From 2ec3049bdac8de99966061ed4ba93e70697a2866 Mon Sep 17 00:00:00 2001
From: Rahul Frias <rfrias@google.com>
Date: Tue, 1 Jul 2014 13:30:23 -0700
Subject: [PATCH] CDM workarounds for OEMCrypto issues

Merge of https://widevine-internal-review.googlesource.com/#/c/10614/
from the widevine cdm repo.

* b/15467844 - GenerateRSASignature returns OEMCrypto_ERROR_INVALID_CONTEXT
  when called with a non-NULL signature pointer and signature length of
  0 (rather than OEMCrypto_ERROR_SHORT_BUFFER)
* b/15989260 - OEMCrypto_DecryptCTR does not return OEMCrypto_ERROR_KEY_EXPIRED
  after keys have expired

Also addresses
* integration test updated to reflect that loading certificate errors are
  returned on OpenSession rather than GenerateKeyRequest
* compiler warning on type casting

b/15989261

Change-Id: Ib68b972651479e99b9d05de4493aac55a96c4f39
---
 .../cdm/core/include/policy_engine.h          |  5 ++--
 libwvdrmengine/cdm/core/src/cdm_session.cpp   | 28 +++++++++++++------
 .../cdm/core/src/crypto_session.cpp           |  2 ++
 .../cdm/test/request_license_test.cpp         | 11 ++------
 4 files changed, 27 insertions(+), 19 deletions(-)

diff --git a/libwvdrmengine/cdm/core/include/policy_engine.h b/libwvdrmengine/cdm/core/include/policy_engine.h
index 8ef323ac..43555cd4 100644
--- a/libwvdrmengine/cdm/core/include/policy_engine.h
+++ b/libwvdrmengine/cdm/core/include/policy_engine.h
@@ -57,6 +57,9 @@ class PolicyEngine {
 
   virtual const LicenseIdentification& license_id() { return license_id_; }
 
+  bool IsLicenseDurationExpired(int64_t current_time);
+  bool IsPlaybackDurationExpired(int64_t current_time);
+
  private:
   typedef enum {
     kLicenseStateInitial,
@@ -68,9 +71,7 @@ class PolicyEngine {
 
   void Init(Clock* clock);
 
-  bool IsLicenseDurationExpired(int64_t current_time);
   int64_t GetLicenseDurationRemaining(int64_t current_time);
-  bool IsPlaybackDurationExpired(int64_t current_time);
   int64_t GetPlaybackDurationRemaining(int64_t current_time);
 
   bool IsRenewalDelayExpired(int64_t current_time);
diff --git a/libwvdrmengine/cdm/core/src/cdm_session.cpp b/libwvdrmengine/cdm/core/src/cdm_session.cpp
index a5b24947..cad53517 100644
--- a/libwvdrmengine/cdm/core/src/cdm_session.cpp
+++ b/libwvdrmengine/cdm/core/src/cdm_session.cpp
@@ -278,15 +278,25 @@ CdmResponseType CdmSession::Decrypt(const CdmDecryptionParameters& params) {
 
   CdmResponseType status = crypto_session_->Decrypt(params);
 
-  if (NO_ERROR == status) {
-    if (is_initial_decryption_) {
-      policy_engine_.BeginDecryption();
-      is_initial_decryption_ = false;
-    }
-    if (!is_usage_update_needed_) {
-      is_usage_update_needed_ =
-        !license_parser_.provider_session_token().empty();
-    }
+  switch (status) {
+    case NO_ERROR:
+      if (is_initial_decryption_) {
+        policy_engine_.BeginDecryption();
+        is_initial_decryption_ = false;
+      }
+      if (!is_usage_update_needed_) {
+        is_usage_update_needed_ =
+          !license_parser_.provider_session_token().empty();
+      }
+      break;
+    case UNKNOWN_ERROR:
+      Clock clock;
+      int64_t current_time = clock.GetCurrentTime();
+      if (policy_engine_.IsLicenseDurationExpired(current_time) ||
+          policy_engine_.IsPlaybackDurationExpired(current_time)) {
+        return NEED_KEY;
+      }
+      break;
   }
 
   return status;
diff --git a/libwvdrmengine/cdm/core/src/crypto_session.cpp b/libwvdrmengine/cdm/core/src/crypto_session.cpp
index c9de26ac..57fe57b1 100644
--- a/libwvdrmengine/cdm/core/src/crypto_session.cpp
+++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp
@@ -24,6 +24,7 @@ std::string EncodeUint32(unsigned int u) {
   s.append(1, (u >> 0) & 0xFF);
   return s;
 }
+const uint32_t kRsaSignatureLength = 256;
 }
 
 namespace wvcdm {
@@ -570,6 +571,7 @@ bool CryptoSession::GenerateRsaSignature(const std::string& message,
   LOGV("GenerateRsaSignature: id=%ld", (uint32_t)oec_session_id_);
   if (!signature) return false;
 
+  signature->resize(kRsaSignatureLength);
   size_t length = signature->size();
   OEMCryptoResult sts = OEMCrypto_GenerateRSASignature(
       oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
diff --git a/libwvdrmengine/cdm/test/request_license_test.cpp b/libwvdrmengine/cdm/test/request_license_test.cpp
index d535844c..668a07a2 100644
--- a/libwvdrmengine/cdm/test/request_license_test.cpp
+++ b/libwvdrmengine/cdm/test/request_license_test.cpp
@@ -1043,7 +1043,8 @@ TEST_P(WvCdmUsageInfoTest, DISABLED_UsageInfo) {
     switch (status) {
       case KEY_MESSAGE: EXPECT_FALSE(usage_info.empty()); break;
       case NO_ERROR: EXPECT_TRUE(usage_info.empty()); break;
-      default: FAIL() << "GetUsageInfo failed with error " << status ; break;
+      default: FAIL() << "GetUsageInfo failed with error "
+                    << static_cast<int>(status) ; break;
     }
   }
 }
@@ -1258,15 +1259,9 @@ TEST_F(WvCdmRequestLicenseTest, SecurityLevelPathBackwardCompatibility) {
   TestWvCdmClientPropertySet property_set;
   property_set.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);
 
-  EXPECT_EQ(NO_ERROR,
+  EXPECT_EQ(wvcdm::NEED_PROVISIONING,
             decryptor_.OpenSession(g_key_system, &property_set, &session_id_));
 
-  wvcdm::CdmAppParameterMap app_parameters;
-  std::string server_url;
-  EXPECT_EQ(wvcdm::NEED_PROVISIONING,
-            decryptor_.GenerateKeyRequest(
-                session_id_, key_set_id, "video/mp4", key_id,
-                kLicenseTypeStreaming, app_parameters, &key_msg_, &server_url));
   EXPECT_EQ(NO_ERROR, decryptor_.GetProvisioningRequest(
                           cert_type, cert_authority, &key_msg_,
                           &provisioning_server_url));