Refactored ProvisioningHolder to separate operations.
[ Merge of http://go/wvgerrit/219451 ] An upcoming provisioning test requires the ability to perform generate, fetch and load operations separately (similar to the current behavior of LicenseHolder). This CL separates the 3 operations into different methods and documents the pre/post conditions of each. The original API is maintained for backwards compatibility. VIC-specific: Excludes Golden-data refactoring and merges main change (216510) and typo fix (216570). Bug: 391469176 Test: run_x86_64_tests Change-Id: Iec83dfce9d235eedf04ed32d98f7700de4bade12
This commit is contained in:
Alex Dale
@@ -20,88 +20,111 @@ namespace wvcdm {
|
||||
|
||||
void ProvisioningHolder::Provision(CdmCertificateType cert_type,
|
||||
bool binary_provisioning) {
|
||||
CdmProvisioningRequest request;
|
||||
std::string provisioning_server_url;
|
||||
ASSERT_NO_FATAL_FAILURE(GenerateRequest(cert_type, binary_provisioning))
|
||||
<< "Failed to generate request";
|
||||
ASSERT_NO_FATAL_FAILURE(FetchResponse()) << "Failed to fetch response";
|
||||
ASSERT_NO_FATAL_FAILURE(LoadResponse(binary_provisioning))
|
||||
<< "Failed to load response";
|
||||
}
|
||||
|
||||
void ProvisioningHolder::GenerateRequest(CdmCertificateType cert_type,
|
||||
bool binary_provisioning) {
|
||||
// Preconditions.
|
||||
ASSERT_NE(cdm_engine_, nullptr) << "CdmEngine instance not set";
|
||||
|
||||
// Set cert authority if using X.509.
|
||||
std::string cert_authority;
|
||||
|
||||
CdmSessionId session_id;
|
||||
|
||||
if (cert_type == kCertificateX509) {
|
||||
cert_authority = "cast.google.com";
|
||||
}
|
||||
LOGV("Provision with type %s.", CdmCertificateTypeToString(cert_type));
|
||||
CdmResponseType result(CERT_PROVISIONING_NONCE_GENERATION_ERROR);
|
||||
LOGV("cert_authority = %s", cert_authority.c_str());
|
||||
|
||||
CdmResponseType status(CERT_PROVISIONING_NONCE_GENERATION_ERROR);
|
||||
CdmProvisioningRequest cdm_prov_request;
|
||||
std::string provisioning_server_url_unused;
|
||||
// Get a provisioning request. We might need one retry if there is a nonce
|
||||
// flood failure.
|
||||
for (int i = 0; i < 2 && result == CERT_PROVISIONING_NONCE_GENERATION_ERROR;
|
||||
for (int i = 0; i < 2 && status == CERT_PROVISIONING_NONCE_GENERATION_ERROR;
|
||||
i++) {
|
||||
result = cdm_engine_->GetProvisioningRequest(
|
||||
status = cdm_engine_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, provisioning_service_certificate_,
|
||||
kLevelDefault, &request, &provisioning_server_url);
|
||||
if (result == CERT_PROVISIONING_NONCE_GENERATION_ERROR) {
|
||||
kLevelDefault, &cdm_prov_request, &provisioning_server_url_unused);
|
||||
if (status == CERT_PROVISIONING_NONCE_GENERATION_ERROR) {
|
||||
wvutil::TestSleep::Sleep(2);
|
||||
}
|
||||
}
|
||||
ASSERT_EQ(NO_ERROR, result);
|
||||
LOGV("cert_authority = %s", cert_authority.c_str());
|
||||
ASSERT_EQ(status, NO_ERROR) << "Failed to generate provisioning request";
|
||||
|
||||
// |binary_provisioning| implies the CdmEngine is using binary
|
||||
// provisioning messages; however, ProvisioningHolder can only
|
||||
// operate using Base64 requests.
|
||||
if (binary_provisioning) {
|
||||
request = wvutil::Base64SafeEncodeNoPad(request);
|
||||
request_ = wvutil::Base64SafeEncodeNoPad(cdm_prov_request);
|
||||
} else {
|
||||
request_ = std::move(cdm_prov_request);
|
||||
}
|
||||
cert_type_ = cert_type;
|
||||
|
||||
if (config_.dump_golden_data()) {
|
||||
std::vector<uint8_t> binary_request = wvutil::Base64SafeDecode(request);
|
||||
CdmProvisioningRequest binary_request_string(binary_request.begin(),
|
||||
binary_request.end());
|
||||
const std::vector<uint8_t> binary_request =
|
||||
wvutil::Base64SafeDecode(request_);
|
||||
const CdmProvisioningRequest binary_request_string(binary_request.begin(),
|
||||
binary_request.end());
|
||||
MessageDumper::DumpProvisioningRequest(binary_request_string);
|
||||
}
|
||||
LOGV("Provisioning request: req = %s", request.c_str());
|
||||
}
|
||||
|
||||
// Ignore URL provided by CdmEngine. Use ours, as configured
|
||||
// for test vs. production server.
