SPOID

(This is a merge of go/wvgerrit/23182) This patch adds the framework for Stable Per-Origin Identifiers to the CDM. Calculating SPOIDs will be done on the client-side, and they are sent as part of the provisioning request. SPOIDs are also available to the app as the Device Unique ID, replacing the previous method of returning the actual Device Unique ID from the keybox / OEM certificate. Different SPOIDs must use separate storage, just as different origins already do. Support for this has been added to the Android adapter to the CDM Core. However, the code in the Android glue layer that would drive this behavior will be checked in in a separate change. As such, all Android devices will continue using the legacy behavior even after this patch goes in, until the glue layer code can be updated. Bug: 27101531 Test: CE CDM Unit Tests Test: Linux Jenkins Unit Tests Test: Android Unit Tests (with and without SPOIDs forced on) Test: Android GTS Tests Change-Id: Ia0caf890381cbcb97504d08b19aeab8b29bd07ae
2017-01-25 14:35:50 -08:00
parent 5249221e3a
commit c85351682f
18 changed files with 511 additions and 290 deletions
--- a/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp
+++ b/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp
@@ -7,6 +7,7 @@
 #include <gmock/gmock.h>
 #include <gtest/gtest.h>

+#include "cdm_identifier.h"
 #include "clock.h"
 #include "config_test_env.h"
 #include "device_files.h"
@@ -275,8 +276,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {

    EXPECT_EQ(KEY_MESSAGE, decryptor_.GenerateKeyRequest(
                               session_id_, key_set_id_, "video/mp4", init_data,
-                               license_type, app_parameters, NULL, EMPTY_ORIGIN,
-                               &key_request));
+                               license_type, app_parameters, NULL,
+                               kDefaultCdmIdentifier, &key_request));
    EXPECT_EQ(kKeyRequestTypeInitial, key_request.type);
    key_msg_ = key_request.message;
    EXPECT_EQ(0u, key_request.url.size());
@@ -293,8 +294,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {

    EXPECT_EQ(KEY_MESSAGE, decryptor_.GenerateKeyRequest(
                               session_id_, key_set_id_, "video/mp4", init_data,
-                               license_type, app_parameters, NULL, EMPTY_ORIGIN,
-                               &key_request));
+                               license_type, app_parameters, NULL,
+                               kDefaultCdmIdentifier, &key_request));

    *server_url = key_request.url;
    key_msg_ = key_request.message;
@@ -314,7 +315,7 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
    EXPECT_EQ(expected_response, decryptor_.GenerateKeyRequest(
                               session_id, key_set_id, "video/mp4", init_data,
                               kLicenseTypeRelease, app_parameters, NULL,
-                               EMPTY_ORIGIN, &key_request));
+                               kDefaultCdmIdentifier, &key_request));

    if (expected_response == KEY_MESSAGE) {
      key_msg_ = key_request.message;
@@ -420,13 +421,15 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
  }

  void Unprovision() {
-    EXPECT_EQ(NO_ERROR, decryptor_.Unprovision(kSecurityLevelL1, EMPTY_ORIGIN));
-    EXPECT_EQ(NO_ERROR, decryptor_.Unprovision(kSecurityLevelL3, EMPTY_ORIGIN));
+    EXPECT_EQ(NO_ERROR,
+              decryptor_.Unprovision(kSecurityLevelL1, kDefaultCdmIdentifier));
+    EXPECT_EQ(NO_ERROR,
+              decryptor_.Unprovision(kSecurityLevelL3, kDefaultCdmIdentifier));
  }

  void Provision() {
    CdmResponseType status =
-        decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL,
+        decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
                               &session_id_);
    switch (status) {
      case NO_ERROR:
@@ -444,7 +447,7 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
    std::string cert_authority, cert, wrapped_key;

    status = decryptor_.GetProvisioningRequest(
-        cert_type, cert_authority, EMPTY_ORIGIN, &key_msg_,
+        cert_type, cert_authority, kDefaultCdmIdentifier, &key_msg_,
        &provisioning_server_url);
    EXPECT_EQ(NO_ERROR, status);
    if (NO_ERROR != status) return;
@@ -454,8 +457,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
        GetCertRequestResponse(g_config->provisioning_server_url());
    EXPECT_NE(0, static_cast<int>(response.size()));
    EXPECT_EQ(NO_ERROR,
-        decryptor_.HandleProvisioningResponse(EMPTY_ORIGIN, response, &cert,
-                                              &wrapped_key));
+        decryptor_.HandleProvisioningResponse(kDefaultCdmIdentifier, response,
+                                              &cert, &wrapped_key));
    EXPECT_EQ(0, static_cast<int>(cert.size()));
    EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
    decryptor_.CloseSession(session_id_);
@@ -651,8 +654,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
  }

  std::string GetSecurityLevel(TestWvCdmClientPropertySet* property_set) {
-    decryptor_.OpenSession(g_key_system, property_set, EMPTY_ORIGIN, NULL,
-                           &session_id_);
+    decryptor_.OpenSession(g_key_system, property_set, kDefaultCdmIdentifier,
+                           NULL, &session_id_);
    CdmQueryMap query_info;
    EXPECT_EQ(NO_ERROR,
              decryptor_.QuerySessionStatus(session_id_, &query_info));
@@ -685,7 +688,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {

 TEST_F(WvCdmExtendedDurationTest, VerifyLicenseRequestTest) {
  Provision();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);

  EXPECT_TRUE(!key_msg_.empty());
@@ -753,7 +757,8 @@ TEST_F(WvCdmExtendedDurationTest, VerifyLicenseRequestTest) {

