widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Key Status should reflect key container security level" into qt-dev

Browse Source
This commit is contained in:
Rahul Frias
2019-05-13 16:25:24 +00:00
committed by Android (Google) Code Review
parent 5ee5d00514 7d78609548
commit 80f5e283ad
8 changed files with 621 additions and 412 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
libwvdrmengine/cdm/core/include/license_key_status.h
View File

@@ -21,7 +21,8 @@ using video_widevine::WidevinePsshData_EntitledKey;
// Holds all content and operator session keys for a session. // Holds all content and operator session keys for a session.
class LicenseKeys { class LicenseKeys {
public: public:
LicenseKeys() {} LicenseKeys(CdmSecurityLevel security_level)
: security_level_(security_level) {}
virtual ~LicenseKeys() { Clear(); } virtual ~LicenseKeys() { Clear(); }
virtual bool Empty() { return key_statuses_.empty(); } virtual bool Empty() { return key_statuses_.empty(); }
@@ -54,6 +55,9 @@ class LicenseKeys {
// to the key, returns true. // to the key, returns true.
virtual bool MeetsConstraints(const KeyId& key_id); virtual bool MeetsConstraints(const KeyId& key_id);
// Indicates whether specified key can be used for the sessions security level
virtual bool MeetsSecurityLevelConstraints(const KeyId& key_id);
// Applies a resolution and/or hdcp change to each key, updating their // Applies a resolution and/or hdcp change to each key, updating their
// useability under their constraints. // useability under their constraints.
virtual void ApplyConstraints(uint32_t new_resolution, virtual void ApplyConstraints(uint32_t new_resolution,
@@ -67,6 +71,10 @@ class LicenseKeys {
virtual void SetEntitledKeys( virtual void SetEntitledKeys(
const std::vector<WidevinePsshData_EntitledKey>& keys); const std::vector<WidevinePsshData_EntitledKey>& keys);
// For test use: Sets the OEMCrypto security level
virtual void SetSecurityLevelForTest(
CdmSecurityLevel security_level) { security_level_ = security_level; }
private: private:
typedef ::video_widevine::License::KeyContainer KeyContainer; typedef ::video_widevine::License::KeyContainer KeyContainer;
typedef std::map<wvcdm::KeyId, LicenseKeyStatus*>::const_iterator typedef std::map<wvcdm::KeyId, LicenseKeyStatus*>::const_iterator
@@ -83,6 +91,8 @@ class LicenseKeys {
// key status from |key_statuses_| when using entitlement key licensing. // key status from |key_statuses_| when using entitlement key licensing.
std::map<KeyId, KeyId> content_keyid_to_entitlement_key_id_; std::map<KeyId, KeyId> content_keyid_to_entitlement_key_id_;
CdmSecurityLevel security_level_;
CORE_DISALLOW_COPY_AND_ASSIGN(LicenseKeys); CORE_DISALLOW_COPY_AND_ASSIGN(LicenseKeys);
}; };
@@ -114,6 +124,10 @@ class LicenseKeyStatus {
// Note: this will return true until the first call to ApplyConstraints(). // Note: this will return true until the first call to ApplyConstraints().
virtual bool MeetsConstraints() const { return meets_constraints_; } virtual bool MeetsConstraints() const { return meets_constraints_; }
// Indicates whether a key can be used for a given security level
virtual bool MeetsSecurityLevelConstraints() const {
return meets_security_level_constraints_; }
// Applies the given changes in resolution or HDCP settings. // Applies the given changes in resolution or HDCP settings.
virtual void ApplyConstraints(uint32_t new_resolution, virtual void ApplyConstraints(uint32_t new_resolution,
CryptoSession::HdcpCapability new_hdcp_level); CryptoSession::HdcpCapability new_hdcp_level);
@@ -127,12 +141,12 @@ class LicenseKeyStatus {
typedef ::google::protobuf::RepeatedPtrField<VideoResolutionConstraint> typedef ::google::protobuf::RepeatedPtrField<VideoResolutionConstraint>
ConstraintList; ConstraintList;
LicenseKeyStatus(const KeyContainer& key); LicenseKeyStatus(const KeyContainer& key, const CdmSecurityLevel level);
virtual ~LicenseKeyStatus() {} virtual ~LicenseKeyStatus() {}
private: private:
void ParseContentKey(const KeyContainer& key); void ParseContentKey(const KeyContainer& key, CdmSecurityLevel level);
void ParseOperatorSessionKey(const KeyContainer& key); void ParseOperatorSessionKey(const KeyContainer& key);
bool HasConstraints() { return is_content_key_ && constraints_.size() != 0; } bool HasConstraints() { return is_content_key_ && constraints_.size() != 0; }
@@ -142,6 +156,7 @@ class LicenseKeyStatus {
bool is_content_key_; bool is_content_key_;
CdmKeyStatus key_status_; CdmKeyStatus key_status_;
bool meets_constraints_; bool meets_constraints_;
bool meets_security_level_constraints_;
CdmKeyAllowedUsage allowed_usage_; CdmKeyAllowedUsage allowed_usage_;
CryptoSession::HdcpCapability default_hdcp_level_; CryptoSession::HdcpCapability default_hdcp_level_;
ConstraintList constraints_; ConstraintList constraints_;

