widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reset crypto session pointers on RemoveKeys.

Browse Source 
[ Merge of http://go/wvgerrit/189590 ]
[ Cherry-pick of http://ag/26541307 ]

The CDM session shares its CryptoSession instance with a few additional
member objects (CdmLicense and PolicyEngine).  When the CDM session's
crypto session is reset, it must also reset the CdmLicense and
PolicyEngine otherwise, a potential stale pointer reference may occur.

Test: request_license_test on Oriole
Test: run_x86_64_tests
Bug: 311239278
Change-Id: Ie175513ae652dcd96e12e5e1def574a8a56d5863
This commit is contained in:
Alex Dale
2024-03-11 15:19:21 -07:00
parent 5c175ad151
commit b1fad7f4cb
11 changed files with 182 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
libwvdrmengine/cdm/core/test/license_unittest.cpp
View File

@@ -136,6 +136,7 @@ const std::string kFakeKeyTooLong =
const std::string kFakeKeyTooShort = a2bs_hex("06e247e7f924208011");
const std::string kFakeIv = a2bs_hex("3d515a3ee0be1687080ac59da9e0d69a");
const std::string kFakeBuildInfo = "Mock Crypto Session - License Test";
const uint32_t kDefaultOemCryptoVersion = 18;
class MockCryptoSession : public TestCryptoSession {
public:
@@ -215,84 +216,85 @@ class CdmLicenseTest : public WvCdmTestBase {
protected:
CdmLicenseTest(const std::string& pssh = (kCencInitDataHdr + kCencPssh))
: pssh_(pssh) {}
void SetUp() override {
WvCdmTestBase::SetUp();
clock_ = new MockClock();
crypto_session_ = new MockCryptoSession(&crypto_metrics_);
init_data_ = new InitializationData(CENC_INIT_DATA_FORMAT, pssh_);
policy_engine_ = new MockPolicyEngine(crypto_session_);
crypto_session_.reset(new MockCryptoSession(&crypto_metrics_));
ON_CALL(*crypto_session_, GetSupportedCertificateTypes(NotNull()))
.WillByDefault(
DoAll(SetArgPointee<0>(kDefaultSupportedCertTypes), Return(true)));
// PolicyEngine will call GetApiVersion() on creation.
EXPECT_CALL(*crypto_session_, GetApiVersion(NotNull()))
.WillRepeatedly(
DoAll(SetArgPointee<0>(kDefaultOemCryptoVersion), Return(true)));
policy_engine_.reset(new MockPolicyEngine(crypto_session_.get()));
init_data_ = InitializationData(CENC_INIT_DATA_FORMAT, pssh_);
clock_ = new MockClock();
cdm_license_.reset(new CdmLicenseTestPeer(kCdmSessionId, clock_));
}
void TearDown() override {
delete cdm_license_;
delete policy_engine_;
delete init_data_;
delete crypto_session_;
delete clock_;
}
virtual void CreateCdmLicense() {
cdm_license_ = new CdmLicenseTestPeer(kCdmSessionId, clock_);
// Nullify pointers for objects owned by CdmLicense.
clock_ = nullptr;
cdm_license_.reset();
// Release mock objects used by the CdmLicense.
// Order is important.
policy_engine_.reset();
crypto_session_.reset();
}
CdmLicenseTestPeer* cdm_license_ = nullptr;
MockClock* clock_ = nullptr;
metrics::CryptoMetrics crypto_metrics_;
MockCryptoSession* crypto_session_ = nullptr;
InitializationData* init_data_ = nullptr;
MockPolicyEngine* policy_engine_ = nullptr;
MockClock* clock_ = nullptr; // Owned by |cdm_license_|.
std::unique_ptr<CdmLicenseTestPeer> cdm_license_;
std::unique_ptr<MockPolicyEngine> policy_engine_;
std::unique_ptr<MockCryptoSession> crypto_session_;
InitializationData init_data_;
std::string pssh_;
};
TEST_F(CdmLicenseTest, InitSuccess) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(false, kEmptyServiceCertificate,
crypto_session_, policy_engine_));
crypto_session_.get(), policy_engine_.get()));
}
TEST_F(CdmLicenseTest, InitFail_CryptoSessionNull) {
CreateCdmLicense();
