Backward compatibility for licenses and certificates

Certificates and offline licenses are stored in security level specific directories in klp. When devices transition from jb-mr2, their persistent information has to be ported to these directories. bug:10366036 Merge of https://widevine-internal-review.googlesource.com/#/c/7310/ from the widevine CDM repo Change-Id: I70b4a79dc5b69bda7fc3a4b92fdcde7ef8b41836
2013-08-22 09:37:18 -07:00
parent 2fa6b63292
commit db41502f86
10 changed files with 455 additions and 12 deletions
--- a/libwvdrmengine/cdm/test/request_license_test.cpp
+++ b/libwvdrmengine/cdm/test/request_license_test.cpp
@@ -730,6 +730,109 @@ TEST_F(WvCdmRequestLicenseTest, QueryKeyControlInfo) {
  decryptor_.CloseSession(session_id_);
 }

+TEST_F(WvCdmRequestLicenseTest, SecurityLevelPathBackwardCompatibility) {
+  CdmQueryMap query_info;
+  CdmQueryMap::iterator itr;
+  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.QueryStatus(&query_info));
+  itr = query_info.find(wvcdm::QUERY_KEY_SECURITY_LEVEL);
+  ASSERT_TRUE(itr != query_info.end());
+  EXPECT_EQ(2u, itr->second.size());
+  EXPECT_TRUE(itr->second.compare(wvcdm::QUERY_VALUE_SECURITY_LEVEL_L3) == 0 ||
+              itr->second.compare(wvcdm::QUERY_VALUE_SECURITY_LEVEL_L1) == 0);
+
+  CdmSecurityLevel security_level =
+      (itr->second.compare(wvcdm::QUERY_VALUE_SECURITY_LEVEL_L1) == 0)
+          ? kSecurityLevelL1
+          : kSecurityLevelL3;
+
+  std::string base_path;
+  EXPECT_TRUE(Properties::GetDeviceFilesBasePath(security_level, &base_path));
+
+  std::vector<std::string> security_dirs;
+  EXPECT_TRUE(Properties::GetSecurityLevelDirectories(&security_dirs));
+  size_t pos = std::string::npos;
+  for (size_t i = 0; i < security_dirs.size(); i++) {
+    pos = base_path.rfind(security_dirs[i]);
+    if (std::string::npos != pos)
+      break;
+  }
+
+  EXPECT_NE(std::string::npos, pos);
+  std::string old_base_path(base_path, 0, pos);
+  File file;
+  file.Remove(old_base_path);
+
+  decryptor_.OpenSession(g_key_system, NULL, &session_id_);
+  std::string provisioning_server_url;
+  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.GetProvisioningRequest(
+                                 &key_msg_, &provisioning_server_url));
+  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());
+  std::string response =
+      GetCertRequestResponse(g_config->provisioning_test_server_url(), 200);
+  EXPECT_NE(0, static_cast<int>(response.size()));
+  EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(response));
+  decryptor_.CloseSession(session_id_);
+
+  decryptor_.OpenSession(g_key_system, NULL, &session_id_);
+  GenerateKeyRequest(g_key_system, g_key_id, kLicenseTypeOffline);
+  VerifyKeyRequestResponse(g_license_server, g_client_auth, g_key_id, false);
+  CdmKeySetId key_set_id = key_set_id_;
+  EXPECT_FALSE(key_set_id_.empty());
+  decryptor_.CloseSession(session_id_);
+
+  std::vector<std::string> files;
+  EXPECT_TRUE(file.List(base_path, &files));
+  EXPECT_TRUE(2u == files.size() || 3u == files.size());
+
+  for (size_t i = 0; i < files.size(); ++i) {
+    std::string from = base_path + files[i];
+    if (file.IsRegularFile(from)) {
+      std::string to = old_base_path + files[i];
+      EXPECT_TRUE(file.Copy(from, to));
+    }
+  }
+  EXPECT_TRUE(file.Remove(base_path));
+
+  // Setup complete to earlier version (non-security level based) path.
+  // Restore persistent license, retrieve L1, L3 streaming licenses to verify
+  session_id_.clear();
+  decryptor_.OpenSession(g_key_system, NULL, &session_id_);
+  EXPECT_EQ(wvcdm::KEY_ADDED, decryptor_.RestoreKey(session_id_, key_set_id));
+  decryptor_.CloseSession(session_id_);
+
+  decryptor_.OpenSession(g_key_system, NULL, &session_id_);
+  GenerateKeyRequest(g_key_system, g_key_id, kLicenseTypeStreaming);
+  VerifyKeyRequestResponse(g_license_server, g_client_auth, g_key_id, false);
+  decryptor_.CloseSession(session_id_);
+
+  TestWvCdmClientPropertySet property_set;
+  property_set.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);
+
+  EXPECT_EQ(NO_ERROR,
+            decryptor_.OpenSession(g_key_system, &property_set, &session_id_));
+
+  wvcdm::CdmAppParameterMap app_parameters;
+  std::string server_url;
+  EXPECT_EQ(wvcdm::NEED_PROVISIONING,
+            decryptor_.GenerateKeyRequest(session_id_, key_set_id, g_key_id,
+                                          kLicenseTypeStreaming, app_parameters,
+                                          &key_msg_, &server_url));
+  EXPECT_EQ(NO_ERROR,
+            decryptor_.GetProvisioningRequest(&key_msg_,
+                                              &provisioning_server_url));
+  EXPECT_EQ(provisioning_server_url, g_config->provisioning_server_url());
+  response =
+      GetCertRequestResponse(g_config->provisioning_test_server_url(), 200);
+  EXPECT_NE(0, static_cast<int>(response.size()));
+  EXPECT_EQ(NO_ERROR, decryptor_.HandleProvisioningResponse(response));
+
+  EXPECT_EQ(NO_ERROR, decryptor_.OpenSession(g_key_system, &property_set,
+                                             &session_id_));
+  GenerateKeyRequest(g_key_system, g_key_id, kLicenseTypeStreaming);
+  VerifyKeyRequestResponse(g_license_server, g_client_auth, g_key_id, false);
+  decryptor_.CloseSession(session_id_);
+}
+
 TEST_P(WvCdmDecryptionTest, DecryptionTest) {
  SubSampleInfo* data = GetParam();
  decryptor_.OpenSession(g_key_system, NULL, &session_id_);