From dbb1671e39e85de3770aff3cf09a8e5d22aa234f Mon Sep 17 00:00:00 2001 From: Rahul Frias Date: Fri, 5 Mar 2021 01:42:29 -0800 Subject: [PATCH 1/2] device_files proto changes for Expiring DRM certificates [ Merge of http://go/wvgerrit/119644 ] This change includes additional fields in DeviceCertificate, License and UsageInfo. New DRM certificate will include a creation and expiration time. In addition acquisition_time_seconds will allow the client to calulate expiration time even when client and provisioning service clocks are not in sync. expiration_time_seconds will allow clients to expire DRM certificates that do include an expiration time. A random value within a window (4-8 months after update) will be calculated to avoid a provisioning storm. Drm certificate will be added to offline licenses. In a future release, licenses will be removed on expiry and the certification information that needs to be sent to the license service will be reduced. This should reduce space overhead. UsageInfo will use a certificate cache in case multiple usage info entries use the same DRM certificate. Bug: 169740403 Test: WV unit/integration tests Change-Id: I2f34a1df526fa8168162a1b1ea930a2f257b87cd --- .../cdm/core/src/device_files.proto | 26 ++++++++++++++++--- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/libwvdrmengine/cdm/core/src/device_files.proto b/libwvdrmengine/cdm/core/src/device_files.proto index 3d743525..25956ee0 100644 --- a/libwvdrmengine/cdm/core/src/device_files.proto +++ b/libwvdrmengine/cdm/core/src/device_files.proto @@ -28,6 +28,15 @@ message DeviceCertificate { optional bytes certificate = 1; optional bytes wrapped_private_key = 2; optional PrivateKeyType key_type = 3 [default = RSA]; + // Used by DRM certificates with an expiry time. Set by the client when + // the certificate is received. Aids expiration calculation at the + // client when provisioning server and client clocks are not aligned + optional int64 acquisition_time_seconds = 4; + // Used by DRM certificates without an expiration time. This is for + // upgrading devices with pre-existing DRM certificates. The client will + // calculate an expiration time 6 months into the future with a randomized + // +/-2 month window + optional int64 expiration_time_seconds = 5; } message License { @@ -56,6 +65,7 @@ message License { optional int64 grace_period_end_time = 11 [default = 0]; optional bytes usage_entry = 12; optional int64 usage_entry_number = 13; + optional DeviceCertificate drm_certificate = 14; } message UsageInfo { @@ -68,9 +78,19 @@ message UsageInfo { optional bytes key_set_id = 4; optional bytes usage_entry = 5; optional int64 usage_entry_number = 6; + // If not present, use the legacy DRM certificate rather than + // one in DrmDeviceCertificate + optional int32 drm_certificate_entry_number = 7; + } + + // A cache of DeviceCertificates associated with usage entries + message DrmDeviceCertificate { + optional int32 drm_certificate_entry_number = 1; + optional DeviceCertificate drm_certificate = 2; } repeated ProviderSession sessions = 1; + repeated DrmDeviceCertificate drm_device_certificates = 2; } message HlsAttributes { @@ -92,7 +112,7 @@ message UsageTableInfo { optional UsageEntryStorage storage = 1; optional bytes key_set_id = 2; - optional bytes usage_info_file_name = 3; // hash of the app_id + optional bytes usage_info_file_name = 3; // hash of the app_id // LRU table replacement data. optional int64 last_use_time = 4 [default = 0]; @@ -114,9 +134,7 @@ message File { USAGE_TABLE_INFO = 5; } - enum FileVersion { - VERSION_1 = 1; - } + enum FileVersion { VERSION_1 = 1; } optional FileType type = 1; optional FileVersion version = 2 [default = VERSION_1]; From edf9ad5b90a2cd4f14b7502867bd29d6c5c0d38e Mon Sep 17 00:00:00 2001 From: Rahul Frias Date: Sat, 6 Mar 2021 13:02:58 -0800 Subject: [PATCH 2/2] Correct test data member name [ Merge of http://go/wvgerrit/119645 ] Bug: 169740403 Test: WV unit/integration tests Change-Id: I2a3e82869e3a45112e8b15eea4ac668980c3eb4d --- .../cdm/util/test/file_store_unittest.cpp | 96 +++++++++---------- .../cdm/util/test/file_utils_unittest.cpp | 60 ++++++------ 2 files changed, 78 insertions(+), 78 deletions(-) diff --git a/libwvdrmengine/cdm/util/test/file_store_unittest.cpp b/libwvdrmengine/cdm/util/test/file_store_unittest.cpp index c89fe6e0..bae0aea0 100644 --- a/libwvdrmengine/cdm/util/test/file_store_unittest.cpp +++ b/libwvdrmengine/cdm/util/test/file_store_unittest.cpp @@ -28,51 +28,51 @@ class FileTest : public testing::Test { void TearDown() override { RemoveTestDir(); } void RemoveTestDir() { - EXPECT_TRUE(file_system.Remove(test_vectors::kTestDir)); + EXPECT_TRUE(file_system_.Remove(test_vectors::kTestDir)); } - FileSystem file_system; + FileSystem file_system_; }; TEST_F(FileTest, FileExists) { - EXPECT_TRUE(file_system.Exists(test_vectors::kExistentFile)); - EXPECT_TRUE(file_system.Exists(test_vectors::kExistentDir)); - EXPECT_FALSE(file_system.Exists(test_vectors::kNonExistentFile)); - EXPECT_FALSE(file_system.Exists(test_vectors::kNonExistentDir)); + EXPECT_TRUE(file_system_.Exists(test_vectors::kExistentFile)); + EXPECT_TRUE(file_system_.Exists(test_vectors::kExistentDir)); + EXPECT_FALSE(file_system_.Exists(test_vectors::kNonExistentFile)); + EXPECT_FALSE(file_system_.Exists(test_vectors::kNonExistentDir)); } TEST_F(FileTest, RemoveDir) { - EXPECT_TRUE(file_system.Remove(test_vectors::kTestDir)); - EXPECT_FALSE(file_system.Exists(test_vectors::kTestDir)); + EXPECT_TRUE(file_system_.Remove(test_vectors::kTestDir)); + EXPECT_FALSE(file_system_.Exists(test_vectors::kTestDir)); } TEST_F(FileTest, OpenFile) { std::string path = test_vectors::kTestDir + kTestFileName; - EXPECT_TRUE(file_system.Remove(path)); + EXPECT_TRUE(file_system_.Remove(path)); - std::unique_ptr file = file_system.Open(path, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path, FileSystem::kCreate); ASSERT_TRUE(file); - EXPECT_TRUE(file_system.Exists(path)); + EXPECT_TRUE(file_system_.Exists(path)); } TEST_F(FileTest, RemoveDirAndFile) { std::string path = test_vectors::kTestDir + kTestFileName; - std::unique_ptr file = file_system.Open(path, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path, FileSystem::kCreate); ASSERT_TRUE(file); - EXPECT_TRUE(file_system.Exists(path)); - EXPECT_TRUE(file_system.Remove(path)); - EXPECT_FALSE(file_system.Exists(path)); + EXPECT_TRUE(file_system_.Exists(path)); + EXPECT_TRUE(file_system_.Remove(path)); + EXPECT_FALSE(file_system_.Exists(path)); - file = file_system.Open(path, FileSystem::kCreate); + file = file_system_.Open(path, FileSystem::kCreate); ASSERT_TRUE(file); - EXPECT_TRUE(file_system.Exists(path)); + EXPECT_TRUE(file_system_.Exists(path)); RemoveTestDir(); - EXPECT_FALSE(file_system.Exists(test_vectors::kTestDir)); - EXPECT_FALSE(file_system.Exists(path)); + EXPECT_FALSE(file_system_.Exists(test_vectors::kTestDir)); + EXPECT_FALSE(file_system_.Exists(path)); } TEST_F(FileTest, RemoveWildcardFiles) { @@ -81,47 +81,47 @@ TEST_F(FileTest, RemoveWildcardFiles) { std::string wildcard_path = test_vectors::kTestDir + kWildcard + kTestFileNameExt; - std::unique_ptr file = file_system.Open(path1, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path1, FileSystem::kCreate); ASSERT_TRUE(file); - file = file_system.Open(path2, FileSystem::kCreate); + file = file_system_.Open(path2, FileSystem::kCreate); ASSERT_TRUE(file); - EXPECT_TRUE(file_system.Exists(path1)); - EXPECT_TRUE(file_system.Exists(path2)); - EXPECT_TRUE(file_system.Remove(wildcard_path)); - EXPECT_FALSE(file_system.Exists(path1)); - EXPECT_FALSE(file_system.Exists(path2)); + EXPECT_TRUE(file_system_.Exists(path1)); + EXPECT_TRUE(file_system_.Exists(path2)); + EXPECT_TRUE(file_system_.Remove(wildcard_path)); + EXPECT_FALSE(file_system_.Exists(path1)); + EXPECT_FALSE(file_system_.Exists(path2)); } TEST_F(FileTest, FileSize) { std::string path = test_vectors::kTestDir + kTestFileName; - file_system.Remove(path); + file_system_.Remove(path); std::string write_data = CdmRandom::RandomData(600); size_t write_data_size = write_data.size(); - std::unique_ptr file = file_system.Open(path, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path, FileSystem::kCreate); ASSERT_TRUE(file); EXPECT_EQ(file->Write(write_data.data(), write_data_size), write_data_size); - EXPECT_TRUE(file_system.Exists(path)); + EXPECT_TRUE(file_system_.Exists(path)); - EXPECT_EQ(static_cast(write_data_size), file_system.FileSize(path)); + EXPECT_EQ(static_cast(write_data_size), file_system_.FileSize(path)); } TEST_F(FileTest, WriteReadBinaryFile) { std::string path = test_vectors::kTestDir + kTestFileName; - file_system.Remove(path); + file_system_.Remove(path); std::string write_data = CdmRandom::RandomData(600); size_t write_data_size = write_data.size(); - std::unique_ptr file = file_system.Open(path, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path, FileSystem::kCreate); ASSERT_TRUE(file); EXPECT_EQ(file->Write(write_data.data(), write_data_size), write_data_size); - EXPECT_TRUE(file_system.Exists(path)); + EXPECT_TRUE(file_system_.Exists(path)); std::string read_data; - read_data.resize(file_system.FileSize(path)); + read_data.resize(file_system_.FileSize(path)); size_t read_data_size = read_data.size(); - file = file_system.Open(path, FileSystem::kReadOnly); + file = file_system_.Open(path, FileSystem::kReadOnly); ASSERT_TRUE(file); EXPECT_EQ(file->Read(&read_data[0], read_data_size), read_data_size); EXPECT_EQ(write_data, read_data); @@ -136,25 +136,25 @@ TEST_F(FileTest, ListFiles) { std::string path3 = test_vectors::kTestDir + kTestFileName3; std::string path_dir = test_vectors::kTestDir; - std::unique_ptr file = file_system.Open(path1, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path1, FileSystem::kCreate); ASSERT_TRUE(file); - file = file_system.Open(path2, FileSystem::kCreate); + file = file_system_.Open(path2, FileSystem::kCreate); ASSERT_TRUE(file); - file = file_system.Open(path3, FileSystem::kCreate); + file = file_system_.Open(path3, FileSystem::kCreate); ASSERT_TRUE(file); - EXPECT_TRUE(file_system.Exists(path1)); - EXPECT_TRUE(file_system.Exists(path2)); - EXPECT_TRUE(file_system.Exists(path3)); + EXPECT_TRUE(file_system_.Exists(path1)); + EXPECT_TRUE(file_system_.Exists(path2)); + EXPECT_TRUE(file_system_.Exists(path3)); // Ask for non-existent path. - EXPECT_FALSE(file_system.List(not_path, &names)); + EXPECT_FALSE(file_system_.List(not_path, &names)); // Valid path, but no way to return names. - EXPECT_FALSE(file_system.List(path_dir, nullptr)); + EXPECT_FALSE(file_system_.List(path_dir, nullptr)); // Valid path, valid return. - EXPECT_TRUE(file_system.List(path_dir, &names)); + EXPECT_TRUE(file_system_.List(path_dir, &names)); // Should find three files. Order not important. EXPECT_EQ(3u, names.size()); @@ -162,15 +162,15 @@ TEST_F(FileTest, ListFiles) { kTestFileName, kTestFileName2, kTestFileName3)); std::string wild_card_path = path_dir + kWildcard + kTestFileNameExt; - EXPECT_TRUE(file_system.Remove(wild_card_path)); - EXPECT_TRUE(file_system.List(path_dir, &names)); + EXPECT_TRUE(file_system_.Remove(wild_card_path)); + EXPECT_TRUE(file_system_.List(path_dir, &names)); EXPECT_EQ(1u, names.size()); EXPECT_TRUE(names[0].compare(kTestFileName3) == 0); std::string wild_card_path2 = path_dir + kWildcard + kTestFileNameExt3; - EXPECT_TRUE(file_system.Remove(wild_card_path2)); - EXPECT_TRUE(file_system.List(path_dir, &names)); + EXPECT_TRUE(file_system_.Remove(wild_card_path2)); + EXPECT_TRUE(file_system_.List(path_dir, &names)); EXPECT_EQ(0u, names.size()); } diff --git a/libwvdrmengine/cdm/util/test/file_utils_unittest.cpp b/libwvdrmengine/cdm/util/test/file_utils_unittest.cpp index ce73bd70..39a08c3a 100644 --- a/libwvdrmengine/cdm/util/test/file_utils_unittest.cpp +++ b/libwvdrmengine/cdm/util/test/file_utils_unittest.cpp @@ -31,24 +31,24 @@ class FileUtilsTest : public testing::Test { virtual void TearDown() { RemoveTestDir(); } void CreateTestDir() { - if (!file_system.Exists(test_vectors::kTestDir)) { + if (!file_system_.Exists(test_vectors::kTestDir)) { EXPECT_TRUE(FileUtils::CreateDirectory(test_vectors::kTestDir)); } - EXPECT_TRUE(file_system.Exists(test_vectors::kTestDir)); + EXPECT_TRUE(file_system_.Exists(test_vectors::kTestDir)); } void RemoveTestDir() { - EXPECT_TRUE(file_system.Remove(test_vectors::kTestDir)); + EXPECT_TRUE(file_system_.Remove(test_vectors::kTestDir)); } void CreateTestFile(const std::string file_path) { std::string write_data = GenerateRandomData(600); size_t write_data_size = write_data.size(); std::unique_ptr file = - file_system.Open(file_path, FileSystem::kCreate); + file_system_.Open(file_path, FileSystem::kCreate); EXPECT_TRUE(file); EXPECT_EQ(file->Write(write_data.data(), write_data_size), write_data_size); - EXPECT_TRUE(file_system.Exists(file_path)); + EXPECT_TRUE(file_system_.Exists(file_path)); } std::string GenerateRandomData(uint32_t len) { @@ -59,70 +59,70 @@ class FileUtilsTest : public testing::Test { return data; } - FileSystem file_system; + FileSystem file_system_; }; TEST_F(FileUtilsTest, CreateDirectory) { std::string dir_wo_delimiter = test_vectors::kTestDir.substr(0, test_vectors::kTestDir.size() - 1); - if (file_system.Exists(dir_wo_delimiter)) - EXPECT_TRUE(file_system.Remove(dir_wo_delimiter)); - EXPECT_FALSE(file_system.Exists(dir_wo_delimiter)); + if (file_system_.Exists(dir_wo_delimiter)) + EXPECT_TRUE(file_system_.Remove(dir_wo_delimiter)); + EXPECT_FALSE(file_system_.Exists(dir_wo_delimiter)); EXPECT_TRUE(FileUtils::CreateDirectory(dir_wo_delimiter)); - EXPECT_TRUE(file_system.Exists(dir_wo_delimiter)); - EXPECT_TRUE(file_system.Remove(dir_wo_delimiter)); + EXPECT_TRUE(file_system_.Exists(dir_wo_delimiter)); + EXPECT_TRUE(file_system_.Remove(dir_wo_delimiter)); EXPECT_TRUE(FileUtils::CreateDirectory(test_vectors::kTestDir)); - EXPECT_TRUE(file_system.Exists(test_vectors::kTestDir)); - EXPECT_TRUE(file_system.Remove(test_vectors::kTestDir)); + EXPECT_TRUE(file_system_.Exists(test_vectors::kTestDir)); + EXPECT_TRUE(file_system_.Remove(test_vectors::kTestDir)); } TEST_F(FileUtilsTest, IsDir) { std::string path = test_vectors::kTestDir + kTestFileName; - std::unique_ptr file = file_system.Open(path, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path, FileSystem::kCreate); EXPECT_TRUE(file); - EXPECT_TRUE(file_system.Exists(path)); - EXPECT_TRUE(file_system.Exists(test_vectors::kTestDir)); + EXPECT_TRUE(file_system_.Exists(path)); + EXPECT_TRUE(file_system_.Exists(test_vectors::kTestDir)); EXPECT_FALSE(FileUtils::IsDirectory(path)); EXPECT_TRUE(FileUtils::IsDirectory(test_vectors::kTestDir)); } TEST_F(FileUtilsTest, IsRegularFile) { std::string path = test_vectors::kTestDir + kTestFileName; - std::unique_ptr file = file_system.Open(path, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path, FileSystem::kCreate); EXPECT_TRUE(file); - EXPECT_TRUE(file_system.Exists(path)); - EXPECT_TRUE(file_system.Exists(test_vectors::kTestDir)); + EXPECT_TRUE(file_system_.Exists(path)); + EXPECT_TRUE(file_system_.Exists(test_vectors::kTestDir)); EXPECT_TRUE(FileUtils::IsRegularFile(path)); EXPECT_FALSE(FileUtils::IsRegularFile(test_vectors::kTestDir)); } TEST_F(FileUtilsTest, CopyFile) { std::string path = test_vectors::kTestDir + kTestFileName; - file_system.Remove(path); + file_system_.Remove(path); std::string write_data = GenerateRandomData(600); size_t write_data_size = write_data.size(); - std::unique_ptr wr_file = file_system.Open(path, FileSystem::kCreate); + std::unique_ptr wr_file = file_system_.Open(path, FileSystem::kCreate); EXPECT_TRUE(wr_file); EXPECT_EQ(wr_file->Write(write_data.data(), write_data_size), write_data_size); - ASSERT_TRUE(file_system.Exists(path)); + ASSERT_TRUE(file_system_.Exists(path)); std::string path_copy = test_vectors::kTestDir + kTestFileName2; - EXPECT_FALSE(file_system.Exists(path_copy)); + EXPECT_FALSE(file_system_.Exists(path_copy)); EXPECT_TRUE(FileUtils::Copy(path, path_copy)); std::string read_data; - read_data.resize(file_system.FileSize(path_copy)); + read_data.resize(file_system_.FileSize(path_copy)); size_t read_data_size = read_data.size(); std::unique_ptr rd_file = - file_system.Open(path_copy, FileSystem::kReadOnly); + file_system_.Open(path_copy, FileSystem::kReadOnly); EXPECT_TRUE(rd_file); EXPECT_EQ(rd_file->Read(&read_data[0], read_data_size), read_data_size); EXPECT_EQ(write_data, read_data); - EXPECT_EQ(file_system.FileSize(path), file_system.FileSize(path_copy)); + EXPECT_EQ(file_system_.FileSize(path), file_system_.FileSize(path_copy)); } TEST_F(FileUtilsTest, ListEmptyDirectory) { @@ -138,18 +138,18 @@ TEST_F(FileUtilsTest, ListFiles) { path = test_vectors::kTestDir + kTestFileName; std::string write_data = GenerateRandomData(600); size_t write_data_size = write_data.size(); - std::unique_ptr file = file_system.Open(path, FileSystem::kCreate); + std::unique_ptr file = file_system_.Open(path, FileSystem::kCreate); EXPECT_TRUE(file); EXPECT_EQ(file->Write(write_data.data(), write_data_size), write_data_size); - EXPECT_TRUE(file_system.Exists(path)); + EXPECT_TRUE(file_system_.Exists(path)); path = test_vectors::kTestDir + kTestFileName2; write_data = GenerateRandomData(600); write_data_size = write_data.size(); - file = file_system.Open(path, FileSystem::kCreate); + file = file_system_.Open(path, FileSystem::kCreate); EXPECT_TRUE(file); EXPECT_EQ(file->Write(write_data.data(), write_data_size), write_data_size); - EXPECT_TRUE(file_system.Exists(path)); + EXPECT_TRUE(file_system_.Exists(path)); std::vector files; EXPECT_TRUE(FileUtils::List(test_vectors::kTestDir, &files));