Provisioning 3.0: Changes to Provisioning and Service Certs.

[ Merge of http://go/wvgerrit/23360 ]

Service Certificates are used in two places, provisioning and
licensing. The service certificate code depended on a session_id
to get and set the service certificate properties, but the session_id
was not available in the provisioning path.

This patch pulls out the property lookup by session_id dependency,
and passes the CdmImpl's property_set into the provisioning code, so
the service certificate can be read and written there.

Bug: 62972441

Test: WV unit/integration tests. This introduces three test failures
  * WvCdmRequestLicenseTest.PrivacyModeWithServiceCertificateTest
  * Cdm/WvCdmStreamingLicenseRenewalTest.WithClientId/4
  * Cdm/WvCdmOfflineLicenseReleaseTest.WithClientId/3

Change-Id: I6e9d4e23a9e7e81a63a994db8ec0b443893449a6

libwvdrmengine/cdm/core/include/cdm_client_property_set.h

@@ -17,10 +17,6 @@ class CdmClientPropertySet {
   virtual bool use_privacy_mode() const = 0;
   virtual const std::string& service_certificate() const = 0;
   virtual void set_service_certificate(const std::string& cert) = 0;
-  virtual const std::string& device_provisioning_service_certificate() const
-      = 0;
-  virtual void set_device_provisioning_service_certificate(
-      const std::string& cert) = 0;
   virtual bool is_session_sharing_enabled() const = 0;
   virtual uint32_t session_sharing_id() const = 0;
   virtual void set_session_sharing_id(uint32_t id) = 0;

libwvdrmengine/cdm/core/include/cdm_engine.h

@@ -16,6 +16,7 @@
 #include "oemcrypto_adapter.h"
 #include "scoped_ptr.h"
 #include "timer_metric.h"
+#include "service_certificate.h"
 #include "wv_cdm_constants.h"
 #include "wv_cdm_types.h"
 
@@ -38,21 +39,31 @@ class CdmEngine {
   CdmEngine(FileSystem* file_system, const std::string& spoid = EMPTY_SPOID);
   virtual ~CdmEngine();
 
+  // Set service certificate for all sessions under this CDM/CdmEngine.
+  // Setting to the empty string is OK. If the License Service certificate is
+  // empty and privacy mode is true, the certificate will be fetched from
+  // the server before the first license request.
+  virtual CdmResponseType SetServiceCertificate(
+      const std::string& certificate);
+
   // Session related methods
-  virtual CdmResponseType OpenSession(const CdmKeySystem& key_system,
-                                      CdmClientPropertySet* property_set,
-                                      const CdmSessionId& forced_session_id,
-                                      WvCdmEventListener* event_listener);
-  virtual CdmResponseType OpenSession(const CdmKeySystem& key_system,
-                                      CdmClientPropertySet* property_set,
-                                      WvCdmEventListener* event_listener,
-                                      CdmSessionId* session_id);
+  virtual CdmResponseType OpenSession(
+      const CdmKeySystem& key_system, CdmClientPropertySet* property_set,
+      const CdmSessionId& forced_session_id,
+      WvCdmEventListener* event_listener);
+
+  virtual CdmResponseType OpenSession(
+      const CdmKeySystem& key_system, CdmClientPropertySet* property_set,
+      WvCdmEventListener* event_listener, CdmSessionId* session_id);
+
   virtual CdmResponseType CloseSession(const CdmSessionId& session_id);
+
   virtual bool IsOpenSession(const CdmSessionId& session_id);
 
-  virtual CdmResponseType OpenKeySetSession(const CdmKeySetId& key_set_id,
-                                            CdmClientPropertySet* property_set,
-                                            WvCdmEventListener* event_listener);
+  virtual CdmResponseType OpenKeySetSession(
+      const CdmKeySetId& key_set_id, CdmClientPropertySet* property_set,
+      WvCdmEventListener* event_listener);
+
   virtual CdmResponseType CloseKeySetSession(const CdmKeySetId& key_set_id);
 
   // License related methods
@@ -249,11 +260,10 @@ class CdmEngine {
 
  private:
   // private methods
-  CdmResponseType OpenSession(const CdmKeySystem& key_system,
-                              CdmClientPropertySet* property_set,
-                              WvCdmEventListener* event_listener,
-                              const CdmSessionId* forced_session_id,
-                              CdmSessionId* session_id);
+  CdmResponseType OpenSession(
+      const CdmKeySystem& key_system, CdmClientPropertySet* property_set,
+      WvCdmEventListener* event_listener, const CdmSessionId* forced_session_id,
+      CdmSessionId* session_id);
 
   void DeleteAllUsageReportsUponFactoryReset();
   bool ValidateKeySystem(const CdmKeySystem& key_system);
@@ -290,6 +300,12 @@ class CdmEngine {
 
   static bool seeded_;
 
