diff --git a/libwvdrmengine/include/mapErrors-inl.h b/libwvdrmengine/include/mapErrors-inl.h
index 7b9e2aa6..2a6cdcd6 100644
--- a/libwvdrmengine/include/mapErrors-inl.h
+++ b/libwvdrmengine/include/mapErrors-inl.h
@@ -244,7 +244,7 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) {
     case wvcdm::RELEASE_LICENSE_ERROR_2:
       return kReleaseLicenseError2;
     case wvcdm::RELEASE_USAGE_INFO_ERROR:
-      return kReleaseUsageInfoError;
+      return android::ERROR_DRM_TAMPER_DETECTED;
     case wvcdm::RENEW_KEY_ERROR_1:
       return kRenewKeyError1;
     case wvcdm::RENEW_KEY_ERROR_2:
@@ -506,7 +506,7 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) {
     case wvcdm::RELEASE_ALL_USAGE_INFO_ERROR_5:
       return kReleaseAllUsageInfoError5;
     case wvcdm::RELEASE_USAGE_INFO_FAILED:
-      return kReleaseUsageInfoFailed;
+        return android::ERROR_DRM_TAMPER_DETECTED;
     case wvcdm::INCORRECT_USAGE_SUPPORT_TYPE_1:
       return kIncorrectUsageSupportType1;
     case wvcdm::INCORRECT_USAGE_SUPPORT_TYPE_2:
diff --git a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
index ea2737f0..60135fa8 100644
--- a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
+++ b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
@@ -140,9 +140,15 @@ status_t WVDrmPlugin::openSession(Vector<uint8_t>& sessionId) {
 }
 
 status_t WVDrmPlugin::closeSession(const Vector<uint8_t>& sessionId) {
+  if (!sessionId.size()) {
+    return android::BAD_VALUE;
+  }
   CdmSessionId cdmSessionId(sessionId.begin(), sessionId.end());
-  mCDM->CloseSession(cdmSessionId);
+  CdmResponseType res = mCDM->CloseSession(cdmSessionId);
   mCryptoSessions.erase(cdmSessionId);
+  if (!isCdmResponseTypeSuccess(res)) {
+    return android::ERROR_DRM_SESSION_NOT_OPENED;
+  }
   return android::OK;
 }
 
@@ -158,6 +164,9 @@ status_t WVDrmPlugin::getKeyRequest(
   CdmLicenseType cdmLicenseType;
   CdmSessionId cdmSessionId;
   CdmKeySetId cdmKeySetId;
+  if (!scope.size()) {
+    return android::BAD_VALUE;
+  }
   if (keyType == kKeyType_Offline) {
     cdmLicenseType = kLicenseTypeOffline;
     cdmSessionId.assign(scope.begin(), scope.end());
@@ -250,6 +259,9 @@ status_t WVDrmPlugin::provideKeyResponse(
     const Vector<uint8_t>& scope,
     const Vector<uint8_t>& response,
     Vector<uint8_t>& keySetId) {
+  if (scope.size() == 0 || response.size() == 0) {
+    return android::BAD_VALUE;
+  }
   CdmSessionId cdmSessionId;
   CdmKeyResponse cdmResponse(response.begin(), response.end());
   CdmKeySetId cdmKeySetId;
@@ -366,6 +378,9 @@ status_t WVDrmPlugin::provideProvisionResponse(
     const Vector<uint8_t>& response,
     Vector<uint8_t>& certificate,
     Vector<uint8_t>& wrapped_key) {
+  if (!response.size()) {
+    return android::BAD_VALUE;
+  }
   CdmProvisioningResponse cdmResponse(response.begin(), response.end());
   if (cdmResponse == kSpecialUnprovisionResponse) {
     if (mCdmIdentifier == kDefaultCdmIdentifier) {
@@ -394,6 +409,9 @@ status_t WVDrmPlugin::unprovisionDevice() {
 
 status_t WVDrmPlugin::getSecureStop(const Vector<uint8_t>& ssid,
                                     Vector<uint8_t>& secureStop) {
+  if (!ssid.size()) {
+    return android::BAD_VALUE;
+  }
   CdmUsageInfo cdmUsageInfo;
   CdmSecureStopId cdmSsid(ssid.begin(), ssid.end());
   CdmResponseType res = mCDM->GetUsageInfo(
@@ -435,6 +453,9 @@ status_t WVDrmPlugin::releaseAllSecureStops() {
 }
 
 status_t WVDrmPlugin::releaseSecureStops(const Vector<uint8_t>& ssRelease) {
+  if (!ssRelease.size()) {
+    return android::BAD_VALUE;
+  }
   CdmUsageInfoReleaseMessage cdmMessage(ssRelease.begin(), ssRelease.end());
   CdmResponseType res = mCDM->ReleaseUsageInfo(cdmMessage);
   return mapCdmResponseType(res);
@@ -607,6 +628,9 @@ status_t WVDrmPlugin::setPropertyByteArray(const String8& name,
 
 status_t WVDrmPlugin::setCipherAlgorithm(const Vector<uint8_t>& sessionId,
                                          const String8& algorithm) {
+  if (sessionId.size() == 0 || algorithm.size() == 0) {
+    return android::BAD_VALUE;
+  }
   CdmSessionId cdmSessionId(sessionId.begin(), sessionId.end());
   if (!mCryptoSessions.count(cdmSessionId)) {
     return android::ERROR_DRM_SESSION_NOT_OPENED;
@@ -625,6 +649,9 @@ status_t WVDrmPlugin::setCipherAlgorithm(const Vector<uint8_t>& sessionId,
 
 status_t WVDrmPlugin::setMacAlgorithm(const Vector<uint8_t>& sessionId,
                                       const String8& algorithm) {
+  if (sessionId.size() == 0 || algorithm.size() == 0) {
+    return android::BAD_VALUE;
+  }
   CdmSessionId cdmSessionId(sessionId.begin(), sessionId.end());
   if (!mCryptoSessions.count(cdmSessionId)) {
     return android::ERROR_DRM_SESSION_NOT_OPENED;
@@ -810,11 +837,15 @@ status_t WVDrmPlugin::verify(const Vector<uint8_t>& sessionId,
   }
 }
 
-status_t WVDrmPlugin::signRSA(const Vector<uint8_t>& /* sessionId */,
+status_t WVDrmPlugin::signRSA(const Vector<uint8_t>& sessionId,
                               const String8& algorithm,
                               const Vector<uint8_t>& message,
                               const Vector<uint8_t>& wrappedKey,
                               Vector<uint8_t>& signature) {
+  if (sessionId.size() == 0 || algorithm.size() == 0 ||
+      message.size() == 0 || wrappedKey.size() == 0) {
+    return android::BAD_VALUE;
+  }
   RSA_Padding_Scheme padding_scheme;
   if (algorithm == "RSASSA-PSS-SHA1") {
     padding_scheme = kSign_RSASSA_PSS;