widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accept a security level to be specified during provisioning am: e27bc4ba6a

Browse Source 
Change-Id: I20b0adbb6c27507b7d63a6cd0084b4230d5ed6e0
This commit is contained in:
Rahul Frias
2020-04-30 00:27:03 +00:00
committed by Automerger Merge Worker
parent 6fd344812d e27bc4ba6a
commit 8429ab587a
16 changed files with 284 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
libwvdrmengine/cdm/core/include/cdm_engine.h
View File

@@ -179,12 +179,14 @@ class CdmEngine {
// Generate and return a valid provisioning request. // Generate and return a valid provisioning request.
virtual CdmResponseType GetProvisioningRequest( virtual CdmResponseType GetProvisioningRequest(
CdmCertificateType cert_type, const std::string& cert_authority, CdmCertificateType cert_type, const std::string& cert_authority,
const std::string& service_certificate, CdmProvisioningRequest* request, const std::string& service_certificate,
SecurityLevel requested_security_level, CdmProvisioningRequest* request,
std::string* default_url); std::string* default_url);
// Verify and process a provisioning response. // Verify and process a provisioning response.
virtual CdmResponseType HandleProvisioningResponse( virtual CdmResponseType HandleProvisioningResponse(
const CdmProvisioningResponse& response, std::string* cert, const CdmProvisioningResponse& response,
SecurityLevel requested_security_level, std::string* cert,
std::string* wrapped_key); std::string* wrapped_key);
// Return true if there is a device certificate on the current // Return true if there is a device certificate on the current
@@ -388,7 +390,6 @@ class CdmEngine {
CdmSessionMap session_map_; CdmSessionMap session_map_;
CdmReleaseKeySetMap release_key_sets_; CdmReleaseKeySetMap release_key_sets_;
std::unique_ptr<CertificateProvisioning> cert_provisioning_; std::unique_ptr<CertificateProvisioning> cert_provisioning_;
SecurityLevel cert_provisioning_requested_security_level_;
FileSystem* file_system_; FileSystem* file_system_;
Clock clock_; Clock clock_;
std::string spoid_; std::string spoid_;

13
libwvdrmengine/cdm/core/include/cdm_engine_metrics_decorator.h
View File

@@ -156,21 +156,24 @@ class CdmEngineMetricsImpl : public T {
CdmResponseType GetProvisioningRequest(CdmCertificateType cert_type, CdmResponseType GetProvisioningRequest(CdmCertificateType cert_type,
const std::string& cert_authority, const std::string& cert_authority,
const std::string& service_certificate, const std::string& service_certificate,
SecurityLevel requested_security_level,
CdmProvisioningRequest* request, CdmProvisioningRequest* request,
std::string* default_url) override { std::string* default_url) override {
CdmResponseType sts; CdmResponseType sts;
M_TIME(sts = T::GetProvisioningRequest(cert_type, cert_authority, M_TIME(sts = T::GetProvisioningRequest(
service_certificate, request, cert_type, cert_authority, service_certificate,
default_url), requested_security_level, request, default_url),
metrics_, cdm_engine_get_provisioning_request_, sts); metrics_, cdm_engine_get_provisioning_request_, sts);
return sts; return sts;
} }
CdmResponseType HandleProvisioningResponse( CdmResponseType HandleProvisioningResponse(
const CdmProvisioningResponse& response, std::string* cert, const CdmProvisioningResponse& response,
SecurityLevel requested_security_level, std::string* cert,
std::string* wrapped_key) override { std::string* wrapped_key) override {
CdmResponseType sts; CdmResponseType sts;
M_TIME(sts = T::HandleProvisioningResponse(response, cert, wrapped_key), M_TIME(sts = T::HandleProvisioningResponse(
response, requested_security_level, cert, wrapped_key),
metrics_, cdm_engine_handle_provisioning_response_, sts); metrics_, cdm_engine_handle_provisioning_response_, sts);
return sts; return sts;
} }