+  // Service certificate for license server and provisioning server.
+  // It is initially empty.  If left empty, the operations that
+  // require them (getting provider_id, encrypting ClientIdentification)
+  // are not performed.
+  ServiceCertificate service_certificate_;
+
   // usage related variables
   scoped_ptr<CdmSession> usage_session_;
   scoped_ptr<UsagePropertySet> usage_property_set_;

libwvdrmengine/cdm/core/include/cdm_session.h

@@ -22,6 +22,7 @@
 namespace wvcdm {
 
 class CdmClientPropertySet;
+class ServiceCertificate;
 class WvCdmEventListener;
 class UsageTableHeader;
 
@@ -45,7 +46,8 @@ class CdmSession {
   // |forced_session_id| is caller owned and may be null.
   // |event_listener| is caller owned, may be null, but must be in scope
   //     as long as the session is in scope.
-  virtual CdmResponseType Init(CdmClientPropertySet* cdm_client_property_set,
+  virtual CdmResponseType Init(ServiceCertificate* service_certificate,
+                               CdmClientPropertySet* cdm_client_property_set,
                                const CdmSessionId* forced_session_id,
                                WvCdmEventListener* event_listener);
 

libwvdrmengine/cdm/core/include/certificate_provisioning.h

@@ -7,31 +7,37 @@
 
 #include "crypto_session.h"
 #include "metrics_collections.h"
+#include "license_protocol.pb.h"
 #include "oemcrypto_adapter.h"
-#include "service_certificate.h"
+#include "scoped_ptr.h"
 #include "wv_cdm_types.h"
 
 namespace wvcdm {
 
+class CdmClientPropertySet;
 class CdmSession;
 class FileSystem;
+class ServiceCertificate;
 
 class CertificateProvisioning {
  public:
-  CertificateProvisioning(metrics::CryptoMetrics* metrics) :
+  explicit CertificateProvisioning(metrics::CryptoMetrics* metrics,
+                                   ServiceCertificate* service_certificate) :
       crypto_session_(metrics),
       cert_type_(kCertificateWidevine),
-      service_certificate_(NULL) {};
+      service_certificate_(service_certificate) {}
+
   ~CertificateProvisioning() {};
 
-  // Provisioning related methods
-  CdmResponseType GetProvisioningRequest(SecurityLevel requested_security_level,
-                                         CdmCertificateType cert_type,
-                                         const std::string& cert_authority,
-                                         const std::string& origin,
-                                         const std::string& spoid,
-                                         CdmProvisioningRequest* request,
-                                         std::string* default_url);
+  // Construct a valid provisioning request.
+  // The request will be sent to the provisioning server.
+  CdmResponseType GetProvisioningRequest(
+      SecurityLevel requested_security_level, CdmCertificateType cert_type,
+      const std::string& cert_authority, const std::string& origin,
+      const std::string& spoid, CdmProvisioningRequest* request,
+      std::string* default_url);
+
+  // Process the provisioning response.
   CdmResponseType HandleProvisioningResponse(
       FileSystem* file_system,
       const CdmProvisioningResponse& response,
@@ -53,6 +59,7 @@ class CertificateProvisioning {
   bool ParseJsonResponse(const CdmProvisioningResponse& json_str,
                          const std::string& start_substr,
                          const std::string& end_substr, std::string* result);
+
   CryptoSession crypto_session_;
   CdmCertificateType cert_type_;
   ServiceCertificate* service_certificate_;

libwvdrmengine/cdm/core/include/license.h

@@ -8,7 +8,6 @@
 #include "initialization_data.h"
 #include "license_protocol.pb.h"
 #include "scoped_ptr.h"
-#include "service_certificate.h"
 #include "wv_cdm_types.h"
 
 namespace video_widevine {
@@ -22,6 +21,7 @@ class Clock;
 class CryptoSession;
 class PolicyEngine;
 class CdmSession;
+class ServiceCertificate;
 
 class CdmLicense {
  public:
@@ -29,8 +29,9 @@ class CdmLicense {
   virtual ~CdmLicense();
 
   virtual bool Init(
-      const std::string& client_token, CdmClientTokenType client_token_type,
-      CryptoSession* session, PolicyEngine* policy_engine);
+      ServiceCertificate* service_certificate, const std::string& client_token,
+      CdmClientTokenType client_token_type, CryptoSession* session,
+      PolicyEngine* policy_engine);
 
   virtual CdmResponseType PrepareKeyRequest(
       const InitializationData& init_data, CdmLicenseType license_type,
@@ -103,7 +104,7 @@ class CdmLicense {
   bool is_offline_;
 
   // Used to encrypt ClientIdentification message
-  scoped_ptr<ServiceCertificate> service_certificate_;
+  ServiceCertificate* service_certificate_;
 
   // Used for certificate based licensing
   CdmKeyMessage key_request_;

libwvdrmengine/cdm/core/include/service_certificate.h

@@ -5,12 +5,11 @@
 
 // Service Certificates are used to encrypt the ClientIdentification message
 // that is part of Device Provisioning, License, Renewal, and Release requests.
-// They may be supplied by the application, or a default certificate may be
-// configured into the CDM, or the CDM may send a Service Certificate Request
-// to the target server to get one. Separate certificates are maintained for
-// the License and Provisioning Servers (the default service certificates
-// are currently identical for both servers). Once the Service Certificates are
-// established for the session, they should not change.
+// It also supplies a provider_id setting used in device provisioning.
+// Service Certificates are typically supplied by the application. If one
+// is not supplied and privacy mode is enabled, the CDM will send a Service
+// Certificate Request to the target server to get one. Once the Service
+// Certificate is established for the session, it should not change.
 
