurrentSRMVersion");
@@ -2366,15 +2385,15 @@ CdmResponseType CryptoSession::GetDecryptHashError(std::string* error_string) {
error_string->assign(std::to_string(sts));
error_string->append(",");
error_string->append(std::to_string(failed_frame_number));
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
case OEMCrypto_ERROR_UNKNOWN_FAILURE:
case OEMCrypto_ERROR_NOT_IMPLEMENTED:
default:
return GET_DECRYPT_HASH_ERROR;
return CdmResponseType(GET_DECRYPT_HASH_ERROR);
}
}
@@ -2389,7 +2408,7 @@ CdmResponseType CryptoSession::GenericEncrypt(const std::string& in_buffer,
OEMCrypto_Algorithm oec_algorithm = OEMCrypto_AES_CBC_128_NO_PADDING;
if (iv.size() != GenericEncryptionBlockSize(algorithm) ||
!GetGenericEncryptionAlgorithm(algorithm, &oec_algorithm)) {
return INVALID_PARAMETERS_ENG_13;
return CdmResponseType(INVALID_PARAMETERS_ENG_13);
}
if (out_buffer->size() < in_buffer.size()) {
@@ -2422,20 +2441,20 @@ CdmResponseType CryptoSession::GenericEncrypt(const std::string& in_buffer,
switch (sts) {
case OEMCrypto_SUCCESS:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_KEY_EXPIRED:
return NEED_KEY;
return CdmResponseType(NEED_KEY);
case OEMCrypto_ERROR_NO_CONTENT_KEY:
case OEMCrypto_KEY_NOT_LOADED: // obsolete in v15.
return KEY_NOT_FOUND_3;
return CdmResponseType(KEY_NOT_FOUND_3);
case OEMCrypto_ERROR_OUTPUT_TOO_LARGE:
return OUTPUT_TOO_LARGE_ERROR;
return CdmResponseType(OUTPUT_TOO_LARGE_ERROR);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return UNKNOWN_ERROR;
return CdmResponseType(UNKNOWN_ERROR);
}
}
@@ -2450,7 +2469,7 @@ CdmResponseType CryptoSession::GenericDecrypt(const std::string& in_buffer,
OEMCrypto_Algorithm oec_algorithm = OEMCrypto_AES_CBC_128_NO_PADDING;
if (iv.size() != GenericEncryptionBlockSize(algorithm) ||
!GetGenericEncryptionAlgorithm(algorithm, &oec_algorithm)) {
return INVALID_PARAMETERS_ENG_14;
return CdmResponseType(INVALID_PARAMETERS_ENG_14);
}
if (out_buffer->size() < in_buffer.size()) {
@@ -2483,20 +2502,20 @@ CdmResponseType CryptoSession::GenericDecrypt(const std::string& in_buffer,
switch (sts) {
case OEMCrypto_SUCCESS:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_KEY_EXPIRED:
return NEED_KEY;
return CdmResponseType(NEED_KEY);
case OEMCrypto_ERROR_NO_CONTENT_KEY:
case OEMCrypto_KEY_NOT_LOADED: // obsolete in v15.
return KEY_NOT_FOUND_4;
return CdmResponseType(KEY_NOT_FOUND_4);
case OEMCrypto_ERROR_OUTPUT_TOO_LARGE:
return OUTPUT_TOO_LARGE_ERROR;
return CdmResponseType(OUTPUT_TOO_LARGE_ERROR);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return UNKNOWN_ERROR;
return CdmResponseType(UNKNOWN_ERROR);
}
}
@@ -2509,7 +2528,7 @@ CdmResponseType CryptoSession::GenericSign(const std::string& message,
OEMCrypto_Algorithm oec_algorithm = OEMCrypto_HMAC_SHA256;
if (!GetGenericSigningAlgorithm(algorithm, &oec_algorithm)) {
return INVALID_PARAMETERS_ENG_15;
return CdmResponseType(INVALID_PARAMETERS_ENG_15);
}
OEMCryptoResult sts;
@@ -2538,7 +2557,7 @@ CdmResponseType CryptoSession::GenericSign(const std::string& message,
if (OEMCrypto_SUCCESS == sts) {
// Trim signature buffer and done
signature->resize(length);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
}
if (OEMCrypto_ERROR_SHORT_BUFFER != sts) {
break;
@@ -2552,18 +2571,18 @@ CdmResponseType CryptoSession::GenericSign(const std::string& message,
switch (sts) {
case OEMCrypto_ERROR_KEY_EXPIRED:
return NEED_KEY;
return CdmResponseType(NEED_KEY);
case OEMCrypto_ERROR_NO_CONTENT_KEY:
case OEMCrypto_KEY_NOT_LOADED: // obsolete in v15.