24
libwvdrmengine/cdm/core/src/cdm_engine.cpp
View File

@@ -73,7 +73,6 @@ CdmEngine::CdmEngine(FileSystem* file_system,
std::shared_ptr<metrics::EngineMetrics> metrics) std::shared_ptr<metrics::EngineMetrics> metrics)
: metrics_(metrics), : metrics_(metrics),
cert_provisioning_(), cert_provisioning_(),
cert_provisioning_requested_security_level_(kLevelDefault),
file_system_(file_system), file_system_(file_system),
spoid_(EMPTY_SPOID), spoid_(EMPTY_SPOID),
usage_session_(), usage_session_(),
@@ -136,8 +135,6 @@ CdmResponseType CdmEngine::OpenSession(const CdmKeySystem& key_system,
new_session->Init(property_set, forced_session_id, event_listener); new_session->Init(property_set, forced_session_id, event_listener);
if (sts != NO_ERROR) { if (sts != NO_ERROR) {
if (sts == NEED_PROVISIONING) { if (sts == NEED_PROVISIONING) {
cert_provisioning_requested_security_level_ =
new_session->GetRequestedSecurityLevel();
// Reserve a session ID so the CDM can return success. // Reserve a session ID so the CDM can return success.
if (session_id) *session_id = new_session->GenerateSessionId(); if (session_id) *session_id = new_session->GenerateSessionId();
} else { } else {
@@ -294,10 +291,6 @@ CdmResponseType CdmEngine::GenerateKeyRequest(
if (KEY_ADDED == sts) { if (KEY_ADDED == sts) {
return sts; return sts;
} else if (KEY_MESSAGE != sts) { } else if (KEY_MESSAGE != sts) {
if (sts == NEED_PROVISIONING) {
cert_provisioning_requested_security_level_ =
session->GetRequestedSecurityLevel();
}
LOGE("Key request generation failed, status = %d", static_cast<int>(sts)); LOGE("Key request generation failed, status = %d", static_cast<int>(sts));
return sts; return sts;
} }
@@ -414,10 +407,6 @@ CdmResponseType CdmEngine::RestoreKey(const CdmSessionId& session_id,
&error_detail); &error_detail);
session->GetMetrics()->cdm_session_restore_offline_session_.Increment( session->GetMetrics()->cdm_session_restore_offline_session_.Increment(
sts, error_detail); sts, error_detail);
if (sts == NEED_PROVISIONING) {
cert_provisioning_requested_security_level_ =
session->GetRequestedSecurityLevel();
}
if (sts != KEY_ADDED && sts != GET_RELEASED_LICENSE_ERROR) { if (sts != KEY_ADDED && sts != GET_RELEASED_LICENSE_ERROR) {
LOGE("Restore offline session failed: status = %d", static_cast<int>(sts)); LOGE("Restore offline session failed: status = %d", static_cast<int>(sts));
} }
@@ -895,7 +884,8 @@ bool CdmEngine::IsSecurityLevelSupported(CdmSecurityLevel level) {
*/ */
CdmResponseType CdmEngine::GetProvisioningRequest( CdmResponseType CdmEngine::GetProvisioningRequest(
CdmCertificateType cert_type, const std::string& cert_authority, CdmCertificateType cert_type, const std::string& cert_authority,
const std::string& service_certificate, CdmProvisioningRequest* request, const std::string& service_certificate,
SecurityLevel requested_security_level, CdmProvisioningRequest* request,
std::string* default_url) { std::string* default_url) {
LOGI("Getting provisioning request"); LOGI("Getting provisioning request");
if (!request) { if (!request) {
@@ -915,7 +905,7 @@ CdmResponseType CdmEngine::GetProvisioningRequest(
if (status != NO_ERROR) return status; if (status != NO_ERROR) return status;
} }
CdmResponseType ret = cert_provisioning_->GetProvisioningRequest( CdmResponseType ret = cert_provisioning_->GetProvisioningRequest(
cert_provisioning_requested_security_level_, cert_type, cert_authority, requested_security_level, cert_type, cert_authority,
file_system_->origin(), spoid_, request, default_url); file_system_->origin(), spoid_, request, default_url);
if (ret != NO_ERROR) { if (ret != NO_ERROR) {
cert_provisioning_.reset(); // Release resources. cert_provisioning_.reset(); // Release resources.
@@ -931,7 +921,8 @@ CdmResponseType CdmEngine::GetProvisioningRequest(
* Returns NO_ERROR for success and CdmResponseType error code if fails. * Returns NO_ERROR for success and CdmResponseType error code if fails.
*/ */
CdmResponseType CdmEngine::HandleProvisioningResponse( CdmResponseType CdmEngine::HandleProvisioningResponse(
const CdmProvisioningResponse& response, std::string* cert, const CdmProvisioningResponse& response,
SecurityLevel requested_security_level, std::string* cert,
std::string* wrapped_key) { std::string* wrapped_key) {
LOGI("Handling provision request"); LOGI("Handling provision request");
if (response.empty()) { if (response.empty()) {
@@ -955,10 +946,9 @@ CdmResponseType CdmEngine::HandleProvisioningResponse(
std::unique_ptr<CryptoSession> crypto_session( std::unique_ptr<CryptoSession> crypto_session(
CryptoSession::MakeCryptoSession(metrics_->GetCryptoMetrics())); CryptoSession::MakeCryptoSession(metrics_->GetCryptoMetrics()));
CdmResponseType status; CdmResponseType status;
M_TIME(status = crypto_session->Open( M_TIME(status = crypto_session->Open(requested_security_level),
cert_provisioning_requested_security_level_),
metrics_->GetCryptoMetrics(), crypto_session_open_, status, metrics_->GetCryptoMetrics(), crypto_session_open_, status,
cert_provisioning_requested_security_level_); requested_security_level);
if (NO_ERROR != status) { if (NO_ERROR != status) {
LOGE("Provisioning object missing and crypto session open failed"); LOGE("Provisioning object missing and crypto session open failed");
return EMPTY_PROVISIONING_CERTIFICATE_2; return EMPTY_PROVISIONING_CERTIFICATE_2;

29
libwvdrmengine/cdm/core/test/cdm_engine_metrics_decorator_unittest.cpp
View File

@@ -76,13 +76,13 @@ class MockCdmEngineImpl : public CdmEngine {
MOCK_METHOD1(RemoveKeys, CdmResponseType(const CdmSessionId&)); MOCK_METHOD1(RemoveKeys, CdmResponseType(const CdmSessionId&));
MOCK_METHOD2(QueryKeyStatus, MOCK_METHOD2(QueryKeyStatus,
CdmResponseType(const CdmSessionId&, CdmQueryMap*)); CdmResponseType(const CdmSessionId&, CdmQueryMap*));
MOCK_METHOD5(GetProvisioningRequest, MOCK_METHOD6(GetProvisioningRequest,
CdmResponseType(CdmCertificateType, const std::string&, CdmResponseType(CdmCertificateType, const std::string&,
const std::string&, CdmProvisioningRequest*, const std::string&, SecurityLevel,
std::string*)); CdmProvisioningRequest*, std::string*));
MOCK_METHOD3(HandleProvisioningResponse, MOCK_METHOD4(HandleProvisioningResponse,
CdmResponseType(const CdmProvisioningResponse&, std::string*, CdmResponseType(const CdmProvisioningResponse&, SecurityLevel,
std::string*)); std::string*, std::string*));
MOCK_METHOD1(Unprovision, CdmResponseType(CdmSecurityLevel)); MOCK_METHOD1(Unprovision, CdmResponseType(CdmSecurityLevel));
MOCK_METHOD4(ListUsageIds, MOCK_METHOD4(ListUsageIds,
CdmResponseType(const std::string&, CdmSecurityLevel, CdmResponseType(const std::string&, CdmSecurityLevel,
@@ -311,16 +311,17 @@ TEST_F(WvCdmEngineMetricsImplTest, GetProvisioningRequest) {
std::string default_url; std::string default_url;
EXPECT_CALL(*test_cdm_metrics_engine_, EXPECT_CALL(*test_cdm_metrics_engine_,
GetProvisioningRequest(Eq(kCertificateX509), GetProvisioningRequest(
Eq("fake certificate authority"), Eq(kCertificateX509), Eq("fake certificate authority"),
Eq("fake service certificate"), Eq("fake service certificate"), Eq(wvcdm::kLevelDefault),
Eq(&request), Eq(&default_url))) Eq(&request), Eq(&default_url)))
.WillOnce(Return(wvcdm::UNKNOWN_ERROR)); .WillOnce(Return(wvcdm::UNKNOWN_ERROR));
ASSERT_EQ(wvcdm::UNKNOWN_ERROR, ASSERT_EQ(wvcdm::UNKNOWN_ERROR,
test_cdm_metrics_engine_->GetProvisioningRequest( test_cdm_metrics_engine_->GetProvisioningRequest(
kCertificateX509, "fake certificate authority", kCertificateX509, "fake certificate authority",
"fake service certificate", &request, &default_url)); "fake service certificate", wvcdm::kLevelDefault, &request,
&default_url));
drm_metrics::WvCdmMetrics metrics_proto; drm_metrics::WvCdmMetrics metrics_proto;
test_cdm_metrics_engine_->GetMetricsSnapshot(&metrics_proto); test_cdm_metrics_engine_->GetMetricsSnapshot(&metrics_proto);
@@ -340,12 +341,14 @@ TEST_F(WvCdmEngineMetricsImplTest, HandleProvisioningResponse) {
EXPECT_CALL(*test_cdm_metrics_engine_, EXPECT_CALL(*test_cdm_metrics_engine_,
HandleProvisioningResponse(Eq("fake provisioning response"), HandleProvisioningResponse(Eq("fake provisioning response"),
Eq(&cert), Eq(&wrapped_key))) Eq(wvcdm::kLevelDefault), Eq(&cert),
Eq(&wrapped_key)))
.WillOnce(Return(wvcdm::UNKNOWN_ERROR)); .WillOnce(Return(wvcdm::UNKNOWN_ERROR));
ASSERT_EQ(wvcdm::UNKNOWN_ERROR, ASSERT_EQ(wvcdm::UNKNOWN_ERROR,
test_cdm_metrics_engine_->HandleProvisioningResponse( test_cdm_metrics_engine_->HandleProvisioningResponse(
"fake provisioning response", &cert, &wrapped_key)); "fake provisioning response", wvcdm::kLevelDefault, &cert,
&wrapped_key));
drm_metrics::WvCdmMetrics metrics_proto; drm_metrics::WvCdmMetrics metrics_proto;
test_cdm_metrics_engine_->GetMetricsSnapshot(&metrics_proto); test_cdm_metrics_engine_->GetMetricsSnapshot(&metrics_proto);

