Usage license handling corrections

[ Merge of http://go/wvgerrit/28460 ] Validate that offline licenses that do not contain a provider session token are not handled by the TEE. b/38490468 Test: WV Unit/integration tests, GtsMediaTestCases, WvCdmRequestLicenseTest.ReleaseRetryL3OfflineKeySessionUsageDisabledTest Change-Id: Idaf62f2a882ae933c1a3e108d791943034780a46
2017-06-12 20:03:57 -07:00
parent 4228e2327e
commit db05f1e01c
2 changed files with 83 additions and 4 deletions
--- a/libwvdrmengine/cdm/test/request_license_test.cpp
+++ b/libwvdrmengine/cdm/test/request_license_test.cpp
@@ -1944,6 +1944,81 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryL3OfflineKeyTest) {
  VerifyKeyRequestResponse(g_license_server, client_auth);
 }

+TEST_F(WvCdmRequestLicenseTest,
+       ReleaseRetryL3OfflineKeySessionUsageDisabledTest) {
+  Unprovision();
+
+  TestWvCdmClientPropertySet property_set;
+  property_set.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);
+
+  // The default offline asset "offline_clip2" has the session usage table
+  // entry enabled in the replay control portion of the key control block.
+  // To have it disabled we must use "offline_clip1", so replace the last
+  // char in init data with '1'
+  std::string key_id;
+  std::string client_auth;
+  GetOfflineConfiguration(&key_id, &client_auth);
+  key_id[key_id.size()-1] = '1';
+
+  CdmResponseType sts = decryptor_.OpenSession(
+      g_key_system, &property_set, kDefaultCdmIdentifier, NULL, &session_id_);
+
+  if (NEED_PROVISIONING == sts) {
+    std::string provisioning_server_url;
+    CdmCertificateType cert_type = kCertificateWidevine;
+    std::string cert_authority, cert, wrapped_key;
+    EXPECT_EQ(NO_ERROR, decryptor_.GetProvisioningRequest(
+                            cert_type, cert_authority, kDefaultCdmIdentifier,
+                            &key_msg_, &provisioning_server_url));
+    EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());
+    std::string response =
+        GetCertRequestResponse(g_config->provisioning_server_url());
+    EXPECT_NE(0, static_cast<int>(response.size()));
+    EXPECT_EQ(NO_ERROR, decryptor_.HandleProvisioningResponse(
+                            kDefaultCdmIdentifier, response, &cert,
+                            &wrapped_key));
+    EXPECT_EQ(NO_ERROR,
+              decryptor_.OpenSession(g_key_system, &property_set,
+                                     kDefaultCdmIdentifier, NULL,
+                                     &session_id_));
+  } else {
+    EXPECT_EQ(NO_ERROR, sts);
+  }
+
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
+  GenerateKeyRequest(key_id, kLicenseTypeOffline, &property_set);
+  VerifyKeyRequestResponse(g_license_server, client_auth);
+
+  CdmKeySetId key_set_id = key_set_id_;
+  EXPECT_FALSE(key_set_id_.empty());
+  decryptor_.CloseSession(session_id_);
+
+  session_id_.clear();
+  key_set_id_.clear();
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
+  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
+  decryptor_.CloseSession(session_id_);
+
+  session_id_.clear();
+  key_set_id_.clear();
+  GenerateKeyRelease(key_set_id, &property_set, NULL);
+
+  session_id_.clear();
+  decryptor_.OpenSession(g_key_system, &property_set, kDefaultCdmIdentifier,
+                         NULL, &session_id_);
+  EXPECT_EQ(wvcdm::GET_RELEASED_LICENSE_ERROR,
+            decryptor_.RestoreKey(session_id_, key_set_id));
+  decryptor_.CloseSession(session_id_);
+
+  session_id_.clear();
+  key_set_id_.clear();
+  GenerateKeyRelease(key_set_id, &property_set, NULL);
+  key_set_id_ = key_set_id;
+  VerifyKeyRequestResponse(g_license_server, client_auth);
+}
+
 TEST_F(WvCdmRequestLicenseTest, ExpiryOnReleaseOfflineKeyTest) {
  Unprovision();
  Provision(kLevelDefault);