Accept a security level to be specified during provisioning
[ Merge of http://go/wvgerrit/97267 ] In earlier releases, provisioning would occur based on a cached security level. If an open session call returned a NotProvisionedException the security level would be cached for use with any future provisioning call. An app would have to set the security level, then call openSession, have it fail and then request provisioning. This fits the normal flow of most apps. Still on occasion, an app might change requested security level after an openSession call failed. Using the cached security level would result in unexpected behavior. This change allows provisioning to occur at the last security level that was set. Bug: 129356527 Test: wv unit/integration tests, GTS tests (GtsMediaTestCases) Merged-In: I8d9234eec2b23a9c913e77a709943b431e25e43e Change-Id: I8d9234eec2b23a9c913e77a709943b431e25e43e
This commit is contained in:
Rahul Frias
@@ -179,12 +179,14 @@ class CdmEngine {
|
||||
// Generate and return a valid provisioning request.
|
||||
virtual CdmResponseType GetProvisioningRequest(
|
||||
CdmCertificateType cert_type, const std::string& cert_authority,
|
||||
const std::string& service_certificate, CdmProvisioningRequest* request,
|
||||
const std::string& service_certificate,
|
||||
SecurityLevel requested_security_level, CdmProvisioningRequest* request,
|
||||
std::string* default_url);
|
||||
|
||||
// Verify and process a provisioning response.
|
||||
virtual CdmResponseType HandleProvisioningResponse(
|
||||
const CdmProvisioningResponse& response, std::string* cert,
|
||||
const CdmProvisioningResponse& response,
|
||||
SecurityLevel requested_security_level, std::string* cert,
|
||||
std::string* wrapped_key);
|
||||
|
||||
// Return true if there is a device certificate on the current
|
||||
@@ -388,7 +390,6 @@ class CdmEngine {
|
||||
CdmSessionMap session_map_;
|
||||
CdmReleaseKeySetMap release_key_sets_;
|
||||
std::unique_ptr<CertificateProvisioning> cert_provisioning_;
|
||||
SecurityLevel cert_provisioning_requested_security_level_;
|
||||
FileSystem* file_system_;
|
||||
Clock clock_;
|
||||
std::string spoid_;
|
||||
|
||||
@@ -156,21 +156,24 @@ class CdmEngineMetricsImpl : public T {
|
||||
CdmResponseType GetProvisioningRequest(CdmCertificateType cert_type,
|
||||
const std::string& cert_authority,
|
||||
const std::string& service_certificate,
|
||||
SecurityLevel requested_security_level,
|
||||
CdmProvisioningRequest* request,
|
||||
std::string* default_url) override {
|
||||
CdmResponseType sts;
|
||||
M_TIME(sts = T::GetProvisioningRequest(cert_type, cert_authority,
|
||||
service_certificate, request,
|
||||
default_url),
|
||||
M_TIME(sts = T::GetProvisioningRequest(
|
||||
cert_type, cert_authority, service_certificate,
|
||||
requested_security_level, request, default_url),
|
||||
metrics_, cdm_engine_get_provisioning_request_, sts);
|
||||
return sts;
|
||||
}
|
||||
|
||||
CdmResponseType HandleProvisioningResponse(
|
||||
const CdmProvisioningResponse& response, std::string* cert,
|
||||
const CdmProvisioningResponse& response,
|
||||
SecurityLevel requested_security_level, std::string* cert,
|
||||
std::string* wrapped_key) override {
|
||||
CdmResponseType sts;
|
||||
M_TIME(sts = T::HandleProvisioningResponse(response, cert, wrapped_key),
|
||||
M_TIME(sts = T::HandleProvisioningResponse(
|
||||
response, requested_security_level, cert, wrapped_key),
|
||||
metrics_, cdm_engine_handle_provisioning_response_, sts);
|
||||
return sts;
|
||||
}
|
||||
|
||||
@@ -73,7 +73,6 @@ CdmEngine::CdmEngine(FileSystem* file_system,
|
||||
std::shared_ptr<metrics::EngineMetrics> metrics)
|
||||
: metrics_(metrics),
|
||||
cert_provisioning_(),
|
||||
cert_provisioning_requested_security_level_(kLevelDefault),
|
||||
file_system_(file_system),
|
||||
spoid_(EMPTY_SPOID),
|
||||
usage_session_(),
|
||||
@@ -136,8 +135,6 @@ CdmResponseType CdmEngine::OpenSession(const CdmKeySystem& key_system,
|
||||
new_session->Init(property_set, forced_session_id, event_listener);
|
||||
if (sts != NO_ERROR) {
|
||||
if (sts == NEED_PROVISIONING) {
|
||||
cert_provisioning_requested_security_level_ =
|
||||
new_session->GetRequestedSecurityLevel();
|
||||
// Reserve a session ID so the CDM can return success.
