Merge Changes from CDM repository

This CL merges the following changes from the Widevine repository: Avoid CdmSession reinitialization https://widevine-internal-review.googlesource.com/#/c/10530/ Fix timer-related unit tests. https://widevine-internal-review.googlesource.com/#/c/10510/ Correct return statement bug: 15590802 https://widevine-internal-review.googlesource.com/#/c/10553/ Usage reporting fixes bug/15388863 https://widevine-internal-review.googlesource.com/#/c/10460/ Make public methods virtual https://widevine-internal-review.googlesource.com/#/c/10500/ Fix the SetTimer contract in the CDM. https://widevine-internal-review.googlesource.com/#/c/10493/ Move inline CDM methods, add OVERRIDE. https://widevine-internal-review.googlesource.com/#/c/10475/ Simplify storage APIs related cleanup. https://widevine-internal-review.googlesource.com/#/c/10473/ Duration values are not correctly reported when queried b/15592374 https://widevine-internal-review.googlesource.com/#/c/10437/ Propagate IsKeyValid() through ContentDecryptionModule. https://widevine-internal-review.googlesource.com/#/c/10483/ Minor clean up in config_test_env. https://widevine-internal-review.googlesource.com/#/c/10440/ General clean up. https://widevine-internal-review.googlesource.com/#/c/10441/ Refactor HttpSocket and simplify UrlRequest interface. https://widevine-internal-review.googlesource.com/#/c/10410/ Install good keybox at end of unit tests b/15385981 https://widevine-internal-review.googlesource.com/#/c/10374/ Privacy crypto fixes b/15475012 https://widevine-internal-review.googlesource.com/#/c/10383/ Incorporate header files to resolve build issued based on customers feedback. https://widevine-internal-review.googlesource.com/#/c/10420/ Support unprovisioning b/12247651 https://widevine-internal-review.googlesource.com/#/c/10356/ Correct usage of Host::Allocate and Cdm::Decrypt. https://widevine-internal-review.googlesource.com/#/c/10378/ Fix logging bug, arguments in wrong order. https://widevine-internal-review.googlesource.com/#/c/10380/ Rename types that look like constants. https://widevine-internal-review.googlesource.com/#/c/10379/ Fix offline test failures b/13909635 https://widevine-internal-review.googlesource.com/#/c/10348/ Add -DUNIT_TEST to the unit test makefile for Android https://widevine-internal-review.googlesource.com/#/c/10375/ Refactor privacy-crypto and add dummy version. https://widevine-internal-review.googlesource.com/#/c/10353/ Remove References to Apiary https://widevine-internal-review.googlesource.com/#/c/9924/ Delete oldest entry in usage table when full bug: 15184824 https://widevine-internal-review.googlesource.com/#/c/10295/ Port DeviceFiles to iOS. https://widevine-internal-review.googlesource.com/#/c/10355/ Make testing functions in DeviceFiles private. https://widevine-internal-review.googlesource.com/#/c/10354/ Add RSA encryption to haystack https://widevine-internal-review.googlesource.com/#/c/10280/ Add string and vector includes to CDM header. https://widevine-internal-review.googlesource.com/#/c/10352/ First version of oemcrypto logging https://widevine-internal-review.googlesource.com/#/c/10252/ Update Names of Secure Stop Methods bug: 11987015 https://widevine-internal-review.googlesource.com/#/c/10152/ Adjust timing on the Usage Table unit test https://widevine-internal-review.googlesource.com/#/c/10307/ Fix all compiler warnings in CDM source release. https://widevine-internal-review.googlesource.com/#/c/10293/ Fix memset bug: args in wrong order https://widevine-internal-review.googlesource.com/#/c/10292/ Partial revert of 'Remove refs to test prov server, Level3 support...' https://widevine-internal-review.googlesource.com/#/c/10281/ Pack structure OEMCrypto_PST_Report https://widevine-internal-review.googlesource.com/#/c/10243/ Remove refs to test prov server, Level3 support; remove dead code https://widevine-internal-review.googlesource.com/#/c/10220/ Partial revert of 'Document data strings; clean up license server parameters.' https://widevine-internal-review.googlesource.com/#/c/10188/ Document data strings; clean up license server parameters. https://widevine-internal-review.googlesource.com/#/c/10120/ Fix broken build after partner branch merge. https://widevine-internal-review.googlesource.com/#/c/10181/ TODO Cleanup - core/src, core/include https://widevine-internal-review.googlesource.com/#/c/9965/ TODO Cleanup - cdm, chromium, core/test. https://widevine-internal-review.googlesource.com/#/c/9419/ Remove unneeded properties. https://widevine-internal-review.googlesource.com/#/c/10162/ Change-Id: If2bb9d743a562a3875bebb91933c0aaadea286b2
2014-06-25 13:02:54 -07:00
parent 8a8feb747c
commit b5e8b87fed
66 changed files with 2927 additions and 1998 deletions
--- a/libwvdrmengine/cdm/core/include/cdm_client_property_set.h
+++ b/libwvdrmengine/cdm/core/include/cdm_client_property_set.h
@@ -13,9 +13,9 @@ class CdmClientPropertySet {
 public:
  virtual ~CdmClientPropertySet() {}