|
||||
provisioning_server_url.assign(provisioning_server_url_);
|
||||
void ProvisioningHolder::FetchResponse() {
|
||||
// Preconditions.
|
||||
ASSERT_NE(cdm_engine_, nullptr) << "CdmEngine instance not set";
|
||||
ASSERT_FALSE(request_.empty()) << "No request was set";
|
||||
ASSERT_FALSE(provisioning_server_url_.empty())
|
||||
<< "Test config is missing provisioning URL";
|
||||
|
||||
// Make request.
|
||||
UrlRequest url_request(provisioning_server_url);
|
||||
if (!url_request.is_connected()) {
|
||||
LOGE("Failed to connect to provisioning server: url = %s",
|
||||
provisioning_server_url.c_str());
|
||||
}
|
||||
url_request.PostCertRequestInQueryString(request);
|
||||
|
||||
// Receive and parse response.
|
||||
ASSERT_NO_FATAL_FAILURE(url_request.AssertOkResponseWithRetry(&response_))
|
||||
UrlRequest url_request(provisioning_server_url_);
|
||||
ASSERT_TRUE(url_request.is_connected())
|
||||
<< "Failed to connect to provisoining server: "
|
||||
<< provisioning_server_url_;
|
||||
ASSERT_TRUE(url_request.PostCertRequestInQueryString(request_));
|
||||
std::string response;
|
||||
ASSERT_NO_FATAL_FAILURE(url_request.AssertOkResponseWithRetry(&response))
|
||||
<< "Failed to fetch provisioning response. "
|
||||
<< DumpProvAttempt(request, response_, cert_type);
|
||||
<< DumpProvAttempt(request_, response, cert_type_);
|
||||
ASSERT_FALSE(response.empty()) << "Missing response";
|
||||
response_ = std::move(response);
|
||||
}
|
||||
|
||||
void ProvisioningHolder::LoadResponse(bool binary_provisioning) {
|
||||
// Preconditions.
|
||||
ASSERT_FALSE(response_.empty()) << "No response was fetched";
|
||||
|
||||
std::string cdm_prov_response;
|
||||
if (binary_provisioning) {
|
||||
// extract provisioning response from received message
|
||||
// Extracts signed response from JSON string, result is serialized
|
||||
// protobuf.
|
||||
std::string protobuf_response;
|
||||
const bool extract_ok = ExtractSignedMessage(response_, &protobuf_response);
|
||||
ASSERT_TRUE(extract_ok) << "Failed to extract signed serialized "
|
||||
"response from JSON response";
|
||||
LOGV("Extracted response message: \n%s\n", protobuf_response.c_str());
|
||||
// CDM is expecting the response to be in binary form, response
|
||||
// must be extracted and decoded.
|
||||
std::string base_64_response;
|
||||
ASSERT_TRUE(ExtractSignedMessage(response_, &base_64_response))
|
||||
<< "Failed to extract signed serialized response from JSON response";
|
||||
ASSERT_FALSE(base_64_response.empty())
|
||||
<< "Base64 encoded provisioning response is unexpectedly empty";
|
||||
LOGV("Extracted response message: \n%s\n", base_64_response.c_str());
|
||||
|
||||
ASSERT_FALSE(protobuf_response.empty())
|
||||
<< "Protobuf response is unexpectedly empty";
|
||||
|
||||
// base64 decode response to yield binary protobuf
|
||||
const std::vector<uint8_t> response_vec(
|
||||
wvutil::Base64SafeDecode(protobuf_response));
|
||||
const std::vector<uint8_t> response_vec =
|
||||
wvutil::Base64SafeDecode(base_64_response);
|
||||
ASSERT_FALSE(response_vec.empty())
|
||||
<< "Failed to decode base64 of response: response = "
|
||||
<< protobuf_response;
|
||||
|
||||
response_.assign(response_vec.begin(), response_vec.end());
|
||||
<< "Failed to decode base64 response: " << base_64_response;
|
||||
cdm_prov_response.assign(response_vec.begin(), response_vec.end());
|
||||
} else {
|
||||
cdm_prov_response = response_;
|
||||
}
|
||||
|
||||
ASSERT_EQ(NO_ERROR,
|
||||
cdm_engine_->HandleProvisioningResponse(
|
||||
response_, kLevelDefault, &certificate_, &wrapped_key_))
|
||||
const CdmResponseType status = cdm_engine_->HandleProvisioningResponse(
|
||||
cdm_prov_response, kLevelDefault, &certificate_, &wrapped_key_);
|
||||
ASSERT_EQ(status, NO_ERROR)
|
||||
<< (binary_provisioning ? "Binary provisioning failed. "
|
||||
: "Non-binary provisioning failed. ")
|
||||
<< DumpProvAttempt(request, response_, cert_type);
|
||||
<< DumpProvAttempt(request_, response_, cert_type_);
|
||||
if (config_.dump_golden_data()) {
|
||||
MessageDumper::DumpProvisioning(response_);
|
||||
}
|
||||
@@ -137,9 +160,9 @@ bool ProvisioningHolder::ExtractSignedMessage(const std::string& response,
|
||||
return true;
|
||||
}
|
||||
|
||||
std::string ProvisioningHolder::DumpProvAttempt(const std::string& request,
|
||||
const std::string& response,
|
||||
CdmCertificateType cert_type) {
|
||||
std::string ProvisioningHolder::DumpProvAttempt(
|
||||
const std::string& request, const std::string& response,
|
||||
CdmCertificateType cert_type) const {
|
||||
std::stringstream info;
|
||||
info << "Cert Type: ";
|
||||
PrintTo(cert_type, &info);
|
||||
|
||||
@@ -19,20 +19,58 @@ class ProvisioningHolder {
|
||||
provisioning_server_url_(config.provisioning_server()),
|
||||
provisioning_service_certificate_(
|
||||
config.provisioning_service_certificate()) {}
|
||||
|
||||
// Generates requests, fetches response, and loads response.
