Support provisioning 3.0

[ Merge of http://go/wvgerrit/29004 ]

Enable support for provisioning with OEM certificates as root of
trust.

b/62972441

Test: WV unit/intgration test and cdm_feature_test

Change-Id: I30576fc0bb68a873eeaaca03f6b9c89fa6a14327

libwvdrmengine/cdm/core/test/cdm_engine_test.cpp

@@ -51,7 +51,7 @@ class WvCdmEngineTest : public testing::Test {
     g_client_auth.assign(config.client_auth());
     g_key_system.assign(config.key_system());
     g_wrong_key_id.assign(config.wrong_key_id());
-    g_license_server.assign(config.license_server());
+    g_license_server.assign(config.license_server_url());
     g_key_id_pssh.assign(a2bs_hex(config.key_id()));
 
     // Extract the key ID from the PSSH box.

libwvdrmengine/cdm/core/test/config_test_env.cpp

@@ -11,6 +11,10 @@ const std::string kWidevineKeySystem = "com.widevine.alpha";
 // Content Protection license server (UAT) data
 const std::string kCpUatLicenseServer =
     "http://widevine-proxy.appspot.com/proxy";
+const std::string kUatProvisioningServerUrl =
+    "https://staging-www.sandbox.googleapis.com/"
+    "certificateprovisioning/v1/devicecertificates/create"
+    "?key=AIzaSyB-5OLKTx2iU5mko18DfdwK5611JIjbUhE";
 const std::string kCpClientAuth = "";
 const std::string kCpKeyId =
     "00000042"                          // blob size
@@ -53,9 +57,46 @@ const std::string kCpUatServiceCertificate =
     "7C0011E0F5B38E4E298ED2CB301EB4564965F55C5D79757A250A4EB9C84AB3E6539F6B6FDF"
     "56899EA29914";
 
+const std::string kCpProductionLicenseServer =
+        "https://widevine-proxy.appspot.com/proxy";
+const std::string kProductionProvisioningServerUrl =
+    "https://www.googleapis.com/"
+    "certificateprovisioning/v1/devicecertificates/create"
+    "?key=AIzaSyB-5OLKTx2iU5mko18DfdwK5611JIjbUhE";
+// NOTE: Provider ID = staging.google.com
+const std::string kCpProductionServiceCertificate =
+    "0ABF020803121028703454C008F63618ADE7443DB6C4C8188BE7F9900522"
+    "8E023082010A0282010100B52112B8D05D023FCC5D95E2C251C1C649B417"
+    "7CD8D2BEEF355BB06743DE661E3D2ABC3182B79946D55FDC08DFE9540781"
+    "5E9A6274B322A2C7F5E067BB5F0AC07A89D45AEA94B2516F075B66EF811D"
+    "0D26E1B9A6B894F2B9857962AA171C4F66630D3E4C602718897F5E1EF9B6"
+    "AAF5AD4DBA2A7E14176DF134A1D3185B5A218AC05A4C41F081EFFF80A3A0"
+    "40C50B09BBC740EEDCD8F14D675A91980F92CA7DDC646A06ADAD5101F74A"
+    "0E498CC01F00532BAC217850BD905E90923656B7DFEFEF42486767F33EF6"
+    "283D4F4254AB72589390BEE55808F1D668080D45D893C2BCA2F74D60A0C0"
+    "D0A0993CEF01604703334C3638139486BC9DAF24FD67A07F9AD943020301"
+    "00013A1273746167696E672E676F6F676C652E636F6D128003983E303526"
+    "75F40BA715FC249BDAE5D4AC7249A2666521E43655739529721FF880E0AA"
+    "EFC5E27BC980DAEADABF3FC386D084A02C82537848CC753FF497B011A7DA"
+    "97788A00E2AA6B84CD7D71C07A48EBF61602CCA5A3F32030A7295C30DA91"
+    "5B91DC18B9BC9593B8DE8BB50F0DEDC12938B8E9E039CDDE18FA82E81BB0"
+    "32630FE955D85A566CE154300BF6D4C1BD126966356B287D657B18CE63D0"
+    "EFD45FC5269E97EAB11CB563E55643B26FF49F109C2101AFCAF35B832F28"
+    "8F0D9D45960E259E85FB5D24DBD2CF82764C5DD9BF727EFBE9C861F86932"
+    "1F6ADE18905F4D92F9A6DA6536DB8475871D168E870BB2303CF70C6E9784"
+    "C93D2DE845AD8262BE7E0D4E2E4A0759CEF82D109D2592C72429F8C01742"
+    "BAE2B3DECADBC33C3E5F4BAF5E16ECB74EADBAFCB7C6705F7A9E3B6F3940"
+    "383F9C5116D202A20C9229EE969C2519718303B50D0130C3352E06B014D8"
+    "38540F8A0C227C0011E0F5B38E4E298ED2CB301EB4564965F55C5D79757A"
+    "250A4EB9C84AB3E6539F6B6FDF56899EA29914";
+
 // Content Protection license server (staging) data
 const std::string kCpStagingLicenseServer =
     "http://wv-staging-proxy.appspot.com/proxy";
+const std::string kStagingProvisioningServerUrl =
+    "https://staging-www.sandbox.googleapis.com/"
+    "certificateprovisioning/v1/devicecertificates/create"
+    "?key=AIzaSyB-5OLKTx2iU5mko18DfdwK5611JIjbUhE";
 const std::string kCpStagingServiceCertificate =
     "0AC102080312101705B917CC1204868B06333A2F772A8C1882B4829205228E023082010A02"
     "8201010099ED5B3B327DAB5E24EFC3B62A95B598520AD5BCCB37503E0645B814D876B8DF40"
@@ -116,19 +157,17 @@ const std::string kWrongKeyId =
     "0901121094889920e8d6520098577df8"
     "f2dd5546";
 