-  virtual std::string security_level() const = 0;
+  virtual const std::string& security_level() const = 0;
  virtual bool use_privacy_mode() const = 0;
-  virtual std::vector<uint8_t> service_certificate() const = 0;
+  virtual const std::string& service_certificate() const = 0;
  virtual bool is_session_sharing_enabled() const = 0;
  virtual uint32_t session_sharing_id() const = 0;
  virtual void set_session_sharing_id(uint32_t id) = 0;
--- a/libwvdrmengine/cdm/core/include/cdm_engine.h
+++ b/libwvdrmengine/cdm/core/include/cdm_engine.h
@@ -3,15 +3,16 @@
 #ifndef WVCDM_CORE_CDM_ENGINE_H_
 #define WVCDM_CORE_CDM_ENGINE_H_

+#include "cdm_session.h"
 #include "certificate_provisioning.h"
 #include "initialization_data.h"
 #include "oemcrypto_adapter.h"
+#include "scoped_ptr.h"
 #include "wv_cdm_types.h"

 namespace wvcdm {

 class CdmClientPropertySet;
-class CdmSession;
 class CryptoEngine;
 class WvCdmEventListener;

@@ -24,98 +25,94 @@ class CdmEngine {
  virtual ~CdmEngine();

  // Session related methods
-  CdmResponseType OpenSession(const CdmKeySystem& key_system,
-                              const CdmClientPropertySet* property_set,
-                              CdmSessionId* session_id);
-  CdmResponseType CloseSession(const CdmSessionId& session_id);
+  virtual CdmResponseType OpenSession(const CdmKeySystem& key_system,
+                                      const CdmClientPropertySet* property_set,
+                                      CdmSessionId* session_id);
+  virtual CdmResponseType CloseSession(const CdmSessionId& session_id);

-  CdmResponseType OpenKeySetSession(const CdmKeySetId& key_set_id);
-  CdmResponseType CloseKeySetSession(const CdmKeySetId& key_set_id);
+  virtual CdmResponseType OpenKeySetSession(const CdmKeySetId& key_set_id);
+  virtual CdmResponseType CloseKeySetSession(const CdmKeySetId& key_set_id);

  // License related methods
  // Construct a valid license request
-  CdmResponseType GenerateKeyRequest(const CdmSessionId& session_id,
-                                     const CdmKeySetId& key_set_id,
-                                     const InitializationData& init_data,
-                                     const CdmLicenseType license_type,
-                                     CdmAppParameterMap& app_parameters,
-                                     CdmKeyMessage* key_request,
-                                     std::string* server_url);
+  virtual CdmResponseType GenerateKeyRequest(
+      const CdmSessionId& session_id, const CdmKeySetId& key_set_id,
+      const InitializationData& init_data, const CdmLicenseType license_type,
+      CdmAppParameterMap& app_parameters, CdmKeyMessage* key_request,
+      std::string* server_url);

  // Accept license response and extract key info.
-  CdmResponseType AddKey(const CdmSessionId& session_id,
-                         const CdmKeyResponse& key_data,
-                         CdmKeySetId* key_set_id);
+  virtual CdmResponseType AddKey(const CdmSessionId& session_id,
+                                 const CdmKeyResponse& key_data,
+                                 CdmKeySetId* key_set_id);

-  CdmResponseType RestoreKey(const CdmSessionId& session_id,
-                             const CdmKeySetId& key_set_id);
+  virtual CdmResponseType RestoreKey(const CdmSessionId& session_id,
+                                     const CdmKeySetId& key_set_id);

-  CdmResponseType CancelKeyRequest(const CdmSessionId& session_id);
+  virtual CdmResponseType CancelKeyRequest(const CdmSessionId& session_id);

  // Construct valid renewal request for the current session keys.
-  CdmResponseType GenerateRenewalRequest(const CdmSessionId& session_id,
-                                         CdmKeyMessage* key_request,
-                                         std::string* server_url);
+  virtual CdmResponseType GenerateRenewalRequest(const CdmSessionId& session_id,
+                                                 CdmKeyMessage* key_request,
+                                                 std::string* server_url);

  // Accept renewal response and update key info.
-  CdmResponseType RenewKey(const CdmSessionId& session_id,
-                           const CdmKeyResponse& key_data);
+  virtual CdmResponseType RenewKey(const CdmSessionId& session_id,
+                                   const CdmKeyResponse& key_data);

  // Query system information
-  CdmResponseType QueryStatus(CdmQueryMap* info);
+  virtual CdmResponseType QueryStatus(CdmQueryMap* info);

  // Query session information
  virtual CdmResponseType QuerySessionStatus(const CdmSessionId& session_id,
                                             CdmQueryMap* key_info);

  // Query license information
-  CdmResponseType QueryKeyStatus(const CdmSessionId& session_id,
-                                 CdmQueryMap* key_info);
+  virtual CdmResponseType QueryKeyStatus(const CdmSessionId& session_id,
+                                         CdmQueryMap* key_info);

  // Query seesion control information
-  CdmResponseType QueryKeyControlInfo(const CdmSessionId& session_id,
-                                      CdmQueryMap* key_info);
+  virtual CdmResponseType QueryKeyControlInfo(const CdmSessionId& session_id,
+                                              CdmQueryMap* key_info);

