Support Keybox, DRM Cert, and OEM Cert for Client ID
[ Merge of http://go/wvgerrit/22900 ] Add GetClientToken(), GetProvisioningToken(), GetPreProvisionTokenType() to CryptoSession. They return the correct token bytes and token type for preparing the ClientIdentification message for provisioning and license server transactions. Also refactor service certificate handling. OEM certs are introduced in Provisioning 3.0 b/30811184 * Address build breaks [ Merge of http://go/wvgerrit/23162 ] This addresses issues introduced by http://go/wvgerrit/22900 b/30811184 * When http://go/wvgerrit/18012 was merged (ag/1446934) some changes were not merged for mapErrors-inl.h. These changes are included in this CL. * When ag/1678104 was reverse merged to http//go/wvgerrit/21981/ a variable was renamed and some comments were added to add clarity in cdm_engine.cpp. These changes are included in this CL. Test: All unittests other than some oemcrypto, request_license_test passed. Those tests failed with or without this CL. Change-Id: Ie0215509f2f985f2a610f5a4c865db47edec8662
This commit is contained in:
Rahul Frias
@@ -76,16 +76,32 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,
|
||||
return SESSION_FILE_HANDLE_INIT_ERROR;
|
||||
}
|
||||
|
||||
std::string token;
|
||||
if (Properties::use_certificates_as_identification()) {
|
||||
// Device Provisioning state is not yet known.
|
||||
// If not using certificates, then Keybox is client token for license
|
||||
// requests.
|
||||
// Otherwise, try to fetch device certificate. If not successful and
|
||||
// provisioning is supported, return NEED_PROVISIONING. Otherwise, return
|
||||
// an error.
|
||||
std::string client_token;
|
||||
CdmClientTokenType client_token_type =
|
||||
crypto_session_->GetPreProvisionTokenType();
|
||||
if ((client_token_type == kClientTokenKeybox) &&
|
||||
(!Properties::use_certificates_as_identification())) {
|
||||
// Keybox is client token.
|
||||
LOGW("CdmSession::Init: Properties::use_certificates_as_identification() "
|
||||
"is not set - using Keybox for license requests (not recommended).");
|
||||
if (!crypto_session_->GetClientToken(&client_token)) {
|
||||
return SESSION_INIT_ERROR_1;
|
||||
}
|
||||
} else {
|
||||
// License server client ID token is a stored certificate. Stage it or
|
||||
// indicate that provisioning is needed. Get token from stored certificate
|
||||
std::string wrapped_key;
|
||||
if (!file_handle_->RetrieveCertificate(&token, &wrapped_key) ||
|
||||
if (!file_handle_->RetrieveCertificate(&client_token, &wrapped_key) ||
|
||||
!crypto_session_->LoadCertificatePrivateKey(wrapped_key)) {
|
||||
return NEED_PROVISIONING;
|
||||
}
|
||||
} else {
|
||||
if (!crypto_session_->GetToken(&token))
|
||||
return SESSION_INIT_GET_KEYBOX_ERROR;
|
||||
client_token_type = kClientTokenDrmCert;
|
||||
}
|
||||
|
||||
if (forced_session_id) {
|
||||
@@ -112,8 +128,8 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,
|
||||
policy_engine_.reset(new PolicyEngine(
|
||||
session_id_, event_listener, crypto_session_.get()));
|
||||
|
||||
if (!license_parser_->Init(token, crypto_session_.get(),
|
||||
policy_engine_.get()))
|
||||
if (!license_parser_->Init(client_token, client_token_type,
|
||||
crypto_session_.get(), policy_engine_.get()))
|
||||
return LICENSE_PARSER_INIT_ERROR;
|
||||
|
||||
license_received_ = false;
|
||||
@@ -299,13 +315,13 @@ CdmResponseType CdmSession::AddKey(const CdmKeyResponse& key_response) {
|
||||
|
||||
if (is_release_) {
|
||||
CdmResponseType sts = ReleaseKey(key_response);
|
||||
return (NO_ERROR == sts) ? KEY_ADDED : sts;
|
||||
return (sts == NO_ERROR) ? KEY_ADDED : sts;
|
||||
} else if (license_received_) { // renewal
|
||||
return RenewKey(key_response);
|
||||
} else {
|
||||
CdmResponseType sts = license_parser_->HandleKeyResponse(key_response);
|
||||
|
||||
if (sts != KEY_ADDED) return (KEY_ERROR == sts) ? ADD_KEY_ERROR : sts;
|
||||
if (sts != KEY_ADDED) return (sts == KEY_ERROR) ? ADD_KEY_ERROR : sts;
|
||||
|
||||
license_received_ = true;
|
||||
key_response_ = key_response;
|
||||
@@ -445,7 +461,7 @@ CdmResponseType CdmSession::GenerateRenewalRequest(
|
||||
CdmResponseType CdmSession::RenewKey(const CdmKeyResponse& key_response) {
|
||||
CdmResponseType sts =
|
||||
license_parser_->HandleKeyUpdateResponse(true, key_response);
|
||||
if (sts != KEY_ADDED) return (KEY_ERROR == sts) ? RENEW_KEY_ERROR_1 : sts;
|
||||
if (sts != KEY_ADDED) return (sts == KEY_ERROR) ? RENEW_KEY_ERROR_1 : sts;
|
||||
|
||||
if (is_offline_) {
|
||||
offline_key_renewal_response_ = key_response;
|
||||
@@ -477,7 +493,7 @@ CdmResponseType CdmSession::GenerateReleaseRequest(
|
||||
CdmResponseType CdmSession::ReleaseKey(const CdmKeyResponse& key_response) {
|
||||
CdmResponseType sts =
|
||||
license_parser_->HandleKeyUpdateResponse(false, key_response);
|
||||
if (KEY_ADDED != sts) return (KEY_ERROR == sts) ? RELEASE_KEY_ERROR : sts;
|
||||
if (sts != KEY_ADDED) return (sts == KEY_ERROR) ? RELEASE_KEY_ERROR : sts;
|
||||
|
||||
if (is_offline_ || !license_parser_->provider_session_token().empty()) {
|
||||
DeleteLicense();
|
||||
|
||||
Reference in New Issue
Block a user