Merge latest oemcrypto-v17 change
No-Typo-Check: Not related to this change. Bug: 161477208 Change-Id: I99e4780f6855b7045aa0cd5a49c13d2d0d51ed64
This commit is contained in:
Kyle Zhang
committed by
Fred Gylys-Colwell
Fred Gylys-Colwell
parent
c924960962
commit
642965c678
@@ -236,7 +236,7 @@ CdmResponseType TestCryptoSession::GenerateNonce(uint32_t* nonce) {
|
||||
for (int i = 0; status != NO_ERROR; i++) {
|
||||
LOGV("Recovering from nonce flood.");
|
||||
if (i > 2) return status;
|
||||
TestSleep::Sleep(1);
|
||||
wvutil::TestSleep::Sleep(1);
|
||||
status = CryptoSession::GenerateNonce(nonce);
|
||||
}
|
||||
return NO_ERROR;
|
||||
@@ -295,6 +295,9 @@ void WvCdmTestBase::InstallTestRootOfTrust() {
|
||||
case wvoec::DeviceFeatures::TEST_PROVISION_30:
|
||||
// Can use oem certificate to install test rsa key.
|
||||
break;
|
||||
case wvoec::DeviceFeatures::TEST_PROVISION_40:
|
||||
// OEM certificate is retrieved from the server.
|
||||
break;
|
||||
default:
|
||||
FAIL() << "Cannot run test without test keybox or RSA key installed.";
|
||||
}
|
||||
@@ -316,7 +319,7 @@ void WvCdmTestBase::Provision() {
|
||||
std::string cert, wrapped_key;
|
||||
|
||||
CdmSessionId session_id;
|
||||
FileSystem file_system;
|
||||
wvutil::FileSystem file_system;
|
||||
|
||||
if (config_.provisioning_server() == "fake") {
|
||||
LOGD("Using fake provisioning server.");
|
||||
@@ -329,7 +332,8 @@ void WvCdmTestBase::Provision() {
|
||||
&prov_request, &provisioning_server_url);
|
||||
ASSERT_EQ(NO_ERROR, result);
|
||||
if (!binary_provisioning_) {
|
||||
std::vector<uint8_t> prov_request_v = Base64SafeDecode(prov_request);
|
||||
std::vector<uint8_t> prov_request_v =
|
||||
wvutil::Base64SafeDecode(prov_request);
|
||||
prov_request = std::string(prov_request_v.begin(), prov_request_v.end());
|
||||
}
|
||||
std::string response;
|
||||
@@ -349,7 +353,7 @@ void WvCdmTestBase::Provision() {
|
||||
ASSERT_EQ(NO_ERROR, result);
|
||||
|
||||
if (binary_provisioning_) {
|
||||
prov_request = Base64SafeEncodeNoPad(prov_request);
|
||||
prov_request = wvutil::Base64SafeEncodeNoPad(prov_request);
|
||||
}
|
||||
|
||||
LOGV("Provisioning request: req = %s", prov_request.c_str());
|
||||
@@ -390,7 +394,7 @@ void WvCdmTestBase::Provision() {
|
||||
|
||||
// base64 decode response to yield binary protobuf
|
||||
const std::vector<uint8_t> response_vec(
|
||||
Base64SafeDecode(protobuf_response));
|
||||
wvutil::Base64SafeDecode(protobuf_response));
|
||||
ASSERT_FALSE(response_vec.empty())
|
||||
<< "Failed to decode base64 of response: response = "
|
||||
<< protobuf_response;
|
||||
@@ -415,7 +419,7 @@ void WvCdmTestBase::Provision() {
|
||||
// that certificate from the provisioning request.
|
||||
void WvCdmTestBase::EnsureProvisioned() {
|
||||
CdmSessionId session_id;
|
||||
FileSystem file_system;
|
||||
wvutil::FileSystem file_system;
|
||||
// OpenSession will check if a DRM certificate exists, while
|
||||
// GenerateKeyRequest will actually load the wrapped private key.
|
||||
// Either may return a NEED_PROVISIONING error, so both have to be checked.