  // Provisioning related methods
-  CdmResponseType GetProvisioningRequest(
-      CdmCertificateType cert_type,
-      const std::string& cert_authority,
-      CdmProvisioningRequest* request,
-      std::string* default_url);
+  virtual CdmResponseType GetProvisioningRequest(
+      CdmCertificateType cert_type, const std::string& cert_authority,
+      CdmProvisioningRequest* request, std::string* default_url);

-  CdmResponseType HandleProvisioningResponse(
-      CdmProvisioningResponse& response,
-      std::string* cert,
+  virtual CdmResponseType HandleProvisioningResponse(
+      CdmProvisioningResponse& response, std::string* cert,
      std::string* wrapped_key);

+  virtual CdmResponseType Unprovision(CdmSecurityLevel security_level);
+
  // Usage related methods for streaming licenses
-  CdmResponseType GetUsageInfo(CdmUsageInfo* usage_info);
-  CdmResponseType ReleaseUsageInfo(const CdmUsageInfoReleaseMessage& message);
+  virtual CdmResponseType GetUsageInfo(CdmUsageInfo* usage_info);
+  virtual CdmResponseType ReleaseUsageInfo(
+      const CdmUsageInfoReleaseMessage& message);

  // Decryption and key related methods
  // Accept encrypted buffer and return decrypted data.
-  CdmResponseType Decrypt(const CdmSessionId& session_id,
-                          const CdmDecryptionParameters& parameters);
+  virtual CdmResponseType Decrypt(const CdmSessionId& session_id,
+                                  const CdmDecryptionParameters& parameters);

-  size_t SessionSize() const { return sessions_.size(); }
+  virtual size_t SessionSize() const { return sessions_.size(); }

  // Is the key known to any session?
-  bool IsKeyLoaded(const KeyId& key_id);
-  bool FindSessionForKey(const KeyId& key_id, CdmSessionId* sessionId);
+  virtual bool IsKeyLoaded(const KeyId& key_id);
+  virtual bool FindSessionForKey(const KeyId& key_id, CdmSessionId* sessionId);

  // Event listener related methods
-  bool AttachEventListener(const CdmSessionId& session_id,
-                           WvCdmEventListener* listener);
-  bool DetachEventListener(const CdmSessionId& session_id,
-                           WvCdmEventListener* listener);
+  virtual bool AttachEventListener(const CdmSessionId& session_id,
+                                   WvCdmEventListener* listener);
+  virtual bool DetachEventListener(const CdmSessionId& session_id,
+                                   WvCdmEventListener* listener);

  // Timer expiration method
-  void OnTimerEvent();
+  virtual void OnTimerEvent();

 private:
  // private methods
-  // Cancel all sessions
-  bool CancelSessions();
  bool ValidateKeySystem(const CdmKeySystem& key_system);

  void OnKeyReleaseEvent(const CdmKeySetId& key_set_id);
@@ -125,8 +122,11 @@ class CdmEngine {
  CdmReleaseKeySetMap release_key_sets_;
  CertificateProvisioning cert_provisioning_;
  SecurityLevel cert_provisioning_requested_security_level_;
-  CdmSession* usage_session_;

+  static bool seeded_;
+
+  // usage related variables
+  scoped_ptr<CdmSession> usage_session_;
  int64_t last_usage_information_update_time;

  CORE_DISALLOW_COPY_AND_ASSIGN(CdmEngine);
--- a/libwvdrmengine/cdm/core/include/cdm_session.h
+++ b/libwvdrmengine/cdm/core/include/cdm_session.h
@@ -22,84 +22,83 @@ class WvCdmEventListener;
 class CdmSession {
 public:
  explicit CdmSession(const CdmClientPropertySet* cdm_client_property_set);
-  ~CdmSession();
+  virtual ~CdmSession();

-  CdmResponseType Init();
+  virtual CdmResponseType Init();

-  CdmResponseType RestoreOfflineSession(const CdmKeySetId& key_set_id,
-                                        const CdmLicenseType license_type);
-  CdmResponseType RestoreUsageSession(const CdmKeyMessage& key_request,
-                                      const CdmKeyResponse& key_response);
+  virtual CdmResponseType RestoreOfflineSession(
+      const CdmKeySetId& key_set_id, const CdmLicenseType license_type);
+  virtual CdmResponseType RestoreUsageSession(
+      const CdmKeyMessage& key_request, const CdmKeyResponse& key_response);

-  void set_key_system(const CdmKeySystem& ksystem) { key_system_ = ksystem; }
-  const CdmKeySystem& key_system() { return key_system_; }
+  virtual void set_key_system(const CdmKeySystem& ksystem) {
+    key_system_ = ksystem;
+  }
+  virtual const CdmKeySystem& key_system() { return key_system_; }

-  const CdmSessionId& session_id() { return session_id_; }
+  virtual const CdmSessionId& session_id() { return session_id_; }

-  bool VerifySession(const CdmKeySystem& key_system,
-                     const InitializationData& init_data);
-
-  CdmResponseType GenerateKeyRequest(const InitializationData& init_data,
-                                     const CdmLicenseType license_type,
-                                     const CdmAppParameterMap& app_parameters,
-                                     CdmKeyMessage* key_request,
-                                     std::string* server_url);
+  virtual CdmResponseType GenerateKeyRequest(
+      const InitializationData& init_data, const CdmLicenseType license_type,
+      const CdmAppParameterMap& app_parameters, CdmKeyMessage* key_request,
+      std::string* server_url);

