Test session should continue with no keybox

Merge from Widevine repo of http://go/wvgerrit/142149

This CL updates the TestCryptoSession so that it will recover from
initializing without a keybox. This allows unit and integration tests
to be run using a test keybox on a device that does not have any
keybox.

Bug: 210807585
Bug: 161925952
Change-Id: I8639bd733a50ae5af3a7c786347b5a06a9d783ce

libwvdrmengine/cdm/core/include/crypto_session.h

@@ -323,8 +323,11 @@ class CryptoSession {
 
   int session_count() const { return session_count_; }
   bool initialized() const { return initialized_; }
-  void OverrideInitializedForTesting(bool initialized) {
+  void set_initialized(bool initialized) { initialized_ = initialized; }
-    initialized_ = initialized;
+  // Cache api version and fallback policy. Call this once at initialization.
+  void CacheVersion();
+  void OverrideNeedKeyboxForTesting(bool needs_keybox_provisioning) {
+    needs_keybox_provisioning_ = needs_keybox_provisioning;
   }
 
  private:

libwvdrmengine/cdm/core/src/crypto_session.cpp

@@ -354,39 +354,43 @@ void CryptoSession::Init() {
   });
 
   if (initialized) {
-    uint32_t version;
+    CacheVersion();
-    std::string api_version =
+  }
-        CryptoSession::GetApiVersion(kLevelDefault, &version)
+}
-            ? std::to_string(version)
-            : kStringNotAvailable;
-    std::string api_minor_version =
-        CryptoSession::GetApiMinorVersion(kLevelDefault, &version)
-            ? std::to_string(version)
-            : kStringNotAvailable;
-    LOGD("OEMCrypto version (default security level): %s.%s",
-         api_version.c_str(), api_minor_version.c_str());
 
-    api_version = CryptoSession::GetApiVersion(kLevel3, &version)
+void CryptoSession::CacheVersion() {
-                      ? std::to_string(version)
+  uint32_t version;
-                      : kStringNotAvailable;
+  std::string api_version =
-    api_minor_version = CryptoSession::GetApiMinorVersion(kLevel3, &version)
+      CryptoSession::GetApiVersion(kLevelDefault, &version)
-                            ? std::to_string(version)
+          ? std::to_string(version)
-                            : kStringNotAvailable;
+          : kStringNotAvailable;
-    LOGD("OEMCrypto version (L3 security level): %s.%s", api_version.c_str(),
+  std::string api_minor_version =
-         api_minor_version.c_str());
+      CryptoSession::GetApiMinorVersion(kLevelDefault, &version)
-    if (needs_keybox_provisioning_) {
+          ? std::to_string(version)
-      WithStaticFieldWriteLock("SystemFallbackPolicy", [&] {
+          : kStringNotAvailable;
-        if (!okp_fallback_policy_l1_) {
+  LOGD("OEMCrypto version (default security level): %s.%s", api_version.c_str(),
-          LOGD("OEMCrypto needs keybox provisioning");
+       api_minor_version.c_str());
-          // Only create once.  Possible that OEMCrypto is initialized
+
-          // and terminated many times over the life cycle of the OTA
+  api_version = CryptoSession::GetApiVersion(kLevel3, &version)
-          // keybox provisioning process.
+                    ? std::to_string(version)
-          okp_fallback_policy_l1_ = okp::SystemFallbackPolicy::Create();
+                    : kStringNotAvailable;
-          if (okp_fallback_policy_l1_)
+  api_minor_version = CryptoSession::GetApiMinorVersion(kLevel3, &version)
-            okp_fallback_policy_l1_->MarkNeedsProvisioning();
+                          ? std::to_string(version)
-        }
+                          : kStringNotAvailable;
-      });
+  LOGD("OEMCrypto version (L3 security level): %s.%s", api_version.c_str(),
-    }
+       api_minor_version.c_str());
+  if (needs_keybox_provisioning_) {
+    WithStaticFieldWriteLock("SystemFallbackPolicy", [&] {
+      if (!okp_fallback_policy_l1_) {
+        LOGD("OEMCrypto needs keybox provisioning");
+        // Only create once.  Possible that OEMCrypto is initialized
+        // and terminated many times over the life cycle of the OTA
+        // keybox provisioning process.
+        okp_fallback_policy_l1_ = okp::SystemFallbackPolicy::Create();
+        if (okp_fallback_policy_l1_)
+          okp_fallback_policy_l1_->MarkNeedsProvisioning();
+      }
+    });
   }
 }
 

libwvdrmengine/cdm/core/test/test_base.cpp

@@ -215,14 +215,17 @@ std::string WvCdmTestBase::SignHMAC(const std::string& message,
 TestCryptoSession::TestCryptoSession(metrics::CryptoMetrics* crypto_metrics)
     : CryptoSession(crypto_metrics) {
   // The first CryptoSession should have initialized OEMCrypto.  This is right
-  // after that, so should tell oemcrypto to use a test keybox.
+  // after that, so we should tell oemcrypto to use a test keybox.
   if (session_count() == 1) {
+    OverrideNeedKeyboxForTesting(false);
+    // However, if the device does not have a keybox, initialization would have
+    // failed. In that case we should try again.
     if (!initialized()) {
-      // If not initialized, try again and see if we are just missing a keybox.
+      // Give up if we cannot initialize at all.
-      // Since we plan to install a test keybox, we can ignore keybox errors.
+      if (OEMCrypto_SUCCESS != OEMCrypto_Initialize()) return;
-      const OEMCryptoResult status = ::OEMCrypto_Initialize();
+      set_initialized(true);
-      if (status != OEMCrypto_SUCCESS) return;
+      // This was skipped in Init because initialization failed.
-      OverrideInitializedForTesting(true);
+      CacheVersion();
     }
     WvCdmTestBase::InstallTestRootOfTrust();
   }