 TEST_F(WvCdmExtendedDurationTest, VerifyLicenseRenewalTest) {
  Provision();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -840,8 +845,8 @@ TEST_F(WvCdmExtendedDurationTest, UsageOverflowTest) {
  EXPECT_TRUE(handle.DeleteAllUsageInfoForApp("", &provider_session_tokens));

  for (size_t i = 0; i < kMaxUsageTableSize + 100; ++i) {
-    decryptor_.OpenSession(g_key_system, property_set, EMPTY_ORIGIN, NULL,
-                           &session_id_);
+    decryptor_.OpenSession(g_key_system, property_set, kDefaultCdmIdentifier,
+                           NULL, &session_id_);
    std::string key_id = a2bs_hex(
        "000000427073736800000000"                  // blob size and pssh
        "EDEF8BA979D64ACEA3C827DCD51D21ED00000022"  // Widevine system id
@@ -900,7 +905,7 @@ TEST_F(WvCdmExtendedDurationTest, DISABLED_AutomatedOfflineSessionReleaseTest) {

  std::set<std::string> key_set_id_map;
  for (uint32_t i = 0; i < num_key_set_ids; ++i) {
-    decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL,
+    decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
                           &session_id_);
    GenerateKeyRequest(kOfflineClip4, kLicenseTypeOffline);
    VerifyKeyRequestResponse(kUatLicenseServer, client_auth, false);
@@ -914,7 +919,7 @@ TEST_F(WvCdmExtendedDurationTest, DISABLED_AutomatedOfflineSessionReleaseTest) {
  for (iter = key_set_id_map.begin(); iter != key_set_id_map.end(); ++iter) {
    session_id_.clear();
    key_set_id_.clear();
-    decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL,
+    decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
                           &session_id_);
    EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, *iter));
    decryptor_.CloseSession(session_id_);
@@ -957,7 +962,8 @@ TEST_P(WvCdmStreamingNoPstTest, UsageTest) {
  Unprovision();
  Provision();

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -1031,7 +1037,8 @@ TEST_P(WvCdmStreamingPstTest, UsageTest) {
  Unprovision();
  Provision();

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(kStreamingClip1PstInitData, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -1096,7 +1103,8 @@ TEST_P(WvCdmStreamingUsageReportTest, UsageTest) {
  Unprovision();
  Provision();

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(kStreamingClip1PstInitData, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -1192,7 +1200,8 @@ TEST_P(WvCdmOfflineUsageReportTest, UsageTest) {
  Unprovision();
  Provision();

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(kOfflineClip2PstInitData, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -1215,7 +1224,8 @@ TEST_P(WvCdmOfflineUsageReportTest, UsageTest) {

  for (size_t i = 0; i < GetParam(); ++i) {
    session_id_.clear();
-    decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+    decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                           &session_id_);
    EXPECT_EQ(KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));

    // Query and validate usage information
@@ -1258,7 +1268,8 @@ TEST_P(WvCdmOfflineUsageReportTest, UsageTest) {
  }

  session_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));

  // Query and validate usage information
--- a/libwvdrmengine/cdm/test/request_license_test.cpp
+++ b/libwvdrmengine/cdm/test/request_license_test.cpp
@@ -8,6 +8,7 @@
 #include <gmock/gmock.h>
 #include <gtest/gtest.h>

+#include "cdm_identifier.h"
 #include "config_test_env.h"
 #include "device_files.h"
 #include "file_store.h"
@@ -48,7 +49,10 @@ const int kHttpOk = 200;
 const int kHttpBadRequest = 400;
 const int kHttpInternalServerError = 500;

-const char kOrigin[] = "com.example";
+const wvcdm::CdmIdentifier kExampleIdentifier = {
+    wvcdm::EMPTY_SPOID,
+    "com.example"
+};

 // Protobuf generated classes
 using video_widevine::LicenseIdentification;
@@ -1038,8 +1042,8 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
    EXPECT_EQ(expected_response,
              decryptor_.GenerateKeyRequest(
                  session_id_, key_set_id, init_data_type, init_data,
-                  license_type, app_parameters, property_set, EMPTY_ORIGIN,
-                  &key_request));
+                  license_type, app_parameters, property_set,
+                  kDefaultCdmIdentifier, &key_request));
    key_msg_ = key_request.message;
    EXPECT_EQ(0u, key_request.url.size());
  }
@@ -1061,7 +1065,7 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
    EXPECT_EQ(wvcdm::KEY_MESSAGE,
              decryptor_.GenerateKeyRequest(
                  session_id_, key_set_id_, "video/mp4", init_data,
-                  license_type, app_parameters, NULL, EMPTY_ORIGIN,
+                  license_type, app_parameters, NULL, kDefaultCdmIdentifier,
                  &key_request));
    key_msg_ = key_request.message;
    *server_url = key_request.url;
@@ -1086,7 +1090,7 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
              decryptor_.GenerateKeyRequest(
                  session_id, key_set_id, "video/mp4", init_data,
                  kLicenseTypeRelease, app_parameters, property_set,
-                  EMPTY_ORIGIN, &key_request));
+                  kDefaultCdmIdentifier, &key_request));
    key_msg_ = key_request.message;
    EXPECT_EQ(kKeyRequestTypeRelease, key_request.type);
    if (key_msg) *key_msg = key_request.message;
@@ -1194,15 +1198,17 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
  }

  void Unprovision() {
-    EXPECT_EQ(NO_ERROR, decryptor_.Unprovision(kSecurityLevelL1, EMPTY_ORIGIN));
-    EXPECT_EQ(NO_ERROR, decryptor_.Unprovision(kSecurityLevelL3, EMPTY_ORIGIN));
+    EXPECT_EQ(NO_ERROR,
+              decryptor_.Unprovision(kSecurityLevelL1, kDefaultCdmIdentifier));
+    EXPECT_EQ(NO_ERROR,
+              decryptor_.Unprovision(kSecurityLevelL3, kDefaultCdmIdentifier));
  }

  void Provision(SecurityLevel level) {
-    Provision(EMPTY_ORIGIN, level);
+    Provision(kDefaultCdmIdentifier, level);
  }

-  void Provision(const std::string& origin, SecurityLevel level) {
+  void Provision(const CdmIdentifier& identifier, SecurityLevel level) {
    TestWvCdmClientPropertySet property_set_L3;
    TestWvCdmClientPropertySet* property_set = NULL;