  // AddKey() - Accept license response and extract key info.
-  CdmResponseType AddKey(const CdmKeyResponse& key_response,
-                         CdmKeySetId* key_set_id);
+  virtual CdmResponseType AddKey(const CdmKeyResponse& key_response,
+                                 CdmKeySetId* key_set_id);

  // CancelKeyRequest() - Cancel session.
-  CdmResponseType CancelKeyRequest();
+  virtual CdmResponseType CancelKeyRequest();

  // Query session status
-  CdmResponseType QueryStatus(CdmQueryMap* key_info);
+  virtual CdmResponseType QueryStatus(CdmQueryMap* key_info);

  // Query license information
-  CdmResponseType QueryKeyStatus(CdmQueryMap* key_info);
+  virtual CdmResponseType QueryKeyStatus(CdmQueryMap* key_info);

  // Query session control info
-  CdmResponseType QueryKeyControlInfo(CdmQueryMap* key_info);
+  virtual CdmResponseType QueryKeyControlInfo(CdmQueryMap* key_info);

  // Decrypt() - Accept encrypted buffer and return decrypted data.
-  CdmResponseType Decrypt(const CdmDecryptionParameters& parameters);
+  virtual CdmResponseType Decrypt(const CdmDecryptionParameters& parameters);

  // License renewal
  // GenerateRenewalRequest() - Construct valid renewal request for the current
  // session keys.
-  CdmResponseType GenerateRenewalRequest(CdmKeyMessage* key_request,
-                                         std::string* server_url);
+  virtual CdmResponseType GenerateRenewalRequest(CdmKeyMessage* key_request,
+                                                 std::string* server_url);

  // RenewKey() - Accept renewal response and update key info.
-  CdmResponseType RenewKey(const CdmKeyResponse& key_response);
+  virtual CdmResponseType RenewKey(const CdmKeyResponse& key_response);

  // License release
  // GenerateReleaseRequest() - Construct valid release request for the current
  // session keys.
-  CdmResponseType GenerateReleaseRequest(CdmKeyMessage* key_request,
-                                         std::string* server_url);
+  virtual CdmResponseType GenerateReleaseRequest(CdmKeyMessage* key_request,
+                                                 std::string* server_url);

  // ReleaseKey() - Accept response and release key.
-  CdmResponseType ReleaseKey(const CdmKeyResponse& key_response);
+  virtual CdmResponseType ReleaseKey(const CdmKeyResponse& key_response);

-  bool IsKeyLoaded(const KeyId& key_id);
+  virtual bool IsKeyLoaded(const KeyId& key_id);

-  bool AttachEventListener(WvCdmEventListener* listener);
-  bool DetachEventListener(WvCdmEventListener* listener);
+  virtual bool AttachEventListener(WvCdmEventListener* listener);
+  virtual bool DetachEventListener(WvCdmEventListener* listener);

-  void OnTimerEvent();
-  void OnKeyReleaseEvent(const CdmKeySetId& key_set_id);
+  virtual void OnTimerEvent();
+  virtual void OnKeyReleaseEvent(const CdmKeySetId& key_set_id);

-  SecurityLevel GetRequestedSecurityLevel();
-  CdmSecurityLevel GetSecurityLevel();
+  virtual SecurityLevel GetRequestedSecurityLevel();
+  virtual CdmSecurityLevel GetSecurityLevel();

-  CdmResponseType UpdateUsageInformation();
+  virtual CdmResponseType UpdateUsageInformation();

-  bool is_usage_update_needed() { return is_usage_update_needed_; }
-  void reset_is_usage_update_needed() { is_usage_update_needed_ = false; }
+  virtual bool is_usage_update_needed() { return is_usage_update_needed_; }
+  virtual void reset_is_usage_update_needed() {
+    is_usage_update_needed_ = false;
+  }

 private:
-
  // Generate unique ID for each new session.
  CdmSessionId GenerateSessionId();
  bool GenerateKeySetId(CdmKeySetId* key_set_id);
@@ -115,10 +114,10 @@ class CdmSession {
  scoped_ptr<CryptoSession> crypto_session_;
  PolicyEngine policy_engine_;
  bool license_received_;
-  bool reinitialize_session_;
  bool is_offline_;
  bool is_release_;
  bool is_usage_update_needed_;
+  bool is_initial_decryption_;

  // information useful for offline and usage scenarios
  CdmKeyMessage key_request_;
@@ -133,10 +132,6 @@ class CdmSession {
  // license type release and offline related information
  CdmKeySetId key_set_id_;

-  // Used for certificate based licensing
-  std::string wrapped_key_;
-  bool is_certificate_loaded_;
-
  std::set<WvCdmEventListener*> listeners_;

  CORE_DISALLOW_COPY_AND_ASSIGN(CdmSession);
--- a/libwvdrmengine/cdm/core/include/crypto_session.h
+++ b/libwvdrmengine/cdm/core/include/crypto_session.h
@@ -19,61 +19,61 @@ typedef std::map<CryptoKeyId, CryptoKey*> CryptoKeyMap;
 class CryptoSession {
 public:
  CryptoSession();
-  ~CryptoSession();
+  virtual ~CryptoSession();

