Correct stability issues for SPOIDs for provisioning 4.0
[ Merge of http://go/wvgerrit/183472 and http://go/ag/24537206 ] For provisioning 4.0 devices, the DRM certificate serial number was changing on a reprovisioning attempt or factory reset. The app parameters sent up in the client identification name-value pair field were being filtered out in provisioning requests. This has been corrected for provisioning 4.0 stage 2 (DRM certificate request). There is no need to include them for stage 1 (OEM certificate request). The test case WvCdmRequestLicenseTest.ProvisioningSpoidTest was created earlier to ensure that SPOIDs and DRM certificates are stable. Unfortunately due to another bug b/250099615, the RKP service was holding a connection to the Widevine TA for provisioning 4.0 devices. When native tests ran as their own process, L1 would fail to load due to a connection failure and the test would run as L3. The tests passed for provisioning 4.0 devices Pixel 7 and 8 when they should have failed. This gave us a false sense of confidence that the SPOIDs were stable. For now a workaround is to run a shell command to kill the widevine TA before running native tests. $ adb shell pkill -f -9 widevine New tests have been introduced to provide integration coverage WVPluginTest at the WV plugin level and CoreIntegrationTest for core. GTS tests are also being written in b/295538002. Bug: 294451432 Bug: 293950895 Test: WVPluginTest.ProvisioningStableSpoidTestL1, WVTS tests Change-Id: Ib9ace4387866ea38bb1840feb69cea78d2d2c09c
This commit is contained in:
Rahul Frias
@@ -62,17 +62,16 @@ void ProvisioningHolder::Provision(CdmCertificateType cert_type,
|
||||
url_request.PostCertRequestInQueryString(request);
|
||||
|
||||
// Receive and parse response.
|
||||
std::string response;
|
||||
ASSERT_NO_FATAL_FAILURE(url_request.AssertOkResponse(&response))
|
||||
ASSERT_NO_FATAL_FAILURE(url_request.AssertOkResponse(&response_))
|
||||
<< "Failed to fetch provisioning response. "
|
||||
<< DumpProvAttempt(request, response, cert_type);
|
||||
<< DumpProvAttempt(request, response_, cert_type);
|
||||
|
||||
if (binary_provisioning) {
|
||||
// extract provisioning response from received message
|
||||
// Extracts signed response from JSON string, result is serialized
|
||||
// protobuf.
|
||||
std::string protobuf_response;
|
||||
const bool extract_ok = ExtractSignedMessage(response, &protobuf_response);
|
||||
const bool extract_ok = ExtractSignedMessage(response_, &protobuf_response);
|
||||
ASSERT_TRUE(extract_ok) << "Failed to extract signed serialized "
|
||||
"response from JSON response";
|
||||
LOGV("Extracted response message: \n%s\n", protobuf_response.c_str());
|
||||
@@ -87,21 +86,15 @@ void ProvisioningHolder::Provision(CdmCertificateType cert_type,
|
||||
<< "Failed to decode base64 of response: response = "
|
||||
<< protobuf_response;
|
||||
|
||||
const std::string binary_protobuf_response(response_vec.begin(),
|
||||
response_vec.end());
|
||||
|
||||
ASSERT_EQ(NO_ERROR, cdm_engine_->HandleProvisioningResponse(
|
||||
binary_protobuf_response, kLevelDefault,
|
||||
&certificate_, &wrapped_key_))
|
||||
<< "Binary provisioning failed. "
|
||||
<< DumpProvAttempt(request, response, cert_type);
|
||||
} else {
|
||||
ASSERT_EQ(NO_ERROR,
|
||||
cdm_engine_->HandleProvisioningResponse(
|
||||
response, kLevelDefault, &certificate_, &wrapped_key_))
|
||||
<< "Non-binary provisioning failed. "
|
||||
<< DumpProvAttempt(request, response, cert_type);
|
||||
response_.assign(response_vec.begin(), response_vec.end());
|
||||
}
|
||||
|
||||
ASSERT_EQ(NO_ERROR,
|
||||
cdm_engine_->HandleProvisioningResponse(
|
||||
response_, kLevelDefault, &certificate_, &wrapped_key_))
|
||||
<< (binary_provisioning ? "Binary provisioning failed. "
|
||||
: "Non-binary provisioning failed. ")
|
||||
<< DumpProvAttempt(request, response_, cert_type);
|
||||
}
|
||||
|
||||
bool ProvisioningHolder::ExtractSignedMessage(const std::string& response,
|
||||
|
||||
Reference in New Issue
Block a user