@@ -1212,7 +1218,7 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
    }

    CdmResponseType status = decryptor_.OpenSession(
-        g_key_system, property_set, origin, NULL, &session_id_);
+        g_key_system, property_set, identifier, NULL, &session_id_);
    switch (status) {
      case NO_ERROR:
        decryptor_.CloseSession(session_id_);
@@ -1229,7 +1235,7 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
    std::string cert_authority, cert, wrapped_key;

    status = decryptor_.GetProvisioningRequest(cert_type, cert_authority,
-                                               origin, &key_msg_,
+                                               identifier, &key_msg_,
                                               &provisioning_server_url);
    EXPECT_EQ(wvcdm::NO_ERROR, status);
    if (NO_ERROR != status) return;
@@ -1239,7 +1245,7 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
        GetCertRequestResponse(g_config->provisioning_server_url());
    EXPECT_NE(0, static_cast<int>(response.size()));
    EXPECT_EQ(wvcdm::NO_ERROR,
-              decryptor_.HandleProvisioningResponse(origin, response,
+              decryptor_.HandleProvisioningResponse(identifier, response,
                                                    &cert, &wrapped_key));
    EXPECT_EQ(0, static_cast<int>(cert.size()));
    EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
@@ -1249,8 +1255,9 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {

  std::string GetSecurityLevel(TestWvCdmClientPropertySet* property_set) {
    EXPECT_EQ(NO_ERROR,
-              decryptor_.OpenSession(g_key_system, property_set, EMPTY_ORIGIN,
-                                     NULL, &session_id_));
+              decryptor_.OpenSession(g_key_system, property_set,
+                                     kDefaultCdmIdentifier, NULL,
+                                     &session_id_));
    CdmQueryMap query_info;
    EXPECT_EQ(wvcdm::NO_ERROR,
              decryptor_.QuerySessionStatus(session_id_, &query_info));
@@ -1298,39 +1305,44 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
 };

 TEST_F(WvCdmRequestLicenseTest, ProvisioningTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  std::string provisioning_server_url;
  CdmCertificateType cert_type = kCertificateWidevine;
  std::string cert_authority, cert, wrapped_key;

  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest(
-                                 cert_type, cert_authority, EMPTY_ORIGIN,
-                                 &key_msg_, &provisioning_server_url));
+                                 cert_type, cert_authority,
+                                 kDefaultCdmIdentifier, &key_msg_,
+                                 &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());

  std::string response =
      GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
-                                 EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                                 kDefaultCdmIdentifier, response, &cert,
+                                 &wrapped_key));
  EXPECT_EQ(0, static_cast<int>(cert.size()));
  EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
  decryptor_.CloseSession(session_id_);
 }

 TEST_F(WvCdmRequestLicenseTest, PerOriginProvisioningTest) {
-  EXPECT_EQ(NO_ERROR, decryptor_.Unprovision(kSecurityLevelL3, kOrigin));
+  EXPECT_EQ(NO_ERROR,
+            decryptor_.Unprovision(kSecurityLevelL3, kExampleIdentifier));

-  // Verify the empty origin is provisioned.
+  // Verify the global identifier is provisioned.
  EXPECT_EQ(wvcdm::NO_ERROR,
-            decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL,
-                                   &session_id_));
+            decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier,
+                                   NULL, &session_id_));
  decryptor_.CloseSession(session_id_);

-  // The other origin should not be provisioned.
+  // The other identifier should not be provisioned.
  EXPECT_EQ(
      wvcdm::NEED_PROVISIONING,
-      decryptor_.OpenSession(g_key_system, NULL, kOrigin, NULL, &session_id_));
+      decryptor_.OpenSession(g_key_system, NULL, kExampleIdentifier, NULL,
+                             &session_id_));
 }

 TEST_F(WvCdmRequestLicenseTest, PerOriginProvisioningSupportsOldPaths) {
@@ -1338,12 +1350,14 @@ TEST_F(WvCdmRequestLicenseTest, PerOriginProvisioningSupportsOldPaths) {
  // not break existing clients if we decide to change the naming/paths of
  // certificates.
  const char kOldFileName[] = "cert0LF0GfM75iqlNA_sByaQMA==.bin";
-  ASSERT_EQ("com.example", kOrigin);
+  ASSERT_EQ("com.example", kExampleIdentifier.origin);

  // Unprovision the device and delete all files.
-  EXPECT_EQ(NO_ERROR, decryptor_.Unprovision(kSecurityLevelL3, kOrigin));
-  EXPECT_EQ(NO_ERROR, decryptor_.Unprovision(kSecurityLevelL3, EMPTY_ORIGIN));
-  Provision(kOrigin, kLevel3);
+  EXPECT_EQ(NO_ERROR,
+            decryptor_.Unprovision(kSecurityLevelL3, kExampleIdentifier));
+  EXPECT_EQ(NO_ERROR,
+            decryptor_.Unprovision(kSecurityLevelL3, kDefaultCdmIdentifier));
+  Provision(kExampleIdentifier, kLevel3);

  std::string base_path;
  ASSERT_TRUE(Properties::GetDeviceFilesBasePath(kSecurityLevelL3, &base_path));
@@ -1354,8 +1368,8 @@ TEST_F(WvCdmRequestLicenseTest, PerOriginProvisioningSupportsOldPaths) {
  ASSERT_EQ(1u, files.size());
  EXPECT_EQ(kOldFileName, files[0]);

-  // Reprovision the empty origin.
-  Provision(EMPTY_ORIGIN, kLevel3);
+  // Reprovision the default identifier.
+  Provision(kDefaultCdmIdentifier, kLevel3);
 }

 TEST_F(WvCdmRequestLicenseTest, UnprovisionTest) {
@@ -1367,25 +1381,29 @@ TEST_F(WvCdmRequestLicenseTest, UnprovisionTest) {
  std::string wrapped_private_key;
  EXPECT_TRUE(handle.RetrieveCertificate(&certificate, &wrapped_private_key));