-  bool ValidateKeybox();
-  bool GetToken(std::string* token);
-  CdmSecurityLevel GetSecurityLevel();
-  bool GetDeviceUniqueId(std::string* device_id);
-  bool GetSystemId(uint32_t* system_id);
-  bool GetProvisioningId(std::string* provisioning_id);
+  virtual bool ValidateKeybox();
+  virtual bool GetToken(std::string* token);
+  virtual CdmSecurityLevel GetSecurityLevel();
+  virtual bool GetDeviceUniqueId(std::string* device_id);
+  virtual bool GetApiVersion(uint32_t* version);
+  virtual bool GetSystemId(uint32_t* system_id);
+  virtual bool GetProvisioningId(std::string* provisioning_id);

-  CdmResponseType Open() { return Open(kLevelDefault); }
-  CdmResponseType Open(SecurityLevel requested_security_level);
-  void Close();
+  virtual CdmResponseType Open() { return Open(kLevelDefault); }
+  virtual CdmResponseType Open(SecurityLevel requested_security_level);
+  virtual void Close();

-  bool IsOpen() { return open_; }
-  CryptoSessionId oec_session_id() { return oec_session_id_; }
+  virtual bool IsOpen() { return open_; }
+  virtual CryptoSessionId oec_session_id() { return oec_session_id_; }

  // Key request/response
-  void GenerateRequestId(std::string& req_id_str);
-  bool PrepareRequest(const std::string& key_deriv_message,
-                      bool is_provisioning, std::string* signature);
-  bool PrepareRenewalRequest(const std::string& message,
-                             std::string* signature);
-  CdmResponseType LoadKeys(const std::string& message,
-                           const std::string& signature,
-                           const std::string& mac_key_iv,
-                           const std::string& mac_key,
-                           const std::vector<CryptoKey>& key_array,
-                           const std::string& provider_session_token);
-  bool LoadCertificatePrivateKey(std::string& wrapped_key);
-  bool RefreshKeys(const std::string& message, const std::string& signature,
-                   int num_keys, const CryptoKey* key_array);
-  bool GenerateNonce(uint32_t* nonce);
-  bool GenerateDerivedKeys(const std::string& message);
-  bool GenerateDerivedKeys(const std::string& message,
-                           const std::string& session_key);
-  bool RewrapDeviceRSAKey(const std::string& message,
-                          const std::string& signature,
-                          const std::string& nonce,
-                          const std::string& enc_rsa_key,
-                          const std::string& rsa_key_iv,
-                          std::string* wrapped_rsa_key);
+  virtual void GenerateRequestId(std::string& req_id_str);
+  virtual bool PrepareRequest(const std::string& key_deriv_message,
+                              bool is_provisioning, std::string* signature);
+  virtual bool PrepareRenewalRequest(const std::string& message,
+                                     std::string* signature);
+  virtual CdmResponseType LoadKeys(const std::string& message,
+                                   const std::string& signature,
+                                   const std::string& mac_key_iv,
+                                   const std::string& mac_key,
+                                   const std::vector<CryptoKey>& key_array,
+                                   const std::string& provider_session_token);
+  virtual bool LoadCertificatePrivateKey(std::string& wrapped_key);
+  virtual bool RefreshKeys(const std::string& message,
+                           const std::string& signature, int num_keys,
+                           const CryptoKey* key_array);
+  virtual bool GenerateNonce(uint32_t* nonce);
+  virtual bool GenerateDerivedKeys(const std::string& message);
+  virtual bool GenerateDerivedKeys(const std::string& message,
+                                   const std::string& session_key);
+  virtual bool RewrapDeviceRSAKey(const std::string& message,
+                                  const std::string& signature,
+                                  const std::string& nonce,
+                                  const std::string& enc_rsa_key,
+                                  const std::string& rsa_key_iv,
+                                  std::string* wrapped_rsa_key);

  // Media data path
-  CdmResponseType Decrypt(const CdmDecryptionParameters& parameters);
+  virtual CdmResponseType Decrypt(const CdmDecryptionParameters& parameters);

-  CdmResponseType UpdateUsageInformation();
-  CdmResponseType GenerateUsageReport(
-      const std::string& provider_session_token,
-      std::string* usage_report);
-  CdmResponseType ReleaseUsageInformation(
-      const std::string& message,
-      const std::string& signature,
+  virtual CdmResponseType UpdateUsageInformation();
+  virtual CdmResponseType GenerateUsageReport(
+      const std::string& provider_session_token, std::string* usage_report);
+  virtual CdmResponseType ReleaseUsageInformation(
+      const std::string& message, const std::string& signature,
      const std::string& provider_session_token);

-  bool GetRandom(size_t data_length, uint8_t* random_data);
+  virtual bool GetRandom(size_t data_length, uint8_t* random_data);

 private:
  void Init();
@@ -82,8 +82,8 @@ class CryptoSession {
                          std::string* deriv_context);
  void GenerateEncryptContext(const std::string& input_context,
                              std::string* deriv_context);
-  bool GenerateSignature(const std::string& message, bool use_rsa,
-                         std::string* signature);
+  bool GenerateSignature(const std::string& message, std::string* signature);
+  bool GenerateRsaSignature(const std::string& message, std::string* signature);
  size_t GetOffset(std::string message, std::string field);
  bool SetDestinationBufferType();