19
libwvdrmengine/cdm/core/test/test_base.cpp
View File

@@ -294,8 +294,8 @@ void WvCdmTestBase::Provision() {
std::shared_ptr<EngineMetrics>(new EngineMetrics)); std::shared_ptr<EngineMetrics>(new EngineMetrics));
FakeProvisioningServer server; FakeProvisioningServer server;
CdmResponseType result = cdm_engine.GetProvisioningRequest( CdmResponseType result = cdm_engine.GetProvisioningRequest(
cert_type, cert_authority, server.service_certificate(), &prov_request, cert_type, cert_authority, server.service_certificate(), kLevelDefault,
&provisioning_server_url); &prov_request, &provisioning_server_url);
ASSERT_EQ(NO_ERROR, result); ASSERT_EQ(NO_ERROR, result);
if (!binary_provisioning_) { if (!binary_provisioning_) {
std::vector<uint8_t> prov_request_v = Base64SafeDecode(prov_request); std::vector<uint8_t> prov_request_v = Base64SafeDecode(prov_request);
@@ -304,8 +304,8 @@ void WvCdmTestBase::Provision() {
std::string response; std::string response;
ASSERT_TRUE(server.MakeResponse(prov_request, &response)) ASSERT_TRUE(server.MakeResponse(prov_request, &response))
<< "Fake provisioning server could not provision"; << "Fake provisioning server could not provision";
result = result = cdm_engine.HandleProvisioningResponse(response, kLevelDefault,
cdm_engine.HandleProvisioningResponse(response, &cert, &wrapped_key); &cert, &wrapped_key);
EXPECT_EQ(NO_ERROR, result); EXPECT_EQ(NO_ERROR, result);
} else { } else {
// TODO(fredgc): provision for different SPOIDs. // TODO(fredgc): provision for different SPOIDs.
@@ -314,7 +314,7 @@ void WvCdmTestBase::Provision() {
CdmResponseType result = cdm_engine.GetProvisioningRequest( CdmResponseType result = cdm_engine.GetProvisioningRequest(
cert_type, cert_authority, config_.provisioning_service_certificate(), cert_type, cert_authority, config_.provisioning_service_certificate(),
&prov_request, &provisioning_server_url); kLevelDefault, &prov_request, &provisioning_server_url);
ASSERT_EQ(NO_ERROR, result); ASSERT_EQ(NO_ERROR, result);
if (binary_provisioning_) { if (binary_provisioning_) {
@@ -385,14 +385,15 @@ void WvCdmTestBase::Provision() {
std::string binary_protobuf_response(response_vec.begin(), std::string binary_protobuf_response(response_vec.begin(),
response_vec.end()); response_vec.end());
if (cdm_engine.HandleProvisioningResponse( if (cdm_engine.HandleProvisioningResponse(binary_protobuf_response,
binary_protobuf_response, &cert, &wrapped_key) != NO_ERROR) { kLevelDefault, &cert,
&wrapped_key) != NO_ERROR) {
LOGE("Failed to handle provisioning response"); LOGE("Failed to handle provisioning response");
continue; continue;
} }
} else { } else {
if (cdm_engine.HandleProvisioningResponse(http_message, &cert, if (cdm_engine.HandleProvisioningResponse(
&wrapped_key) != NO_ERROR) { http_message, kLevelDefault, &cert, &wrapped_key) != NO_ERROR) {
LOGE("Failed to handle binary provisioning response"); LOGE("Failed to handle binary provisioning response");
continue; continue;
} }

6
libwvdrmengine/cdm/include/wv_content_decryption_module.h
View File

@@ -88,11 +88,13 @@ class WvContentDecryptionModule : public android::RefBase, public TimerHandler {
virtual CdmResponseType GetProvisioningRequest( virtual CdmResponseType GetProvisioningRequest(
CdmCertificateType cert_type, const std::string& cert_authority, CdmCertificateType cert_type, const std::string& cert_authority,
const CdmIdentifier& identifier, const std::string& service_certificate, const CdmIdentifier& identifier, const std::string& service_certificate,
CdmProvisioningRequest* request, std::string* default_url); SecurityLevel requested_security_level, CdmProvisioningRequest* request,
std::string* default_url);
virtual CdmResponseType HandleProvisioningResponse( virtual CdmResponseType HandleProvisioningResponse(
const CdmIdentifier& identifier, CdmProvisioningResponse& response, const CdmIdentifier& identifier, CdmProvisioningResponse& response,
std::string* cert, std::string* wrapped_key); SecurityLevel requested_security_level, std::string* cert,
std::string* wrapped_key);
virtual CdmResponseType Unprovision(CdmSecurityLevel level, virtual CdmResponseType Unprovision(CdmSecurityLevel level,
const CdmIdentifier& identifier); const CdmIdentifier& identifier);

12
libwvdrmengine/cdm/src/wv_content_decryption_module.cpp
View File

@@ -211,17 +211,21 @@ bool WvContentDecryptionModule::IsSecurityLevelSupported(
CdmResponseType WvContentDecryptionModule::GetProvisioningRequest( CdmResponseType WvContentDecryptionModule::GetProvisioningRequest(
CdmCertificateType cert_type, const std::string& cert_authority, CdmCertificateType cert_type, const std::string& cert_authority,
const CdmIdentifier& identifier, const std::string& service_certificate, const CdmIdentifier& identifier, const std::string& service_certificate,
CdmProvisioningRequest* request, std::string* default_url) { SecurityLevel requested_security_level, CdmProvisioningRequest* request,
std::string* default_url) {
CdmEngine* cdm_engine = EnsureCdmForIdentifier(identifier); CdmEngine* cdm_engine = EnsureCdmForIdentifier(identifier);
return cdm_engine->GetProvisioningRequest( return cdm_engine->GetProvisioningRequest(
cert_type, cert_authority, service_certificate, request, default_url); cert_type, cert_authority, service_certificate, requested_security_level,
request, default_url);
} }
CdmResponseType WvContentDecryptionModule::HandleProvisioningResponse( CdmResponseType WvContentDecryptionModule::HandleProvisioningResponse(
const CdmIdentifier& identifier, CdmProvisioningResponse& response, const CdmIdentifier& identifier, CdmProvisioningResponse& response,
std::string* cert, std::string* wrapped_key) { SecurityLevel requested_security_level, std::string* cert,
std::string* wrapped_key) {
CdmEngine* cdm_engine = EnsureCdmForIdentifier(identifier); CdmEngine* cdm_engine = EnsureCdmForIdentifier(identifier);
return cdm_engine->HandleProvisioningResponse(response, cert, wrapped_key); return cdm_engine->HandleProvisioningResponse(
response, requested_security_level, cert, wrapped_key);
} }
CdmResponseType WvContentDecryptionModule::Unprovision( CdmResponseType WvContentDecryptionModule::Unprovision(

