widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge latest oemcrypto-v17 change

Browse Source 
No-Typo-Check: Not related to this change.

Bug: 161477208
Change-Id: I99e4780f6855b7045aa0cd5a49c13d2d0d51ed64
This commit is contained in:
Kyle Zhang
2022-01-21 05:58:12 +00:00
committed by Fred Gylys-Colwell
parent c924960962
commit 642965c678
176 changed files with 301013 additions and 296749 deletions
Download Patch File Download Diff File Expand all files Collapse all files

166
libwvdrmengine/cdm/core/src/device_files.cpp
View File

@@ -31,6 +31,7 @@ using video_widevine_client::sdk::License;
using video_widevine_client::sdk::License_LicenseState_ACTIVE;
using video_widevine_client::sdk::License_LicenseState_RELEASING;
using video_widevine_client::sdk::NameValue;
using video_widevine_client::sdk::OemCertificate;
using video_widevine_client::sdk::UsageInfo;
using video_widevine_client::sdk::UsageInfo_DrmUsageCertificate;
using video_widevine_client::sdk::UsageInfo_ProviderSession;
@@ -45,7 +46,7 @@ using video_widevine_client::sdk::
// Stringify turns macro arguments into static C strings.
// Example: STRINGIFY(this_argument) -> "this_argument"
#define STRINGIFY(PARAM...) #PARAM
#define STRINGIFY(PARAM) #PARAM
#define RETURN_CERTIFICATE_STATE_CANNOT_HANDLE_IF_NULL(PARAM) \
if ((PARAM) == nullptr) { \
@@ -129,8 +130,8 @@ bool ExtractFromDeviceCertificate(const DeviceCertificate& device_certificate,
RETURN_FALSE_IF_NULL(certificate);
RETURN_FALSE_IF_NULL(private_key);
const bool has_certificate = device_certificate.has_certificate();
const bool has_key = device_certificate.has_wrapped_private_key();
bool has_certificate = device_certificate.has_certificate();
bool has_key = device_certificate.has_wrapped_private_key();
// If no certificate information, nothing to be done. DeviceCertificate
// is a legacy DRM certificate
@@ -364,7 +365,7 @@ const char* DeviceFiles::ResponseTypeToString(ResponseType type) {
// static
std::set<std::string> DeviceFiles::reserved_license_ids_;
DeviceFiles::DeviceFiles(FileSystem* file_system)
DeviceFiles::DeviceFiles(wvutil::FileSystem* file_system)
: file_system_(file_system),
security_level_(kSecurityLevelUninitialized),
initialized_(false) {}
@@ -373,7 +374,7 @@ DeviceFiles::~DeviceFiles() {}
bool DeviceFiles::Init(CdmSecurityLevel security_level) {
if (!file_system_) {
LOGE("Invalid FileSystem given");
LOGE("Invalid wvutil::FileSystem given");
return false;
}
@@ -427,7 +428,7 @@ bool DeviceFiles::StoreCertificate(const std::string& certificate,
return false;
if (default_certificate) {
Clock clock;
wvutil::Clock clock;
device_certificate->set_acquisition_time_seconds(clock.GetCurrentTime());
}
/* TODO(b/192430982): Renable expiration of legacy DRM certificates
@@ -436,9 +437,9 @@ bool DeviceFiles::StoreCertificate(const std::string& certificate,
// stored, this is a certificate of type kCertificateLegacy.
// The only time when a legacy certificate is stored is when it does not
// have an expiration time. Set expiration time to 6 months +- 2 months.