--- a/libwvdrmengine/cdm/core/include/device_files.h
+++ b/libwvdrmengine/cdm/core/include/device_files.h
@@ -5,6 +5,10 @@

 #include "wv_cdm_types.h"

+#if defined(UNIT_TEST)
+#include <gtest/gtest_prod.h>
+#endif
+
 namespace wvcdm {

 class File;
@@ -57,23 +61,38 @@ class DeviceFiles {
  virtual bool RetrieveUsageInfo(
      std::vector<std::pair<CdmKeyMessage, CdmKeyResponse> >* usage_info);

-  // For testing only
-  static std::string GetCertificateFileName();
-  static std::string GetLicenseFileNameExtension();
-  static std::string GetUsageInfoFileName();
-  void SetTestFile(File* file);
-
- protected:
-  bool Hash(const std::string& data, std::string* hash);
+ private:
  bool StoreFile(const char* name, const std::string& serialized_file);
  bool RetrieveFile(const char* name, std::string* serialized_file);

- private:
  // Certificate and offline licenses are now stored in security
  // level specific directories. In an earlier version they were
  // stored in a common directory and need to be copied over.
  virtual void SecurityLevelPathBackwardCompatibility();

+  // For testing only:
+  static std::string GetCertificateFileName();
+  static std::string GetLicenseFileNameExtension();
+  static std::string GetUsageInfoFileName();
+  void SetTestFile(File* file);
+#if defined(UNIT_TEST)
+  FRIEND_TEST(DeviceFilesSecurityLevelTest, SecurityLevel);
+  FRIEND_TEST(DeviceFilesStoreTest, StoreCertificate);
+  FRIEND_TEST(DeviceFilesStoreTest, StoreLicense);
+  FRIEND_TEST(DeviceFilesTest, DeleteLicense);
+  FRIEND_TEST(DeviceFilesTest, ReadCertificate);
+  FRIEND_TEST(DeviceFilesTest, RetrieveLicenses);
+  FRIEND_TEST(DeviceFilesTest, SecurityLevelPathBackwardCompatibility);
+  FRIEND_TEST(DeviceFilesTest, StoreLicenses);
+  FRIEND_TEST(DeviceFilesTest, UpdateLicenseState);
+  FRIEND_TEST(DeviceFilesUsageInfoTest, Delete);
+  FRIEND_TEST(DeviceFilesUsageInfoTest, Read);
+  FRIEND_TEST(DeviceFilesUsageInfoTest, Store);
+  FRIEND_TEST(WvCdmRequestLicenseTest, UnprovisionTest);
+  FRIEND_TEST(WvCdmRequestLicenseTest, ForceL3Test);
+  FRIEND_TEST(WvCdmUsageInfoTest, DISABLED_UsageInfo);
+#endif
+
  File* file_;
  CdmSecurityLevel security_level_;
  bool initialized_;
--- a/libwvdrmengine/cdm/core/include/file_store.h
+++ b/libwvdrmengine/cdm/core/include/file_store.h
@@ -7,6 +7,9 @@

 #include "wv_cdm_types.h"

+#include <stddef.h>
+#include <stdlib.h>
+
 namespace wvcdm {

 // File class. The implementation is platform dependent.
--- a/libwvdrmengine/cdm/core/include/license.h
+++ b/libwvdrmengine/cdm/core/include/license.h
@@ -23,32 +23,32 @@ class CdmLicense {
 public:

  CdmLicense() : session_(NULL), initialized_(false) {}
-  ~CdmLicense() {}
+  virtual ~CdmLicense() {}

-  bool Init(const std::string& token, CryptoSession* session,
+  virtual bool Init(const std::string& token, CryptoSession* session,
            PolicyEngine* policy_engine);

-  bool PrepareKeyRequest(const InitializationData& init_data,
+  virtual bool PrepareKeyRequest(const InitializationData& init_data,
                         const CdmLicenseType license_type,
                         const CdmAppParameterMap& app_parameters,
                         const CdmSessionId& session_id,
                         CdmKeyMessage* signed_request,
                         std::string* server_url);
-  bool PrepareKeyUpdateRequest(bool is_renewal, CdmKeyMessage* signed_request,
+  virtual bool PrepareKeyUpdateRequest(bool is_renewal, CdmKeyMessage* signed_request,
                               std::string* server_url);
-  CdmResponseType HandleKeyResponse(const CdmKeyResponse& license_response);
-  CdmResponseType HandleKeyUpdateResponse(
+  virtual CdmResponseType HandleKeyResponse(const CdmKeyResponse& license_response);
+  virtual CdmResponseType HandleKeyUpdateResponse(
      bool is_renewal, const CdmKeyResponse& license_response);

-  bool RestoreOfflineLicense(const CdmKeyMessage& license_request,
+  virtual bool RestoreOfflineLicense(const CdmKeyMessage& license_request,
                             const CdmKeyResponse& license_response,
                             const CdmKeyResponse& license_renewal_response);
-  bool RestoreUsageLicense(const CdmKeyMessage& license_request,
+  virtual bool RestoreUsageLicense(const CdmKeyMessage& license_request,
                           const CdmKeyResponse& license_response);
-  bool HasInitData() { return !stored_init_data_.empty(); }
-  bool IsKeyLoaded(const KeyId& key_id);
+  virtual bool HasInitData() { return !stored_init_data_.empty(); }
+  virtual bool IsKeyLoaded(const KeyId& key_id);

