From f0cd22d4f4e2c0b82a8663122b9126b326f62ca1 Mon Sep 17 00:00:00 2001 From: Rahul Frias Date: Wed, 4 Apr 2018 23:41:41 -0700 Subject: [PATCH] Address failures when provisioning methods differ [ Merge of http://go/wvgerrit/46907 ] The WV client supports root of trusts as keyboxes or OEM certificates. Devices with keyboxes use provisioning 2.0 protocol to provision while those with OEM certificates use 3.0. L3 provisioning failures occur if the L1 and L3 root of trusts differ. The provisioning method is now retrieved and cached when the security level is known, when the session is opened. Earlier it was retrieved and cached at initialization time and always set to the value of L1 OEMCrypto (if present). This led to provisioning failures. A case of acquiring a lock while one was held in GetProvisioningId() has also fixed. Bug: 77606913 Test: WV unit/integration tests Change-Id: I2d66ee2cf64f846cec4a37fbccb554447c8a0e1d --- .../cdm/core/include/crypto_session.h | 3 +- .../cdm/core/include/wv_cdm_types.h | 4 +- libwvdrmengine/cdm/core/src/cdm_engine.cpp | 2 + .../cdm/core/src/crypto_session.cpp | 51 ++++++++++++------- .../cdm/core/test/test_printers.cpp | 2 + .../cdm/test/request_license_test.cpp | 41 +++++++++++++-- libwvdrmengine/include/WVErrors.h | 3 +- libwvdrmengine/include/mapErrors-inl.h | 2 + libwvdrmengine/include_hidl/mapErrors-inl.h | 1 + 9 files changed, 83 insertions(+), 26 deletions(-) diff --git a/libwvdrmengine/cdm/core/include/crypto_session.h b/libwvdrmengine/cdm/core/include/crypto_session.h index 84da0724..348f2600 100644 --- a/libwvdrmengine/cdm/core/include/crypto_session.h +++ b/libwvdrmengine/cdm/core/include/crypto_session.h @@ -199,7 +199,8 @@ class CryptoSession { private: friend class CryptoSessionForTest; - bool GetProvisioningMethod(CdmClientTokenType* token_type); + CdmResponseType GetProvisioningMethod(SecurityLevel requested_security_level, + CdmClientTokenType* token_type); void Init(); void Terminate(); bool GetTokenFromKeybox(std::string* token); diff --git a/libwvdrmengine/cdm/core/include/wv_cdm_types.h b/libwvdrmengine/cdm/core/include/wv_cdm_types.h index ec2f78c4..f47e132d 100644 --- a/libwvdrmengine/cdm/core/include/wv_cdm_types.h +++ b/libwvdrmengine/cdm/core/include/wv_cdm_types.h @@ -324,6 +324,7 @@ enum CdmResponseType { REMOVE_USAGE_INFO_ERROR_1 = 282, REMOVE_USAGE_INFO_ERROR_2 = 283, REMOVE_USAGE_INFO_ERROR_3 = 284, + GET_PROVISIONING_METHOD_ERROR = 285, }; enum CdmKeyStatus { @@ -397,7 +398,8 @@ enum CdmSigningAlgorithm { enum CdmClientTokenType { kClientTokenKeybox, kClientTokenDrmCert, - kClientTokenOemCert + kClientTokenOemCert, + kClientTokenUninitialized, }; // kNonSecureUsageSupport - TEE does not provide any support for usage diff --git a/libwvdrmengine/cdm/core/src/cdm_engine.cpp b/libwvdrmengine/cdm/core/src/cdm_engine.cpp index 034729af..410b7f99 100644 --- a/libwvdrmengine/cdm/core/src/cdm_engine.cpp +++ b/libwvdrmengine/cdm/core/src/cdm_engine.cpp @@ -757,6 +757,7 @@ CdmResponseType CdmEngine::QueryOemCryptoSessionId( CdmResponseType CdmEngine::GetProvisioningRequest( CdmCertificateType cert_type, const std::string& cert_authority, CdmProvisioningRequest* request, std::string* default_url) { + LOGI("CdmEngine::GetProvisioningRequest"); if (!request) { LOGE("CdmEngine::GetProvisioningRequest: invalid output parameters"); return INVALID_PROVISIONING_REQUEST_PARAM_1; @@ -794,6 +795,7 @@ CdmResponseType CdmEngine::GetProvisioningRequest( CdmResponseType CdmEngine::HandleProvisioningResponse( const CdmProvisioningResponse& response, std::string* cert, std::string* wrapped_key) { + LOGI("CdmEngine::HandleProvisioningResponse"); if (response.empty()) { LOGE("CdmEngine::HandleProvisioningResponse: Empty provisioning response."); cert_provisioning_.reset(NULL); diff --git a/libwvdrmengine/cdm/core/src/crypto_session.cpp b/libwvdrmengine/cdm/core/src/crypto_session.cpp index d3dfca58..f53ec294 100644 --- a/libwvdrmengine/cdm/core/src/crypto_session.cpp +++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp @@ -138,6 +138,7 @@ CryptoSession::CryptoSession(metrics::CryptoMetrics* metrics) : metrics_(metrics), system_id_(-1), open_(false), + pre_provision_token_type_(kClientTokenUninitialized), update_usage_table_after_close_session_(false), is_destination_buffer_type_valid_(false), requested_security_level_(kLevelDefault), @@ -160,9 +161,11 @@ CryptoSession::~CryptoSession() { M_RECORD(metrics_, crypto_session_life_span_, life_span_.AsMs()); } -bool CryptoSession::GetProvisioningMethod(CdmClientTokenType* token_type) { +CdmResponseType CryptoSession::GetProvisioningMethod( + SecurityLevel requested_security_level, + CdmClientTokenType* token_type) { OEMCrypto_ProvisioningMethod method = - OEMCrypto_GetProvisioningMethod(requested_security_level_); + OEMCrypto_GetProvisioningMethod(requested_security_level); metrics_->oemcrypto_provisioning_method_.Record(method); CdmClientTokenType type; switch (method) { @@ -179,10 +182,10 @@ bool CryptoSession::GetProvisioningMethod(CdmClientTokenType* token_type) { default: LOGE("OEMCrypto_GetProvisioningMethod failed. %d", method); metrics_->oemcrypto_provisioning_method_.SetError(method); - return false; + return GET_PROVISIONING_METHOD_ERROR; } *token_type = type; - return true; + return NO_ERROR; } void CryptoSession::Init() { @@ -198,9 +201,6 @@ void CryptoSession::Init() { } initialized_ = true; } - if (!GetProvisioningMethod(&pre_provision_token_type_)) { - initialized_ = false; - } } void CryptoSession::Terminate() { @@ -594,10 +594,12 @@ bool CryptoSession::GetProvisioningId(std::string* provisioning_id) { uint8_t buf[KEYBOX_KEY_DATA_SIZE]; size_t buf_size = sizeof(buf); - LOGV("CryptoSession::GetProvisioningId: Lock"); - AutoLock auto_lock(crypto_lock_); - if (!initialized_) { - return false; + { + LOGV("CryptoSession::GetProvisioningId: Lock"); + AutoLock auto_lock(crypto_lock_); + if (!initialized_) { + return false; + } } if (pre_provision_token_type_ == kClientTokenOemCert) { @@ -614,6 +616,8 @@ bool CryptoSession::GetProvisioningId(std::string* provisioning_id) { return true; } else { OEMCryptoResult sts; + LOGV("CryptoSession::GetProvisioningId: Lock"); + AutoLock auto_lock(crypto_lock_); M_TIME( sts = OEMCrypto_GetKeyData(buf, &buf_size, requested_security_level_), metrics_, oemcrypto_get_key_data_, sts, metrics::Pow2Bucket(buf_size)); @@ -633,14 +637,23 @@ uint8_t CryptoSession::GetSecurityPatchLevel() { } CdmResponseType CryptoSession::Open(SecurityLevel