Key Status should reflect key container security level

[ Merge of http://go/wvgerrit/77506 ] Callers of MediaDrm can register to be notified when key status changes and if they are usable for decryption. A number of factors are evaluated when making this determination. Key container security level will now be included in the evaluation. Bug: 78652608 Test: WV unit/integration test, GtsMediaDrmTest, Play movies playback testing. Change-Id: I20243e5cb160f7957e3239e8d05f715ff0ee6dd6
2019-05-09 13:49:47 -07:00
parent c71fb10b95
commit 7d78609548
8 changed files with 621 additions and 412 deletions
--- a/libwvdrmengine/cdm/core/src/policy_engine.cpp
+++ b/libwvdrmengine/cdm/core/src/policy_engine.cpp
@@ -40,7 +40,7 @@ PolicyEngine::PolicyEngine(CdmSessionId session_id,
      last_recorded_current_time_(0),
      session_id_(session_id),
      event_listener_(event_listener),
-      license_keys_(new LicenseKeys),
+      license_keys_(new LicenseKeys(crypto_session->GetSecurityLevel())),
      clock_(new Clock) {
  InitDevice(crypto_session);
 }
@@ -311,30 +311,8 @@ CdmResponseType PolicyEngine::QueryKeyAllowedUsage(
  return KEY_NOT_FOUND_1;
 }

-bool PolicyEngine::CanUseKeyForSecurityLevel(
-    const KeyId& key_id,
-    CdmSecurityLevel security_level) {
-
-  if (security_level == kSecurityLevelL1) return true;
-
-  CdmKeyAllowedUsage key_usage;
-  CdmResponseType status = QueryKeyAllowedUsage(key_id, &key_usage);
-
-  if (status != NO_ERROR) return false;
-
-  // L1 has already been addressed so verify that L2/3 are allowed
-  switch (key_usage.key_security_level_) {
-    case kKeySecurityLevelUnset:
-      return true;
-    case kSoftwareSecureCrypto:
-    case kSoftwareSecureDecode:
-      return security_level == kSecurityLevelL2 ||
-          security_level == kSecurityLevelL3;
-    case kHardwareSecureCrypto:
-      return security_level == kSecurityLevelL2;
-    default:
-      return false;
-  }
+bool PolicyEngine::CanUseKeyForSecurityLevel(const KeyId& key_id) {
+  return license_keys_->MeetsSecurityLevelConstraints(key_id);
 }

 bool PolicyEngine::GetSecondsSinceStarted(int64_t* seconds_since_started) {
@@ -525,4 +503,8 @@ int64_t PolicyEngine::GetCurrentTime() {

 void PolicyEngine::set_clock(Clock* clock) { clock_.reset(clock); }

+void PolicyEngine::SetSecurityLevelForTest(CdmSecurityLevel security_level) {
+  license_keys_->SetSecurityLevelForTest(security_level);
+}
+
 }  // namespace wvcdm