-  EXPECT_EQ(NO_ERROR, decryptor_.Unprovision(security_level, EMPTY_ORIGIN));
+  EXPECT_EQ(NO_ERROR,
+            decryptor_.Unprovision(security_level, kDefaultCdmIdentifier));
  EXPECT_FALSE(handle.RetrieveCertificate(&certificate, &wrapped_private_key));
 }

 TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  std::string provisioning_server_url;
  CdmCertificateType cert_type = kCertificateWidevine;
  std::string cert_authority, cert, wrapped_key;
  CdmKeyMessage key_msg1, key_msg2;

  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest(
-                                 cert_type, cert_authority, EMPTY_ORIGIN,
-                                 &key_msg1, &provisioning_server_url));
+                                 cert_type, cert_authority,
+                                 kDefaultCdmIdentifier, &key_msg1,
+                                 &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());

  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest(
-                                 cert_type, cert_authority, EMPTY_ORIGIN,
-                                 &key_msg2, &provisioning_server_url));
+                                 cert_type, cert_authority,
+                                 kDefaultCdmIdentifier, &key_msg2,
+                                 &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());

  key_msg_ = key_msg2;
@@ -1393,7 +1411,8 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) {
      GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
-                                 EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                                 kDefaultCdmIdentifier, response, &cert,
+                                 &wrapped_key));
  EXPECT_EQ(0, static_cast<int>(cert.size()));
  EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));

@@ -1401,7 +1420,8 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) {
  response = GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(wvcdm::NO_ERROR,
-            decryptor_.HandleProvisioningResponse(EMPTY_ORIGIN, response, &cert,
+            decryptor_.HandleProvisioningResponse(kDefaultCdmIdentifier,
+                                                  response, &cert,
                                                  &wrapped_key));
  EXPECT_EQ(0, static_cast<int>(cert.size()));
  EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
@@ -1409,20 +1429,23 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) {
 }

 TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  std::string provisioning_server_url;
  CdmCertificateType cert_type = kCertificateWidevine;
  std::string cert_authority, cert, wrapped_key;
  std::string key_msg1, key_msg2;

  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest(
-                                 cert_type, cert_authority, EMPTY_ORIGIN,
-                                 &key_msg1, &provisioning_server_url));
+                                 cert_type, cert_authority,
+                                 kDefaultCdmIdentifier, &key_msg1,
+                                 &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());

  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest(
-                                 cert_type, cert_authority, EMPTY_ORIGIN,
-                                 &key_msg2, &provisioning_server_url));
+                                 cert_type, cert_authority,
+                                 kDefaultCdmIdentifier, &key_msg2,
+                                 &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());

  key_msg_ = key_msg1;
@@ -1430,7 +1453,8 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) {
      GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(wvcdm::CERT_PROVISIONING_RESPONSE_ERROR_6,
-            decryptor_.HandleProvisioningResponse(EMPTY_ORIGIN, response, &cert,
+            decryptor_.HandleProvisioningResponse(kDefaultCdmIdentifier,
+                                                  response, &cert,
                                                  &wrapped_key));
  EXPECT_EQ(0, static_cast<int>(cert.size()));
  EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
@@ -1439,7 +1463,8 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) {
  response = GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
-                                 EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                                 kDefaultCdmIdentifier, response, &cert,
+                                 &wrapped_key));
  EXPECT_EQ(0, static_cast<int>(cert.size()));
  EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));

@@ -1447,7 +1472,8 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) {
 }

 TEST_F(WvCdmRequestLicenseTest, DISABLED_X509ProvisioningTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  std::string provisioning_server_url;
  CdmCertificateType cert_type = kCertificateX509;
  // TODO(rfrias): insert appropriate CA here
@@ -1455,15 +1481,17 @@ TEST_F(WvCdmRequestLicenseTest, DISABLED_X509ProvisioningTest) {
  std::string cert, wrapped_key;

  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest(
-                                 cert_type, cert_authority, EMPTY_ORIGIN,
-                                 &key_msg_, &provisioning_server_url));
+                                 cert_type, cert_authority,
+                                 kDefaultCdmIdentifier, &key_msg_,
+                                 &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());

  std::string response =
      GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
-                                 EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                                 kDefaultCdmIdentifier, response, &cert,
+                                 &wrapped_key));
  EXPECT_NE(0, static_cast<int>(cert.size()));
  EXPECT_NE(0, static_cast<int>(wrapped_key.size()));
  decryptor_.CloseSession(session_id_);
@@ -1479,37 +1507,40 @@ TEST_F(WvCdmRequestLicenseTest, PropertySetTest) {

  property_set_L1.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L1);
  property_set_L1.set_use_privacy_mode(true);
-  decryptor_.OpenSession(g_key_system, &property_set_L1, EMPTY_ORIGIN, NULL,
-                         &session_id_L1);
+  decryptor_.OpenSession(g_key_system, &property_set_L1, kDefaultCdmIdentifier,
+                         NULL, &session_id_L1);
  property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);
  property_set_L3.set_use_privacy_mode(false);

  CdmResponseType sts = decryptor_.OpenSession(
-      g_key_system, &property_set_L3, EMPTY_ORIGIN, NULL, &session_id_L3);
+      g_key_system, &property_set_L3, kDefaultCdmIdentifier, NULL,
+      &session_id_L3);

  if (NEED_PROVISIONING == sts) {
    std::string provisioning_server_url;
    CdmCertificateType cert_type = kCertificateWidevine;
    std::string cert_authority, cert, wrapped_key;
    EXPECT_EQ(NO_ERROR, decryptor_.GetProvisioningRequest(
-                            cert_type, cert_authority, EMPTY_ORIGIN, &key_msg_,
-                            &provisioning_server_url));
+                            cert_type, cert_authority, kDefaultCdmIdentifier,
+                            &key_msg_, &provisioning_server_url));
    EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());
    std::string response =
        GetCertRequestResponse(g_config->provisioning_server_url());
    EXPECT_NE(0, static_cast<int>(response.size()));
    EXPECT_EQ(NO_ERROR, decryptor_.HandleProvisioningResponse(
-                            EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                            kDefaultCdmIdentifier, response, &cert,
+                            &wrapped_key));
    EXPECT_EQ(NO_ERROR,
              decryptor_.OpenSession(g_key_system, &property_set_L3,
-                                     EMPTY_ORIGIN, NULL, &session_id_L3));
+                                     kDefaultCdmIdentifier, NULL,
+                                     &session_id_L3));
  } else {
    EXPECT_EQ(NO_ERROR, sts);
  }

  property_set_Ln.set_security_level("");
-  decryptor_.OpenSession(g_key_system, &property_set_Ln, EMPTY_ORIGIN, NULL,
-                         &session_id_Ln);
+  decryptor_.OpenSession(g_key_system, &property_set_Ln, kDefaultCdmIdentifier,
+                         NULL, &session_id_Ln);

