Key Status should reflect key container security level
[ Merge of http://go/wvgerrit/77506 ] Callers of MediaDrm can register to be notified when key status changes and if they are usable for decryption. A number of factors are evaluated when making this determination. Key container security level will now be included in the evaluation. Bug: 78652608 Test: WV unit/integration test, GtsMediaDrmTest, Play movies playback testing. Change-Id: I20243e5cb160f7957e3239e8d05f715ff0ee6dd6
This commit is contained in:
Rahul Frias
@@ -152,7 +152,8 @@ class MockCryptoSession : public TestCryptoSession {
|
||||
|
||||
class MockPolicyEngine : public PolicyEngine {
|
||||
public:
|
||||
MockPolicyEngine() : PolicyEngine("mock_session_id", NULL, NULL) {}
|
||||
MockPolicyEngine(CryptoSession* crypto_session)
|
||||
: PolicyEngine("mock_session_id", NULL, crypto_session) {}
|
||||
|
||||
// Leaving a place-holder for when PolicyEngine methods need to be mocked
|
||||
};
|
||||
@@ -181,7 +182,7 @@ class CdmSessionTest : public WvCdmTestBase {
|
||||
cdm_session_->set_license_parser(license_parser_);
|
||||
crypto_session_ = new NiceMock<MockCryptoSession>(&crypto_metrics_);
|
||||
cdm_session_->set_crypto_session(crypto_session_);
|
||||
policy_engine_ = new MockPolicyEngine();
|
||||
policy_engine_ = new MockPolicyEngine(crypto_session_);
|
||||
cdm_session_->set_policy_engine(policy_engine_);
|
||||
file_handle_ = new MockDeviceFiles();
|
||||
cdm_session_->set_file_handle(file_handle_);
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -182,6 +182,10 @@ class PolicyEngineTest : public WvCdmTestBase {
|
||||
expected_has_new_usable_key));
|
||||
}
|
||||
|
||||
void SetCdmSecurityLevel(CdmSecurityLevel security_level) {
|
||||
policy_engine_->SetSecurityLevelForTest(security_level);
|
||||
}
|
||||
|
||||
metrics::CryptoMetrics dummy_metrics_;
|
||||
NiceMock<HdcpOnlyMockCryptoSession> crypto_session_;
|
||||
StrictMock<MockCdmEventListener> mock_event_listener_;
|
||||
@@ -1725,20 +1729,29 @@ TEST_P(PolicyEngineKeySecurityLevelTest, CanUseKeyForSecurityLevel) {
|
||||
ExpectSessionKeysChange(kKeyStatusUsable, true);
|
||||
EXPECT_CALL(mock_event_listener_, OnExpirationUpdate(_, _));
|
||||
|
||||
SetCdmSecurityLevel(kSecurityLevelL1);
|
||||
policy_engine_->SetLicense(license_);
|
||||
|
||||
EXPECT_EQ(param->expect_can_L1_use_key,
|
||||
policy_engine_->CanUseKeyForSecurityLevel(kKeyId,
|
||||
kSecurityLevelL1));
|
||||
policy_engine_->CanUseKeyForSecurityLevel(kKeyId));
|
||||
|
||||
SetCdmSecurityLevel(kSecurityLevelL2);
|
||||
policy_engine_->SetLicense(license_);
|
||||
|
||||
EXPECT_EQ(param->expect_can_L2_use_key,
|
||||
policy_engine_->CanUseKeyForSecurityLevel(kKeyId,
|
||||
kSecurityLevelL2));
|
||||
policy_engine_->CanUseKeyForSecurityLevel(kKeyId));
|
||||
|
||||
SetCdmSecurityLevel(kSecurityLevelL3);
|
||||
policy_engine_->SetLicense(license_);
|
||||
|
||||
EXPECT_EQ(param->expect_can_L3_use_key,
|
||||
policy_engine_->CanUseKeyForSecurityLevel(kKeyId,
|
||||
kSecurityLevelL3));
|
||||
policy_engine_->CanUseKeyForSecurityLevel(kKeyId));
|
||||
|
||||
SetCdmSecurityLevel(kSecurityLevelUnknown);
|
||||
policy_engine_->SetLicense(license_);
|
||||
|
||||
EXPECT_EQ(param->expect_can_level_unknown_use_key,
|
||||
policy_engine_->CanUseKeyForSecurityLevel(kKeyId,
|
||||
kSecurityLevelUnknown));
|
||||
policy_engine_->CanUseKeyForSecurityLevel(kKeyId));
|
||||
}
|
||||
|
||||
INSTANTIATE_TEST_CASE_P(
|
||||
@@ -1859,6 +1872,8 @@ TEST_F(PolicyEngineKeyAllowedUsageTest, AllowedUsageBasic) {
|
||||
content_key->set_id(kKeyId);
|
||||
content_key->set_level(License::KeyContainer::HW_SECURE_ALL);
|
||||
|
||||
SetCdmSecurityLevel(kSecurityLevelL1);
|
||||
|
||||
// generic operator session key (sign)
|
||||
AddOperatorSessionKey(kGenericKeyId, kEncryptNull, kDecryptNull, kSignTrue,
|
||||
kVerifyNull);
|
||||
@@ -1917,6 +1932,8 @@ TEST_F(PolicyEngineKeyAllowedUsageTest, AllowedUsageGeneric) {
|
||||
another_content_key->set_id(kAnotherKeyId);
|
||||
another_content_key->set_level(License::KeyContainer::HW_SECURE_CRYPTO);
|
||||
|
||||
SetCdmSecurityLevel(kSecurityLevelL1);
|
||||
|
||||
// generic operator session keys
|
||||
AddOperatorSessionKey(kGenericSignKeyId, kEncryptNull, kDecryptNull,
|
||||
kSignTrue, kVerifyNull);
|
||||
|
||||
Reference in New Issue
Block a user