Clock clock;
wvutil::Clock clock;
const int64_t current_time = clock.GetCurrentTime();
CdmRandomGenerator rng(current_time & 0xffffffff);
wvutil::CdmRandomGenerator rng(current_time & 0xffffffff);
device_certificate->set_expiration_time_seconds(
current_time + kFourMonthsInSeconds +
@@ -537,7 +538,7 @@ DeviceFiles::CertificateState DeviceFiles::RetrieveCertificate(
&creation_time_seconds, &expiration_time_seconds))
return kCertificateInvalid;
Clock clock;
wvutil::Clock clock;
const int64_t current_time = clock.GetCurrentTime();
switch (certificate_type) {
@@ -670,6 +671,126 @@ bool DeviceFiles::RemoveCertificate() {
return true;
}
bool DeviceFiles::RemoveOemCertificate() {
RETURN_FALSE_IF_UNINITIALIZED()
std::string certificate_file_name;
if (GetOemCertificateFileName(&certificate_file_name)) {
return RemoveFile(certificate_file_name);
}
return true;
}
bool DeviceFiles::StoreOemCertificate(const std::string& certificate,
const CryptoWrappedKey& private_key) {
RETURN_FALSE_IF_UNINITIALIZED();
if (certificate.empty()) {
LOGE("Missing certificate information");
return false;
}
if (!private_key.IsValid()) {
LOGE("Private key is invalid");
return false;
}
std::string certificate_file_name;
if (!GetOemCertificateFileName(&certificate_file_name)) {
LOGE("Unable to get certificate file name");
return false;
}
// Fill in file information
video_widevine_client::sdk::File file;
file.set_type(video_widevine_client::sdk::File::OEM_CERTIFICATE);
file.set_version(video_widevine_client::sdk::File::VERSION_1);
OemCertificate* oem_certificate = file.mutable_oem_certificate();
oem_certificate->set_certificate(certificate);
oem_certificate->set_wrapped_private_key(private_key.key());
switch (private_key.type()) {
case wvcdm::CryptoWrappedKey::kRsa:
oem_certificate->set_key_type(OemCertificate::RSA);
break;
case wvcdm::CryptoWrappedKey::kEcc:
oem_certificate->set_key_type(OemCertificate::ECC);
break;
case wvcdm::CryptoWrappedKey::kUninitialized:
default:
LOGE("Unexpected key type: %d", private_key.type());
return false;
}
std::string serialized_file;
file.SerializeToString(&serialized_file);
return StoreFileWithHash(certificate_file_name, serialized_file) == kNoError;
}
DeviceFiles::CertificateState DeviceFiles::RetrieveOemCertificate(
std::string* certificate, CryptoWrappedKey* wrapped_private_key) {
RETURN_CERTIFICATE_STATE_CANNOT_HANDLE_IF_UNINITIALIZED();
RETURN_CERTIFICATE_STATE_CANNOT_HANDLE_IF_NULL(certificate);
RETURN_CERTIFICATE_STATE_CANNOT_HANDLE_IF_NULL(wrapped_private_key);
std::string certificate_file_name;
if (!GetOemCertificateFileName(&certificate_file_name)) {
LOGW("Unable to find certificate file name");
return kCannotHandle;
}
video_widevine_client::sdk::File file;
if (RetrieveHashedFile(certificate_file_name, &file) != kNoError) {
LOGW("Unable to retrieve certificate file");
return kCertificateNotFound;
}
if (file.type() != video_widevine_client::sdk::File::OEM_CERTIFICATE) {
LOGE("Certificate file is of incorrect file type: type = %d",
static_cast<int>(file.type()));
return kCertificateInvalid;
}
if (file.version() != video_widevine_client::sdk::File::VERSION_1) {
LOGE("Certificate file is of incorrect file version: version = %d",
static_cast<int>(file.version()));
return kCertificateInvalid;
}
if (!file.has_oem_certificate()) {
LOGE("Certificate not present");
return kCertificateInvalid;
}
const OemCertificate& oem_certificate = file.oem_certificate();