|
||||
@@ -468,7 +472,7 @@ bool WvCdmTestBase::Initialize(int argc, const char* const argv[],
|
||||
} else if (arg == "--cast") {
|
||||
is_cast_receiver = true;
|
||||
} else if (arg == "--fake_sleep") {
|
||||
wvcdm::TestSleep::set_real_sleep(false);
|
||||
wvutil::TestSleep::set_real_sleep(false);
|
||||
} else if (arg == "--qa_provisioning") {
|
||||
use_qa_test_keybox_ = true;
|
||||
default_config_.set_provisioning_service_certificate(
|
||||
@@ -502,10 +506,10 @@ bool WvCdmTestBase::Initialize(int argc, const char* const argv[],
|
||||
} else if (arg_prefix == "--keyid") {
|
||||
default_config_.set_key_id(arg_value);
|
||||
} else if (arg_prefix == "--service_certificate") {
|
||||
const std::string certificate(a2bs_hex(arg_value));
|
||||
const std::string certificate(wvutil::a2bs_hex(arg_value));
|
||||
default_config_.set_license_service_certificate(certificate);
|
||||
} else if (arg_prefix == "--provisioning_certificate") {
|
||||
const std::string certificate(a2bs_hex(arg_value));
|
||||
const std::string certificate(wvutil::a2bs_hex(arg_value));
|
||||
default_config_.set_provisioning_service_certificate(certificate);
|
||||
} else if (arg_prefix == "--license_server_url") {
|
||||
default_config_.set_license_server(arg_value);
|
||||
@@ -532,7 +536,7 @@ bool WvCdmTestBase::Initialize(int argc, const char* const argv[],
|
||||
return false;
|
||||
}
|
||||
|
||||
g_cutoff = static_cast<LogPriority>(verbosity);
|
||||
wvutil::g_cutoff = static_cast<wvutil::LogPriority>(verbosity);
|
||||
|
||||
// Displays server url, port and key Id being used
|
||||
std::cout << std::endl;
|
||||
@@ -560,6 +564,7 @@ bool WvCdmTestBase::Initialize(int argc, const char* const argv[],
|
||||
|
||||
TestLicenseHolder::TestLicenseHolder(CdmEngine* cdm_engine)
|
||||
: cdm_engine_(cdm_engine),
|
||||
oemcrypto_api_(0),
|
||||
session_opened_(false),
|
||||
// Keys are initialized with simple values, and the correct size:
|
||||
derived_mac_key_server_(MAC_KEY_SIZE, 'a'),
|
||||
@@ -593,7 +598,7 @@ void TestLicenseHolder::GenerateKeyRequest(
|
||||
CdmAppParameterMap app_parameters;
|
||||
CdmKeySetId key_set_id;
|
||||
InitializationData init_data(init_data_type_string, key_id);
|
||||
if (g_cutoff >= LOG_DEBUG) init_data.DumpToLogs();
|
||||
if (wvutil::g_cutoff >= wvutil::LOG_DEBUG) init_data.DumpToLogs();
|
||||
CdmKeyRequest key_request;
|
||||
CdmResponseType result = cdm_engine_->GenerateKeyRequest(
|
||||
session_id_, key_set_id, init_data, kLicenseTypeStreaming, app_parameters,
|
||||
@@ -615,6 +620,20 @@ void TestLicenseHolder::CreateDefaultLicense() {
|
||||
video_widevine::ClientIdentification_TokenType_DRM_DEVICE_CERTIFICATE,
|
||||
client_id.type());
|
||||
|
||||
oemcrypto_api_ =
|
||||
(client_id.has_client_capabilities() &&
|
||||
client_id.client_capabilities().has_oem_crypto_api_version())
|
||||
? client_id.client_capabilities().oem_crypto_api_version()
|
||||
: 0;
|
||||
|
||||
std::string signed_buffer = license_request_data_;
|
||||
std::string core_message = signed_message.has_oemcrypto_core_message()
|
||||
? signed_message.oemcrypto_core_message()
|
||||
: "";
|
||||
if (oemcrypto_api_ >= 17) {
|
||||
signed_buffer = signed_message.oemcrypto_core_message() + signed_buffer;
|
||||
}
|
||||
|
||||
// Extract the RSA key from the DRM certificate.