6
libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp
View File

@@ -451,7 +451,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
status = decryptor_->GetProvisioningRequest( status = decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg_, &provisioning_server_url); kEmptyServiceCertificate, kLevelDefault, &key_msg_,
&provisioning_server_url);
EXPECT_EQ(NO_ERROR, status); EXPECT_EQ(NO_ERROR, status);
if (NO_ERROR != status) return; if (NO_ERROR != status) return;
EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl);
@@ -461,7 +462,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(NO_ERROR, EXPECT_EQ(NO_ERROR,
decryptor_->HandleProvisioningResponse(kDefaultCdmIdentifier, response, decryptor_->HandleProvisioningResponse(kDefaultCdmIdentifier, response,
&cert, &wrapped_key)); kLevelDefault, &cert,
&wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
decryptor_->CloseSession(session_id_); decryptor_->CloseSession(session_id_);

18
libwvdrmengine/cdm/test/cdm_feature_test.cpp
View File

@@ -410,7 +410,8 @@ TEST_F(WvCdmFeatureTest, OEMCertificateProvisioning) {
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_.GetProvisioningRequest( decryptor_.GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg_, &provisioning_server_url)); kEmptyServiceCertificate, kLevelDefault, &key_msg_,
&provisioning_server_url));
EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl);
ClientIdentification_TokenType token_type; ClientIdentification_TokenType token_type;
@@ -425,9 +426,9 @@ TEST_F(WvCdmFeatureTest, OEMCertificateProvisioning) {
std::string response = GetCertRequestResponse(provisioning_server_url); std::string response = GetCertRequestResponse(provisioning_server_url);
// GetCertRequestResponse(config_.provisioning_server_url()); // GetCertRequestResponse(config_.provisioning_server_url());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
decryptor_.HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevelDefault,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
decryptor_.CloseSession(session_id_); decryptor_.CloseSession(session_id_);
@@ -445,7 +446,8 @@ TEST_F(WvCdmFeatureTest, KeyboxProvisioning) {
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_.GetProvisioningRequest( decryptor_.GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg_, &provisioning_server_url)); kEmptyServiceCertificate, kLevelDefault, &key_msg_,
&provisioning_server_url));
EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl);
ClientIdentification_TokenType token_type; ClientIdentification_TokenType token_type;
@@ -460,9 +462,9 @@ TEST_F(WvCdmFeatureTest, KeyboxProvisioning) {
std::string response = GetCertRequestResponse(provisioning_server_url); std::string response = GetCertRequestResponse(provisioning_server_url);
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
decryptor_.HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevelDefault,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
decryptor_.CloseSession(session_id_); decryptor_.CloseSession(session_id_);

