Add basic handling for entitlement keys in a license.

Merge from Widevine repo of http://go/wvgerrit/41834 Key rotation is not yet supported. The key statuses are updated from a license. The mechanism expects content keys tro come in a license. For entitlement licenses, the content keys come in the init_data. This code does not yet support the key rotation event. (A new pssh with wrapped keys is a passed to the cdm) The policy engine/key status mechanism needs to be updated to handle updated from the init_data. For now, the cdm builds a license with a key container with the content keys and used that to call PolicyEngine::SetLicense to setup the policy engine and key statuses. Bug: 64003606 Bug: 70334840 Test: In child CL Change-Id: Ibf46a18f5321cab4ff6f1778ba30527942c8021f
2018-01-25 15:31:49 -08:00
parent 8251aab9f6
commit 9ae7489938
22 changed files with 749 additions and 376 deletions
--- a/libwvdrmengine/cdm/core/include/crypto_session.h
+++ b/libwvdrmengine/cdm/core/include/crypto_session.h
@@ -12,7 +12,6 @@
 #include "lock.h"
 #include "metrics_collections.h"
 #include "oemcrypto_adapter.h"
-#include "OEMCryptoCENC.h"
 #include "scoped_ptr.h"
 #include "timer_metric.h"
 #include "wv_cdm_types.h"
@@ -77,13 +76,15 @@ class CryptoSession {
                              bool is_provisioning, std::string* signature);
  virtual bool PrepareRenewalRequest(const std::string& message,
                                     std::string* signature);
-  virtual CdmResponseType LoadKeys(const std::string& message,
-                                   const std::string& signature,
-                                   const std::string& mac_key_iv,
-                                   const std::string& mac_key,
-                                   const std::vector<CryptoKey>& key_array,
-                                   const std::string& provider_session_token,
-                                   const std::string& srm_requirement);
+  virtual CdmResponseType LoadKeys(
+      const std::string& message, const std::string& signature,
+      const std::string& mac_key_iv, const std::string& mac_key,
+      const std::vector<CryptoKey>& key_array,
+      const std::string& provider_session_token,
+      const std::string& srm_requirement,
+      CdmLicenseKeyType key_type);
+  virtual CdmResponseType LoadEntitledContentKeys(
+      const std::vector<CryptoKey>& key_array);
  virtual bool LoadCertificatePrivateKey(std::string& wrapped_key);
  virtual bool RefreshKeys(const std::string& message,
                           const std::string& signature, int num_keys,
@@ -169,19 +170,17 @@ class CryptoSession {
  virtual CdmResponseType LoadUsageEntry(uint32_t entry_number,
                                         const CdmUsageEntry& usage_entry);
  virtual CdmResponseType UpdateUsageEntry(
-      CdmUsageTableHeader* usage_table_header,
-      CdmUsageEntry* usage_entry);
+      CdmUsageTableHeader* usage_table_header, CdmUsageEntry* usage_entry);
  virtual CdmResponseType ShrinkUsageTableHeader(
      uint32_t new_entry_count, CdmUsageTableHeader* usage_table_header);
  virtual CdmResponseType MoveUsageEntry(uint32_t new_entry_number);
-  virtual bool CreateOldUsageEntry(
-      uint64_t time_since_license_received,
-      uint64_t time_since_first_decrypt,
-      uint64_t time_since_last_decrypt,
-      UsageDurationStatus status,
-      const std::string& server_mac_key,
-      const std::string& client_mac_key,
-      const std::string& provider_session_token);
+  virtual bool CreateOldUsageEntry(uint64_t time_since_license_received,
+                                   uint64_t time_since_first_decrypt,
+                                   uint64_t time_since_last_decrypt,
+                                   UsageDurationStatus status,
+                                   const std::string& server_mac_key,
+                                   const std::string& client_mac_key,
+                                   const std::string& provider_session_token);
  virtual CdmResponseType CopyOldUsageEntry(
      const std::string& provider_session_token);
  virtual metrics::CryptoMetrics* GetCryptoMetrics() { return metrics_; }
@@ -209,15 +208,19 @@ class CryptoSession {

  bool SetDestinationBufferType();

-  bool RewrapDeviceRSAKey(
-      const std::string& message, const std::string& signature,
-      const std::string& nonce, const std::string& enc_rsa_key,
-      const std::string& rsa_key_iv, std::string* wrapped_rsa_key);
+  bool RewrapDeviceRSAKey(const std::string& message,
+                          const std::string& signature,
+                          const std::string& nonce,
+                          const std::string& enc_rsa_key,
+                          const std::string& rsa_key_iv,
+                          std::string* wrapped_rsa_key);

-  bool RewrapDeviceRSAKey30(
-      const std::string& message, const std::string& nonce,
-      const std::string& private_key, const std::string& iv,
-      const std::string& wrapping_key, std::string* wrapped_private_key);
+  bool RewrapDeviceRSAKey30(const std::string& message,
+                            const std::string& nonce,
+                            const std::string& private_key,
+                            const std::string& iv,
+                            const std::string& wrapping_key,
+                            std::string* wrapped_private_key);

  CdmResponseType SelectKey(const std::string& key_id,
                            CdmCipherMode cipher_mode);