|
||||
void Provision(CdmCertificateType cert_type, bool binary_provisioning);
|
||||
void Provision(bool binary_provisioning) {
|
||||
Provision(kCertificateWidevine, binary_provisioning);
|
||||
}
|
||||
std::string response() const { return response_; }
|
||||
std::string certificate() const { return certificate_; }
|
||||
std::string wrapped_key() const { return wrapped_key_; }
|
||||
|
||||
// Generates a provisioning request from the |cdm_engine_|.
|
||||
// If successful, the request the stored in |request_|.
|
||||
// The result of |request_| should always be the URL-Safe-Base64
|
||||
// encoded value of the request.
|
||||
void GenerateRequest(CdmCertificateType cert_type, bool binary_provisioning);
|
||||
void GenerateRequest(bool binary_provisioning) {
|
||||
GenerateRequest(kCertificateWidevine, binary_provisioning);
|
||||
}
|
||||
|
||||
// Fetch the provisioning response from the server.
|
||||
// Uses |request_| as the source of the request, and stores
|
||||
// JSON message of the response to |response_|.
|
||||
void FetchResponse();
|
||||
|
||||
void LoadResponse(bool binary_provisioning);
|
||||
|
||||
const std::string& request() const { return request_; }
|
||||
// Sets the request to be used on next call to FetchResponse().
|
||||
// The provided |request| must be a URL-Safe-Base64 encoding
|
||||
// of the provisioning request.
|
||||
void set_request(const std::string& request) { request_ = request; }
|
||||
const std::string& response() const { return response_; }
|
||||
const std::string& certificate() const { return certificate_; }
|
||||
const std::string& wrapped_key() const { return wrapped_key_; }
|
||||
|
||||
void ClearProvisioningData() {
|
||||
cert_type_ = kCertificateWidevine;
|
||||
request_.clear();
|
||||
response_.clear();
|
||||
certificate_.clear();
|
||||
wrapped_key_.clear();
|
||||
}
|
||||
|
||||
protected:
|
||||
TestCdmEngine* cdm_engine_;
|
||||
// Config variables.
|
||||
const ConfigTestEnv& config_;
|
||||
std::string provisioning_server_url_;
|
||||
std::string provisioning_service_certificate_;
|
||||
std::string response_;
|
||||
// Request variables.
|
||||
CdmCertificateType cert_type_;
|
||||
std::string request_; // URL-Safe-Base64 encoding of request.
|
||||
// Response variables.
|
||||
std::string response_; // JSON message containing response.
|
||||
// Post-provisioning variables.
|
||||
std::string certificate_;
|
||||
std::string wrapped_key_;
|
||||
|
||||
@@ -42,11 +80,12 @@ class ProvisioningHolder {
|
||||
// entire string represents a serialized protobuf mesaage and return true with
|
||||
// the entire string. If the end_substring match fails, return false with an
|
||||
// empty *result.
|
||||
bool ExtractSignedMessage(const std::string& response, std::string* result);
|
||||
static bool ExtractSignedMessage(const std::string& response,
|
||||
std::string* result);
|
||||
// Dump request and response information for use in a debug or failure log.
|
||||
std::string DumpProvAttempt(const std::string& request,
|
||||
const std::string& response,
|
||||
CdmCertificateType cert_type);
|
||||
CdmCertificateType cert_type) const;
|
||||
};
|
||||
|
||||
} // namespace wvcdm
|
||||
|
||||
Reference in New Issue
Block a user