  CdmQueryMap query_info;
  EXPECT_EQ(wvcdm::NO_ERROR,
@@ -1560,23 +1591,25 @@ TEST_F(WvCdmRequestLicenseTest, ForceL3Test) {
  EXPECT_TRUE(handle.DeleteAllFiles());

  EXPECT_EQ(NEED_PROVISIONING,
-            decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN,
-                                   NULL, &session_id_));
+            decryptor_.OpenSession(g_key_system, &property_set,
+                                   kDefaultCdmIdentifier, NULL, &session_id_));
  std::string provisioning_server_url;
  CdmCertificateType cert_type = kCertificateWidevine;
  std::string cert_authority, cert, wrapped_key;
  EXPECT_EQ(NO_ERROR, decryptor_.GetProvisioningRequest(
-                          cert_type, cert_authority, EMPTY_ORIGIN, &key_msg_,
-                          &provisioning_server_url));
+                          cert_type, cert_authority, kDefaultCdmIdentifier,
+                          &key_msg_, &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());
  std::string response =
      GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(NO_ERROR, decryptor_.HandleProvisioningResponse(
-                          EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                          kDefaultCdmIdentifier, response, &cert,
+                          &wrapped_key));

  EXPECT_EQ(NO_ERROR, decryptor_.OpenSession(g_key_system, &property_set,
-                                             EMPTY_ORIGIN, NULL, &session_id_));
+                                             kDefaultCdmIdentifier, NULL,
+                                             &session_id_));
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
  decryptor_.CloseSession(session_id_);
@@ -1586,8 +1619,8 @@ TEST_F(WvCdmRequestLicenseTest, PrivacyModeTest) {
  TestWvCdmClientPropertySet property_set;

  property_set.set_use_privacy_mode(true);
-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);

  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  std::string resp = GetKeyRequestResponse(g_license_server, g_client_auth);
@@ -1603,22 +1636,24 @@ TEST_F(WvCdmRequestLicenseTest, PrivacyModeWithServiceCertificateTest) {

  property_set.set_use_privacy_mode(true);
  property_set.set_service_certificate(a2bs_hex(g_service_certificate));
-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
  decryptor_.CloseSession(session_id_);
 }

 TEST_F(WvCdmRequestLicenseTest, BaseMessageTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  GetKeyRequestResponse(g_license_server, g_client_auth);
  decryptor_.CloseSession(session_id_);
 }

 TEST_F(WvCdmRequestLicenseTest, WrongMessageTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);

  std::string wrong_message = wvcdm::a2bs_hex(g_wrong_key_id);
  GenerateKeyRequest(wrong_message, kLicenseTypeStreaming);
@@ -1646,7 +1681,8 @@ TEST_F(WvCdmRequestLicenseTest, WrongMessageTest) {
 }

 TEST_F(WvCdmRequestLicenseTest, AddStreamingKeyTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
  decryptor_.CloseSession(session_id_);
@@ -1661,7 +1697,8 @@ TEST_F(WvCdmRequestLicenseTest, AddKeyOfflineTest) {
  std::string client_auth;
  GetOfflineConfiguration(&key_id, &client_auth);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);
  decryptor_.CloseSession(session_id_);
@@ -1676,7 +1713,8 @@ TEST_F(WvCdmRequestLicenseTest, RestoreOfflineKeyTest) {
  std::string client_auth;
  GetOfflineConfiguration(&key_id, &client_auth);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);

@@ -1685,7 +1723,8 @@ TEST_F(WvCdmRequestLicenseTest, RestoreOfflineKeyTest) {
  decryptor_.CloseSession(session_id_);

  session_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);
 }
@@ -1699,7 +1738,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseOfflineKeyTest) {
  std::string client_auth;
  GetOfflineConfiguration(&key_id, &client_auth);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);

@@ -1709,7 +1749,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseOfflineKeyTest) {

  session_id_.clear();
  key_set_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);

@@ -1733,7 +1774,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseOfflineKeySessionUsageDisabledTest) {
  GetOfflineConfiguration(&key_id, &client_auth);
  key_id[key_id.size()-1] = '1';

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);

@@ -1743,7 +1785,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseOfflineKeySessionUsageDisabledTest) {

  session_id_.clear();
  key_set_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);

@@ -1786,7 +1829,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryOfflineKeyTest) {
  std::string client_auth;
  GetOfflineConfiguration(&key_id, &client_auth);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);

@@ -1796,7 +1840,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryOfflineKeyTest) {

  session_id_.clear();
  key_set_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);

@@ -1805,7 +1850,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryOfflineKeyTest) {
  GenerateKeyRelease(key_set_id);

  session_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(wvcdm::GET_RELEASED_LICENSE_ERROR,
            decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);
@@ -1829,30 +1875,32 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryL3OfflineKeyTest) {
  GetOfflineConfiguration(&key_id, &client_auth);

