Enable the CDM to track the DRM private key type.

[ Merge of http://go/wvgerrit/110923 ] The CDM is responsible for telling OEMCrypto the underlying DRM private key type when loading it into a session. To do this, the CDM must determine and store the key type of a successfully loaded provisioning response. The type of key is available from the DRM certificate proto that is provided in the reponse. This change introduces a class to contain the wrapped key and type together. To store the type, the CDM device files have been updated to include a key type with the DRM certificate and to store from and load to the new class. Unittests have been updated for using the new class where the wrapped key was used before. Test: Linux unit tests Bug: 140813486 Change-Id: I09249afe9c291632fb651ecd00eac697d6939ec7
2021-01-27 13:19:13 -08:00
parent 4a7633a4ad
commit 247cf053e5
16 changed files with 451 additions and 140 deletions
--- a/libwvdrmengine/cdm/core/src/cdm_session.cpp
+++ b/libwvdrmengine/cdm/core/src/cdm_session.cpp
@@ -13,6 +13,7 @@

 #include "cdm_engine.h"
 #include "clock.h"
+#include "crypto_wrapped_key.h"
 #include "file_store.h"
 #include "log.h"
 #include "properties.h"
@@ -170,18 +171,18 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,

  // License server client ID token is a stored certificate. Stage it or
  // indicate that provisioning is needed. Get token from stored certificate
-  std::string wrapped_key;
+  CryptoWrappedKey private_key;
  bool atsc_mode_enabled = false;
  if (cdm_client_property_set != nullptr)
    atsc_mode_enabled = cdm_client_property_set->use_atsc_mode();
  if (!file_handle_->RetrieveCertificate(atsc_mode_enabled, &client_token,
-                                         &wrapped_key, &serial_number,
+                                         &private_key, &serial_number,
                                         nullptr)) {
    return NEED_PROVISIONING;
  }
  CdmResponseType load_cert_sts;
  M_TIME(
-      load_cert_sts = crypto_session_->LoadCertificatePrivateKey(wrapped_key),
+      load_cert_sts = crypto_session_->LoadCertificatePrivateKey(private_key),
      crypto_metrics_, crypto_session_load_certificate_private_key_,
      load_cert_sts);
  switch (load_cert_sts) {
@@ -202,9 +203,12 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,
  if (forced_session_id) {
    key_set_id_ = *forced_session_id;
  } else {
-    bool ok = GenerateKeySetId(atsc_mode_enabled, &key_set_id_);
-    (void)ok;  // ok is now used when assertions are turned off.
+    const bool ok = GenerateKeySetId(atsc_mode_enabled, &key_set_id_);
    assert(ok);
+    if (!ok) {
+      // Assertions may be disabled
+      LOGE("Could not generate keyset ID");
+    }
  }

  session_id_ =