diff --git a/libwvdrmengine/cdm/core/include/crypto_session.h b/libwvdrmengine/cdm/core/include/crypto_session.h index dfd50e3a..ef9e6fa3 100644 --- a/libwvdrmengine/cdm/core/include/crypto_session.h +++ b/libwvdrmengine/cdm/core/include/crypto_session.h @@ -323,8 +323,11 @@ class CryptoSession { int session_count() const { return session_count_; } bool initialized() const { return initialized_; } - void OverrideInitializedForTesting(bool initialized) { - initialized_ = initialized; + void set_initialized(bool initialized) { initialized_ = initialized; } + // Cache api version and fallback policy. Call this once at initialization. + void CacheVersion(); + void OverrideNeedKeyboxForTesting(bool needs_keybox_provisioning) { + needs_keybox_provisioning_ = needs_keybox_provisioning; } private: diff --git a/libwvdrmengine/cdm/core/src/crypto_session.cpp b/libwvdrmengine/cdm/core/src/crypto_session.cpp index ae6a597c..839371d7 100644 --- a/libwvdrmengine/cdm/core/src/crypto_session.cpp +++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp @@ -354,39 +354,43 @@ void CryptoSession::Init() { }); if (initialized) { - uint32_t version; - std::string api_version = - CryptoSession::GetApiVersion(kLevelDefault, &version) - ? std::to_string(version) - : kStringNotAvailable; - std::string api_minor_version = - CryptoSession::GetApiMinorVersion(kLevelDefault, &version) - ? std::to_string(version) - : kStringNotAvailable; - LOGD("OEMCrypto version (default security level): %s.%s", - api_version.c_str(), api_minor_version.c_str()); + CacheVersion(); + } +} - api_version = CryptoSession::GetApiVersion(kLevel3, &version) - ? std::to_string(version) - : kStringNotAvailable; - api_minor_version = CryptoSession::GetApiMinorVersion(kLevel3, &version) - ? std::to_string(version) - : kStringNotAvailable; - LOGD("OEMCrypto version (L3 security level): %s.%s", api_version.c_str(), - api_minor_version.c_str()); - if (needs_keybox_provisioning_) { - WithStaticFieldWriteLock("SystemFallbackPolicy", [&] { - if (!okp_fallback_policy_l1_) { - LOGD("OEMCrypto needs keybox provisioning"); - // Only create once. Possible that OEMCrypto is initialized - // and terminated many times over the life cycle of the OTA - // keybox provisioning process. - okp_fallback_policy_l1_ = okp::SystemFallbackPolicy::Create(); - if (okp_fallback_policy_l1_) - okp_fallback_policy_l1_->MarkNeedsProvisioning(); - } - }); - } +void CryptoSession::CacheVersion() { + uint32_t version; + std::string api_version = + CryptoSession::GetApiVersion(kLevelDefault, &version) + ? std::to_string(version) + : kStringNotAvailable; + std::string api_minor_version = + CryptoSession::GetApiMinorVersion(kLevelDefault, &version) + ? std::to_string(version) + : kStringNotAvailable; + LOGD("OEMCrypto version (default security level): %s.%s", api_version.c_str(), + api_minor_version.c_str()); + + api_version = CryptoSession::GetApiVersion(kLevel3, &version) + ? std::to_string(version) + : kStringNotAvailable; + api_minor_version = CryptoSession::GetApiMinorVersion(kLevel3, &version) + ? std::to_string(version) + : kStringNotAvailable; + LOGD("OEMCrypto version (L3 security level): %s.%s", api_version.c_str(), + api_minor_version.c_str()); + if (needs_keybox_provisioning_) { + WithStaticFieldWriteLock("SystemFallbackPolicy", [&] { + if (!okp_fallback_policy_l1_) { + LOGD("OEMCrypto needs keybox provisioning"); + // Only create once. Possible that OEMCrypto is initialized + // and terminated many times over the life cycle of the OTA + // keybox provisioning process. + okp_fallback_policy_l1_ = okp::SystemFallbackPolicy::Create(); + if (okp_fallback_policy_l1_) + okp_fallback_policy_l1_->MarkNeedsProvisioning(); + } + }); } } diff --git a/libwvdrmengine/cdm/core/test/test_base.cpp b/libwvdrmengine/cdm/core/test/test_base.cpp index 6de0fe2c..38f401b5 100644 --- a/libwvdrmengine/cdm/core/test/test_base.cpp +++ b/libwvdrmengine/cdm/core/test/test_base.cpp @@ -223,14 +223,17 @@ std::string WvCdmTestBase::SignHMAC(const std::string& message, TestCryptoSession::TestCryptoSession(metrics::CryptoMetrics* crypto_metrics) : CryptoSession(crypto_metrics) { // The first CryptoSession should have initialized OEMCrypto. This is right - // after that, so should tell oemcrypto to use a test keybox. + // after that, so we should tell oemcrypto to use a test keybox. if (session_count() == 1) { + OverrideNeedKeyboxForTesting(false); + // However, if the device does not have a keybox, initialization would have + // failed. In that case we should try again. if (!initialized()) { - // If not initialized, try again and see if we are just missing a keybox. - // Since we plan to install a test keybox, we can ignore keybox errors. - const OEMCryptoResult status = ::OEMCrypto_Initialize(); - if (status != OEMCrypto_SUCCESS) return; - OverrideInitializedForTesting(true); + // Give up if we cannot initialize at all. + if (OEMCrypto_SUCCESS != OEMCrypto_Initialize()) return; + set_initialized(true); + // This was skipped in Init because initialization failed. + CacheVersion(); } WvCdmTestBase::InstallTestRootOfTrust(); }