139
libwvdrmengine/cdm/test/request_license_test.cpp
View File

@@ -2004,12 +2004,13 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
void Provision() { Provision(kDefaultCdmIdentifier, kLevelDefault); } void Provision() { Provision(kDefaultCdmIdentifier, kLevelDefault); }
void Provision(const CdmIdentifier& identifier, SecurityLevel level, void Provision(const CdmIdentifier& identifier,
SecurityLevel requested_security_level,
CdmProvisioningResponse* provisioning_response = nullptr) { CdmProvisioningResponse* provisioning_response = nullptr) {
TestWvCdmClientPropertySet property_set_L3; TestWvCdmClientPropertySet property_set_L3;
TestWvCdmClientPropertySet* property_set = nullptr; TestWvCdmClientPropertySet* property_set = nullptr;
if (kLevel3 == level) { if (kLevel3 == requested_security_level) {
property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3); property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);
property_set = &property_set_L3; property_set = &property_set_L3;
} }
@@ -2033,7 +2034,7 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
status = decryptor_->GetProvisioningRequest( status = decryptor_->GetProvisioningRequest(
cert_type, cert_authority, identifier, kEmptyServiceCertificate, cert_type, cert_authority, identifier, kEmptyServiceCertificate,
&key_msg_, &provisioning_server); requested_security_level, &key_msg_, &provisioning_server);
EXPECT_EQ(wvcdm::NO_ERROR, status); EXPECT_EQ(wvcdm::NO_ERROR, status);
if (NO_ERROR != status) return; if (NO_ERROR != status) return;
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
@@ -2042,8 +2043,10 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
GetCertRequestResponse(config_.provisioning_server()); GetCertRequestResponse(config_.provisioning_server());
if (provisioning_response != nullptr) *provisioning_response = response; if (provisioning_response != nullptr) *provisioning_response = response;
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( EXPECT_EQ(wvcdm::NO_ERROR,
identifier, response, &cert, &wrapped_key)); decryptor_->HandleProvisioningResponse(identifier, response,
requested_security_level,
&cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
decryptor_->CloseSession(session_id_); decryptor_->CloseSession(session_id_);
@@ -2151,14 +2154,15 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTest) {
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_->GetProvisioningRequest( decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg_, &provisioning_server)); kEmptyServiceCertificate, kLevelDefault, &key_msg_,
&provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
std::string response = GetCertRequestResponse(config_.provisioning_server()); std::string response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevelDefault,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
decryptor_->CloseSession(session_id_); decryptor_->CloseSession(session_id_);
@@ -2177,15 +2181,15 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTestWithServiceCertificate) {
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_->GetProvisioningRequest( decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
config_.provisioning_service_certificate(), &key_msg_, config_.provisioning_service_certificate(), kLevelDefault,
&provisioning_server)); &key_msg_, &provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
std::string response = GetCertRequestResponse(config_.provisioning_server()); std::string response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevelDefault,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
decryptor_->CloseSession(session_id_); decryptor_->CloseSession(session_id_);
@@ -2194,26 +2198,22 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTestWithServiceCertificate) {
TEST_F(WvCdmRequestLicenseTest, L3ProvisioningTest) { TEST_F(WvCdmRequestLicenseTest, L3ProvisioningTest) {
TestWvCdmClientPropertySet property_set_L3; TestWvCdmClientPropertySet property_set_L3;
property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3); property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);
CdmResponseType status =
decryptor_->OpenSession(config_.key_system(), &property_set_L3,
kDefaultCdmIdentifier, nullptr, &session_id_);
EXPECT_TRUE(status == NEED_PROVISIONING || status == NO_ERROR)
<< "Failure to open session. error: " << status;
std::string provisioning_server; std::string provisioning_server;
CdmCertificateType cert_type = kCertificateWidevine; CdmCertificateType cert_type = kCertificateWidevine;
std::string cert_authority, cert, wrapped_key; std::string cert_authority, cert, wrapped_key;
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(
decryptor_->GetProvisioningRequest( wvcdm::NO_ERROR,
cert_type, cert_authority, kDefaultCdmIdentifier, decryptor_->GetProvisioningRequest(
kEmptyServiceCertificate, &key_msg_, &provisioning_server)); cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, kLevel3, &key_msg_, &provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
std::string response = GetCertRequestResponse(config_.provisioning_server()); std::string response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_->HandleProvisioningResponse( decryptor_->HandleProvisioningResponse(
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); kDefaultCdmIdentifier, response, kLevel3, &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
decryptor_->CloseSession(session_id_); decryptor_->CloseSession(session_id_);
@@ -2295,22 +2295,24 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) {
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_->GetProvisioningRequest( decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg1, &provisioning_server)); kEmptyServiceCertificate, kLevelDefault, &key_msg1,
&provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_->GetProvisioningRequest( decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg2, &provisioning_server)); kEmptyServiceCertificate, kLevelDefault, &key_msg2,
&provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
// Second message should succeed. // Second message should succeed.
key_msg_ = key_msg2; key_msg_ = key_msg2;
std::string response = GetCertRequestResponse(config_.provisioning_server()); std::string response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevelDefault,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
@@ -2318,9 +2320,9 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) {
key_msg_ = key_msg1; key_msg_ = key_msg1;
response = GetCertRequestResponse(config_.provisioning_server()); response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevelDefault,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
decryptor_->CloseSession(session_id_); decryptor_->CloseSession(session_id_);
@@ -2338,22 +2340,24 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) {
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_->GetProvisioningRequest( decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg1, &provisioning_server)); kEmptyServiceCertificate, kLevelDefault, &key_msg1,
&provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_->GetProvisioningRequest( decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg2, &provisioning_server)); kEmptyServiceCertificate, kLevelDefault, &key_msg2,
&provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
// First request expected to fail, because only one message may be active. // First request expected to fail, because only one message may be active.
key_msg_ = key_msg1; key_msg_ = key_msg1;
std::string response = GetCertRequestResponse(config_.provisioning_server()); std::string response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(LOAD_PROVISIONING_ERROR, EXPECT_EQ(LOAD_PROVISIONING_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); kLevelDefault, &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
@@ -2361,9 +2365,9 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) {
key_msg_ = key_msg2; key_msg_ = key_msg2;
response = GetCertRequestResponse(config_.provisioning_server()); response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevelDefault,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &cert, &wrapped_key));
EXPECT_EQ(0, static_cast<int>(cert.size())); EXPECT_EQ(0, static_cast<int>(cert.size()));
EXPECT_EQ(0, static_cast<int>(wrapped_key.size())); EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
@@ -2382,14 +2386,15 @@ TEST_F(WvCdmRequestLicenseTest, DISABLED_X509ProvisioningTest) {
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_->GetProvisioningRequest( decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg_, &provisioning_server)); kEmptyServiceCertificate, kLevelDefault, &key_msg_,
&provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
std::string response = GetCertRequestResponse(config_.provisioning_server()); std::string response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevelDefault,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &cert, &wrapped_key));
EXPECT_NE(0, static_cast<int>(cert.size())); EXPECT_NE(0, static_cast<int>(cert.size()));
EXPECT_NE(0, static_cast<int>(wrapped_key.size())); EXPECT_NE(0, static_cast<int>(wrapped_key.size()));
decryptor_->CloseSession(session_id_); decryptor_->CloseSession(session_id_);
@@ -2472,17 +2477,17 @@ TEST_F(WvCdmRequestLicenseTest, PropertySetTest) {
std::string provisioning_server; std::string provisioning_server;
CdmCertificateType cert_type = kCertificateWidevine; CdmCertificateType cert_type = kCertificateWidevine;
std::string cert_authority, cert, wrapped_key; std::string cert_authority, cert, wrapped_key;
EXPECT_EQ(NO_ERROR, EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest(
decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier,
cert_type, cert_authority, kDefaultCdmIdentifier, kEmptyServiceCertificate, kLevel3, &key_msg_,
kEmptyServiceCertificate, &key_msg_, &provisioning_server)); &provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
std::string response = std::string response =
GetCertRequestResponse(config_.provisioning_server()); GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(NO_ERROR, EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevel3, &cert,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &wrapped_key));
EXPECT_EQ(NO_ERROR, decryptor_->OpenSession( EXPECT_EQ(NO_ERROR, decryptor_->OpenSession(
config_.key_system(), &property_set_L3, config_.key_system(), &property_set_L3,
kDefaultCdmIdentifier, nullptr, &session_id_L3)); kDefaultCdmIdentifier, nullptr, &session_id_L3));
@@ -2549,16 +2554,16 @@ TEST_F(WvCdmRequestLicenseTest, ForceL3Test) {
std::string provisioning_server; std::string provisioning_server;
CdmCertificateType cert_type = kCertificateWidevine; CdmCertificateType cert_type = kCertificateWidevine;
std::string cert_authority, cert, wrapped_key; std::string cert_authority, cert, wrapped_key;
EXPECT_EQ(NO_ERROR, EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest(
decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier,
cert_type, cert_authority, kDefaultCdmIdentifier, kEmptyServiceCertificate, kLevel3, &key_msg_,
kEmptyServiceCertificate, &key_msg_, &provisioning_server)); &provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
std::string response = GetCertRequestResponse(config_.provisioning_server()); std::string response = GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(NO_ERROR, EXPECT_EQ(NO_ERROR,
decryptor_->HandleProvisioningResponse( decryptor_->HandleProvisioningResponse(
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); kDefaultCdmIdentifier, response, kLevel3, &cert, &wrapped_key));
EXPECT_EQ(NO_ERROR, decryptor_->OpenSession( EXPECT_EQ(NO_ERROR, decryptor_->OpenSession(
config_.key_system(), &property_set, config_.key_system(), &property_set,
@@ -2812,17 +2817,17 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryL3OfflineKeyTest) {
std::string provisioning_server; std::string provisioning_server;
CdmCertificateType cert_type = kCertificateWidevine; CdmCertificateType cert_type = kCertificateWidevine;
std::string cert_authority, cert, wrapped_key; std::string cert_authority, cert, wrapped_key;
EXPECT_EQ(NO_ERROR, EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest(
decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier,
cert_type, cert_authority, kDefaultCdmIdentifier, kEmptyServiceCertificate, kLevel3, &key_msg_,
kEmptyServiceCertificate, &key_msg_, &provisioning_server)); &provisioning_server));
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
std::string response = std::string response =
GetCertRequestResponse(config_.provisioning_server()); GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(NO_ERROR, EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevel3, &cert,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &wrapped_key));
EXPECT_EQ(NO_ERROR, decryptor_->OpenSession( EXPECT_EQ(NO_ERROR, decryptor_->OpenSession(
config_.key_system(), &property_set, config_.key_system(), &property_set,
kDefaultCdmIdentifier, nullptr, &session_id_)); kDefaultCdmIdentifier, nullptr, &session_id_));
@@ -2890,15 +2895,15 @@ TEST_F(WvCdmRequestLicenseTest,
std::string cert_authority, cert, wrapped_key; std::string cert_authority, cert, wrapped_key;
EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest( EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &key_msg_, kEmptyServiceCertificate, kLevel3, &key_msg_,
&provisioning_server_url)); &provisioning_server_url));
EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl); EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl);
std::string response = std::string response =
GetCertRequestResponse(config_.provisioning_server()); GetCertRequestResponse(config_.provisioning_server());
EXPECT_NE(0, static_cast<int>(response.size())); EXPECT_NE(0, static_cast<int>(response.size()));
EXPECT_EQ(NO_ERROR, EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse(
decryptor_->HandleProvisioningResponse( kDefaultCdmIdentifier, response, kLevel3, &cert,
kDefaultCdmIdentifier, response, &cert, &wrapped_key)); &wrapped_key));
EXPECT_EQ(NO_ERROR, decryptor_->OpenSession( EXPECT_EQ(NO_ERROR, decryptor_->OpenSession(
config_.key_system(), &property_set, config_.key_system(), &property_set,
kDefaultCdmIdentifier, nullptr, &session_id_)); kDefaultCdmIdentifier, nullptr, &session_id_));