  CdmResponseType sts = decryptor_.OpenSession(
-      g_key_system, &property_set, EMPTY_ORIGIN, NULL, &session_id_);
+      g_key_system, &property_set, kDefaultCdmIdentifier, NULL, &session_id_);

  if (NEED_PROVISIONING == sts) {
    std::string provisioning_server_url;
    CdmCertificateType cert_type = kCertificateWidevine;
    std::string cert_authority, cert, wrapped_key;
    EXPECT_EQ(NO_ERROR, decryptor_.GetProvisioningRequest(
-                            cert_type, cert_authority, EMPTY_ORIGIN, &key_msg_,
-                            &provisioning_server_url));
+                            cert_type, cert_authority, kDefaultCdmIdentifier,
+                            &key_msg_, &provisioning_server_url));
    EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());
    std::string response =
        GetCertRequestResponse(g_config->provisioning_server_url());
    EXPECT_NE(0, static_cast<int>(response.size()));
    EXPECT_EQ(NO_ERROR, decryptor_.HandleProvisioningResponse(
-                            EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                            kDefaultCdmIdentifier, response, &cert,
+                            &wrapped_key));
    EXPECT_EQ(NO_ERROR,
-              decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN,
-                                     NULL, &session_id_));
+              decryptor_.OpenSession(g_key_system, &property_set,
+                                     kDefaultCdmIdentifier, NULL,
+                                     &session_id_));
  } else {
    EXPECT_EQ(NO_ERROR, sts);
  }

-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline, &property_set);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);

@@ -1862,8 +1910,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryL3OfflineKeyTest) {

  session_id_.clear();
  key_set_id_.clear();
-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);

@@ -1872,8 +1920,8 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryL3OfflineKeyTest) {
  GenerateKeyRelease(key_set_id, &property_set, NULL);

  session_id_.clear();
-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  EXPECT_EQ(wvcdm::GET_RELEASED_LICENSE_ERROR,
            decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);
@@ -1894,7 +1942,8 @@ TEST_F(WvCdmRequestLicenseTest, ExpiryOnReleaseOfflineKeyTest) {
  std::string client_auth;
  GetOfflineConfiguration(&key_id, &client_auth);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);

@@ -1905,7 +1954,7 @@ TEST_F(WvCdmRequestLicenseTest, ExpiryOnReleaseOfflineKeyTest) {
  session_id_.clear();
  key_set_id_.clear();
  StrictMock<TestWvCdmEventListener> listener;
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, &listener,
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, &listener,
                         &session_id_);
  CdmSessionId restore_session_id = session_id_;
  EXPECT_CALL(
@@ -1945,7 +1994,8 @@ TEST_F(WvCdmRequestLicenseTest, AutomatedOfflineSessionReleaseTest) {
  std::string client_auth;
  GetOfflineConfiguration(&key_id, &client_auth);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);

@@ -1955,7 +2005,8 @@ TEST_F(WvCdmRequestLicenseTest, AutomatedOfflineSessionReleaseTest) {

  session_id_.clear();
  key_set_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);

@@ -1988,7 +2039,8 @@ TEST_F(WvCdmRequestLicenseTest, AutomatedOfflineSessionReleaseTest) {
 }

 TEST_F(WvCdmRequestLicenseTest, StreamingLicenseRenewal) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -2000,7 +2052,8 @@ TEST_F(WvCdmRequestLicenseTest, StreamingLicenseRenewal) {
 }

 TEST_F(WvCdmRequestLicenseTest, StreamingLicenseRenewalProhibited) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  std::string key_id = a2bs_hex(                  // streaming_clip11
      "000000427073736800000000"                  // blob size and pssh
      "EDEF8BA979D64ACEA3C827DCD51D21ED00000023"  // Widevine system id
@@ -2016,7 +2069,7 @@ TEST_F(WvCdmRequestLicenseTest, StreamingLicenseRenewalProhibited) {
            decryptor_.GenerateKeyRequest(
                session_id_, key_set_id_, "video/mp4", init_data,
                kLicenseTypeStreaming, app_parameters, NULL,
-                EMPTY_ORIGIN, &key_request));
+                kDefaultCdmIdentifier, &key_request));
  key_msg_ = key_request.message;
  decryptor_.CloseSession(session_id_);
 }
@@ -2027,7 +2080,8 @@ TEST_F(WvCdmRequestLicenseTest, OfflineLicenseRenewal) {
  std::string client_auth;
  GetOfflineConfiguration(&key_id, &client_auth);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);

@@ -2039,8 +2093,9 @@ TEST_F(WvCdmRequestLicenseTest, OfflineLicenseRenewal) {
 }

 TEST_F(WvCdmRequestLicenseTest, RemoveKeys) {
-  ASSERT_EQ(NO_ERROR, decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN,
-                                             NULL, &session_id_));
+  ASSERT_EQ(NO_ERROR, decryptor_.OpenSession(g_key_system, NULL,
+                                             kDefaultCdmIdentifier, NULL,
+                                             &session_id_));
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
  ASSERT_EQ(NO_ERROR, decryptor_.RemoveKeys(session_id_));
@@ -2081,8 +2136,8 @@ TEST_P(WvCdmStreamingLicenseRenewalTest, WithClientId) {
    if (config->specify_service_certificate)
      property_set.set_service_certificate(a2bs_hex(g_service_certificate));
  }
-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  GenerateKeyRequest(key_id, app_parameters, kLicenseTypeStreaming,
                     &property_set);
  if (config->enable_privacy_mode && !config->specify_service_certificate) {
@@ -2211,8 +2266,8 @@ TEST_P(WvCdmOfflineLicenseReleaseTest, WithClientId) {
    if (config->specify_service_certificate)
      property_set.set_service_certificate(a2bs_hex(g_service_certificate));
  }
-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  GenerateKeyRequest(key_id, app_parameters, kLicenseTypeOffline, NULL);
  if (config->enable_privacy_mode && !config->specify_service_certificate) {
    std::string resp = GetKeyRequestResponse(g_license_server, client_auth);
@@ -2248,8 +2303,8 @@ TEST_P(WvCdmOfflineLicenseReleaseTest, WithClientId) {
  session_id_.clear();
  key_set_id_.clear();

-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);

@@ -2347,8 +2402,8 @@ TEST_P(WvCdmUsageTest, WithClientId) {
  TestWvCdmClientPropertySet property_set;

  SubSampleInfo* data = &usage_info_sub_samples_icp[0];
-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);

