diff --git a/libwvdrmengine/cdm/core/include/crypto_session.h b/libwvdrmengine/cdm/core/include/crypto_session.h index c26810fb..1e44b94a 100644 --- a/libwvdrmengine/cdm/core/include/crypto_session.h +++ b/libwvdrmengine/cdm/core/include/crypto_session.h @@ -135,7 +135,8 @@ class CryptoSession { // V16 licenses. virtual CdmResponseType LoadLicense(const std::string& signed_message, const std::string& core_message, - const std::string& signature); + const std::string& signature, + CdmLicenseKeyType key_type); // Renewal request/responses virtual CdmResponseType PrepareAndSignRenewalRequest( diff --git a/libwvdrmengine/cdm/core/src/crypto_session.cpp b/libwvdrmengine/cdm/core/src/crypto_session.cpp index 65c6cbb3..db7fa1c3 100644 --- a/libwvdrmengine/cdm/core/src/crypto_session.cpp +++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp @@ -952,11 +952,17 @@ CdmResponseType CryptoSession::LoadKeys( CdmResponseType CryptoSession::LoadLicense(const std::string& signed_message, const std::string& core_message, - const std::string& signature) { + const std::string& signature, + CdmLicenseKeyType key_type) { LOGV("Loading license: id = %u", oec_session_id_); const std::string combined_message = core_message + signed_message; OEMCryptoResult sts; WithOecSessionLock("LoadLicense", [&] { + if (key_type == kLicenseKeyTypeEntitlement && + key_session_->Type() != KeySession::kEntitlement) { + key_session_.reset(new EntitlementKeySession(oec_session_id_, metrics_)); + } + M_TIME(sts = OEMCrypto_LoadLicense( oec_session_id_, reinterpret_cast(combined_message.data()), diff --git a/libwvdrmengine/cdm/core/src/license.cpp b/libwvdrmengine/cdm/core/src/license.cpp index d8c8c4a9..901d04f1 100644 --- a/libwvdrmengine/cdm/core/src/license.cpp +++ b/libwvdrmengine/cdm/core/src/license.cpp @@ -1099,7 +1099,8 @@ CdmResponseType CdmLicense::HandleContentKeyResponse( } CdmResponseType resp; if (supports_core_messages()) { - resp = crypto_session_->LoadLicense(msg, core_message, signature); + resp = crypto_session_->LoadLicense(msg, core_message, signature, + kLicenseKeyTypeContent); } else { resp = crypto_session_->LoadKeys( msg, signature, mac_key_iv, mac_key, key_array, provider_session_token_, @@ -1128,7 +1129,8 @@ CdmResponseType CdmLicense::HandleEntitlementKeyResponse( } CdmResponseType resp; if (supports_core_messages()) { - resp = crypto_session_->LoadLicense(msg, core_message, signature); + resp = crypto_session_->LoadLicense(msg, core_message, signature, + kLicenseKeyTypeEntitlement); } else { resp = crypto_session_->LoadKeys( msg, signature, mac_key_iv, mac_key, key_array, provider_session_token_, diff --git a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp index 4b401ab6..72dfc857 100644 --- a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp +++ b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.cpp @@ -95,19 +95,22 @@ SessionContext* CryptoEngine::FindSession(SessionId sid) { return nullptr; } -int64_t CryptoEngine::OnlineTime() { +int64_t CryptoEngine::MonotonicTime() { // Use the monotonic clock for times that don't have to be stable across // device boots. - int64_t now = wvcdm::Clock().GetCurrentTime(); + int64_t now = + wvcdm::Clock().GetCurrentTime() + offline_time_info_.rollback_offset; static int64_t then = now; - if (now < then) now = then; + if (now < then) { + offline_time_info_.rollback_offset += then - now; + now = then; + } then = now; return now; } -int64_t CryptoEngine::RollbackCorrectedOfflineTime() { - // Add any time offsets in the past to the current time. - int64_t current_time = OnlineTime() + offline_time_info_.rollback_offset; +int64_t