-  std::string provider_session_token() { return provider_session_token_; }
+  virtual std::string provider_session_token() { return provider_session_token_; }

 private:
  bool PrepareServiceCertificateRequest(CdmKeyMessage* signed_request,
--- a/libwvdrmengine/cdm/core/include/log.h
+++ b/libwvdrmengine/cdm/core/include/log.h
@@ -17,6 +17,8 @@ typedef enum {
  LOG_VERBOSE
 } LogPriority;

+extern LogPriority g_cutoff;
+
 // Enable/disable verbose logging (LOGV).
 // This function is supplied for cases where the system layer does not
 // initialize logging.  This is also needed to initialize logging in
--- a/libwvdrmengine/cdm/core/include/oemcrypto_adapter.h
+++ b/libwvdrmengine/cdm/core/include/oemcrypto_adapter.h
@@ -1,9 +1,5 @@
 // Copyright 2013 Google Inc. All Rights Reserved.
 //
-// oemcrypto_adapter.h
-// This interface allows CDM to open a Level 3 session instead of
-// letting the wrapper function choose between level 1 or level 3.
-//
 #ifndef WVCDM_CORE_OEMCRYPTO_ADAPTER_H_
 #define WVCDM_CORE_OEMCRYPTO_ADAPTER_H_

--- a/libwvdrmengine/cdm/core/include/policy_engine.h
+++ b/libwvdrmengine/cdm/core/include/policy_engine.h
@@ -10,6 +10,8 @@

 namespace wvcdm {

+using video_widevine_server::sdk::LicenseIdentification;
+
 class Clock;
 class PolicyEngineTest;

@@ -18,53 +20,46 @@ class PolicyEngineTest;
 class PolicyEngine {
 public:
  PolicyEngine();
-  ~PolicyEngine();
+  virtual ~PolicyEngine();

  // The value returned should be taken as a hint rather than an absolute
  // status. It is computed during the last call to either SetLicense/
  // UpdateLicense/OnTimerEvent/BeginDecryption and may be out of sync
  // depending on the amount of time elapsed. The current decryption
  // status is not calculated to avoid overhead in the decryption path.
-  inline bool can_decrypt() { return can_decrypt_; }
+  virtual bool can_decrypt() { return can_decrypt_; }

  // OnTimerEvent is called when a timer fires. It notifies the Policy Engine
  // that the timer has fired and that it should check whether any events have
  // occurred since the last timer event. If so, it sets event_occurred to true
  // and sets event to point to the event that occurred. If not, it sets
  // event_occurred to false.
-  void OnTimerEvent(bool* event_occurred, CdmEventType* event);
+  virtual void OnTimerEvent(bool* event_occurred, CdmEventType* event);

  // SetLicense is used in handling the initial license response. It stores
  // an exact copy of the policy information stored in the license.
  // The license state transitions to kLicenseStateCanPlay if the license
  // permits playback.
-  void SetLicense(const video_widevine_server::sdk::License& license);
+  virtual void SetLicense(const video_widevine_server::sdk::License& license);

-  // Call this on first decrypt to set the start of playback. This is
-  // for cases where usage begins not when the license is received,
-  // but at the start of playback
-  void BeginDecryption(void);
+  // Call this on first decrypt to set the start of playback.
+  virtual void BeginDecryption(void);

  // UpdateLicense is used in handling a license response for a renewal request.
  // The response may only contain any policy fields that have changed. In this
  // case an exact copy is not what we want to happen. We also will receive an
  // updated license_start_time from the server. The license will transition to
  // kLicenseStateCanPlay if the license permits playback.
-  void UpdateLicense(const video_widevine_server::sdk::License& license);
+  virtual void UpdateLicense(
+      const video_widevine_server::sdk::License& license);

-  CdmResponseType Query(CdmQueryMap* key_info);
+  virtual CdmResponseType Query(CdmQueryMap* key_info);

-  const video_widevine_server::sdk::LicenseIdentification& license_id() {
-    return license_id_;
-  }
-
-  bool IsLicenseDurationExpired(int64_t current_time);
-  bool IsPlaybackDurationExpired(int64_t current_time);
+  virtual const LicenseIdentification& license_id() { return license_id_; }

 private:
  typedef enum {
    kLicenseStateInitial,
-    kLicenseStateInitialPendingUsage,
    kLicenseStateCanPlay,
    kLicenseStateNeedRenewal,
    kLicenseStateWaitingLicenseUpdate,
@@ -73,6 +68,11 @@ class PolicyEngine {

  void Init(Clock* clock);

+  bool IsLicenseDurationExpired(int64_t current_time);
+  int64_t GetLicenseDurationRemaining(int64_t current_time);
+  bool IsPlaybackDurationExpired(int64_t current_time);
+  int64_t GetPlaybackDurationRemaining(int64_t current_time);
+
  bool IsRenewalDelayExpired(int64_t current_time);
  bool IsRenewalRecoveryDurationExpired(int64_t current_time);
  bool IsRenewalRetryIntervalExpired(int64_t current_time);
--- a/libwvdrmengine/cdm/core/include/privacy_crypto.h
+++ b/libwvdrmengine/cdm/core/include/privacy_crypto.h
@@ -24,30 +24,27 @@

