Correct error returned when license is for the future

[ Merge of http://go/wvgerrit/25721 ]

Return CryptoException with errorCode ERROR_NO_KEY when an attempt is made
to make use of a license whose start time is in the future.

Test: Verified by WidevineDashPolicyTests#testL1LicenseStart2030

b/31914841

Change-Id: I2a157c227550a2391b6536365f34f1dfec3dea0c

libwvdrmengine/include/WVErrors.h

@@ -42,7 +42,6 @@ enum {
   kCryptoSessionOpenError3 = ERROR_DRM_VENDOR_MIN + 26,
   kCryptoSessionOpenError4 = ERROR_DRM_VENDOR_MIN + 27,
   kCryptoSessionOpenError5 = ERROR_DRM_VENDOR_MIN + 28,
-  kDecyrptNotReady = ERROR_DRM_VENDOR_MIN + 29,
   kDeviceCertificateError1 = ERROR_DRM_VENDOR_MIN + 30,
   kDeviceCertificateError2 = ERROR_DRM_VENDOR_MIN + 31,
   kDeviceCertificateError3 = ERROR_DRM_VENDOR_MIN + 32,

libwvdrmengine/include/mapErrors-inl.h

@@ -22,6 +22,7 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) {
       // success messages for certain CDM methods instead of NO_ERROR.
       return android::OK;
     case wvcdm::NEED_KEY:
+    case wvcdm::DECRYPT_NOT_READY:
       return android::ERROR_DRM_NO_LICENSE;
     case wvcdm::NEED_PROVISIONING:
       return android::ERROR_DRM_NOT_PROVISIONED;
@@ -71,8 +72,6 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) {
       return kCryptoSessionOpenError4;
     case wvcdm::CRYPTO_SESSION_OPEN_ERROR_5:
       return kCryptoSessionOpenError5;
-    case wvcdm::DECRYPT_NOT_READY:
-      return kDecyrptNotReady;
     case wvcdm::DEVICE_CERTIFICATE_ERROR_1:
       return kDeviceCertificateError1;
     case wvcdm::DEVICE_CERTIFICATE_ERROR_2:

libwvdrmengine/mediacrypto/src/WVCryptoPlugin.cpp

@@ -299,29 +299,38 @@ status_t WVCryptoPlugin::attemptDecrypt(const CdmDecryptionParameters& params,
           mSessionId.c_str(),
           params.is_encrypted ? "encrypted" : "unencrypted",
           res);
-    if (res == wvcdm::INSUFFICIENT_CRYPTO_RESOURCES) {
+    bool actionableError = true;
+    switch (res) {
+      case wvcdm::INSUFFICIENT_CRYPTO_RESOURCES:
         errorDetailMsg->setTo(
             "Error decrypting data: insufficient crypto resources");
-      // This error is actionable by the app and should be passed up.
+        break;
-      return mapCdmResponseType(res);
+      case wvcdm::NEED_KEY:
-    } else if (res == wvcdm::NEED_KEY) {
         errorDetailMsg->setTo(
             "Error decrypting data: requested key has not been loaded");
-      // This error is actionable by the app and should be passed up.
+        break;
-      return mapCdmResponseType(res);
+      case wvcdm::DECRYPT_NOT_READY:
-    } else if (res == wvcdm::SESSION_NOT_FOUND_FOR_DECRYPT) {
+        errorDetailMsg->setTo(
+            "Error decrypting data: license validity period is in the future");
+        break;
+      case wvcdm::SESSION_NOT_FOUND_FOR_DECRYPT:
         errorDetailMsg->setTo(
             "Error decrypting data: session not found, possibly reclaimed");
-      // This error is actionable by the app and should be passed up.
+        break;
-      return mapCdmResponseType(res);
+      case wvcdm::DECRYPT_ERROR:
-    } else if (res == wvcdm::DECRYPT_ERROR) {
         errorDetailMsg->setTo(
             "Error decrypting data: unspecified error");
-      // This error is actionable by the app and should be passed up.
+        break;
-      return mapCdmResponseType(res);
+      case wvcdm::INSUFFICIENT_OUTPUT_PROTECTION:
-    } else if (res == wvcdm::INSUFFICIENT_OUTPUT_PROTECTION) {
         errorDetailMsg->setTo(
             "Error decrypting data: insufficient output protection");
+        break;
+      default:
+        actionableError = false;
+        break;
+    }
+
+    if (actionableError) {
       // This error is actionable by the app and should be passed up.
       return mapCdmResponseType(res);
     } else {

libwvdrmengine/mediacrypto/src_hidl/WVCryptoPlugin.cpp

@@ -331,29 +331,38 @@ status_t WVCryptoPlugin::attemptDecrypt(const CdmDecryptionParameters& params,
           mSessionId.c_str(),
           params.is_encrypted ? "encrypted" : "unencrypted",
           res);
-    if (res == wvcdm::INSUFFICIENT_CRYPTO_RESOURCES) {
+    bool actionableError = true;
+    switch (res) {
+      case wvcdm::INSUFFICIENT_CRYPTO_RESOURCES:
         errorDetailMsg->assign(
             "Error decrypting data: insufficient crypto resources");
-      // This error is actionable by the app and should be passed up.
+        break;
-      return mapCdmResponseType(res);
+      case wvcdm::NEED_KEY:
-    } else if (res == wvcdm::NEED_KEY) {
         errorDetailMsg->assign(
             "Error decrypting data: requested key has not been loaded");
-      // This error is actionable by the app and should be passed up.
+        break;
-      return mapCdmResponseType(res);
+      case wvcdm::DECRYPT_NOT_READY:
-    } else if (res == wvcdm::SESSION_NOT_FOUND_FOR_DECRYPT) {
+        errorDetailMsg->assign(
+            "Error decrypting data: license validity period is in the future");
+        break;
+      case wvcdm::SESSION_NOT_FOUND_FOR_DECRYPT:
         errorDetailMsg->assign(
             "Error decrypting data: session not found, possibly reclaimed");
-      // This error is actionable by the app and should be passed up.
+        break;
-      return mapCdmResponseType(res);
+      case wvcdm::DECRYPT_ERROR:
-    } else if (res == wvcdm::DECRYPT_ERROR) {
         errorDetailMsg->assign(
             "Error decrypting data: unspecified error");
-      // This error is actionable by the app and should be passed up.
+        break;
-      return mapCdmResponseType(res);
+      case wvcdm::INSUFFICIENT_OUTPUT_PROTECTION:
-    } else if (res == wvcdm::INSUFFICIENT_OUTPUT_PROTECTION) {
         errorDetailMsg->assign(
             "Error decrypting data: insufficient output protection");
+        break;
+      default:
+        actionableError = false;
+        break;
+    }
+
+    if (actionableError) {
       // This error is actionable by the app and should be passed up.
       return mapCdmResponseType(res);
     } else {