|
||||
if (session_id) *session_id = new_session->GenerateSessionId();
|
||||
} else {
|
||||
@@ -294,10 +291,6 @@ CdmResponseType CdmEngine::GenerateKeyRequest(
|
||||
if (KEY_ADDED == sts) {
|
||||
return sts;
|
||||
} else if (KEY_MESSAGE != sts) {
|
||||
if (sts == NEED_PROVISIONING) {
|
||||
cert_provisioning_requested_security_level_ =
|
||||
session->GetRequestedSecurityLevel();
|
||||
}
|
||||
LOGE("Key request generation failed, status = %d", static_cast<int>(sts));
|
||||
return sts;
|
||||
}
|
||||
@@ -414,10 +407,6 @@ CdmResponseType CdmEngine::RestoreKey(const CdmSessionId& session_id,
|
||||
&error_detail);
|
||||
session->GetMetrics()->cdm_session_restore_offline_session_.Increment(
|
||||
sts, error_detail);
|
||||
if (sts == NEED_PROVISIONING) {
|
||||
cert_provisioning_requested_security_level_ =
|
||||
session->GetRequestedSecurityLevel();
|
||||
}
|
||||
if (sts != KEY_ADDED && sts != GET_RELEASED_LICENSE_ERROR) {
|
||||
LOGE("Restore offline session failed: status = %d", static_cast<int>(sts));
|
||||
}
|
||||
@@ -895,7 +884,8 @@ bool CdmEngine::IsSecurityLevelSupported(CdmSecurityLevel level) {
|
||||
*/
|
||||
CdmResponseType CdmEngine::GetProvisioningRequest(
|
||||
CdmCertificateType cert_type, const std::string& cert_authority,
|
||||
const std::string& service_certificate, CdmProvisioningRequest* request,
|
||||
const std::string& service_certificate,
|
||||
SecurityLevel requested_security_level, CdmProvisioningRequest* request,
|
||||
std::string* default_url) {
|
||||
LOGI("Getting provisioning request");
|
||||
if (!request) {
|
||||
@@ -915,7 +905,7 @@ CdmResponseType CdmEngine::GetProvisioningRequest(
|
||||
if (status != NO_ERROR) return status;
|
||||
}
|
||||
CdmResponseType ret = cert_provisioning_->GetProvisioningRequest(
|
||||
cert_provisioning_requested_security_level_, cert_type, cert_authority,
|
||||
requested_security_level, cert_type, cert_authority,
|
||||
file_system_->origin(), spoid_, request, default_url);
|
||||
if (ret != NO_ERROR) {
|
||||
cert_provisioning_.reset(); // Release resources.
|
||||
@@ -931,7 +921,8 @@ CdmResponseType CdmEngine::GetProvisioningRequest(
|
||||
* Returns NO_ERROR for success and CdmResponseType error code if fails.
