widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Detect when unable to meet policy requirements

Browse Source 
[ Merge of http://go/wvgerrit/25781 ]

The security level (software/hardware, decryption/decode)
in the policy that specified how the key was to be used was
not being respected for L3. Playback would either continue or
a vendor specific error would be thrown.

If the device cannot use the key as permitted by the policy
CryptoException#ERROR_INSUFFICIENT_OUTPUT_PROTECTION will be thrown.

Test: Verified by WV unit+integration tests.
      Verified by WidevineDashPolicyTests
      Verified by WidevineDashPolicyTests#testL3SoftwareSecureDecoderRequired,
      testL3HardwareSecureCryptoRequired, testL3HardwareSecureDecodeRequired,
      testL3SecureVideoPathRequired.

b/31913737
b/31913439

Change-Id: Ibfc7f3dd6fc7264e8cf9b0d33f6f8d619eed6c00
This commit is contained in:
Rahul Frias
2017-04-13 02:37:05 -07:00
parent ce62e1d7e7
commit 1223330ccc
11 changed files with 172 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
libwvdrmengine/cdm/core/src/cdm_session.cpp
View File

@@ -553,6 +553,9 @@ CdmResponseType CdmSession::Decrypt(const CdmDecryptionParameters& params) {
return policy_engine_->IsLicenseForFuture() ? DECRYPT_NOT_READY : NEED_KEY;
}
if (!policy_engine_->CanUseKey(*params.key_id, security_level_))
return KEY_PROHIBITED_FOR_SECURITY_LEVEL;
CdmResponseType status = crypto_session_->Decrypt(params);
if (status == NO_ERROR) {