9
libwvdrmengine/cdm/core/include/policy_engine.h
View File

@@ -45,8 +45,7 @@ class PolicyEngine {
// Verifies whether the policy allows use of the specified key of // Verifies whether the policy allows use of the specified key of
// a given security level for content decryption. // a given security level for content decryption.
virtual bool CanUseKeyForSecurityLevel(const KeyId& key_id, virtual bool CanUseKeyForSecurityLevel(const KeyId& key_id);
CdmSecurityLevel security_level);
// OnTimerEvent is called when a timer fires. It notifies the Policy Engine // OnTimerEvent is called when a timer fires. It notifies the Policy Engine
// that the timer has fired and dispatches the relevant events through // that the timer has fired and dispatches the relevant events through
@@ -167,10 +166,12 @@ class PolicyEngine {
// Guard against clock rollbacks // Guard against clock rollbacks
int64_t GetCurrentTime(); int64_t GetCurrentTime();
// set_clock() is for testing only. It alters ownership of the // Test only methods
// passed-in pointer. // set_clock alters ownership of the passed-in pointer.
void set_clock(Clock* clock); void set_clock(Clock* clock);
void SetSecurityLevelForTest(CdmSecurityLevel security_level);
LicenseState license_state_; LicenseState license_state_;
// This is the current policy information for this license. This gets updated // This is the current policy information for this license. This gets updated

3
libwvdrmengine/cdm/core/src/cdm_session.cpp
View File

@@ -635,8 +635,7 @@ CdmResponseType CdmSession::Decrypt(const CdmDecryptionParameters& params) {
return INSUFFICIENT_OUTPUT_PROTECTION; return INSUFFICIENT_OUTPUT_PROTECTION;
return NEED_KEY; return NEED_KEY;
} }
if (!policy_engine_->CanUseKeyForSecurityLevel(*params.key_id, if (!policy_engine_->CanUseKeyForSecurityLevel(*params.key_id)) {
security_level_)) {
return KEY_PROHIBITED_FOR_SECURITY_LEVEL; return KEY_PROHIBITED_FOR_SECURITY_LEVEL;
} }
} }