  GenerateKeyRequest(key_id, app_parameters, kLicenseTypeStreaming,
                     &property_set);
@@ -2446,7 +2501,8 @@ TEST_F(WvCdmRequestLicenseTest, UsageInfoRetryTest) {
  EXPECT_TRUE(handle.DeleteAllUsageInfoForApp(app_id, &psts));

  SubSampleInfo* data = &usage_info_sub_samples_icp[0];
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  std::string key_id = a2bs_hex(
      "000000427073736800000000"                  // blob size and pssh
      "EDEF8BA979D64ACEA3C827DCD51D21ED00000022"  // Widevine system id
@@ -2529,8 +2585,8 @@ TEST_P(WvCdmUsageInfoTest, UsageInfo) {

  for (size_t i = 0; i < usage_info_data->usage_info; ++i) {
    SubSampleInfo* data = usage_info_data->sub_sample + i;
-    decryptor_.OpenSession(g_key_system, property_set, EMPTY_ORIGIN, NULL,
-                           &session_id_);
+    decryptor_.OpenSession(g_key_system, property_set, kDefaultCdmIdentifier,
+                           NULL, &session_id_);
    std::string key_id = a2bs_hex(
        "000000427073736800000000"                  // blob size and pssh
        "EDEF8BA979D64ACEA3C827DCD51D21ED00000022"  // Widevine system id
@@ -2604,8 +2660,8 @@ TEST_F(WvCdmRequestLicenseTest, UsageReleaseAllTest) {
  for (size_t i = 0; i < N_ELEM(usage_info_sub_samples_icp); ++i) {
    SubSampleInfo* data = usage_info_sub_samples_icp + i;
    property_set.set_app_id(i % 2 == 0 ? app_id_empty : app_id_not_empty);
-    decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                           &session_id_);
+    decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                           NULL, &session_id_);
    std::string key_id = a2bs_hex(
        "000000427073736800000000"                  // blob size and pssh
        "EDEF8BA979D64ACEA3C827DCD51D21ED00000022"  // Widevine system id
@@ -2680,7 +2736,8 @@ TEST_F(WvCdmRequestLicenseTest, QueryKeyStatus) {
  Unprovision();
  Provision(kLevelDefault);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -2913,7 +2970,8 @@ TEST_F(WvCdmRequestLicenseTest, QueryOemCryptoSessionId) {
  Unprovision();
  Provision(kLevelDefault);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -2977,19 +3035,22 @@ TEST_F(WvCdmRequestLicenseTest, SecurityLevelPathBackwardCompatibility) {
  }

  // Provision the device to create any required files.
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  std::string provisioning_server_url;
  CdmCertificateType cert_type = kCertificateWidevine;
  std::string cert_authority, cert, wrapped_key;
  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest(
-                                 cert_type, cert_authority, EMPTY_ORIGIN,
-                                 &key_msg_, &provisioning_server_url));
+                                 cert_type, cert_authority,
+                                 kDefaultCdmIdentifier, &key_msg_,
+                                 &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());
  std::string response =
      GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
-                                 EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                                 kDefaultCdmIdentifier, response, &cert,
+                                 &wrapped_key));
  decryptor_.CloseSession(session_id_);

  std::vector<std::string> files;
@@ -2997,7 +3058,8 @@ TEST_F(WvCdmRequestLicenseTest, SecurityLevelPathBackwardCompatibility) {
  size_t number_of_files = files.size();

  // Create an offline license to create license files.
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);
  CdmKeySetId key_set_id = key_set_id_;
@@ -3030,11 +3092,13 @@ TEST_F(WvCdmRequestLicenseTest, SecurityLevelPathBackwardCompatibility) {

  // Restore persistent license, retrieve L1, L3 streaming licenses to verify
  session_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  decryptor_.CloseSession(session_id_);

-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);
  decryptor_.CloseSession(session_id_);
@@ -3045,26 +3109,29 @@ TEST_F(WvCdmRequestLicenseTest, SecurityLevelPathBackwardCompatibility) {
  property_set.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);

  EXPECT_EQ(wvcdm::NEED_PROVISIONING,
-            decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN,
-                                   NULL, &session_id_));
+            decryptor_.OpenSession(g_key_system, &property_set,
+                                   kDefaultCdmIdentifier, NULL, &session_id_));
  EXPECT_EQ(NO_ERROR, decryptor_.GetProvisioningRequest(
-                          cert_type, cert_authority, EMPTY_ORIGIN, &key_msg_,
-                          &provisioning_server_url));
+                          cert_type, cert_authority, kDefaultCdmIdentifier,
+                          &key_msg_, &provisioning_server_url));
  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());
  response = GetCertRequestResponse(g_config->provisioning_server_url());
  EXPECT_NE(0, static_cast<int>(response.size()));
  EXPECT_EQ(NO_ERROR, decryptor_.HandleProvisioningResponse(
-                          EMPTY_ORIGIN, response, &cert, &wrapped_key));
+                          kDefaultCdmIdentifier, response, &cert,
+                          &wrapped_key));

  EXPECT_EQ(NO_ERROR, decryptor_.OpenSession(g_key_system, &property_set,
-                                             EMPTY_ORIGIN, NULL, &session_id_));
+                                             kDefaultCdmIdentifier, NULL,
+                                             &session_id_));
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, client_auth, false);
  decryptor_.CloseSession(session_id_);
 }

 TEST_F(WvCdmRequestLicenseTest, DISABLED_OfflineLicenseDecryptionTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);

@@ -3117,7 +3184,8 @@ TEST_F(WvCdmRequestLicenseTest, DISABLED_OfflineLicenseDecryptionTest) {
 }

 TEST_F(WvCdmRequestLicenseTest, DISABLED_RestoreOfflineLicenseDecryptionTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  GenerateKeyRequest(g_key_id, kLicenseTypeOffline);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
  CdmKeySetId key_set_id = key_set_id_;
@@ -3125,7 +3193,8 @@ TEST_F(WvCdmRequestLicenseTest, DISABLED_RestoreOfflineLicenseDecryptionTest) {
  decryptor_.CloseSession(session_id_);

  session_id_.clear();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
  /*
    // key 1, encrypted, 256b
@@ -3242,8 +3311,8 @@ TEST_P(WvCdmSessionSharingTest, SessionSharingTest) {
  property_set.set_session_sharing_mode(
      session_sharing_info->session_sharing_enabled);