EXPECT_FALSE(cdm_license_->Init(false, kEmptyServiceCertificate, nullptr,
policy_engine_));
policy_engine_.get()));
}
TEST_F(CdmLicenseTest, InitFail_PolicyEngineNull) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_FALSE(cdm_license_->Init(false, kEmptyServiceCertificate,
crypto_session_, nullptr));
crypto_session_.get(), nullptr));
}
TEST_F(CdmLicenseTest, InitWithEmptyServiceCert) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(true, kEmptyServiceCertificate,
crypto_session_, policy_engine_));
crypto_session_.get(), policy_engine_.get()));
}
TEST_F(CdmLicenseTest, InitWithInvalidServiceCert) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_FALSE(cdm_license_->Init(true, kInvalidServiceCertificate,
crypto_session_, policy_engine_));
crypto_session_.get(), policy_engine_.get()));
}
TEST_F(CdmLicenseTest, InitWithServiceCert) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(true, kDefaultServiceCertificate,
crypto_session_, policy_engine_));
crypto_session_.get(), policy_engine_.get()));
}
TEST_F(CdmLicenseTest, PrepareKeyRequestValidation) {
@@ -335,15 +337,14 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidation) {
.WillOnce(
DoAll(SetArgPointee<0>(kWatermarkingConfigurable), Return(true)));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(true, kDefaultServiceCertificate,
crypto_session_, policy_engine_));
crypto_session_.get(), policy_engine_.get()));
CdmAppParameterMap app_parameters;
CdmKeyMessage signed_request;
std::string server_url;
EXPECT_EQ(cdm_license_->PrepareKeyRequest(
*init_data_, kToken, kLicenseTypeStreaming, app_parameters,
init_data_, kToken, kLicenseTypeStreaming, app_parameters,
&signed_request, &server_url),
KEY_MESSAGE);
@@ -470,15 +471,14 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidationV15) {
.WillOnce(
DoAll(SetArgPointee<0>(kWatermarkingNotSupported), Return(true)));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(true, kDefaultServiceCertificate,
crypto_session_, policy_engine_));
crypto_session_.get(), policy_engine_.get()));
CdmAppParameterMap app_parameters;
CdmKeyMessage signed_request;
std::string server_url;
EXPECT_EQ(cdm_license_->PrepareKeyRequest(
*init_data_, kToken, kLicenseTypeStreaming, app_parameters,
init_data_, kToken, kLicenseTypeStreaming, app_parameters,
&signed_request, &server_url),
KEY_MESSAGE);
@@ -616,9 +616,8 @@ TEST_P(CdmLicenseEntitledKeyTest, LoadsEntitledKeys) {
}
// Set up the CdmLicense with the mocks and fake entitlement key
CreateCdmLicense();
ASSERT_TRUE(cdm_license_->Init(true, kDefaultServiceCertificate,
crypto_session_, policy_engine_));
crypto_session_.get(), policy_engine_.get()));
cdm_license_->set_entitlement_keys(entitlement_license);
// Call the function under test and check its return value

6
libwvdrmengine/cdm/core/test/policy_engine_unittest.cpp
View File

@@ -267,7 +267,7 @@ class PolicyEngineTestV18 : public PolicyEngineTest {
}
};
TEST_F(PolicyEngineTest, NoLicense) {
TEST_F(PolicyEngineTestV16, NoLicense) {
EXPECT_FALSE(policy_engine_->CanDecryptContent(kKeyId));
}
@@ -2826,6 +2826,10 @@ TEST_F(PolicyEngineTestV16, PlaybackOk_RestoreWithoutPlaybackTimes) {
EXPECT_TRUE(policy_engine_->CanDecryptContent(kKeyId));
}
TEST_F(PolicyEngineTestV18, NoLicense) {
EXPECT_FALSE(policy_engine_->CanDecryptContent(kKeyId));
}
// These tests exercise license policy when OEMCrypto supports v18.
// The following scenarios are from the duration-and-renewal doc.
// Verifies correct reporting of events, OnSessionRenewalNeeded,