49
libwvdrmengine/cdm/core/src/license_key_status.cpp
View File

@@ -152,6 +152,16 @@ bool LicenseKeys::MeetsConstraints(const KeyId& key_id) {
} }
} }
bool LicenseKeys::MeetsSecurityLevelConstraints(const KeyId& key_id) {
if (key_statuses_.count(key_id) > 0) {
return key_statuses_[key_id]->MeetsSecurityLevelConstraints();
} else {
// If a Key ID is unknown to us, we don't know of any constraints for it,
// so never block decryption.
return true;
}
}
void LicenseKeys::ApplyConstraints( void LicenseKeys::ApplyConstraints(
uint32_t new_resolution, CryptoSession::HdcpCapability new_hdcp_level) { uint32_t new_resolution, CryptoSession::HdcpCapability new_hdcp_level) {
for (LicenseKeyStatusIterator i = key_statuses_.begin(); for (LicenseKeyStatusIterator i = key_statuses_.begin();
@@ -168,7 +178,7 @@ void LicenseKeys::SetFromLicense(const video_widevine::License& license) {
key.type() == KeyContainer::OPERATOR_SESSION || key.type() == KeyContainer::OPERATOR_SESSION ||
key.type() == KeyContainer::ENTITLEMENT)) { key.type() == KeyContainer::ENTITLEMENT)) {
const KeyId& key_id = key.id(); const KeyId& key_id = key.id();
key_statuses_[key_id] = new LicenseKeyStatus(key); key_statuses_[key_id] = new LicenseKeyStatus(key, security_level_);
} }
} }
} }
@@ -190,23 +200,26 @@ void LicenseKeys::SetEntitledKeys(
} }
} }
LicenseKeyStatus::LicenseKeyStatus(const KeyContainer& key) LicenseKeyStatus::LicenseKeyStatus(const KeyContainer& key,
const CdmSecurityLevel security_level)
: is_content_key_(false), : is_content_key_(false),
key_status_(kKeyStatusInternalError), key_status_(kKeyStatusInternalError),
meets_constraints_(true), meets_constraints_(true),
meets_security_level_constraints_(true),
default_hdcp_level_(HDCP_NONE) { default_hdcp_level_(HDCP_NONE) {
allowed_usage_.Clear(); allowed_usage_.Clear();
constraints_.Clear(); constraints_.Clear();
if (key.type() == KeyContainer::CONTENT || if (key.type() == KeyContainer::CONTENT ||
key.type() == KeyContainer::ENTITLEMENT) { key.type() == KeyContainer::ENTITLEMENT) {
ParseContentKey(key); ParseContentKey(key, security_level);
} else if (key.type() == KeyContainer::OPERATOR_SESSION) { } else if (key.type() == KeyContainer::OPERATOR_SESSION) {
ParseOperatorSessionKey(key); ParseOperatorSessionKey(key);
} }
} }
void LicenseKeyStatus::ParseContentKey(const KeyContainer& key) { void LicenseKeyStatus::ParseContentKey(const KeyContainer& key,
CdmSecurityLevel security_level) {
is_content_key_ = true; is_content_key_ = true;
if (key.has_level() && ((key.level() == KeyContainer::HW_SECURE_DECODE) || if (key.has_level() && ((key.level() == KeyContainer::HW_SECURE_DECODE) ||
(key.level() == KeyContainer::HW_SECURE_ALL))) { (key.level() == KeyContainer::HW_SECURE_ALL))) {
@@ -238,8 +251,34 @@ void LicenseKeyStatus::ParseContentKey(const KeyContainer& key) {
allowed_usage_.key_security_level_ = kKeySecurityLevelUnknown; allowed_usage_.key_security_level_ = kKeySecurityLevelUnknown;
break; break;
} }
switch (security_level) {
case kSecurityLevelL1:
meets_security_level_constraints_ = true;
break;
case kSecurityLevelL2:
case kSecurityLevelL3:
switch (key.level()) {
case KeyContainer::SW_SECURE_CRYPTO:
case KeyContainer::SW_SECURE_DECODE:
meets_security_level_constraints_ = true;
break;
case KeyContainer::HW_SECURE_CRYPTO:
meets_security_level_constraints_ =
security_level == kSecurityLevelL2;
break;
default:
meets_security_level_constraints_ = false;
break;
}
break;
default:
meets_security_level_constraints_ = false;
break;
}
} else { } else {
allowed_usage_.key_security_level_ = kKeySecurityLevelUnset; allowed_usage_.key_security_level_ = kKeySecurityLevelUnset;
meets_security_level_constraints_ = true;
} }
allowed_usage_.SetValid(); allowed_usage_.SetValid();
@@ -301,7 +340,7 @@ bool LicenseKeyStatus::ApplyStatusChange(CdmKeyStatus new_status,
} }
CdmKeyStatus updated_status = new_status; CdmKeyStatus updated_status = new_status;
if (updated_status == kKeyStatusUsable) { if (updated_status == kKeyStatusUsable) {
if (!MeetsConstraints()) { if (!MeetsConstraints() || !MeetsSecurityLevelConstraints()) {
updated_status = kKeyStatusOutputNotAllowed; updated_status = kKeyStatusOutputNotAllowed;
} }
} }