-// URL of provisioning server (returned by GetProvisioningRequest())
-const std::string kProductionProvisioningServerUrl =
-    "https://www.googleapis.com/"
-    "certificateprovisioning/v1/devicecertificates/create"
-    "?key=AIzaSyB-5OLKTx2iU5mko18DfdwK5611JIjbUhE";
-
 const ConfigTestEnv::LicenseServerConfiguration license_servers[] = {
-    {kGooglePlayServer, kGpLicenseServer, kGpClientAuth, kGpKeyId,
-     kGpOfflineKeyId, ""},
-    {kContentProtectionUatServer, kCpUatLicenseServer, kCpClientAuth,
-     kCpKeyId, kCpOfflineKeyId, kCpUatServiceCertificate},
+    {kGooglePlayServer, kGpLicenseServer, "", kGpClientAuth, kGpKeyId,
+     kGpOfflineKeyId, kProductionProvisioningServerUrl},
+    {kContentProtectionProductionServer, kCpProductionLicenseServer,
+      kCpProductionServiceCertificate, kCpClientAuth, kCpKeyId, kCpOfflineKeyId,
+      kProductionProvisioningServerUrl},
+    {kContentProtectionUatServer, kCpUatLicenseServer, kCpUatServiceCertificate,
+      kCpClientAuth, kCpKeyId, kCpOfflineKeyId, kUatProvisioningServerUrl},
     {kContentProtectionStagingServer, kCpStagingLicenseServer,
-     kCpClientAuth, kCpKeyId, kCpOfflineKeyId, kCpStagingServiceCertificate},
+      kCpStagingServiceCertificate, kCpClientAuth, kCpKeyId, kCpOfflineKeyId,
+      kStagingProvisioningServerUrl},
 };
 
 }  // namespace
@@ -162,9 +201,9 @@ void ConfigTestEnv::Init(LicenseServerId server_id) {
   client_auth_ = license_servers[server_id].client_tag;
   key_id_ = license_servers[server_id].key_id;
   key_system_ = kWidevineKeySystem;
-  license_server_ = license_servers[server_id].url;
-  provisioning_server_url_ = kProductionProvisioningServerUrl;
-  service_certificate_ = license_servers[server_id].service_certificate;
+  license_server_url_ = license_servers[server_id].license_server_url;
+  provisioning_server_url_ = license_servers[server_id].provisioning_server_url;
+  service_certificate_ = license_servers[server_id].license_service_certificate;
   wrong_key_id_ = kWrongKeyId;
 }
 

libwvdrmengine/cdm/core/test/config_test_env.h

@@ -11,6 +11,7 @@ typedef enum {
   kGooglePlayServer,
   kContentProtectionUatServer,
   kContentProtectionStagingServer,
+  kContentProtectionProductionServer,
 } LicenseServerId;
 
 // Configures default test environment.
@@ -18,11 +19,12 @@ class ConfigTestEnv {
  public:
   typedef struct {
     LicenseServerId id;
-    std::string url;
+    std::string license_server_url;
+    std::string license_service_certificate;
     std::string client_tag;
     std::string key_id;
     std::string offline_key_id;
-    std::string service_certificate;
+    std::string provisioning_server_url;
   } LicenseServerConfiguration;
 
   explicit ConfigTestEnv(LicenseServerId server_id);
@@ -34,7 +36,7 @@ class ConfigTestEnv {
   const std::string& client_auth() const { return client_auth_; }
   const KeyId& key_id() const { return key_id_; }
   const CdmKeySystem& key_system() const { return key_system_; }
-  const std::string& license_server() const { return license_server_; }
+  const std::string& license_server_url() const { return license_server_url_; }
   const std::string& provisioning_server_url() const {
     return provisioning_server_url_;
   }
@@ -48,7 +50,10 @@ class ConfigTestEnv {
     key_system_.assign(key_system);
   }
   void set_license_server(std::string& license_server) {
-    license_server_.assign(license_server);
+    license_server_url_.assign(license_server);
+  }
+  void set_provisioning_server(std::string& provisioning_server) {
+    provisioning_server_url_.assign(provisioning_server);
   }
 
  private:
@@ -57,7 +62,7 @@ class ConfigTestEnv {
   std::string client_auth_;
   KeyId key_id_;
   CdmKeySystem key_system_;
-  std::string license_server_;
+  std::string license_server_url_;
   std::string provisioning_server_url_;
   std::string service_certificate_;
   KeyId wrong_key_id_;