diff --git a/libwvdrmengine/cdm/core/include/crypto_session.h b/libwvdrmengine/cdm/core/include/crypto_session.h index ac81ef36..8e7385e4 100644 --- a/libwvdrmengine/cdm/core/include/crypto_session.h +++ b/libwvdrmengine/cdm/core/include/crypto_session.h @@ -145,7 +145,7 @@ class CryptoSession { bool GenerateRsaSignature(const std::string& message, std::string* signature); size_t GetOffset(std::string message, std::string field); bool SetDestinationBufferType(); - bool SelectKey(const std::string& key_id); + CdmResponseType SelectKey(const std::string& key_id); static const OEMCrypto_Algorithm kInvalidAlgorithm = static_cast(-1); diff --git a/libwvdrmengine/cdm/core/include/wv_cdm_types.h b/libwvdrmengine/cdm/core/include/wv_cdm_types.h index 37825af8..4908f269 100644 --- a/libwvdrmengine/cdm/core/include/wv_cdm_types.h +++ b/libwvdrmengine/cdm/core/include/wv_cdm_types.h @@ -237,18 +237,21 @@ enum CdmResponseType { KEY_NOT_FOUND_4, KEY_NOT_FOUND_5, KEY_NOT_FOUND_6, - KEY_ERROR_1, /* 200 */ - KEY_ERROR_2, - KEY_ERROR_3, - KEY_ERROR_4, + INVALID_SESSION_1, /* 200 */ + NO_DEVICE_KEY_1, + NO_CONTENT_KEY_2, + INSUFFICIENT_CRYPTO_RESOURCES_2, INVALID_PARAMETERS_ENG_13, INVALID_PARAMETERS_ENG_14, /* 205 */ INVALID_PARAMETERS_ENG_15, INVALID_PARAMETERS_ENG_16, DEVICE_CERTIFICATE_ERROR_5, CERT_PROVISIONING_CLIENT_TOKEN_ERROR_1, - CERT_PROVISIONING_CLIENT_TOKEN_ERROR_2, + CERT_PROVISIONING_CLIENT_TOKEN_ERROR_2, /* 210 */ LICENSING_CLIENT_TOKEN_ERROR_1, + ANALOG_OUTPUT_ERROR, + UNKNOWN_SELECT_KEY_ERROR_1, + UNKNOWN_SELECT_KEY_ERROR_2, }; enum CdmKeyStatus { diff --git a/libwvdrmengine/cdm/core/src/crypto_session.cpp b/libwvdrmengine/cdm/core/src/crypto_session.cpp index 2185be1c..96b4d886 100644 --- a/libwvdrmengine/cdm/core/src/crypto_session.cpp +++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp @@ -584,11 +584,11 @@ bool CryptoSession::RefreshKeys(const std::string& message, signature.size(), num_keys, &load_key_array[0])); } -bool CryptoSession::SelectKey(const std::string& key_id) { +CdmResponseType CryptoSession::SelectKey(const std::string& key_id) { // Crypto session lock already locked. if (!cached_key_id_.empty() && cached_key_id_ == key_id) { // Already using the desired key. - return true; + return NO_ERROR; } cached_key_id_ = key_id; @@ -599,11 +599,32 @@ bool CryptoSession::SelectKey(const std::string& key_id) { OEMCryptoResult sts = OEMCrypto_SelectKey(oec_session_id_, key_id_string, cached_key_id_.size()); - if (OEMCrypto_SUCCESS != sts) { - cached_key_id_.clear(); - return false; + if (OEMCrypto_SUCCESS != sts) cached_key_id_.clear(); + + switch (sts) { + case OEMCrypto_SUCCESS: + return NO_ERROR; + case OEMCrypto_ERROR_KEY_EXPIRED: + return NEED_KEY; + case OEMCrypto_ERROR_INSUFFICIENT_HDCP: + return