32
libwvdrmengine/cdm/core/src/policy_engine.cpp
View File

@@ -40,7 +40,7 @@ PolicyEngine::PolicyEngine(CdmSessionId session_id,
last_recorded_current_time_(0), last_recorded_current_time_(0),
session_id_(session_id), session_id_(session_id),
event_listener_(event_listener), event_listener_(event_listener),
license_keys_(new LicenseKeys), license_keys_(new LicenseKeys(crypto_session->GetSecurityLevel())),
clock_(new Clock) { clock_(new Clock) {
InitDevice(crypto_session); InitDevice(crypto_session);
} }
@@ -311,30 +311,8 @@ CdmResponseType PolicyEngine::QueryKeyAllowedUsage(
return KEY_NOT_FOUND_1; return KEY_NOT_FOUND_1;
} }
bool PolicyEngine::CanUseKeyForSecurityLevel( bool PolicyEngine::CanUseKeyForSecurityLevel(const KeyId& key_id) {
const KeyId& key_id, return license_keys_->MeetsSecurityLevelConstraints(key_id);
CdmSecurityLevel security_level) {
if (security_level == kSecurityLevelL1) return true;
CdmKeyAllowedUsage key_usage;
CdmResponseType status = QueryKeyAllowedUsage(key_id, &key_usage);
if (status != NO_ERROR) return false;
// L1 has already been addressed so verify that L2/3 are allowed
switch (key_usage.key_security_level_) {
case kKeySecurityLevelUnset:
return true;
case kSoftwareSecureCrypto:
case kSoftwareSecureDecode:
return security_level == kSecurityLevelL2 ||
security_level == kSecurityLevelL3;
case kHardwareSecureCrypto:
return security_level == kSecurityLevelL2;
default:
return false;
}
} }
bool PolicyEngine::GetSecondsSinceStarted(int64_t* seconds_since_started) { bool PolicyEngine::GetSecondsSinceStarted(int64_t* seconds_since_started) {
@@ -525,4 +503,8 @@ int64_t PolicyEngine::GetCurrentTime() {
void PolicyEngine::set_clock(Clock* clock) { clock_.reset(clock); } void PolicyEngine::set_clock(Clock* clock) { clock_.reset(clock); }
void PolicyEngine::SetSecurityLevelForTest(CdmSecurityLevel security_level) {
license_keys_->SetSecurityLevelForTest(security_level);
}
} // namespace wvcdm } // namespace wvcdm

5
libwvdrmengine/cdm/core/test/cdm_session_unittest.cpp
View File

@@ -152,7 +152,8 @@ class MockCryptoSession : public TestCryptoSession {
class MockPolicyEngine : public PolicyEngine { class MockPolicyEngine : public PolicyEngine {
public: public:
MockPolicyEngine() : PolicyEngine("mock_session_id", NULL, NULL) {} MockPolicyEngine(CryptoSession* crypto_session)
: PolicyEngine("mock_session_id", NULL, crypto_session) {}
// Leaving a place-holder for when PolicyEngine methods need to be mocked // Leaving a place-holder for when PolicyEngine methods need to be mocked
}; };
@@ -181,7 +182,7 @@ class CdmSessionTest : public WvCdmTestBase {
cdm_session_->set_license_parser(license_parser_); cdm_session_->set_license_parser(license_parser_);
crypto_session_ = new NiceMock<MockCryptoSession>(&crypto_metrics_); crypto_session_ = new NiceMock<MockCryptoSession>(&crypto_metrics_);
cdm_session_->set_crypto_session(crypto_session_); cdm_session_->set_crypto_session(crypto_session_);
policy_engine_ = new MockPolicyEngine(); policy_engine_ = new MockPolicyEngine(crypto_session_);
cdm_session_->set_policy_engine(policy_engine_); cdm_session_->set_policy_engine(policy_engine_);
file_handle_ = new MockDeviceFiles(); file_handle_ = new MockDeviceFiles();
cdm_session_->set_file_handle(file_handle_); cdm_session_->set_file_handle(file_handle_);