3
libwvdrmengine/cdm/test/wv_cdm_metrics_test.cpp
View File

@@ -58,7 +58,8 @@ TEST_F(WvContentDecryptionModuleMetricsTest, EngineOnlyMetrics) {
EXPECT_EQ(wvcdm::NO_ERROR, EXPECT_EQ(wvcdm::NO_ERROR,
decryptor_.GetProvisioningRequest( decryptor_.GetProvisioningRequest(
cert_type, cert_authority, kDefaultCdmIdentifier, cert_type, cert_authority, kDefaultCdmIdentifier,
kEmptyServiceCertificate, &request, &provisioning_server_url)); kEmptyServiceCertificate, kLevelDefault, &request,
&provisioning_server_url));
drm_metrics::WvCdmMetrics metrics; drm_metrics::WvCdmMetrics metrics;
ASSERT_EQ(wvcdm::NO_ERROR, ASSERT_EQ(wvcdm::NO_ERROR,

2
libwvdrmengine/mediadrm/include_hidl/WVDrmPlugin.h
View File

@@ -453,6 +453,8 @@ struct WVDrmPlugin : public IDrmPlugin, IDrmPluginListener,
SecurityLevel mapSecurityLevel(const std::string& level); SecurityLevel mapSecurityLevel(const std::string& level);
wvcdm::SecurityLevel getRequestedSecurityLevel() const;
Status openSessionCommon(std::vector<uint8_t>& sessionId); Status openSessionCommon(std::vector<uint8_t>& sessionId);
bool initDataResemblesPSSH(const std::vector<uint8_t>& initData); bool initDataResemblesPSSH(const std::vector<uint8_t>& initData);

22
libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
View File

@@ -371,10 +371,15 @@ status_t WVDrmPlugin::getProvisionRequest(const String8& cert_type,
string cdmCertAuthority = cert_authority.string(); string cdmCertAuthority = cert_authority.string();
wvcdm::SecurityLevel requested_security_level =
mPropertySet.security_level().compare(QUERY_VALUE_SECURITY_LEVEL_L3) == 0
? kLevel3
: kLevelDefault;
CdmResponseType res = mCDM->GetProvisioningRequest( CdmResponseType res = mCDM->GetProvisioningRequest(
cdmCertType, cdmCertAuthority, mCdmIdentifier, cdmCertType, cdmCertAuthority, mCdmIdentifier,
mProvisioningServiceCertificate, &cdmProvisionRequest, mProvisioningServiceCertificate, requested_security_level,
&cdmDefaultUrl); &cdmProvisionRequest, &cdmDefaultUrl);
if (isCdmResponseTypeSuccess(res)) { if (isCdmResponseTypeSuccess(res)) {
request = ToVector(cdmProvisionRequest); request = ToVector(cdmProvisionRequest);
@@ -401,10 +406,15 @@ status_t WVDrmPlugin::provideProvisionResponse(
} else { } else {
string cdmCertificate; string cdmCertificate;
string cdmWrappedKey; string cdmWrappedKey;
CdmResponseType res = mCDM->HandleProvisioningResponse(mCdmIdentifier, wvcdm::SecurityLevel requested_security_level =
cdmResponse, mPropertySet.security_level()
&cdmCertificate, .compare(QUERY_VALUE_SECURITY_LEVEL_L3) == 0
&cdmWrappedKey); ? kLevel3
: kLevelDefault;
CdmResponseType res =
mCDM->HandleProvisioningResponse(mCdmIdentifier, cdmResponse,
requested_security_level,
&cdmCertificate, &cdmWrappedKey);
if (isCdmResponseTypeSuccess(res)) { if (isCdmResponseTypeSuccess(res)) {
certificate = ToVector(cdmCertificate); certificate = ToVector(cdmCertificate);
wrapped_key = ToVector(cdmWrappedKey); wrapped_key = ToVector(cdmWrappedKey);