|
||||
std::string token = client_id.token();
|
||||
video_widevine::SignedDrmCertificate signed_drm_cert;
|
||||
@@ -622,8 +641,8 @@ void TestLicenseHolder::CreateDefaultLicense() {
|
||||
video_widevine::DrmCertificate drm_cert;
|
||||
EXPECT_TRUE(drm_cert.ParseFromString(signed_drm_cert.drm_certificate()));
|
||||
EXPECT_TRUE(rsa_key_.Init(drm_cert.public_key()));
|
||||
EXPECT_TRUE(rsa_key_.VerifySignature(signed_message.msg(),
|
||||
signed_message.signature()));
|
||||
EXPECT_TRUE(
|
||||
rsa_key_.VerifySignature(signed_buffer, signed_message.signature()));
|
||||
|
||||
DeriveKeysFromSessionKey();
|
||||
|
||||
@@ -685,15 +704,26 @@ video_widevine::License_KeyContainer* TestLicenseHolder::AddKey(
|
||||
std::string padding(CONTENT_KEY_SIZE, '-');
|
||||
key_container->set_key(encrypted_key_data + padding);
|
||||
|
||||
std::vector<uint8_t> block_v(
|
||||
reinterpret_cast<const uint8_t*>(&block),
|
||||
reinterpret_cast<const uint8_t*>(&block) + sizeof(block));
|
||||
std::vector<uint8_t> block_iv(KEY_IV_SIZE, 'w');
|
||||
std::string block_iv_s(block_iv.begin(), block_iv.end());
|
||||
std::string encrypted_block =
|
||||
WvCdmTestBase::Aes128CbcEncrypt(key_data, block_v, block_iv);
|
||||
key_container->mutable_key_control()->set_iv(block_iv_s);
|
||||
key_container->mutable_key_control()->set_key_control_block(encrypted_block);
|
||||
// TODO(b/192700112): This mock license server should parse the core message
|
||||
// request, and only encrypt the key control block if the API is greater than
|
||||
// or equal to 16.5. For now, we can pass tests on the v17 branch by checking
|
||||
// against v17.0.
|
||||
if (oemcrypto_api_ >= 17) {
|
||||
std::string block_s(reinterpret_cast<const char*>(&block),
|
||||
reinterpret_cast<const char*>(&block) + sizeof(block));
|
||||
key_container->mutable_key_control()->set_key_control_block(block_s);
|
||||
} else {
|
||||
std::vector<uint8_t> block_v(
|
||||
reinterpret_cast<const uint8_t*>(&block),
|
||||
reinterpret_cast<const uint8_t*>(&block) + sizeof(block));
|
||||
std::vector<uint8_t> block_iv(KEY_IV_SIZE, 'w');
|
||||
std::string block_iv_s(block_iv.begin(), block_iv.end());
|
||||
std::string encrypted_block =
|
||||
WvCdmTestBase::Aes128CbcEncrypt(key_data, block_v, block_iv);
|
||||
key_container->mutable_key_control()->set_iv(block_iv_s);
|
||||
key_container->mutable_key_control()->set_key_control_block(
|
||||
encrypted_block);
|
||||
}
|
||||
return key_container;
|
||||
}
|
||||
|
||||
@@ -805,11 +835,11 @@ std::string MakePSSH(const std::string& serialized_header) {
|
||||
size_t data_size = serialized_header.size();
|
||||
size_t atom_size = data_size + system_id_size + 4 * 4;
|
||||
|
||||
std::string pssh = EncodeUint32(static_cast<uint32_t>(atom_size));
|
||||
std::string pssh = wvutil::EncodeUint32(static_cast<uint32_t>(atom_size));
|
||||
pssh.append("pssh");
|
||||
pssh.append(EncodeUint32(version));
|
||||
pssh.append(wvutil::EncodeUint32(version));
|
||||
pssh.append(system_id);
|
||||
pssh.append(EncodeUint32(static_cast<uint32_t>(data_size)));
|
||||
pssh.append(wvutil::EncodeUint32(static_cast<uint32_t>(data_size)));
|
||||
pssh.append(serialized_header);
|
||||
return pssh;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user