881
libwvdrmengine/cdm/core/test/license_keys_unittest.cpp
View File

File diff suppressed because it is too large Load Diff

33
libwvdrmengine/cdm/core/test/policy_engine_unittest.cpp
View File

@@ -182,6 +182,10 @@ class PolicyEngineTest : public WvCdmTestBase {
expected_has_new_usable_key)); expected_has_new_usable_key));
} }
void SetCdmSecurityLevel(CdmSecurityLevel security_level) {
policy_engine_->SetSecurityLevelForTest(security_level);
}
metrics::CryptoMetrics dummy_metrics_; metrics::CryptoMetrics dummy_metrics_;
NiceMock<HdcpOnlyMockCryptoSession> crypto_session_; NiceMock<HdcpOnlyMockCryptoSession> crypto_session_;
StrictMock<MockCdmEventListener> mock_event_listener_; StrictMock<MockCdmEventListener> mock_event_listener_;
@@ -1725,20 +1729,29 @@ TEST_P(PolicyEngineKeySecurityLevelTest, CanUseKeyForSecurityLevel) {
ExpectSessionKeysChange(kKeyStatusUsable, true); ExpectSessionKeysChange(kKeyStatusUsable, true);
EXPECT_CALL(mock_event_listener_, OnExpirationUpdate(_, _)); EXPECT_CALL(mock_event_listener_, OnExpirationUpdate(_, _));
SetCdmSecurityLevel(kSecurityLevelL1);
policy_engine_->SetLicense(license_); policy_engine_->SetLicense(license_);
EXPECT_EQ(param->expect_can_L1_use_key, EXPECT_EQ(param->expect_can_L1_use_key,
policy_engine_->CanUseKeyForSecurityLevel(kKeyId, policy_engine_->CanUseKeyForSecurityLevel(kKeyId));
kSecurityLevelL1));
SetCdmSecurityLevel(kSecurityLevelL2);
policy_engine_->SetLicense(license_);
EXPECT_EQ(param->expect_can_L2_use_key, EXPECT_EQ(param->expect_can_L2_use_key,
policy_engine_->CanUseKeyForSecurityLevel(kKeyId, policy_engine_->CanUseKeyForSecurityLevel(kKeyId));
kSecurityLevelL2));
SetCdmSecurityLevel(kSecurityLevelL3);
policy_engine_->SetLicense(license_);
EXPECT_EQ(param->expect_can_L3_use_key, EXPECT_EQ(param->expect_can_L3_use_key,
policy_engine_->CanUseKeyForSecurityLevel(kKeyId, policy_engine_->CanUseKeyForSecurityLevel(kKeyId));
kSecurityLevelL3));
SetCdmSecurityLevel(kSecurityLevelUnknown);
policy_engine_->SetLicense(license_);
EXPECT_EQ(param->expect_can_level_unknown_use_key, EXPECT_EQ(param->expect_can_level_unknown_use_key,
policy_engine_->CanUseKeyForSecurityLevel(kKeyId, policy_engine_->CanUseKeyForSecurityLevel(kKeyId));
kSecurityLevelUnknown));
} }
INSTANTIATE_TEST_CASE_P( INSTANTIATE_TEST_CASE_P(
@@ -1859,6 +1872,8 @@ TEST_F(PolicyEngineKeyAllowedUsageTest, AllowedUsageBasic) {
content_key->set_id(kKeyId); content_key->set_id(kKeyId);
content_key->set_level(License::KeyContainer::HW_SECURE_ALL); content_key->set_level(License::KeyContainer::HW_SECURE_ALL);
SetCdmSecurityLevel(kSecurityLevelL1);
// generic operator session key (sign) // generic operator session key (sign)
AddOperatorSessionKey(kGenericKeyId, kEncryptNull, kDecryptNull, kSignTrue, AddOperatorSessionKey(kGenericKeyId, kEncryptNull, kDecryptNull, kSignTrue,
kVerifyNull); kVerifyNull);
@@ -1917,6 +1932,8 @@ TEST_F(PolicyEngineKeyAllowedUsageTest, AllowedUsageGeneric) {
another_content_key->set_id(kAnotherKeyId); another_content_key->set_id(kAnotherKeyId);
another_content_key->set_level(License::KeyContainer::HW_SECURE_CRYPTO); another_content_key->set_level(License::KeyContainer::HW_SECURE_CRYPTO);
SetCdmSecurityLevel(kSecurityLevelL1);
// generic operator session keys // generic operator session keys
AddOperatorSessionKey(kGenericSignKeyId, kEncryptNull, kDecryptNull, AddOperatorSessionKey(kGenericSignKeyId, kEncryptNull, kDecryptNull,
kSignTrue, kVerifyNull); kSignTrue, kVerifyNull);