20
libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
View File

@@ -719,7 +719,8 @@ Return<void> WVDrmPlugin::getProvisionRequest_1_2(
CdmResponseType res = mCDM->GetProvisioningRequest( CdmResponseType res = mCDM->GetProvisioningRequest(
cdmCertType, cdmCertAuthority, identifier, cdmCertType, cdmCertAuthority, identifier,
mProvisioningServiceCertificate, &cdmProvisionRequest, &cdmDefaultUrl); mProvisioningServiceCertificate, getRequestedSecurityLevel(),
&cdmProvisionRequest, &cdmDefaultUrl);
if (isCdmResponseTypeSuccess(res)) { if (isCdmResponseTypeSuccess(res)) {
request = StrToVector(cdmProvisionRequest); request = StrToVector(cdmProvisionRequest);
defaultUrl.clear(); defaultUrl.clear();
@@ -765,7 +766,8 @@ Return<void> WVDrmPlugin::provideProvisionResponse(
std::string cdmCertificate; std::string cdmCertificate;
std::string cdmWrappedKey; std::string cdmWrappedKey;
CdmResponseType res = mCDM->HandleProvisioningResponse( CdmResponseType res = mCDM->HandleProvisioningResponse(
identifier, cdmResponse, &cdmCertificate, &cdmWrappedKey); identifier, cdmResponse, getRequestedSecurityLevel(), &cdmCertificate,
&cdmWrappedKey);
if (isCdmResponseTypeSuccess(res)) { if (isCdmResponseTypeSuccess(res)) {
certificate = StrToVector(cdmCertificate); certificate = StrToVector(cdmCertificate);
wrappedKey = StrToVector(cdmWrappedKey); wrappedKey = StrToVector(cdmWrappedKey);
@@ -1951,12 +1953,7 @@ void WVDrmPlugin::OnSessionLostState(const CdmSessionId& cdmSessionId) {
Status WVDrmPlugin::queryProperty(const std::string& property, Status WVDrmPlugin::queryProperty(const std::string& property,
std::string& stringValue) const { std::string& stringValue) const {
wvcdm::SecurityLevel securityLevel = return queryProperty(getRequestedSecurityLevel(), property, stringValue);
mPropertySet.security_level().compare(
wvcdm::QUERY_VALUE_SECURITY_LEVEL_L3) == 0
? wvcdm::kLevel3
: wvcdm::kLevelDefault;
return queryProperty(securityLevel, property, stringValue);
} }
Status WVDrmPlugin::queryProperty(wvcdm::SecurityLevel securityLevel, Status WVDrmPlugin::queryProperty(wvcdm::SecurityLevel securityLevel,
@@ -2047,6 +2044,13 @@ Status WVDrmPlugin::mapOEMCryptoResult(OEMCryptoResult res) {
} }
} }
wvcdm::SecurityLevel WVDrmPlugin::getRequestedSecurityLevel() const {
return mPropertySet.security_level().compare(
wvcdm::QUERY_VALUE_SECURITY_LEVEL_L3) == 0
? wvcdm::kLevel3
: wvcdm::kLevelDefault;
}
bool WVDrmPlugin::initDataResemblesPSSH(const std::vector<uint8_t>& initData) { bool WVDrmPlugin::initDataResemblesPSSH(const std::vector<uint8_t>& initData) {
const uint8_t* const initDataArray = initData.data(); const uint8_t* const initDataArray = initData.data();

114
libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp
View File

@@ -7,25 +7,26 @@
#define LOG_TAG "WVDrmPluginTest" #define LOG_TAG "WVDrmPluginTest"
#include <utils/Log.h> #include <utils/Log.h>
#include <stdio.h>
#include <ostream>
#include <string>
#include <list> #include <list>
#include <ostream>
#include <stdio.h>
#include <string>
#include <vector> #include <vector>
#include "cdm_client_property_set.h"
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "media/stagefright/foundation/ABase.h"
#include "media/stagefright/MediaErrors.h"
#include "string_conversions.h"
#include "wv_cdm_constants.h"
#include "wv_cdm_types.h"
#include "wv_content_decryption_module.h"
#include "HidlTypes.h" #include "HidlTypes.h"
#include "TypeConvert.h" #include "TypeConvert.h"
#include "WVDrmPlugin.h" #include "WVDrmPlugin.h"
#include "WVErrors.h" #include "WVErrors.h"
#include "cdm_client_property_set.h"
#include "media/stagefright/MediaErrors.h"
#include "media/stagefright/foundation/ABase.h"
#include "string_conversions.h"
#include "wv_cdm_constants.h"
#include "wv_cdm_types.h"
#include "wv_content_decryption_module.h"
namespace wvdrm { namespace wvdrm {
namespace hardware { namespace hardware {
@@ -174,16 +175,17 @@ class MockCDM : public WvContentDecryptionModule {
MOCK_METHOD2(QueryOemCryptoSessionId, CdmResponseType(const CdmSessionId&, MOCK_METHOD2(QueryOemCryptoSessionId, CdmResponseType(const CdmSessionId&,
CdmQueryMap*)); CdmQueryMap*));
MOCK_METHOD6(GetProvisioningRequest, CdmResponseType(CdmCertificateType, MOCK_METHOD7(GetProvisioningRequest, CdmResponseType(CdmCertificateType,
const std::string&, const std::string&,
const CdmIdentifier&, const CdmIdentifier&,
const std::string&, const std::string&,
wvcdm::SecurityLevel,
CdmProvisioningRequest*, CdmProvisioningRequest*,
std::string*)); std::string*));
MOCK_METHOD4(HandleProvisioningResponse, MOCK_METHOD5(HandleProvisioningResponse,
CdmResponseType(const CdmIdentifier&, CdmProvisioningResponse&, CdmResponseType(const CdmIdentifier&, CdmProvisioningResponse&,
std::string*, std::string*)); wvcdm::SecurityLevel, std::string*, std::string*));
MOCK_METHOD2(Unprovision, CdmResponseType(CdmSecurityLevel, MOCK_METHOD2(Unprovision, CdmResponseType(CdmSecurityLevel,
const CdmIdentifier&)); const CdmIdentifier&));
@@ -838,13 +840,27 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) {
static const char* kDefaultUrl = "http://google.com/"; static const char* kDefaultUrl = "http://google.com/";
EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(), EXPECT_CALL(*cdm, QueryStatus(_, QUERY_KEY_SECURITY_LEVEL, _))
HasOrigin(EMPTY_ORIGIN), IsEmpty(), .WillOnce(DoAll(SetArgPointee<2>(QUERY_VALUE_SECURITY_LEVEL_L1),
_, _))
.WillOnce(DoAll(SetArgPointee<4>(cdmRequest),
SetArgPointee<5>(kDefaultUrl),
testing::Return(wvcdm::NO_ERROR))); testing::Return(wvcdm::NO_ERROR)));
// The first and the third invocation should be at default security level,
// while the second one should be L3
EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(),
HasOrigin(EMPTY_ORIGIN), IsEmpty(),
wvcdm::kLevelDefault, _, _))
.Times(2)
.WillRepeatedly(DoAll(SetArgPointee<5>(cdmRequest),
SetArgPointee<6>(kDefaultUrl),
testing::Return(wvcdm::NO_ERROR)));
EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(),
HasOrigin(EMPTY_ORIGIN), IsEmpty(),
wvcdm::kLevel3, _, _))
.WillOnce(DoAll(SetArgPointee<5>(cdmRequest),
SetArgPointee<6>(kDefaultUrl),
testing::Return(wvcdm::NO_ERROR)));
// Make 3 provisioning requests at security level default then L3 then L1
WVDrmPlugin plugin(cdm.get(), appPackageName, &crypto, false); WVDrmPlugin plugin(cdm.get(), appPackageName, &crypto, false);
plugin.getProvisionRequest( plugin.getProvisionRequest(
hidl_string(""), hidl_string(""), hidl_string(""), hidl_string(""),
@@ -855,6 +871,34 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) {
EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize)); EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize));
EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str()); EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str());
}); });
// Set L3 security level
Status status = plugin.setPropertyString(hidl_string("securityLevel"),
hidl_string("L3"));
ASSERT_EQ(Status::OK, status);
plugin.getProvisionRequest(
hidl_string(""), hidl_string(""),
[&](Status status, hidl_vec<uint8_t> hRequest, hidl_string defaultUrl) {
ASSERT_EQ(Status::OK, status);
std::vector<uint8_t> request(hRequest);
EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize));
EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str());
});
// Reset security level to L1
status = plugin.setPropertyString(hidl_string("securityLevel"),
hidl_string("L1"));
ASSERT_EQ(Status::OK, status);
plugin.getProvisionRequest(
hidl_string(""), hidl_string(""),
[&](Status status, hidl_vec<uint8_t> hRequest, hidl_string defaultUrl) {
ASSERT_EQ(Status::OK, status);
std::vector<uint8_t> request(hRequest);
EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize));
EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str());
});
} }
TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) { TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
@@ -871,15 +915,27 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
std::vector<uint8_t> response; std::vector<uint8_t> response;
response.assign(responseRaw, responseRaw + kResponseSize); response.assign(responseRaw, responseRaw + kResponseSize);
EXPECT_CALL(*cdm, QueryStatus(_, QUERY_KEY_SECURITY_LEVEL, _))
.WillOnce(DoAll(SetArgPointee<2>(QUERY_VALUE_SECURITY_LEVEL_L1),
testing::Return(wvcdm::NO_ERROR)));
// The first and the third invocation should be at default security level,
// while the second one should be L3
EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN), EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN),
ElementsAreArray(responseRaw, ElementsAreArray(responseRaw,
kResponseSize), kResponseSize),
_, _)) wvcdm::kLevelDefault, _, _))
.Times(2);
EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN),
ElementsAreArray(responseRaw,
kResponseSize),
wvcdm::kLevel3, _, _))
.Times(1); .Times(1);
std::vector<uint8_t> cert; std::vector<uint8_t> cert;
std::vector<uint8_t> key; std::vector<uint8_t> key;
// Process 3 provisioning responses at security level default then L3 then L1
WVDrmPlugin plugin(cdm.get(), appPackageName, &crypto, false); WVDrmPlugin plugin(cdm.get(), appPackageName, &crypto, false);
plugin.provideProvisionResponse( plugin.provideProvisionResponse(
toHidlVec(response), toHidlVec(response),
@@ -887,6 +943,26 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
hidl_vec<uint8_t> /* key */) { hidl_vec<uint8_t> /* key */) {
ASSERT_EQ(Status::OK, status); ASSERT_EQ(Status::OK, status);
}); });
// Set L3 security level
Status status = plugin.setPropertyString(hidl_string("securityLevel"),
hidl_string("L3"));
plugin.provideProvisionResponse(
toHidlVec(response),
[&](Status status, hidl_vec<uint8_t> /* cert */,
hidl_vec<uint8_t> /* key */) {
ASSERT_EQ(Status::OK, status);
});
// Reset security level to L1
status = plugin.setPropertyString(hidl_string("securityLevel"),
hidl_string("L1"));
plugin.provideProvisionResponse(
toHidlVec(response),
[&](Status status, hidl_vec<uint8_t> /* cert */,
hidl_vec<uint8_t> /* key */) {
ASSERT_EQ(Status::OK, status);
});
} }
TEST_F(WVDrmPluginTest, UnprovisionsDevice) { TEST_F(WVDrmPluginTest, UnprovisionsDevice) {