INSUFFICIENT_OUTPUT_PROTECTION; + case OEMCrypto_ERROR_ANALOG_OUTPUT: + return ANALOG_OUTPUT_ERROR; + case OEMCrypto_ERROR_INVALID_SESSION: + return INVALID_SESSION_1; + case OEMCrypto_ERROR_NO_DEVICE_KEY: + return NO_DEVICE_KEY_1; + case OEMCrypto_ERROR_NO_CONTENT_KEY: + return NO_CONTENT_KEY_2; + case OEMCrypto_ERROR_INSUFFICIENT_RESOURCES: + return INSUFFICIENT_CRYPTO_RESOURCES_2; + case OEMCrypto_ERROR_UNKNOWN_FAILURE: + return UNKNOWN_SELECT_KEY_ERROR_1; + case OEMCrypto_ERROR_CONTROL_INVALID: + case OEMCrypto_ERROR_KEYBOX_INVALID: + default: + return UNKNOWN_SELECT_KEY_ERROR_2; } - return true; } bool CryptoSession::GenerateDerivedKeys(const std::string& message) { @@ -786,9 +807,8 @@ CdmResponseType CryptoSession::Decrypt(const CdmDecryptionParameters& params) { AutoLock auto_lock(crypto_lock_); // Check if key needs to be selected if (params.is_encrypted) { - if (!SelectKey(*params.key_id)) { - return NEED_KEY; - } + CdmResponseType result = SelectKey(*params.key_id); + if (result != NO_ERROR) return result; } sts = OEMCrypto_DecryptCENC( oec_session_id_, params.encrypt_buffer, params.encrypt_length, @@ -830,6 +850,8 @@ CdmResponseType CryptoSession::Decrypt(const CdmDecryptionParameters& params) { return DECRYPT_ERROR; case OEMCrypto_ERROR_INSUFFICIENT_HDCP: return INSUFFICIENT_OUTPUT_PROTECTION; + case OEMCrypto_ERROR_ANALOG_OUTPUT: + return ANALOG_OUTPUT_ERROR; default: return UNKNOWN_ERROR; } @@ -1274,9 +1296,8 @@ CdmResponseType CryptoSession::GenericEncrypt(const std::string& in_buffer, } AutoLock auto_lock(crypto_lock_); - if (!SelectKey(key_id)) { - return KEY_ERROR_1; - } + CdmResponseType result = SelectKey(key_id); + if (result != NO_ERROR) return result; OEMCryptoResult sts = OEMCrypto_Generic_Encrypt( oec_session_id_, reinterpret_cast(in_buffer.data()), @@ -1315,9 +1336,8 @@ CdmResponseType CryptoSession::GenericDecrypt(const std::string& in_buffer, } AutoLock auto_lock(crypto_lock_); - if (!SelectKey(key_id)) { - return KEY_ERROR_2; - } + CdmResponseType result = SelectKey(key_id); + if (result != NO_ERROR) return result; OEMCryptoResult sts = OEMCrypto_Generic_Decrypt( oec_session_id_, reinterpret_cast(in_buffer.data()), @@ -1356,9 +1376,8 @@ CdmResponseType CryptoSession::GenericSign(const std::string& message, size_t length = signature->size(); AutoLock auto_lock(crypto_lock_); - if (!SelectKey(key_id)) { - return KEY_ERROR_3; - } + CdmResponseType result = SelectKey(key_id); + if (result != NO_ERROR) return result; // At most two attempts. // The first attempt may fail due to buffer too short @@ -1403,9 +1422,8 @@ CdmResponseType CryptoSession::GenericVerify(const std::string& message, } AutoLock auto_lock(crypto_lock_); - if (!SelectKey(key_id)) { - return KEY_ERROR_4; - } + CdmResponseType