return KEY_NOT_FOUND_5;
return CdmResponseType(KEY_NOT_FOUND_5);
case OEMCrypto_ERROR_OUTPUT_TOO_LARGE:
return OUTPUT_TOO_LARGE_ERROR;
return CdmResponseType(OUTPUT_TOO_LARGE_ERROR);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return UNKNOWN_ERROR;
return CdmResponseType(UNKNOWN_ERROR);
}
}
@@ -2575,7 +2594,7 @@ CdmResponseType CryptoSession::GenericVerify(const std::string& message,
OEMCrypto_Algorithm oec_algorithm = OEMCrypto_HMAC_SHA256;
if (!GetGenericSigningAlgorithm(algorithm, &oec_algorithm)) {
return INVALID_PARAMETERS_ENG_16;
return CdmResponseType(INVALID_PARAMETERS_ENG_16);
}
// TODO(jfore): We need to select a key with a cipher mode and algorithm
@@ -2602,20 +2621,20 @@ CdmResponseType CryptoSession::GenericVerify(const std::string& message,
switch (sts) {
case OEMCrypto_SUCCESS:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_KEY_EXPIRED:
return NEED_KEY;
return CdmResponseType(NEED_KEY);
case OEMCrypto_ERROR_NO_CONTENT_KEY:
case OEMCrypto_KEY_NOT_LOADED: // obsolete in v15.
return KEY_NOT_FOUND_6;
return CdmResponseType(KEY_NOT_FOUND_6);
case OEMCrypto_ERROR_OUTPUT_TOO_LARGE:
return OUTPUT_TOO_LARGE_ERROR;
return CdmResponseType(OUTPUT_TOO_LARGE_ERROR);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return UNKNOWN_ERROR;
return CdmResponseType(UNKNOWN_ERROR);
}
}
@@ -2653,7 +2672,7 @@ CdmResponseType CryptoSession::CreateUsageTableHeader(
switch (result) {
case OEMCrypto_SUCCESS:
usage_table_header->resize(usage_table_header_size);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
default:
return MapOEMCryptoResult(result, CREATE_USAGE_TABLE_ERROR,
"CreateUsageTableHeader");
@@ -2686,18 +2705,18 @@ CdmResponseType CryptoSession::LoadUsageTableHeader(
switch (result) {
case OEMCrypto_SUCCESS:
case OEMCrypto_WARNING_GENERATION_SKEW:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_GENERATION_SKEW:
return LOAD_USAGE_HEADER_GENERATION_SKEW;
return CdmResponseType(LOAD_USAGE_HEADER_GENERATION_SKEW);
case OEMCrypto_ERROR_SIGNATURE_FAILURE:
return LOAD_USAGE_HEADER_SIGNATURE_FAILURE;
return CdmResponseType(LOAD_USAGE_HEADER_SIGNATURE_FAILURE);
case OEMCrypto_ERROR_BAD_MAGIC:
return LOAD_USAGE_HEADER_BAD_MAGIC;
return CdmResponseType(LOAD_USAGE_HEADER_BAD_MAGIC);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
case OEMCrypto_ERROR_UNKNOWN_FAILURE:
default:
return LOAD_USAGE_HEADER_UNKNOWN_ERROR;
return CdmResponseType(LOAD_USAGE_HEADER_UNKNOWN_ERROR);
}
}
@@ -2732,9 +2751,9 @@ CdmResponseType CryptoSession::ShrinkUsageTableHeader(
switch (result) {
case OEMCrypto_SUCCESS:
usage_table_header->resize(usage_table_header_len);