 #include "license_protocol.pb.h"
 #include "wv_cdm_types.h"
@@ -26,51 +25,56 @@ class CryptoSession;
 
 class ServiceCertificate {
  public:
-  ServiceCertificate();
-  virtual ~ServiceCertificate();
+  ServiceCertificate() {}
+  virtual ~ServiceCertificate() {}
 
-  virtual bool Init(const CdmSessionId& session_id, CryptoSession* session);
+  // Set up a new service certificate.
+  // Accept a serialized video_widevine::SignedDrmDeviceCertificate message.
+  virtual CdmResponseType Init(const std::string& signed_certificate);
 
-  virtual bool IsRequired();
-  virtual bool IsAvailable();
-  virtual bool PrepareServiceCertificateRequest(CdmKeyMessage* signed_request);
+  // Initialize the service certificate.
+  // Set the certificate with no certificate and provider ID.
+  virtual void Clear();
 
-  virtual CdmResponseType VerifyAndSet(
-      const std::string& signed_service_certificate);
+  // Current state of certificate.
+  // If !HasCertificate() and privacy mode is enabled, then should call
+  // PrepareRequest() and pass the request to the license server.
+  virtual bool HasCertificate() { return !certificate_.empty(); }
+  virtual bool HasProviderId() { return !provider_id_.empty(); }
+  virtual const std::string& provider_id() { return provider_id_; }
 
+  // Encrypt the ClientIdentification message for a provisioning or
+  // licensing request.  Encryption is performed using the current
+  // service certificate.  Return a failure if the service certificate is
+  // not present, not valid, or if some other error occurs.
+  // The routine should not be called if privacy mode is off or if the
+  // certificate is empty.
   virtual CdmResponseType EncryptClientId(
+      CryptoSession* crypto_session,
       const video_widevine::ClientIdentification* clear_client_id,
       video_widevine::EncryptedClientIdentification* encrypted_client_id);
 
-  static CdmResponseType VerifySignedServiceCertificate(
-      const std::string& signed_certificate) {
-    bool has_provider_id;
-    return VerifyAndExtractFromSignedCertificate(signed_certificate, NULL,
-                                                 &has_provider_id, NULL);
-  }
+  // Construct service certificate request.
+  virtual bool PrepareRequest(CdmKeyMessage* signed_request);
+
+  // Parse service certificate response and make it usable.
+  virtual CdmResponseType HandleResponse(
+      const std::string& signed_respnse);
 
  private:
-  // Take a signed certificate, parse it, and verify it.
-  // If a pointer to a string object is passed in, the certificate
-  // will be copied to it.
-  static CdmResponseType VerifyAndExtractFromSignedCertificate(
-      const std::string& signed_service_certificate,
-      std::string* service_certificate, bool* has_provider_id,
-      std::string* provider_id);
+  // Verify the signature on the signed service certificate.
+  // Extract and save the certificate and provider_id.
+  // Expected format: serialized video_widevine::SignedDrmDeviceCertificate.
+  virtual CdmResponseType VerifyAndExtract(
+      const std::string& raw_certificate);
 
-  virtual bool SetupServiceCertificate();
-
-  CryptoSession* crypto_session_;
-  CdmSessionId session_id_;
-  bool privacy_mode_enabled_;
-  bool valid_;
-  bool initialized_;
+  // True while waiting for response to service certificate request.
+  bool fetch_in_progress_;
 
   // Certificate, verified and extracted from signed message.
   std::string certificate_;
 
   // Provider ID, extracted from certificate message.
-  bool has_provider_id_;
   std::string provider_id_;
 
   CORE_DISALLOW_COPY_AND_ASSIGN(ServiceCertificate);

libwvdrmengine/cdm/core/include/wv_cdm_types.h

@@ -247,7 +247,7 @@ enum CdmResponseType {
   INVALID_PARAMETERS_ENG_14,
   INVALID_PARAMETERS_ENG_15, /* 205 */
   INVALID_PARAMETERS_ENG_16,
-  DEVICE_CERTIFICATE_ERROR_5,
+  UNUSED_7, /* previously DEVICE_CERTIFICATE_ERROR_5 */
   CERT_PROVISIONING_CLIENT_TOKEN_ERROR_1,
   CERT_PROVISIONING_CLIENT_TOKEN_ERROR_2,
   LICENSING_CLIENT_TOKEN_ERROR_1, /* 210 */