27
libwvdrmengine/mediadrm/test/legacy_src/WVDrmPlugin_test.cpp
View File

@@ -4,23 +4,23 @@
// License Agreement. // License Agreement.
// //
#include <ostream>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <ostream>
#include <string> #include <string>
#include "WVDrmPlugin.h"
#include "WVErrors.h"
#include "cdm_client_property_set.h" #include "cdm_client_property_set.h"
#include "gmock/gmock.h" #include "media/stagefright/MediaErrors.h"
#include "gtest/gtest.h"
#include "media/stagefright/foundation/ABase.h" #include "media/stagefright/foundation/ABase.h"
#include "media/stagefright/foundation/AString.h" #include "media/stagefright/foundation/AString.h"
#include "media/stagefright/MediaErrors.h"
#include "string_conversions.h" #include "string_conversions.h"
#include "wv_cdm_constants.h" #include "wv_cdm_constants.h"
#include "wv_cdm_types.h" #include "wv_cdm_types.h"
#include "wv_content_decryption_module.h" #include "wv_content_decryption_module.h"
#include "WVDrmPlugin.h" #include "gmock/gmock.h"
#include "WVErrors.h" #include "gtest/gtest.h"
using namespace android; using namespace android;
using namespace std; using namespace std;
@@ -85,16 +85,17 @@ class MockCDM : public WvContentDecryptionModule {
MOCK_METHOD2(QueryOemCryptoSessionId, CdmResponseType(const CdmSessionId&, MOCK_METHOD2(QueryOemCryptoSessionId, CdmResponseType(const CdmSessionId&,
CdmQueryMap*)); CdmQueryMap*));
MOCK_METHOD6(GetProvisioningRequest, CdmResponseType(CdmCertificateType, MOCK_METHOD7(GetProvisioningRequest, CdmResponseType(CdmCertificateType,
const std::string&, const std::string&,
const CdmIdentifier&, const CdmIdentifier&,
const std::string&, const std::string&,
SecurityLevel,
CdmProvisioningRequest*, CdmProvisioningRequest*,
std::string*)); std::string*));
MOCK_METHOD4(HandleProvisioningResponse, MOCK_METHOD5(HandleProvisioningResponse,
CdmResponseType(const CdmIdentifier&, CdmProvisioningResponse&, CdmResponseType(const CdmIdentifier&, CdmProvisioningResponse&,
std::string*, std::string*)); SecurityLevel, std::string*, std::string*));
MOCK_METHOD2(Unprovision, CdmResponseType(CdmSecurityLevel, MOCK_METHOD2(Unprovision, CdmResponseType(CdmSecurityLevel,
const CdmIdentifier&)); const CdmIdentifier&));
@@ -607,9 +608,9 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) {
EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(), EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(),
HasOrigin(EMPTY_ORIGIN), IsEmpty(), HasOrigin(EMPTY_ORIGIN), IsEmpty(),
_, _)) wvcdm::kLevelDefault, _, _))
.WillOnce(DoAll(SetArgPointee<4>(cdmRequest), .WillOnce(DoAll(SetArgPointee<5>(cdmRequest),
SetArgPointee<5>(kDefaultUrl), SetArgPointee<6>(kDefaultUrl),
Return(wvcdm::NO_ERROR))); Return(wvcdm::NO_ERROR)));
Vector<uint8_t> request; Vector<uint8_t> request;
@@ -640,7 +641,7 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN), EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN),
ElementsAreArray(responseRaw, ElementsAreArray(responseRaw,
kResponseSize), kResponseSize),
_, _)) wvcdm::kLevelDefault, _, _))
.Times(1); .Times(1);
Vector<uint8_t> cert; Vector<uint8_t> cert;