|
||||
*/
|
||||
CdmResponseType CdmEngine::HandleProvisioningResponse(
|
||||
const CdmProvisioningResponse& response, std::string* cert,
|
||||
const CdmProvisioningResponse& response,
|
||||
SecurityLevel requested_security_level, std::string* cert,
|
||||
std::string* wrapped_key) {
|
||||
LOGI("Handling provision request");
|
||||
if (response.empty()) {
|
||||
@@ -955,10 +946,9 @@ CdmResponseType CdmEngine::HandleProvisioningResponse(
|
||||
std::unique_ptr<CryptoSession> crypto_session(
|
||||
CryptoSession::MakeCryptoSession(metrics_->GetCryptoMetrics()));
|
||||
CdmResponseType status;
|
||||
M_TIME(status = crypto_session->Open(
|
||||
cert_provisioning_requested_security_level_),
|
||||
M_TIME(status = crypto_session->Open(requested_security_level),
|
||||
metrics_->GetCryptoMetrics(), crypto_session_open_, status,
|
||||
cert_provisioning_requested_security_level_);
|
||||
requested_security_level);
|
||||
if (NO_ERROR != status) {
|
||||
LOGE("Provisioning object missing and crypto session open failed");
|
||||
return EMPTY_PROVISIONING_CERTIFICATE_2;
|
||||
|
||||
@@ -76,13 +76,13 @@ class MockCdmEngineImpl : public CdmEngine {
|
||||
MOCK_METHOD1(RemoveKeys, CdmResponseType(const CdmSessionId&));
|
||||
MOCK_METHOD2(QueryKeyStatus,
|
||||
CdmResponseType(const CdmSessionId&, CdmQueryMap*));
|
||||
MOCK_METHOD5(GetProvisioningRequest,
|
||||
MOCK_METHOD6(GetProvisioningRequest,
|
||||
CdmResponseType(CdmCertificateType, const std::string&,
|
||||
const std::string&, CdmProvisioningRequest*,
|
||||
std::string*));
|
||||
MOCK_METHOD3(HandleProvisioningResponse,
|
||||
CdmResponseType(const CdmProvisioningResponse&, std::string*,
|
||||
std::string*));
|
||||
const std::string&, SecurityLevel,
|
||||
CdmProvisioningRequest*, std::string*));
|
||||
MOCK_METHOD4(HandleProvisioningResponse,
|
||||
CdmResponseType(const CdmProvisioningResponse&, SecurityLevel,
|
||||
std::string*, std::string*));
|
||||
MOCK_METHOD1(Unprovision, CdmResponseType(CdmSecurityLevel));
|
||||
MOCK_METHOD4(ListUsageIds,
|
||||
CdmResponseType(const std::string&, CdmSecurityLevel,
|
||||
@@ -311,16 +311,17 @@ TEST_F(WvCdmEngineMetricsImplTest, GetProvisioningRequest) {
|
||||
std::string default_url;
|
||||
|
||||
EXPECT_CALL(*test_cdm_metrics_engine_,
|
||||
GetProvisioningRequest(Eq(kCertificateX509),
|
||||
Eq("fake certificate authority"),
|
||||
Eq("fake service certificate"),
|
||||
Eq(&request), Eq(&default_url)))
|
||||
GetProvisioningRequest(
|
||||
Eq(kCertificateX509), Eq("fake certificate authority"),
|
||||
Eq("fake service certificate"), Eq(wvcdm::kLevelDefault),
|
||||
Eq(&request), Eq(&default_url)))
|
||||
.WillOnce(Return(wvcdm::UNKNOWN_ERROR));
|
||||
|
||||
ASSERT_EQ(wvcdm::UNKNOWN_ERROR,
|
||||
test_cdm_metrics_engine_->GetProvisioningRequest(
|
||||
kCertificateX509, "fake certificate authority",
|
||||
"fake service certificate", &request, &default_url));
|
||||
"fake service certificate", wvcdm::kLevelDefault, &request,
|
||||
&default_url));
|
||||
|
||||
drm_metrics::WvCdmMetrics metrics_proto;
|
||||
test_cdm_metrics_engine_->GetMetricsSnapshot(&metrics_proto);
|
||||
@@ -340,12 +341,14 @@ TEST_F(WvCdmEngineMetricsImplTest, HandleProvisioningResponse) {
|
||||
|
||||
EXPECT_CALL(*test_cdm_metrics_engine_,
|
||||
HandleProvisioningResponse(Eq("fake provisioning response"),
|
||||
Eq(&cert), Eq(&wrapped_key)))
|
||||
Eq(wvcdm::kLevelDefault), Eq(&cert),
|
||||
Eq(&wrapped_key)))
|
||||
.WillOnce(Return(wvcdm::UNKNOWN_ERROR));
|
||||
|
||||
ASSERT_EQ(wvcdm::UNKNOWN_ERROR,
|
||||
test_cdm_metrics_engine_->HandleProvisioningResponse(
|
||||
"fake provisioning response", &cert, &wrapped_key));
|
||||
"fake provisioning response", wvcdm::kLevelDefault, &cert,
|
||||