requested_security_level) { - LOGD("CryptoSession::Open: Lock: requested_security_level: %s", - requested_security_level == kLevel3 - ? QUERY_VALUE_SECURITY_LEVEL_L3.c_str() - : QUERY_VALUE_SECURITY_LEVEL_DEFAULT.c_str()); - AutoLock auto_lock(crypto_lock_); - if (!initialized_) return UNKNOWN_ERROR; - if (open_) return NO_ERROR; + { + LOGD("CryptoSession::Open: Lock: requested_security_level: %s", + requested_security_level == kLevel3 + ? QUERY_VALUE_SECURITY_LEVEL_L3.c_str() + : QUERY_VALUE_SECURITY_LEVEL_DEFAULT.c_str()); + AutoLock auto_lock(crypto_lock_); + if (!initialized_) return UNKNOWN_ERROR; + if (open_) return NO_ERROR; + } + CdmResponseType result = + GetProvisioningMethod(requested_security_level, + &pre_provision_token_type_); + if (result != NO_ERROR) return result; + + LOGV("CryptoSession::Open: Lock"); + AutoLock auto_lock(crypto_lock_); OEMCrypto_SESSION sid; requested_security_level_ = requested_security_level; OEMCryptoResult sts = OEMCrypto_OpenSession(&sid, requested_security_level); @@ -679,7 +692,7 @@ CdmResponseType CryptoSession::Open(SecurityLevel requested_security_level) { } CdmUsageSupportType usage_support_type; - CdmResponseType result = GetUsageSupportType(&usage_support_type); + result = GetUsageSupportType(&usage_support_type); if (result == NO_ERROR) { metrics_->oemcrypto_usage_table_support_.Record(usage_support_type); if (usage_support_type == kUsageEntrySupport) { diff --git a/libwvdrmengine/cdm/core/test/test_printers.cpp b/libwvdrmengine/cdm/core/test/test_printers.cpp index 863f3425..7a9de407 100644 --- a/libwvdrmengine/cdm/core/test/test_printers.cpp +++ b/libwvdrmengine/cdm/core/test/test_printers.cpp @@ -581,6 +581,8 @@ void PrintTo(const enum CdmResponseType& value, ::std::ostream* os) { break; case REMOVE_USAGE_INFO_ERROR_3: *os << "REMOVE_USAGE_INFO_ERROR_3"; break; + case GET_PROVISIONING_METHOD_ERROR: *os << "GET_PROVISIONING_METHOD_ERROR"; + break; default: *os << "Unknown CdmResponseType"; break; diff --git a/libwvdrmengine/cdm/test/request_license_test.cpp b/libwvdrmengine/cdm/test/request_license_test.cpp index 3aa74ab4..05f71f24 100644 --- a/libwvdrmengine/cdm/test/request_license_test.cpp +++ b/libwvdrmengine/cdm/test/request_license_test.cpp @@ -1620,8 +1620,39 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase { }; TEST_F(WvCdmRequestLicenseTest, ProvisioningTest) { - decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL, - &session_id_); + Unprovision(); + EXPECT_EQ(NEED_PROVISIONING, + decryptor_.OpenSession(g_key_system, NULL, + kDefaultCdmIdentifier, NULL, + &session_id_)); + std::string provisioning_server; + CdmCertificateType cert_type = kCertificateWidevine; + std::string cert_authority, cert, wrapped_key; + + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest( + cert_type, cert_authority, + kDefaultCdmIdentifier, &key_msg_, + &provisioning_server)); + EXPECT_EQ(provisioning_server, g_config->provisioning_server()); + + std::string response = + GetCertRequestResponse(g_config->provisioning_server()); + EXPECT_NE(0, static_cast(response.size())); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse( + kDefaultCdmIdentifier, response, &cert, + &wrapped_key)); + EXPECT_EQ(0, static_cast(cert.size())); + EXPECT_EQ(0, static_cast(wrapped_key.size())); + decryptor_.CloseSession(session_id_); +} + +TEST_F(WvCdmRequestLicenseTest, L3ProvisioningTest) { + TestWvCdmClientPropertySet property_set_L3; + property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3); + EXPECT_EQ(NEED_PROVISIONING, + decryptor_.OpenSession(g_key_system, &property_set_L3, + kDefaultCdmIdentifier, NULL, + &session_id_)); std::string provisioning_server; CdmCertificateType cert_type = kCertificateWidevine; std::string cert_authority, cert, wrapped_key; @@ -3764,7 +3795,8 @@ TEST_F(WvCdmRequestLicenseTest, QueryStatus) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.QueryStatus(kLevelDefault, wvcdm::QUERY_KEY_PROVISIONING_ID, &value)); - EXPECT_EQ(16u, value.size()); + EXPECT_TRUE(16u == value.size() || 32u == value.size()) + << "provisioning id size: " << value.size(); EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.QueryStatus( @@ -3866,7 +3898,8 @@ TEST_F(WvCdmRequestLicenseTest, QueryStatusL3) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.QueryStatus(kLevel3, wvcdm::QUERY_KEY_PROVISIONING_ID, &value)); - EXPECT_EQ(16u, value.size()); + EXPECT_TRUE(16u == value.size() || 32u == value.size()) + << "provisioning id size: " << value.size(); EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.QueryStatus(kLevel3, wvcdm::QUERY_KEY_CURRENT_HDCP_LEVEL, diff --git a/libwvdrmengine/include/WVErrors.h b/libwvdrmengine/include/WVErrors.h index 631e4d0a..9d06d7b5 100644 --- a/libwvdrmengine/include/WVErrors.h +++ b/libwvdrmengine/include/WVErrors.h @@ -263,10 +263,11 @@ enum { kRemoveUsageInfoError1 = ERROR_DRM_VENDOR_MIN + 274, kRemoveUsageInfoError2 = ERROR_DRM_VENDOR_MIN + 275, kRemoveUsageInfoError3 = ERROR_DRM_VENDOR_MIN + 276, + kGetProvisioningError = ERROR_DRM_VENDOR_MIN + 277, // This should always follow the last error code. // The offset value should be updated each time a new error code is added. - kErrorWVDrmMaxErrorUsed = ERROR_DRM_VENDOR_MIN + 276, + kErrorWVDrmMaxErrorUsed = ERROR_DRM_VENDOR_MIN + 277, // Used by crypto test mode kErrorTestMode = ERROR_DRM_VENDOR_MAX, diff --git a/libwvdrmengine/include/mapErrors-inl.h b/libwvdrmengine/include/mapErrors-inl.h index b4aa175c..78105e14 100644 --- a/libwvdrmengine/include/mapErrors-inl.h +++ b/libwvdrmengine/include/mapErrors-inl.h @@ -507,6 +507,8 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) { return kRemoveUsageInfoError2; case wvcdm::REMOVE_USAGE_INFO_ERROR_3: return kRemoveUsageInfoError3; + case wvcdm::GET_PROVISIONING_METHOD_ERROR: + return kGetProvisioningError; } // Return here instead of as a default case so that the compiler will warn diff --git a/libwvdrmengine/include_hidl/mapErrors-inl.h b/libwvdrmengine/include_hidl/mapErrors-inl.h index 81b571fc..fabdd6ea 100644 --- a/libwvdrmengine/include_hidl/mapErrors-inl.h +++ b/libwvdrmengine/include_hidl/mapErrors-inl.h @@ -290,6 +290,7 @@ static Status mapCdmResponseType(wvcdm::CdmResponseType res) { case wvcdm::REMOVE_USAGE_INFO_ERROR_1: case wvcdm::REMOVE_USAGE_INFO_ERROR_2: case wvcdm::REMOVE_USAGE_INFO_ERROR_3: + case wvcdm::GET_PROVISIONING_METHOD_ERROR: ALOGW("Returns UNKNOWN error for legacy status: %d", res); return Status::ERROR_DRM_UNKNOWN;