 #include <string>

-#include "openssl/evp.h"
-#include "openssl/rsa.h"
 #include "wv_cdm_types.h"

 namespace wvcdm {

 class AesCbcKey {
 public:
-  AesCbcKey() : initialized_(false) {};
-  ~AesCbcKey() {};
+  AesCbcKey();
+  ~AesCbcKey();

  bool Init(const std::string& key);
  bool Encrypt(const std::string& in, std::string* out, std::string* iv);

 private:
-  EVP_CIPHER_CTX ctx_;
-  bool initialized_;
+  std::string key_;

  CORE_DISALLOW_COPY_AND_ASSIGN(AesCbcKey);
 };

 class RsaPublicKey {
 public:
-  RsaPublicKey() : key_(NULL) {}
+  RsaPublicKey();
  ~RsaPublicKey();

  // Initializes an RsaPublicKey object using a DER encoded PKCS#1 RSAPublicKey
@@ -64,7 +61,7 @@ class RsaPublicKey {
                       const std::string& signature);

 private:
-  RSA* key_;
+  std::string serialized_key_;

  CORE_DISALLOW_COPY_AND_ASSIGN(RsaPublicKey);
 };
--- a/libwvdrmengine/cdm/core/include/properties.h
+++ b/libwvdrmengine/cdm/core/include/properties.h
@@ -26,12 +26,6 @@ class Properties {
 public:
  static void Init();

-  static inline bool begin_license_usage_when_received() {
-    return begin_license_usage_when_received_;
-  }
-  static inline bool require_explicit_renew_request() {
-    return require_explicit_renew_request_;
-  }
  static inline bool oem_crypto_use_secure_buffers() {
    return oem_crypto_use_secure_buffers_;
  }
@@ -45,9 +39,6 @@ class Properties {
  static inline bool use_certificates_as_identification() {
    return use_certificates_as_identification_;
  }
-  static inline bool decrypt_with_empty_session_support() {
-    return decrypt_with_empty_session_support_;
-  }
  static inline bool security_level_path_backward_compatibility_support() {
    return security_level_path_backward_compatibility_support_;
  }
@@ -62,9 +53,10 @@ class Properties {
  static bool GetFactoryKeyboxPath(std::string* keybox);
  static bool GetOEMCryptoPath(std::string* library_name);
  static bool GetSecurityLevelDirectories(std::vector<std::string>* dirs);
-  static const std::string GetSecurityLevel(const CdmSessionId& session_id);
-  static const std::vector<uint8_t> GetServiceCertificate(
-      const CdmSessionId& session_id);
+  static bool GetSecurityLevel(const CdmSessionId& session_id,
+                               std::string* security_level);
+  static bool GetServiceCertificate(const CdmSessionId& session_id,
+                                    std::string* service_certificate);
  static bool UsePrivacyMode(const CdmSessionId& session_id);
  static uint32_t GetSessionSharingId(const CdmSessionId& session_id);

@@ -75,12 +67,6 @@ class Properties {
 private:
  static const CdmClientPropertySet* GetCdmClientPropertySet(
      const CdmSessionId& session_id);
-  static void set_begin_license_usage_when_received(bool flag) {
-    begin_license_usage_when_received_ = flag;
-  }
-  static void set_require_explicit_renew_request(bool flag) {
-    require_explicit_renew_request_ = flag;
-  }
  static void set_oem_crypto_use_secure_buffers(bool flag) {
    oem_crypto_use_secure_buffers_ = flag;
  }
@@ -96,23 +82,17 @@ class Properties {
  static void set_use_certificates_as_identification(bool flag) {
    use_certificates_as_identification_ = flag;
  }
-  static void set_decrypt_with_empty_session_support(bool flag) {
-    decrypt_with_empty_session_support_ = flag;
-  }
  static void set_security_level_path_backward_compatibility_support(
      bool flag) {
    security_level_path_backward_compatibility_support_ = flag;
  }

 private:
-  static bool begin_license_usage_when_received_;
-  static bool require_explicit_renew_request_;
  static bool oem_crypto_use_secure_buffers_;
  static bool oem_crypto_use_fifo_;
  static bool oem_crypto_use_userspace_buffers_;
  static bool oem_crypto_require_usage_tables_;
  static bool use_certificates_as_identification_;
-  static bool decrypt_with_empty_session_support_;
  static bool security_level_path_backward_compatibility_support_;
  static scoped_ptr<CdmClientPropertySetMap> session_property_set_;

--- a/libwvdrmengine/cdm/core/include/wv_cdm_types.h
+++ b/libwvdrmengine/cdm/core/include/wv_cdm_types.h
@@ -28,11 +28,6 @@ typedef std::string CdmUsageInfoReleaseMessage;
 typedef std::string CdmProvisioningRequest;
 typedef std::string CdmProvisioningResponse;

-// Types for shared host/cdm interface pairs used to shared vendor data.
-typedef std::pair<std::string, std::string> kStringPairs;
-typedef std::vector<uint8_t> kVectorBytes;
-typedef std::pair<std::string, kVectorBytes> kVectorPairs;
-
 enum CdmResponseType {
  NO_ERROR,
  UNKNOWN_ERROR,