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_ENTRY_IN_USE:
return SHRINK_USAGE_TABLE_HEADER_ENTRY_IN_USE;
return CdmResponseType(SHRINK_USAGE_TABLE_HEADER_ENTRY_IN_USE);
default:
return MapOEMCryptoResult(result, SHRINK_USAGE_TABLE_HEADER_UNKNOWN_ERROR,
"ShrinkUsageTableHeader");
@@ -2759,15 +2778,15 @@ CdmResponseType CryptoSession::CreateUsageEntry(uint32_t* entry_number) {
switch (result) {
case OEMCrypto_SUCCESS:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_INSUFFICIENT_RESOURCES:
return INSUFFICIENT_CRYPTO_RESOURCES;
return CdmResponseType(INSUFFICIENT_CRYPTO_RESOURCES);
case OEMCrypto_ERROR_SESSION_LOST_STATE:
return SESSION_LOST_STATE_ERROR;
return CdmResponseType(SESSION_LOST_STATE_ERROR);
case OEMCrypto_ERROR_SYSTEM_INVALIDATED:
return SYSTEM_INVALIDATED_ERROR;
return CdmResponseType(SYSTEM_INVALIDATED_ERROR);
default:
return CREATE_USAGE_ENTRY_UNKNOWN_ERROR;
return CdmResponseType(CREATE_USAGE_ENTRY_UNKNOWN_ERROR);
}
}
@@ -2796,17 +2815,17 @@ CdmResponseType CryptoSession::LoadUsageEntry(
switch (result) {
case OEMCrypto_SUCCESS:
case OEMCrypto_WARNING_GENERATION_SKEW:
return NO_ERROR;
return CdmResponseType(NO_ERROR);
case OEMCrypto_ERROR_INVALID_SESSION:
// This case is special, as it could imply that the provided
// session ID is invalid (CDM internal bug), or that the entry
// being loaded is already in use in a different session.
// It is up to the caller to handle this.
return LOAD_USAGE_ENTRY_INVALID_SESSION;
return CdmResponseType(LOAD_USAGE_ENTRY_INVALID_SESSION);
case OEMCrypto_ERROR_GENERATION_SKEW:
return LOAD_USAGE_ENTRY_GENERATION_SKEW;
return CdmResponseType(LOAD_USAGE_ENTRY_GENERATION_SKEW);
case OEMCrypto_ERROR_SIGNATURE_FAILURE:
return LOAD_USAGE_ENTRY_SIGNATURE_FAILURE;
return CdmResponseType(LOAD_USAGE_ENTRY_SIGNATURE_FAILURE);
default:
return MapOEMCryptoResult(result, LOAD_USAGE_ENTRY_UNKNOWN_ERROR,
"LoadUsageEntry");
@@ -2868,7 +2887,7 @@ CdmResponseType CryptoSession::MoveUsageEntry(uint32_t new_entry_number) {
case OEMCrypto_ERROR_ENTRY_IN_USE:
LOGW("OEMCrypto_MoveEntry failed: Destination index in use: index = %u",
new_entry_number);
return MOVE_USAGE_ENTRY_DESTINATION_IN_USE;
return CdmResponseType(MOVE_USAGE_ENTRY_DESTINATION_IN_USE);
default:
return MapOEMCryptoResult(result, MOVE_USAGE_ENTRY_UNKNOWN_ERROR,
"MoveUsageEntry");
@@ -3219,7 +3238,7 @@ CdmResponseType CryptoSession::PrepareOtaProvisioningRequest(
"PrepareOtaProvisioningRequest");
if (buffer_length == 0) {
LOGE("OTA request size is zero");
return UNKNOWN_ERROR;
return CdmResponseType(UNKNOWN_ERROR);
}
request->resize(buffer_length);
uint8_t* buf = reinterpret_cast<uint8_t*>(&request->front());