result = SelectKey(key_id); + if (result != NO_ERROR) return result; OEMCryptoResult sts = OEMCrypto_Generic_Verify( oec_session_id_, reinterpret_cast(message.data()), diff --git a/libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp b/libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp index ebf54879..37a03fb3 100644 --- a/libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp +++ b/libwvdrmengine/cdm/core/test/generic_crypto_unittest.cpp @@ -220,7 +220,7 @@ TEST_F(WvGenericOperationsTest, GenericEncryptNoKey) { cdm_sts = cdm_engine_->GenericEncrypt(session_id_, in_buffer, key_id, iv, wvcdm::kEncryptionAlgorithmAesCbc128, &out_buffer); - EXPECT_EQ(KEY_ERROR_1, cdm_sts); + EXPECT_EQ(NO_CONTENT_KEY_2, cdm_sts); } TEST_F(WvGenericOperationsTest, GenericEncryptKeyNotAllowed) { diff --git a/libwvdrmengine/cdm/core/test/test_printers.cpp b/libwvdrmengine/cdm/core/test/test_printers.cpp index f92159ef..0323d111 100644 --- a/libwvdrmengine/cdm/core/test/test_printers.cpp +++ b/libwvdrmengine/cdm/core/test/test_printers.cpp @@ -431,13 +431,14 @@ void PrintTo(const enum CdmResponseType& value, ::std::ostream* os) { break; case KEY_NOT_FOUND_6: *os << "KEY_NOT_FOUND_6"; break; - case KEY_ERROR_1: *os << "KEY_ERROR_1"; + case INVALID_SESSION_1: *os << "INVALID_SESSION_1"; break; - case KEY_ERROR_2: *os << "KEY_ERROR_2"; + case NO_DEVICE_KEY_1: *os << "NO_DEVICE_KEY_1"; break; - case KEY_ERROR_3: *os << "KEY_ERROR_3"; + case NO_CONTENT_KEY_2: *os << "NO_CONTENT_KEY_2"; break; - case KEY_ERROR_4: *os << "KEY_ERROR_4"; + case INSUFFICIENT_CRYPTO_RESOURCES_2: + *os << "INSUFFICIENT_CRYPTO_RESOURCES_2"; break; case INVALID_PARAMETERS_ENG_13: *os << "INVALID_PARAMETERS_ENG_13"; break; @@ -456,6 +457,12 @@ void PrintTo(const enum CdmResponseType& value, ::std::ostream* os) { case LICENSING_CLIENT_TOKEN_ERROR_1: *os << "LICENSING_CLIENT_TOKEN_ERROR_1"; break; + case ANALOG_OUTPUT_ERROR: *os << "ANALOG_OUTPUT_ERROR"; + break; + case UNKNOWN_SELECT_KEY_ERROR_1: *os << "UNKNOWN_SELECT_KEY_ERROR_1"; + break; + case UNKNOWN_SELECT_KEY_ERROR_2: *os << "UNKNOWN_SELECT_KEY_ERROR_2"; + break; default: *os << "Unknown CdmResponseType"; break; diff --git a/libwvdrmengine/include/WVErrors.h b/libwvdrmengine/include/WVErrors.h index 28edf6bf..6c45826a 100644 --- a/libwvdrmengine/include/WVErrors.h +++ b/libwvdrmengine/include/WVErrors.h @@ -205,10 +205,10 @@ enum { kKeyNotFound4 = ERROR_DRM_VENDOR_MIN + 191, kKeyNotFound5 = ERROR_DRM_VENDOR_MIN + 192, kKeyNotFound6 = ERROR_DRM_VENDOR_MIN + 193, - kKeyError1 = ERROR_DRM_VENDOR_MIN + 194, - kKeyError2 = ERROR_DRM_VENDOR_MIN + 195, - kKeyError3 = ERROR_DRM_VENDOR_MIN + 196, - kKeyError4 = ERROR_DRM_VENDOR_MIN + 197, + kInvalidSession1 = ERROR_DRM_VENDOR_MIN + 194, + kNoDeviceKey1 = ERROR_DRM_VENDOR_MIN + 195, + kNoContentKey2 = ERROR_DRM_VENDOR_MIN + 196, + kInsufficientCryptoResources2 = ERROR_DRM_VENDOR_MIN + 197, kInvalidParametersEng13 = ERROR_DRM_VENDOR_MIN + 198, kInvalidParametersEng14 = ERROR_DRM_VENDOR_MIN + 199, kInvalidParametersEng15 = ERROR_DRM_VENDOR_MIN + 200, @@ -217,9 +217,11 @@ enum { kCertProvisioningClientTokenError1 = ERROR_DRM_VENDOR_MIN + 203, kCertProvisioningClientTokenError2 = ERROR_DRM_VENDOR_MIN + 204, kLicensingClientTokenError1 = ERROR_DRM_VENDOR_MIN + 205, + kUnknownSelectKeyError1 = ERROR_DRM_VENDOR_MIN + 206, + kUnknownSelectKeyError2 = ERROR_DRM_VENDOR_MIN + 207, // This should always follow the last error code. // The offset value should be updated each time a new error code is added. - kErrorWVDrmMaxErrorUsed = ERROR_DRM_VENDOR_MIN + 205, + kErrorWVDrmMaxErrorUsed = ERROR_DRM_VENDOR_MIN + 207, // Used by crypto test mode kErrorTestMode = ERROR_DRM_VENDOR_MAX, diff --git a/libwvdrmengine/include/mapErrors-inl.h b/libwvdrmengine/include/mapErrors-inl.h index 631267b1..8f902679 100644 --- a/libwvdrmengine/include/mapErrors-inl.h +++ b/libwvdrmengine/include/mapErrors-inl.h @@ -374,10 +374,10 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) { case wvcdm::UNKNOWN_ERROR: return android::ERROR_DRM_UNKNOWN; case wvcdm::SECURE_BUFFER_REQUIRED: - return android::ERROR_DRM_CANNOT_HANDLE; case wvcdm::DECRYPT_ERROR: return android::ERROR_DRM_CANNOT_HANDLE; case wvcdm::INSUFFICIENT_OUTPUT_PROTECTION: + case wvcdm::ANALOG_OUTPUT_ERROR: return android::ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION; case wvcdm::SESSION_NOT_FOUND_12: return kSessionNotFound12; @@ -403,14 +403,14 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) { return kKeyNotFound5; case wvcdm::KEY_NOT_FOUND_6: return kKeyNotFound6; - case wvcdm::KEY_ERROR_1: - return kKeyError1; - case wvcdm::KEY_ERROR_2: - return kKeyError2; - case wvcdm::KEY_ERROR_3: - return kKeyError3; - case wvcdm::KEY_ERROR_4: - return kKeyError4; + case wvcdm::INVALID_SESSION_1: + return kInvalidSession1; + case wvcdm::NO_DEVICE_KEY_1: + return kNoDeviceKey1; + case wvcdm::NO_CONTENT_KEY_2: + return kNoContentKey2; + case wvcdm::INSUFFICIENT_CRYPTO_RESOURCES_2: + return kInsufficientCryptoResources2; case wvcdm::INVALID_PARAMETERS_ENG_13: return kInvalidParametersEng13; case wvcdm::INVALID_PARAMETERS_ENG_14: @@ -425,6 +425,10 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) { return kCertProvisioningClientTokenError2; case wvcdm::LICENSING_CLIENT_TOKEN_ERROR_1: return kLicensingClientTokenError1; + case wvcdm::UNKNOWN_SELECT_KEY_ERROR_1: + return kUnknownSelectKeyError1; + case wvcdm::UNKNOWN_SELECT_KEY_ERROR_2: + return kUnknownSelectKeyError2; case wvcdm::UNUSED_1: case wvcdm::UNUSED_2: case wvcdm::UNUSED_3: