diff --git a/libwvdrmengine/cdm/core/include/cdm_engine.h b/libwvdrmengine/cdm/core/include/cdm_engine.h index 963fa74a..16a4e1f1 100644 --- a/libwvdrmengine/cdm/core/include/cdm_engine.h +++ b/libwvdrmengine/cdm/core/include/cdm_engine.h @@ -179,12 +179,14 @@ class CdmEngine { // Generate and return a valid provisioning request. virtual CdmResponseType GetProvisioningRequest( CdmCertificateType cert_type, const std::string& cert_authority, - const std::string& service_certificate, CdmProvisioningRequest* request, + const std::string& service_certificate, + SecurityLevel requested_security_level, CdmProvisioningRequest* request, std::string* default_url); // Verify and process a provisioning response. virtual CdmResponseType HandleProvisioningResponse( - const CdmProvisioningResponse& response, std::string* cert, + const CdmProvisioningResponse& response, + SecurityLevel requested_security_level, std::string* cert, std::string* wrapped_key); // Return true if there is a device certificate on the current @@ -388,7 +390,6 @@ class CdmEngine { CdmSessionMap session_map_; CdmReleaseKeySetMap release_key_sets_; std::unique_ptr cert_provisioning_; - SecurityLevel cert_provisioning_requested_security_level_; FileSystem* file_system_; Clock clock_; std::string spoid_; diff --git a/libwvdrmengine/cdm/core/include/cdm_engine_metrics_decorator.h b/libwvdrmengine/cdm/core/include/cdm_engine_metrics_decorator.h index befbd9f6..5eb7d9a0 100644 --- a/libwvdrmengine/cdm/core/include/cdm_engine_metrics_decorator.h +++ b/libwvdrmengine/cdm/core/include/cdm_engine_metrics_decorator.h @@ -156,21 +156,24 @@ class CdmEngineMetricsImpl : public T { CdmResponseType GetProvisioningRequest(CdmCertificateType cert_type, const std::string& cert_authority, const std::string& service_certificate, + SecurityLevel requested_security_level, CdmProvisioningRequest* request, std::string* default_url) override { CdmResponseType sts; - M_TIME(sts = T::GetProvisioningRequest(cert_type, cert_authority, - service_certificate, request, - default_url), + M_TIME(sts = T::GetProvisioningRequest( + cert_type, cert_authority, service_certificate, + requested_security_level, request, default_url), metrics_, cdm_engine_get_provisioning_request_, sts); return sts; } CdmResponseType HandleProvisioningResponse( - const CdmProvisioningResponse& response, std::string* cert, + const CdmProvisioningResponse& response, + SecurityLevel requested_security_level, std::string* cert, std::string* wrapped_key) override { CdmResponseType sts; - M_TIME(sts = T::HandleProvisioningResponse(response, cert, wrapped_key), + M_TIME(sts = T::HandleProvisioningResponse( + response, requested_security_level, cert, wrapped_key), metrics_, cdm_engine_handle_provisioning_response_, sts); return sts; } diff --git a/libwvdrmengine/cdm/core/src/cdm_engine.cpp b/libwvdrmengine/cdm/core/src/cdm_engine.cpp index 0317f6d5..ffaacbfd 100644 --- a/libwvdrmengine/cdm/core/src/cdm_engine.cpp +++ b/libwvdrmengine/cdm/core/src/cdm_engine.cpp @@ -73,7 +73,6 @@ CdmEngine::CdmEngine(FileSystem* file_system, std::shared_ptr metrics) : metrics_(metrics), cert_provisioning_(), - cert_provisioning_requested_security_level_(kLevelDefault), file_system_(file_system), spoid_(EMPTY_SPOID), usage_session_(), @@ -136,8 +135,6 @@ CdmResponseType CdmEngine::OpenSession(const CdmKeySystem& key_system, new_session->Init(property_set, forced_session_id, event_listener); if (sts != NO_ERROR) { if (sts == NEED_PROVISIONING) { - cert_provisioning_requested_security_level_ = - new_session->GetRequestedSecurityLevel(); // Reserve a session ID so the CDM can return success. if (session_id) *session_id = new_session->GenerateSessionId(); } else { @@ -294,10 +291,6 @@ CdmResponseType CdmEngine::GenerateKeyRequest( if (KEY_ADDED == sts) { return sts; } else if (KEY_MESSAGE != sts) { - if (sts == NEED_PROVISIONING) { - cert_provisioning_requested_security_level_ = - session->GetRequestedSecurityLevel(); - } LOGE("Key request generation failed, status = %d", static_cast(sts)); return sts; } @@ -414,10 +407,6 @@ CdmResponseType CdmEngine::RestoreKey(const CdmSessionId& session_id, &error_detail); session->GetMetrics()->cdm_session_restore_offline_session_.Increment( sts, error_detail); - if (sts == NEED_PROVISIONING) { - cert_provisioning_requested_security_level_ = - session->GetRequestedSecurityLevel(); - } if (sts != KEY_ADDED && sts != GET_RELEASED_LICENSE_ERROR) { LOGE("Restore offline session failed: status = %d", static_cast(sts)); } @@ -895,7 +884,8 @@ bool CdmEngine::IsSecurityLevelSupported(CdmSecurityLevel level) { */ CdmResponseType CdmEngine::GetProvisioningRequest( CdmCertificateType cert_type, const std::string& cert_authority, - const std::string& service_certificate, CdmProvisioningRequest* request, + const std::string& service_certificate, + SecurityLevel requested_security_level, CdmProvisioningRequest* request, std::string* default_url) { LOGI("Getting provisioning request"); if (!request) { @@ -915,7 +905,7 @@ CdmResponseType CdmEngine::GetProvisioningRequest( if (status != NO_ERROR) return status; } CdmResponseType ret = cert_provisioning_->GetProvisioningRequest( - cert_provisioning_requested_security_level_, cert_type, cert_authority, + requested_security_level, cert_type, cert_authority, file_system_->origin(), spoid_, request, default_url); if (ret != NO_ERROR) { cert_provisioning_.reset(); // Release resources. @@ -931,7 +921,8 @@ CdmResponseType CdmEngine::GetProvisioningRequest( * Returns NO_ERROR for success and CdmResponseType error code if fails. */ CdmResponseType CdmEngine::HandleProvisioningResponse( - const CdmProvisioningResponse& response, std::string* cert, + const CdmProvisioningResponse& response, + SecurityLevel requested_security_level, std::string* cert, std::string* wrapped_key) { LOGI("Handling provision request"); if (response.empty()) { @@ -955,10 +946,9 @@ CdmResponseType CdmEngine::HandleProvisioningResponse( std::unique_ptr crypto_session( CryptoSession::MakeCryptoSession(metrics_->GetCryptoMetrics())); CdmResponseType status; - M_TIME(status = crypto_session->Open( - cert_provisioning_requested_security_level_), + M_TIME(status = crypto_session->Open(requested_security_level), metrics_->GetCryptoMetrics(), crypto_session_open_, status, - cert_provisioning_requested_security_level_); + requested_security_level); if (NO_ERROR != status) { LOGE("Provisioning object missing and crypto session open failed"); return EMPTY_PROVISIONING_CERTIFICATE_2; diff --git a/libwvdrmengine/cdm/core/test/cdm_engine_metrics_decorator_unittest.cpp b/libwvdrmengine/cdm/core/test/cdm_engine_metrics_decorator_unittest.cpp index 2ca27d89..6d09be08 100644 --- a/libwvdrmengine/cdm/core/test/cdm_engine_metrics_decorator_unittest.cpp +++ b/libwvdrmengine/cdm/core/test/cdm_engine_metrics_decorator_unittest.cpp @@ -76,13 +76,13 @@ class MockCdmEngineImpl : public CdmEngine { MOCK_METHOD1(RemoveKeys, CdmResponseType(const CdmSessionId&)); MOCK_METHOD2(QueryKeyStatus, CdmResponseType(const CdmSessionId&, CdmQueryMap*)); - MOCK_METHOD5(GetProvisioningRequest, + MOCK_METHOD6(GetProvisioningRequest, CdmResponseType(CdmCertificateType, const std::string&, - const std::string&, CdmProvisioningRequest*, - std::string*)); - MOCK_METHOD3(HandleProvisioningResponse, - CdmResponseType(const CdmProvisioningResponse&, std::string*, - std::string*)); + const std::string&, SecurityLevel, + CdmProvisioningRequest*, std::string*)); + MOCK_METHOD4(HandleProvisioningResponse, + CdmResponseType(const CdmProvisioningResponse&, SecurityLevel, + std::string*, std::string*)); MOCK_METHOD1(Unprovision, CdmResponseType(CdmSecurityLevel)); MOCK_METHOD4(ListUsageIds, CdmResponseType(const std::string&, CdmSecurityLevel, @@ -311,16 +311,17 @@ TEST_F(WvCdmEngineMetricsImplTest, GetProvisioningRequest) { std::string default_url; EXPECT_CALL(*test_cdm_metrics_engine_, - GetProvisioningRequest(Eq(kCertificateX509), - Eq("fake certificate authority"), - Eq("fake service certificate"), - Eq(&request), Eq(&default_url))) + GetProvisioningRequest( + Eq(kCertificateX509), Eq("fake certificate authority"), + Eq("fake service certificate"), Eq(wvcdm::kLevelDefault), + Eq(&request), Eq(&default_url))) .WillOnce(Return(wvcdm::UNKNOWN_ERROR)); ASSERT_EQ(wvcdm::UNKNOWN_ERROR, test_cdm_metrics_engine_->GetProvisioningRequest( kCertificateX509, "fake certificate authority", - "fake service certificate", &request, &default_url)); + "fake service certificate", wvcdm::kLevelDefault, &request, + &default_url)); drm_metrics::WvCdmMetrics metrics_proto; test_cdm_metrics_engine_->GetMetricsSnapshot(&metrics_proto); @@ -340,12 +341,14 @@ TEST_F(WvCdmEngineMetricsImplTest, HandleProvisioningResponse) { EXPECT_CALL(*test_cdm_metrics_engine_, HandleProvisioningResponse(Eq("fake provisioning response"), - Eq(&cert), Eq(&wrapped_key))) + Eq(wvcdm::kLevelDefault), Eq(&cert), + Eq(&wrapped_key))) .WillOnce(Return(wvcdm::UNKNOWN_ERROR)); ASSERT_EQ(wvcdm::UNKNOWN_ERROR, test_cdm_metrics_engine_->HandleProvisioningResponse( - "fake provisioning response", &cert, &wrapped_key)); + "fake provisioning response", wvcdm::kLevelDefault, &cert, + &wrapped_key)); drm_metrics::WvCdmMetrics metrics_proto; test_cdm_metrics_engine_->GetMetricsSnapshot(&metrics_proto); diff --git a/libwvdrmengine/cdm/core/test/test_base.cpp b/libwvdrmengine/cdm/core/test/test_base.cpp index 572cef79..f3b90bc1 100644 --- a/libwvdrmengine/cdm/core/test/test_base.cpp +++ b/libwvdrmengine/cdm/core/test/test_base.cpp @@ -294,8 +294,8 @@ void WvCdmTestBase::Provision() { std::shared_ptr(new EngineMetrics)); FakeProvisioningServer server; CdmResponseType result = cdm_engine.GetProvisioningRequest( - cert_type, cert_authority, server.service_certificate(), &prov_request, - &provisioning_server_url); + cert_type, cert_authority, server.service_certificate(), kLevelDefault, + &prov_request, &provisioning_server_url); ASSERT_EQ(NO_ERROR, result); if (!binary_provisioning_) { std::vector prov_request_v = Base64SafeDecode(prov_request); @@ -304,8 +304,8 @@ void WvCdmTestBase::Provision() { std::string response; ASSERT_TRUE(server.MakeResponse(prov_request, &response)) << "Fake provisioning server could not provision"; - result = - cdm_engine.HandleProvisioningResponse(response, &cert, &wrapped_key); + result = cdm_engine.HandleProvisioningResponse(response, kLevelDefault, + &cert, &wrapped_key); EXPECT_EQ(NO_ERROR, result); } else { // TODO(fredgc): provision for different SPOIDs. @@ -314,7 +314,7 @@ void WvCdmTestBase::Provision() { CdmResponseType result = cdm_engine.GetProvisioningRequest( cert_type, cert_authority, config_.provisioning_service_certificate(), - &prov_request, &provisioning_server_url); + kLevelDefault, &prov_request, &provisioning_server_url); ASSERT_EQ(NO_ERROR, result); if (binary_provisioning_) { @@ -385,14 +385,15 @@ void WvCdmTestBase::Provision() { std::string binary_protobuf_response(response_vec.begin(), response_vec.end()); - if (cdm_engine.HandleProvisioningResponse( - binary_protobuf_response, &cert, &wrapped_key) != NO_ERROR) { + if (cdm_engine.HandleProvisioningResponse(binary_protobuf_response, + kLevelDefault, &cert, + &wrapped_key) != NO_ERROR) { LOGE("Failed to handle provisioning response"); continue; } } else { - if (cdm_engine.HandleProvisioningResponse(http_message, &cert, - &wrapped_key) != NO_ERROR) { + if (cdm_engine.HandleProvisioningResponse( + http_message, kLevelDefault, &cert, &wrapped_key) != NO_ERROR) { LOGE("Failed to handle binary provisioning response"); continue; } diff --git a/libwvdrmengine/cdm/include/wv_content_decryption_module.h b/libwvdrmengine/cdm/include/wv_content_decryption_module.h index d74751bd..dbf92e4f 100644 --- a/libwvdrmengine/cdm/include/wv_content_decryption_module.h +++ b/libwvdrmengine/cdm/include/wv_content_decryption_module.h @@ -88,11 +88,13 @@ class WvContentDecryptionModule : public android::RefBase, public TimerHandler { virtual CdmResponseType GetProvisioningRequest( CdmCertificateType cert_type, const std::string& cert_authority, const CdmIdentifier& identifier, const std::string& service_certificate, - CdmProvisioningRequest* request, std::string* default_url); + SecurityLevel requested_security_level, CdmProvisioningRequest* request, + std::string* default_url); virtual CdmResponseType HandleProvisioningResponse( const CdmIdentifier& identifier, CdmProvisioningResponse& response, - std::string* cert, std::string* wrapped_key); + SecurityLevel requested_security_level, std::string* cert, + std::string* wrapped_key); virtual CdmResponseType Unprovision(CdmSecurityLevel level, const CdmIdentifier& identifier); diff --git a/libwvdrmengine/cdm/src/wv_content_decryption_module.cpp b/libwvdrmengine/cdm/src/wv_content_decryption_module.cpp index d1f2003e..a49ff111 100644 --- a/libwvdrmengine/cdm/src/wv_content_decryption_module.cpp +++ b/libwvdrmengine/cdm/src/wv_content_decryption_module.cpp @@ -211,17 +211,21 @@ bool WvContentDecryptionModule::IsSecurityLevelSupported( CdmResponseType WvContentDecryptionModule::GetProvisioningRequest( CdmCertificateType cert_type, const std::string& cert_authority, const CdmIdentifier& identifier, const std::string& service_certificate, - CdmProvisioningRequest* request, std::string* default_url) { + SecurityLevel requested_security_level, CdmProvisioningRequest* request, + std::string* default_url) { CdmEngine* cdm_engine = EnsureCdmForIdentifier(identifier); return cdm_engine->GetProvisioningRequest( - cert_type, cert_authority, service_certificate, request, default_url); + cert_type, cert_authority, service_certificate, requested_security_level, + request, default_url); } CdmResponseType WvContentDecryptionModule::HandleProvisioningResponse( const CdmIdentifier& identifier, CdmProvisioningResponse& response, - std::string* cert, std::string* wrapped_key) { + SecurityLevel requested_security_level, std::string* cert, + std::string* wrapped_key) { CdmEngine* cdm_engine = EnsureCdmForIdentifier(identifier); - return cdm_engine->HandleProvisioningResponse(response, cert, wrapped_key); + return cdm_engine->HandleProvisioningResponse( + response, requested_security_level, cert, wrapped_key); } CdmResponseType WvContentDecryptionModule::Unprovision( diff --git a/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp b/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp index 7ae4a0ed..3b00e13f 100644 --- a/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp +++ b/libwvdrmengine/cdm/test/cdm_extended_duration_test.cpp @@ -451,7 +451,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase { status = decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server_url); + kEmptyServiceCertificate, kLevelDefault, &key_msg_, + &provisioning_server_url); EXPECT_EQ(NO_ERROR, status); if (NO_ERROR != status) return; EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl); @@ -461,7 +462,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase { EXPECT_NE(0, static_cast(response.size())); EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse(kDefaultCdmIdentifier, response, - &cert, &wrapped_key)); + kLevelDefault, &cert, + &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); decryptor_->CloseSession(session_id_); diff --git a/libwvdrmengine/cdm/test/cdm_feature_test.cpp b/libwvdrmengine/cdm/test/cdm_feature_test.cpp index f00011c8..5d1f4bf1 100644 --- a/libwvdrmengine/cdm/test/cdm_feature_test.cpp +++ b/libwvdrmengine/cdm/test/cdm_feature_test.cpp @@ -410,7 +410,8 @@ TEST_F(WvCdmFeatureTest, OEMCertificateProvisioning) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server_url)); + kEmptyServiceCertificate, kLevelDefault, &key_msg_, + &provisioning_server_url)); EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl); ClientIdentification_TokenType token_type; @@ -425,9 +426,9 @@ TEST_F(WvCdmFeatureTest, OEMCertificateProvisioning) { std::string response = GetCertRequestResponse(provisioning_server_url); // GetCertRequestResponse(config_.provisioning_server_url()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_.HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevelDefault, + &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); decryptor_.CloseSession(session_id_); @@ -445,7 +446,8 @@ TEST_F(WvCdmFeatureTest, KeyboxProvisioning) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server_url)); + kEmptyServiceCertificate, kLevelDefault, &key_msg_, + &provisioning_server_url)); EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl); ClientIdentification_TokenType token_type; @@ -460,9 +462,9 @@ TEST_F(WvCdmFeatureTest, KeyboxProvisioning) { std::string response = GetCertRequestResponse(provisioning_server_url); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_.HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevelDefault, + &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); decryptor_.CloseSession(session_id_); diff --git a/libwvdrmengine/cdm/test/request_license_test.cpp b/libwvdrmengine/cdm/test/request_license_test.cpp index 66c38afa..8a5d64f1 100644 --- a/libwvdrmengine/cdm/test/request_license_test.cpp +++ b/libwvdrmengine/cdm/test/request_license_test.cpp @@ -2004,12 +2004,13 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase { void Provision() { Provision(kDefaultCdmIdentifier, kLevelDefault); } - void Provision(const CdmIdentifier& identifier, SecurityLevel level, + void Provision(const CdmIdentifier& identifier, + SecurityLevel requested_security_level, CdmProvisioningResponse* provisioning_response = nullptr) { TestWvCdmClientPropertySet property_set_L3; TestWvCdmClientPropertySet* property_set = nullptr; - if (kLevel3 == level) { + if (kLevel3 == requested_security_level) { property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3); property_set = &property_set_L3; } @@ -2033,7 +2034,7 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase { status = decryptor_->GetProvisioningRequest( cert_type, cert_authority, identifier, kEmptyServiceCertificate, - &key_msg_, &provisioning_server); + requested_security_level, &key_msg_, &provisioning_server); EXPECT_EQ(wvcdm::NO_ERROR, status); if (NO_ERROR != status) return; EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); @@ -2042,8 +2043,10 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase { GetCertRequestResponse(config_.provisioning_server()); if (provisioning_response != nullptr) *provisioning_response = response; EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( - identifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, + decryptor_->HandleProvisioningResponse(identifier, response, + requested_security_level, + &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); decryptor_->CloseSession(session_id_); @@ -2151,14 +2154,15 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTest) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server)); + kEmptyServiceCertificate, kLevelDefault, &key_msg_, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevelDefault, + &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); decryptor_->CloseSession(session_id_); @@ -2177,15 +2181,15 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTestWithServiceCertificate) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - config_.provisioning_service_certificate(), &key_msg_, - &provisioning_server)); + config_.provisioning_service_certificate(), kLevelDefault, + &key_msg_, &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevelDefault, + &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); decryptor_->CloseSession(session_id_); @@ -2194,26 +2198,22 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTestWithServiceCertificate) { TEST_F(WvCdmRequestLicenseTest, L3ProvisioningTest) { TestWvCdmClientPropertySet property_set_L3; property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3); - CdmResponseType status = - decryptor_->OpenSession(config_.key_system(), &property_set_L3, - kDefaultCdmIdentifier, nullptr, &session_id_); - EXPECT_TRUE(status == NEED_PROVISIONING || status == NO_ERROR) - << "Failure to open session. error: " << status; std::string provisioning_server; CdmCertificateType cert_type = kCertificateWidevine; std::string cert_authority, cert, wrapped_key; - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_->GetProvisioningRequest( - cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server)); + EXPECT_EQ( + wvcdm::NO_ERROR, + decryptor_->GetProvisioningRequest( + cert_type, cert_authority, kDefaultCdmIdentifier, + kEmptyServiceCertificate, kLevel3, &key_msg_, &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + kDefaultCdmIdentifier, response, kLevel3, &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); decryptor_->CloseSession(session_id_); @@ -2295,22 +2295,24 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg1, &provisioning_server)); + kEmptyServiceCertificate, kLevelDefault, &key_msg1, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg2, &provisioning_server)); + kEmptyServiceCertificate, kLevelDefault, &key_msg2, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); // Second message should succeed. key_msg_ = key_msg2; std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevelDefault, + &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); @@ -2318,9 +2320,9 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) { key_msg_ = key_msg1; response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevelDefault, + &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); decryptor_->CloseSession(session_id_); @@ -2338,22 +2340,24 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg1, &provisioning_server)); + kEmptyServiceCertificate, kLevelDefault, &key_msg1, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg2, &provisioning_server)); + kEmptyServiceCertificate, kLevelDefault, &key_msg2, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); // First request expected to fail, because only one message may be active. key_msg_ = key_msg1; std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(LOAD_PROVISIONING_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(LOAD_PROVISIONING_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, + kLevelDefault, &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); @@ -2361,9 +2365,9 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) { key_msg_ = key_msg2; response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevelDefault, + &cert, &wrapped_key)); EXPECT_EQ(0, static_cast(cert.size())); EXPECT_EQ(0, static_cast(wrapped_key.size())); @@ -2382,14 +2386,15 @@ TEST_F(WvCdmRequestLicenseTest, DISABLED_X509ProvisioningTest) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server)); + kEmptyServiceCertificate, kLevelDefault, &key_msg_, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(wvcdm::NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevelDefault, + &cert, &wrapped_key)); EXPECT_NE(0, static_cast(cert.size())); EXPECT_NE(0, static_cast(wrapped_key.size())); decryptor_->CloseSession(session_id_); @@ -2472,17 +2477,17 @@ TEST_F(WvCdmRequestLicenseTest, PropertySetTest) { std::string provisioning_server; CdmCertificateType cert_type = kCertificateWidevine; std::string cert_authority, cert, wrapped_key; - EXPECT_EQ(NO_ERROR, - decryptor_->GetProvisioningRequest( - cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server)); + EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest( + cert_type, cert_authority, kDefaultCdmIdentifier, + kEmptyServiceCertificate, kLevel3, &key_msg_, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevel3, &cert, + &wrapped_key)); EXPECT_EQ(NO_ERROR, decryptor_->OpenSession( config_.key_system(), &property_set_L3, kDefaultCdmIdentifier, nullptr, &session_id_L3)); @@ -2549,16 +2554,16 @@ TEST_F(WvCdmRequestLicenseTest, ForceL3Test) { std::string provisioning_server; CdmCertificateType cert_type = kCertificateWidevine; std::string cert_authority, cert, wrapped_key; - EXPECT_EQ(NO_ERROR, - decryptor_->GetProvisioningRequest( - cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server)); + EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest( + cert_type, cert_authority, kDefaultCdmIdentifier, + kEmptyServiceCertificate, kLevel3, &key_msg_, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + kDefaultCdmIdentifier, response, kLevel3, &cert, &wrapped_key)); EXPECT_EQ(NO_ERROR, decryptor_->OpenSession( config_.key_system(), &property_set, @@ -2812,17 +2817,17 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryL3OfflineKeyTest) { std::string provisioning_server; CdmCertificateType cert_type = kCertificateWidevine; std::string cert_authority, cert, wrapped_key; - EXPECT_EQ(NO_ERROR, - decryptor_->GetProvisioningRequest( - cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, &provisioning_server)); + EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest( + cert_type, cert_authority, kDefaultCdmIdentifier, + kEmptyServiceCertificate, kLevel3, &key_msg_, + &provisioning_server)); EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl); std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevel3, &cert, + &wrapped_key)); EXPECT_EQ(NO_ERROR, decryptor_->OpenSession( config_.key_system(), &property_set, kDefaultCdmIdentifier, nullptr, &session_id_)); @@ -2890,15 +2895,15 @@ TEST_F(WvCdmRequestLicenseTest, std::string cert_authority, cert, wrapped_key; EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &key_msg_, + kEmptyServiceCertificate, kLevel3, &key_msg_, &provisioning_server_url)); EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl); std::string response = GetCertRequestResponse(config_.provisioning_server()); EXPECT_NE(0, static_cast(response.size())); - EXPECT_EQ(NO_ERROR, - decryptor_->HandleProvisioningResponse( - kDefaultCdmIdentifier, response, &cert, &wrapped_key)); + EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse( + kDefaultCdmIdentifier, response, kLevel3, &cert, + &wrapped_key)); EXPECT_EQ(NO_ERROR, decryptor_->OpenSession( config_.key_system(), &property_set, kDefaultCdmIdentifier, nullptr, &session_id_)); diff --git a/libwvdrmengine/cdm/test/wv_cdm_metrics_test.cpp b/libwvdrmengine/cdm/test/wv_cdm_metrics_test.cpp index b16680b3..cece6da5 100644 --- a/libwvdrmengine/cdm/test/wv_cdm_metrics_test.cpp +++ b/libwvdrmengine/cdm/test/wv_cdm_metrics_test.cpp @@ -58,7 +58,8 @@ TEST_F(WvContentDecryptionModuleMetricsTest, EngineOnlyMetrics) { EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest( cert_type, cert_authority, kDefaultCdmIdentifier, - kEmptyServiceCertificate, &request, &provisioning_server_url)); + kEmptyServiceCertificate, kLevelDefault, &request, + &provisioning_server_url)); drm_metrics::WvCdmMetrics metrics; ASSERT_EQ(wvcdm::NO_ERROR, diff --git a/libwvdrmengine/mediadrm/include_hidl/WVDrmPlugin.h b/libwvdrmengine/mediadrm/include_hidl/WVDrmPlugin.h index 12b0388a..8f0608a8 100644 --- a/libwvdrmengine/mediadrm/include_hidl/WVDrmPlugin.h +++ b/libwvdrmengine/mediadrm/include_hidl/WVDrmPlugin.h @@ -453,6 +453,8 @@ struct WVDrmPlugin : public IDrmPlugin, IDrmPluginListener, SecurityLevel mapSecurityLevel(const std::string& level); + wvcdm::SecurityLevel getRequestedSecurityLevel() const; + Status openSessionCommon(std::vector& sessionId); bool initDataResemblesPSSH(const std::vector& initData); diff --git a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp index 31d8ac0f..ccb01a65 100644 --- a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp +++ b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp @@ -371,10 +371,15 @@ status_t WVDrmPlugin::getProvisionRequest(const String8& cert_type, string cdmCertAuthority = cert_authority.string(); + wvcdm::SecurityLevel requested_security_level = + mPropertySet.security_level().compare(QUERY_VALUE_SECURITY_LEVEL_L3) == 0 + ? kLevel3 + : kLevelDefault; + CdmResponseType res = mCDM->GetProvisioningRequest( cdmCertType, cdmCertAuthority, mCdmIdentifier, - mProvisioningServiceCertificate, &cdmProvisionRequest, - &cdmDefaultUrl); + mProvisioningServiceCertificate, requested_security_level, + &cdmProvisionRequest, &cdmDefaultUrl); if (isCdmResponseTypeSuccess(res)) { request = ToVector(cdmProvisionRequest); @@ -401,10 +406,15 @@ status_t WVDrmPlugin::provideProvisionResponse( } else { string cdmCertificate; string cdmWrappedKey; - CdmResponseType res = mCDM->HandleProvisioningResponse(mCdmIdentifier, - cdmResponse, - &cdmCertificate, - &cdmWrappedKey); + wvcdm::SecurityLevel requested_security_level = + mPropertySet.security_level() + .compare(QUERY_VALUE_SECURITY_LEVEL_L3) == 0 + ? kLevel3 + : kLevelDefault; + CdmResponseType res = + mCDM->HandleProvisioningResponse(mCdmIdentifier, cdmResponse, + requested_security_level, + &cdmCertificate, &cdmWrappedKey); if (isCdmResponseTypeSuccess(res)) { certificate = ToVector(cdmCertificate); wrapped_key = ToVector(cdmWrappedKey); diff --git a/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp index 08981113..205f842e 100644 --- a/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp +++ b/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp @@ -719,7 +719,8 @@ Return WVDrmPlugin::getProvisionRequest_1_2( CdmResponseType res = mCDM->GetProvisioningRequest( cdmCertType, cdmCertAuthority, identifier, - mProvisioningServiceCertificate, &cdmProvisionRequest, &cdmDefaultUrl); + mProvisioningServiceCertificate, getRequestedSecurityLevel(), + &cdmProvisionRequest, &cdmDefaultUrl); if (isCdmResponseTypeSuccess(res)) { request = StrToVector(cdmProvisionRequest); defaultUrl.clear(); @@ -765,7 +766,8 @@ Return WVDrmPlugin::provideProvisionResponse( std::string cdmCertificate; std::string cdmWrappedKey; CdmResponseType res = mCDM->HandleProvisioningResponse( - identifier, cdmResponse, &cdmCertificate, &cdmWrappedKey); + identifier, cdmResponse, getRequestedSecurityLevel(), &cdmCertificate, + &cdmWrappedKey); if (isCdmResponseTypeSuccess(res)) { certificate = StrToVector(cdmCertificate); wrappedKey = StrToVector(cdmWrappedKey); @@ -1951,12 +1953,7 @@ void WVDrmPlugin::OnSessionLostState(const CdmSessionId& cdmSessionId) { Status WVDrmPlugin::queryProperty(const std::string& property, std::string& stringValue) const { - wvcdm::SecurityLevel securityLevel = - mPropertySet.security_level().compare( - wvcdm::QUERY_VALUE_SECURITY_LEVEL_L3) == 0 - ? wvcdm::kLevel3 - : wvcdm::kLevelDefault; - return queryProperty(securityLevel, property, stringValue); + return queryProperty(getRequestedSecurityLevel(), property, stringValue); } Status WVDrmPlugin::queryProperty(wvcdm::SecurityLevel securityLevel, @@ -2047,6 +2044,13 @@ Status WVDrmPlugin::mapOEMCryptoResult(OEMCryptoResult res) { } } +wvcdm::SecurityLevel WVDrmPlugin::getRequestedSecurityLevel() const { + return mPropertySet.security_level().compare( + wvcdm::QUERY_VALUE_SECURITY_LEVEL_L3) == 0 + ? wvcdm::kLevel3 + : wvcdm::kLevelDefault; +} + bool WVDrmPlugin::initDataResemblesPSSH(const std::vector& initData) { const uint8_t* const initDataArray = initData.data(); diff --git a/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp b/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp index bc84e471..2dbb8669 100644 --- a/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp +++ b/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp @@ -7,25 +7,26 @@ #define LOG_TAG "WVDrmPluginTest" #include -#include -#include -#include #include +#include +#include +#include #include -#include "cdm_client_property_set.h" #include "gmock/gmock.h" #include "gtest/gtest.h" -#include "media/stagefright/foundation/ABase.h" -#include "media/stagefright/MediaErrors.h" -#include "string_conversions.h" -#include "wv_cdm_constants.h" -#include "wv_cdm_types.h" -#include "wv_content_decryption_module.h" + #include "HidlTypes.h" #include "TypeConvert.h" #include "WVDrmPlugin.h" #include "WVErrors.h" +#include "cdm_client_property_set.h" +#include "media/stagefright/MediaErrors.h" +#include "media/stagefright/foundation/ABase.h" +#include "string_conversions.h" +#include "wv_cdm_constants.h" +#include "wv_cdm_types.h" +#include "wv_content_decryption_module.h" namespace wvdrm { namespace hardware { @@ -174,16 +175,17 @@ class MockCDM : public WvContentDecryptionModule { MOCK_METHOD2(QueryOemCryptoSessionId, CdmResponseType(const CdmSessionId&, CdmQueryMap*)); - MOCK_METHOD6(GetProvisioningRequest, CdmResponseType(CdmCertificateType, + MOCK_METHOD7(GetProvisioningRequest, CdmResponseType(CdmCertificateType, const std::string&, const CdmIdentifier&, const std::string&, + wvcdm::SecurityLevel, CdmProvisioningRequest*, std::string*)); - MOCK_METHOD4(HandleProvisioningResponse, + MOCK_METHOD5(HandleProvisioningResponse, CdmResponseType(const CdmIdentifier&, CdmProvisioningResponse&, - std::string*, std::string*)); + wvcdm::SecurityLevel, std::string*, std::string*)); MOCK_METHOD2(Unprovision, CdmResponseType(CdmSecurityLevel, const CdmIdentifier&)); @@ -838,13 +840,27 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) { static const char* kDefaultUrl = "http://google.com/"; - EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(), - HasOrigin(EMPTY_ORIGIN), IsEmpty(), - _, _)) - .WillOnce(DoAll(SetArgPointee<4>(cdmRequest), - SetArgPointee<5>(kDefaultUrl), + EXPECT_CALL(*cdm, QueryStatus(_, QUERY_KEY_SECURITY_LEVEL, _)) + .WillOnce(DoAll(SetArgPointee<2>(QUERY_VALUE_SECURITY_LEVEL_L1), testing::Return(wvcdm::NO_ERROR))); + // The first and the third invocation should be at default security level, + // while the second one should be L3 + EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(), + HasOrigin(EMPTY_ORIGIN), IsEmpty(), + wvcdm::kLevelDefault, _, _)) + .Times(2) + .WillRepeatedly(DoAll(SetArgPointee<5>(cdmRequest), + SetArgPointee<6>(kDefaultUrl), + testing::Return(wvcdm::NO_ERROR))); + EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(), + HasOrigin(EMPTY_ORIGIN), IsEmpty(), + wvcdm::kLevel3, _, _)) + .WillOnce(DoAll(SetArgPointee<5>(cdmRequest), + SetArgPointee<6>(kDefaultUrl), + testing::Return(wvcdm::NO_ERROR))); + + // Make 3 provisioning requests at security level default then L3 then L1 WVDrmPlugin plugin(cdm.get(), appPackageName, &crypto, false); plugin.getProvisionRequest( hidl_string(""), hidl_string(""), @@ -855,6 +871,34 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) { EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize)); EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str()); }); + + // Set L3 security level + Status status = plugin.setPropertyString(hidl_string("securityLevel"), + hidl_string("L3")); + ASSERT_EQ(Status::OK, status); + plugin.getProvisionRequest( + hidl_string(""), hidl_string(""), + [&](Status