widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforce security level checks only on encrypted content

Browse Source 
[ Merged of http://go/wvgerrit/43260 ]

Bug: 73250635
Bug: 73251811
Bug: 70278160
Bug: 73159523

Test: WV unit/integration tests, GtsMediaTestCases, playback using
      Play Movies and Netflix.

Change-Id: I677aeab80fc90e5c8b9c71a185ca626c75013938
This commit is contained in:
Rahul Frias
2018-02-13 17:16:11 -08:00
parent e0cc4f61b2
commit 5053a887dd
1 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
libwvdrmengine/cdm/core/src/cdm_session.cpp
View File

@@ -548,17 +548,18 @@ CdmResponseType CdmSession::Decrypt(const CdmDecryptionParameters& params) {
// Playback may not begin until either the start time passes or the license // Playback may not begin until either the start time passes or the license
// is updated, so we treat this Decrypt call as invalid. // is updated, so we treat this Decrypt call as invalid.
if (params.is_encrypted && if (params.is_encrypted) {
!policy_engine_->CanDecryptContent(*params.key_id)) { if (!policy_engine_->CanDecryptContent(*params.key_id)) {
if (policy_engine_->IsLicenseForFuture()) if (policy_engine_->IsLicenseForFuture())
return DECRYPT_NOT_READY; return DECRYPT_NOT_READY;
if (!policy_engine_->IsSufficientOutputProtection(*params.key_id)) if (!policy_engine_->IsSufficientOutputProtection(*params.key_id))
return INSUFFICIENT_OUTPUT_PROTECTION; return INSUFFICIENT_OUTPUT_PROTECTION;
return NEED_KEY; return NEED_KEY;
} }
if (!policy_engine_->CanUseKey(*params.key_id, security_level_)) if (!policy_engine_->CanUseKey(*params.key_id, security_level_))
return KEY_PROHIBITED_FOR_SECURITY_LEVEL; return KEY_PROHIBITED_FOR_SECURITY_LEVEL;
}
CdmResponseType status = crypto_session_->Decrypt(params); CdmResponseType status = crypto_session_->Decrypt(params);