-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  CdmSessionId gp_session_id_1 = session_id_;
  GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
@@ -3256,8 +3325,8 @@ TEST_P(WvCdmSessionSharingTest, SessionSharingTest) {
      "edef8ba979d64acea3c827dcd51d21ed00000014"    // Widevine system id
      "08011210bdf1cb4fffc6506b8b7945b0bd2917fb");  // pssh data

-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  CdmSessionId gp_session_id_2 = session_id_;
  GenerateKeyRequest(gp_key_id2, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, gp_client_auth2, false);
@@ -3301,8 +3370,8 @@ TEST_F(WvCdmRequestLicenseTest, SessionSharingTest) {
      "EDEF8BA979D64ACEA3C827DCD51D21ED00000014"    // Widevine system id
      "0801121030313233343536373839616263646566");  // pssh data

-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  CdmSessionId session_id1 = session_id_;
  GenerateKeyRequest(init_data1, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
@@ -3315,8 +3384,8 @@ TEST_F(WvCdmRequestLicenseTest, SessionSharingTest) {
      "edef8ba979d64acea3c827dcd51d21ed00000014"    // Widevine system id
      "08011210bdf1cb4fffc6506b8b7945b0bd2917fb");  // pssh data

-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  CdmSessionId session_id2 = session_id_;
  GenerateKeyRequest(init_data2, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, gp_client_auth2, false);
@@ -3337,8 +3406,8 @@ TEST_F(WvCdmRequestLicenseTest, SessionSharingTest) {
  sleep(kSingleEncryptedSubSampleIcpLicenseDurationExpiration -
        kSingleEncryptedSubSampleIcpLicenseExpirationWindow);

-  decryptor_.OpenSession(g_key_system, &property_set, EMPTY_ORIGIN, NULL,
-                         &session_id_);
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
  CdmSessionId session_id3 = session_id_;
  GenerateKeyRequest(init_data1, kLicenseTypeStreaming);
  VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
@@ -3362,7 +3431,8 @@ TEST_F(WvCdmRequestLicenseTest, DecryptionKeyExpiredTest) {
      "EDEF8BA979D64ACEA3C827DCD51D21ED00000014"    // Widevine system id
      "0801121030313233343536373839616263646566");  // pssh data
  SubSampleInfo* data = &single_encrypted_sub_sample_short_expiry;
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  if (data->retrieve_key) {
    GenerateKeyRequest(kCpKeyId, kLicenseTypeStreaming);
    VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
@@ -3389,7 +3459,7 @@ TEST_F(WvCdmRequestLicenseTest, SessionKeyChangeNotificationTest) {
  DecryptCallbackTester decrypt_callback(
      &decryptor_,
      &single_encrypted_sub_sample_short_expiry);
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, &listener,
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, &listener,
                         &session_id_);
  EXPECT_CALL(
      listener,
@@ -3417,7 +3487,8 @@ class WvCdmDecryptionTest

 TEST_P(WvCdmDecryptionTest, DecryptionTest) {
  SubSampleInfo* data = GetParam();
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  if (data->retrieve_key) {
    GenerateKeyRequest(g_key_id, kLicenseTypeStreaming);
    VerifyKeyRequestResponse(g_license_server, g_client_auth, false);
@@ -3480,7 +3551,8 @@ TEST(VersionNumberTest, VersionNumberChangeCanary) {
 }

 TEST_F(WvCdmRequestLicenseTest, AddHlsStreamingKeyTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  CdmAppParameterMap app_parameters;
  GenerateKeyRequest(wvcdm::KEY_MESSAGE, HLS_INIT_DATA_FORMAT,
                     kAttributeListSampleAes, app_parameters,
@@ -3496,7 +3568,8 @@ class WvHlsInitDataTest
      public ::testing::WithParamInterface<std::string> {};

 TEST_P(WvHlsInitDataTest, InvalidHlsFormatTest) {
-  decryptor_.OpenSession(g_key_system, NULL, EMPTY_ORIGIN, NULL, &session_id_);
+  decryptor_.OpenSession(g_key_system, NULL, kDefaultCdmIdentifier, NULL,
+                         &session_id_);
  CdmAppParameterMap app_parameters;
  std::string init_data = GetParam();
  GenerateKeyRequest(wvcdm::INIT_DATA_NOT_FOUND, HLS_INIT_DATA_FORMAT,
@@ -3522,8 +3595,8 @@ TEST_P(WvHlsDecryptionTest, HlsDecryptionTest) {
  HlsDecryptionInfo* info = GetParam();

  TestWvCdmHlsEventListener listener;
-  decryptor_.OpenSession(g_key_system, &client_property_set, EMPTY_ORIGIN,
-                         &listener, &session_id_);
+  decryptor_.OpenSession(g_key_system, &client_property_set,
+                         kDefaultCdmIdentifier, &listener, &session_id_);
  CdmAppParameterMap app_parameters;
  GenerateKeyRequest(wvcdm::KEY_MESSAGE, HLS_INIT_DATA_FORMAT,
                     info->attribute_list, app_parameters,
@@ -3576,8 +3649,8 @@ TEST_P(WvHlsFourCCBackwardCompatibilityTest, HlsDecryptionTest) {
  HlsDecryptionInfo* info = GetParam();

  TestWvCdmHlsEventListener listener;
-  decryptor_.OpenSession(g_key_system, &client_property_set, EMPTY_ORIGIN,
-                         &listener, &session_id_);
+  decryptor_.OpenSession(g_key_system, &client_property_set,
+                         kDefaultCdmIdentifier, &listener, &session_id_);
  CdmAppParameterMap app_parameters;
  GenerateKeyRequest(wvcdm::KEY_MESSAGE, ISO_BMFF_VIDEO_MIME_TYPE,
                     info->attribute_list, app_parameters,