status, hidl_vec hRequest, hidl_string defaultUrl) { + ASSERT_EQ(Status::OK, status); + + std::vector request(hRequest); + EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize)); + EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str()); + }); + + // Reset security level to L1 + status = plugin.setPropertyString(hidl_string("securityLevel"), + hidl_string("L1")); + ASSERT_EQ(Status::OK, status); + plugin.getProvisionRequest( + hidl_string(""), hidl_string(""), + [&](Status status, hidl_vec hRequest, hidl_string defaultUrl) { + ASSERT_EQ(Status::OK, status); + + std::vector request(hRequest); + EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize)); + EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str()); + }); } TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) { @@ -871,15 +915,27 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) { std::vector response; response.assign(responseRaw, responseRaw + kResponseSize); + EXPECT_CALL(*cdm, QueryStatus(_, QUERY_KEY_SECURITY_LEVEL, _)) + .WillOnce(DoAll(SetArgPointee<2>(QUERY_VALUE_SECURITY_LEVEL_L1), + testing::Return(wvcdm::NO_ERROR))); + + // The first and the third invocation should be at default security level, + // while the second one should be L3 EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN), ElementsAreArray(responseRaw, kResponseSize), - _, _)) + wvcdm::kLevelDefault, _, _)) + .Times(2); + EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN), + ElementsAreArray(responseRaw, + kResponseSize), + wvcdm::kLevel3, _, _)) .Times(1); std::vector cert; std::vector key; + // Process 3 provisioning responses at security level default then L3 then L1 WVDrmPlugin plugin(cdm.get(), appPackageName, &crypto, false); plugin.provideProvisionResponse( toHidlVec(response), @@ -887,6 +943,26 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) { hidl_vec /* key */) { ASSERT_EQ(Status::OK, status); }); + + // Set L3 security level + Status status = plugin.setPropertyString(hidl_string("securityLevel"), + hidl_string("L3")); + plugin.provideProvisionResponse( + toHidlVec(response), + [&](Status status, hidl_vec /* cert */, + hidl_vec /* key */) { + ASSERT_EQ(Status::OK, status); + }); + + // Reset security level to L1 + status = plugin.setPropertyString(hidl_string("securityLevel"), + hidl_string("L1")); + plugin.provideProvisionResponse( + toHidlVec(response), + [&](Status status, hidl_vec /* cert */, + hidl_vec /* key */) { + ASSERT_EQ(Status::OK, status); + }); } TEST_F(WVDrmPluginTest, UnprovisionsDevice) { diff --git a/libwvdrmengine/mediadrm/test/legacy_src/WVDrmPlugin_test.cpp b/libwvdrmengine/mediadrm/test/legacy_src/WVDrmPlugin_test.cpp index 33553147..252cac73 100644 --- a/libwvdrmengine/mediadrm/test/legacy_src/WVDrmPlugin_test.cpp +++ b/libwvdrmengine/mediadrm/test/legacy_src/WVDrmPlugin_test.cpp @@ -4,23 +4,23 @@ // License Agreement. // +#include #include #include -#include #include +#include "WVDrmPlugin.h" +#include "WVErrors.h" #include "cdm_client_property_set.h" -#include "gmock/gmock.h" -#include "gtest/gtest.h" +#include "media/stagefright/MediaErrors.h" #include "media/stagefright/foundation/ABase.h" #include "media/stagefright/foundation/AString.h" -#include "media/stagefright/MediaErrors.h" #include "string_conversions.h" #include "wv_cdm_constants.h" #include "wv_cdm_types.h" #include "wv_content_decryption_module.h" -#include "WVDrmPlugin.h" -#include "WVErrors.h" +#include "gmock/gmock.h" +#include "gtest/gtest.h" using namespace android; using namespace std; @@ -85,16 +85,17 @@ class MockCDM : public WvContentDecryptionModule { MOCK_METHOD2(QueryOemCryptoSessionId, CdmResponseType(const CdmSessionId&, CdmQueryMap*)); - MOCK_METHOD6(GetProvisioningRequest, CdmResponseType(CdmCertificateType, + MOCK_METHOD7(GetProvisioningRequest, CdmResponseType(CdmCertificateType, const std::string&, const CdmIdentifier&, const std::string&, + SecurityLevel, CdmProvisioningRequest*, std::string*)); - MOCK_METHOD4(HandleProvisioningResponse, + MOCK_METHOD5(HandleProvisioningResponse, CdmResponseType(const CdmIdentifier&, CdmProvisioningResponse&, - std::string*, std::string*)); + SecurityLevel, std::string*, std::string*)); MOCK_METHOD2(Unprovision, CdmResponseType(CdmSecurityLevel, const CdmIdentifier&)); @@ -607,9 +608,9 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) { EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(), HasOrigin(EMPTY_ORIGIN), IsEmpty(), - _, _)) - .WillOnce(DoAll(SetArgPointee<4>(cdmRequest), - SetArgPointee<5>(kDefaultUrl), + wvcdm::kLevelDefault, _, _)) + .WillOnce(DoAll(SetArgPointee<5>(cdmRequest), + SetArgPointee<6>(kDefaultUrl), Return(wvcdm::NO_ERROR))); Vector request; @@ -640,7 +641,7 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) { EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN), ElementsAreArray(responseRaw, kResponseSize), - _, _)) + wvcdm::kLevelDefault, _, _)) .Times(1); Vector cert;