if (oem_certificate.certificate().empty() ||
oem_certificate.wrapped_private_key().empty()) {
LOGE("Empty certificate or private key");
return kCertificateInvalid;
}
*certificate = oem_certificate.certificate();
wrapped_private_key->Clear();
wrapped_private_key->set_key(oem_certificate.wrapped_private_key());
switch (oem_certificate.key_type()) {
case OemCertificate::RSA:
wrapped_private_key->set_type(wvcdm::CryptoWrappedKey::kRsa);
break;
case OemCertificate::ECC:
wrapped_private_key->set_type(wvcdm::CryptoWrappedKey::kEcc);
break;
default:
LOGW("Unknown key type, defaulting to RSA: type = %d",
oem_certificate.key_type());
wrapped_private_key->set_type(wvcdm::CryptoWrappedKey::kRsa);
break;
}
return kCertificateValid;
}
bool DeviceFiles::HasOemCertificate() {
RETURN_FALSE_IF_UNINITIALIZED();
std::string certificate_file_name;
if (!GetOemCertificateFileName(&certificate_file_name)) {
return false;
}
return FileExists(certificate_file_name);
}
bool DeviceFiles::StoreLicense(const CdmLicenseData& license_data,
ResponseType* result) {
RETURN_FALSE_IF_NULL(result);
@@ -1015,7 +1136,7 @@ bool DeviceFiles::DeleteUsageInfo(const std::string& usage_info_file_name,
if (!found) {
LOGE("Unable to find provider session token: pst = %s",
b2a_hex(provider_session_token).c_str());
wvutil::b2a_hex(provider_session_token).c_str());
return false;
}
@@ -1812,8 +1933,8 @@ DeviceFiles::ResponseType DeviceFiles::StoreFileRaw(
path += name;
auto file =
file_system_->Open(path, FileSystem::kCreate | FileSystem::kTruncate);
auto file = file_system_->Open(
path, wvutil::FileSystem::kCreate | wvutil::FileSystem::kTruncate);
if (!file) {
LOGE("Failed to open file: path = %s", path.c_str());
return kFileOpenFailed;
@@ -1871,7 +1992,7 @@ DeviceFiles::ResponseType DeviceFiles::RetrieveHashedFile(
return kInvalidFileSize;
}
auto file = file_system_->Open(path, FileSystem::kReadOnly);
auto file = file_system_->Open(path, wvutil::FileSystem::kReadOnly);
if (!file) {
return kFileOpenFailed;
}
@@ -1970,23 +2091,30 @@ ssize_t DeviceFiles::GetFileSize(const std::string& name) {
}
bool DeviceFiles::GetCertificateFileName(CertificateType certificate_type,
std::string* file_name) {
RETURN_FALSE_IF_NULL(file_name);
std::string* certificate_file_name) {
RETURN_FALSE_IF_NULL(certificate_file_name);
switch (certificate_type) {
case kCertificateDefault:
*file_name = kCertificateFileName;
*certificate_file_name = wvutil::kCertificateFileName;
return true;
case kCertificateLegacy:
*file_name = kLegacyCertificateFileName;
*certificate_file_name = wvutil::kLegacyCertificateFileName;
return true;
case kCertificateAtsc:
*file_name = kAtscCertificateFileName;
*certificate_file_name = wvutil::kAtscCertificateFileName;
return true;
default:
return false;
}
}
bool DeviceFiles::GetOemCertificateFileName(
std::string* certificate_file_name) {
RETURN_FALSE_IF_NULL(certificate_file_name);
*certificate_file_name = wvutil::kOemCertificateFileName;
return true;
}
std::string DeviceFiles::GetUsageTableFileName() { return kUsageTableFileName; }
std::string DeviceFiles::GetHlsAttributesFileNameExtension() {
@@ -2008,7 +2136,7 @@ std::string DeviceFiles::GetUsageInfoFileName(const std::string& app_id) {
std::string DeviceFiles::GetOkpInfoFileName() { return kOkpInfoFileName; }
std::string DeviceFiles::GetFileNameSafeHash(const std::string& input) {
return Base64SafeEncode(Md5Hash(input));
return wvutil::Base64SafeEncode(Md5Hash(input));
}
} // namespace wvcdm