CryptoEngine::SystemTime() { + const int64_t current_time = MonotonicTime(); // Write time info to disk if kTimeInfoUpdateWindowInSeconds has elapsed since // last write. if (current_time - offline_time_info_.previous_time > @@ -125,9 +128,9 @@ std::string CryptoEngine::GetUsageTimeFileFullPath() const { // TODO(fredgc, jfore): Address how this property is presented to the ref. // For now, the file path is empty. /*if (!wvcdm::Properties::GetDeviceFilesBasePath(wvcdm::kSecurityLevelL3, - &file_path)) { - LOGE("RollbackCorrectedOfflineTime: Unable to get base path"); - }*/ + &file_path)) { + LOGE("Unable to get base path"); + }*/ return file_path + kStoredUsageTimeFileName; } @@ -148,8 +151,7 @@ bool CryptoEngine::LoadOfflineTimeInfo(const std::string& file_path) { std::unique_ptr file = file_system->Open(file_path, wvcdm::FileSystem::kReadOnly); if (!file) { - LOGE("RollbackCorrectedOfflineTime: File open failed: %s", - file_path.c_str()); + LOGE("File open failed: %s", file_path.c_str()); return false; } // Load time info from previous call. @@ -164,7 +166,7 @@ bool CryptoEngine::LoadOfflineTimeInfo(const std::string& file_path) { // Detect offline time rollback after loading from disk. // Add any time offsets in the past to the current time. - int64_t current_time = OnlineTime() + offline_time_info_.rollback_offset; + int64_t current_time = MonotonicTime(); if (offline_time_info_.previous_time > current_time) { // Current time is earlier than the previously saved time. Time has been // rolled back. Update the rollback offset. @@ -184,7 +186,7 @@ bool CryptoEngine::SaveOfflineTimeInfo(const std::string& file_path) { // earlier offline rollback, the rollback offset will be updated in // LoadOfflineTimeInfo(). It guarantees that the current time to be saved // will never go back. - int64_t current_time = OnlineTime() + offline_time_info_.rollback_offset; + const int64_t current_time = MonotonicTime(); // The new previous_time will either stay the same or move forward. if (current_time > offline_time_info_.previous_time) offline_time_info_.previous_time = current_time; @@ -213,8 +215,7 @@ bool CryptoEngine::SaveOfflineTimeInfo(const std::string& file_path) { file = file_system->Open( file_path, wvcdm::FileSystem::kCreate | wvcdm::FileSystem::kTruncate); if (!file) { - LOGE("RollbackCorrectedOfflineTime: File open failed: %s", - file_path.c_str()); + LOGE("File open failed: %s", file_path.c_str()); return false; } file->Write(reinterpret_cast(&encrypted_buffer[0]), sizeof(TimeInfo)); diff --git a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h index dd39e16f..552f59a7 100644 --- a/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h +++ b/libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h @@ -104,8 +104,7 @@ class CryptoEngine { } // The OEMCrypto system time. Prevents time rollback. - // TODO(b/145836634): Combine RollbackCorrectedOfflineTime with OnlineTime(). - int64_t SystemTime() { return RollbackCorrectedOfflineTime(); } + int64_t SystemTime(); // Verify that this nonce does not collide with another nonce in any session. virtual bool NonceCollision(uint32_t nonce); @@ -224,11 +223,8 @@ class CryptoEngine { } protected: - // System clock, measuring time in seconds. - int64_t OnlineTime(); - - // System clock with antirollback protection, measuring time in seconds. - int64_t RollbackCorrectedOfflineTime(); + // System clock, measuring time in seconds, including anti-rollback offset. + int64_t MonotonicTime(); bool LoadOfflineTimeInfo(const std::string& file_path); bool SaveOfflineTimeInfo(const std::string& file_path);