&wrapped_key));
|
||||
|
||||
drm_metrics::WvCdmMetrics metrics_proto;
|
||||
test_cdm_metrics_engine_->GetMetricsSnapshot(&metrics_proto);
|
||||
|
||||
@@ -294,8 +294,8 @@ void WvCdmTestBase::Provision() {
|
||||
std::shared_ptr<EngineMetrics>(new EngineMetrics));
|
||||
FakeProvisioningServer server;
|
||||
CdmResponseType result = cdm_engine.GetProvisioningRequest(
|
||||
cert_type, cert_authority, server.service_certificate(), &prov_request,
|
||||
&provisioning_server_url);
|
||||
cert_type, cert_authority, server.service_certificate(), kLevelDefault,
|
||||
&prov_request, &provisioning_server_url);
|
||||
ASSERT_EQ(NO_ERROR, result);
|
||||
if (!binary_provisioning_) {
|
||||
std::vector<uint8_t> prov_request_v = Base64SafeDecode(prov_request);
|
||||
@@ -304,8 +304,8 @@ void WvCdmTestBase::Provision() {
|
||||
std::string response;
|
||||
ASSERT_TRUE(server.MakeResponse(prov_request, &response))
|
||||
<< "Fake provisioning server could not provision";
|
||||
result =
|
||||
cdm_engine.HandleProvisioningResponse(response, &cert, &wrapped_key);
|
||||
result = cdm_engine.HandleProvisioningResponse(response, kLevelDefault,
|
||||
&cert, &wrapped_key);
|
||||
EXPECT_EQ(NO_ERROR, result);
|
||||
} else {
|
||||
// TODO(fredgc): provision for different SPOIDs.
|
||||
@@ -314,7 +314,7 @@ void WvCdmTestBase::Provision() {
|
||||
|
||||
CdmResponseType result = cdm_engine.GetProvisioningRequest(
|
||||
cert_type, cert_authority, config_.provisioning_service_certificate(),
|
||||
&prov_request, &provisioning_server_url);
|
||||
kLevelDefault, &prov_request, &provisioning_server_url);
|
||||
ASSERT_EQ(NO_ERROR, result);
|
||||
|
||||
if (binary_provisioning_) {
|
||||
@@ -385,14 +385,15 @@ void WvCdmTestBase::Provision() {
|
||||
std::string binary_protobuf_response(response_vec.begin(),
|
||||
response_vec.end());
|
||||
|
||||
if (cdm_engine.HandleProvisioningResponse(
|
||||
binary_protobuf_response, &cert, &wrapped_key) != NO_ERROR) {
|
||||
if (cdm_engine.HandleProvisioningResponse(binary_protobuf_response,
|
||||
kLevelDefault, &cert,
|
||||
&wrapped_key) != NO_ERROR) {
|
||||
LOGE("Failed to handle provisioning response");
|
||||
continue;
|
||||
}
|
||||
} else {
|
||||
if (cdm_engine.HandleProvisioningResponse(http_message, &cert,
|
||||
&wrapped_key) != NO_ERROR) {
|
||||
if (cdm_engine.HandleProvisioningResponse(
|
||||
http_message, kLevelDefault, &cert, &wrapped_key) != NO_ERROR) {
|
||||
LOGE("Failed to handle binary provisioning response");
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -88,11 +88,13 @@ class WvContentDecryptionModule : public android::RefBase, public TimerHandler {
|
||||
virtual CdmResponseType GetProvisioningRequest(
|
||||
CdmCertificateType cert_type, const std::string& cert_authority,
|
||||
const CdmIdentifier& identifier, const std::string& service_certificate,
|
||||
CdmProvisioningRequest* request, std::string* default_url);
|
||||
SecurityLevel requested_security_level, CdmProvisioningRequest* request,
|
||||
std::string* default_url);
|
||||
|
||||
virtual CdmResponseType HandleProvisioningResponse(
|
||||
const CdmIdentifier& identifier, CdmProvisioningResponse& response,
|
||||
std::string* cert, std::string* wrapped_key);
|
||||
SecurityLevel requested_security_level, std::string* cert,
|
||||
std::string* wrapped_key);
|
||||
|
||||
virtual CdmResponseType Unprovision(CdmSecurityLevel level,
|
||||
const CdmIdentifier& identifier);
|
||||
|
||||
@@ -211,17 +211,21 @@ bool WvContentDecryptionModule::IsSecurityLevelSupported(
|
||||
CdmResponseType WvContentDecryptionModule::GetProvisioningRequest(
|
||||
CdmCertificateType cert_type, const std::string& cert_authority,
|
||||
const CdmIdentifier& identifier, const std::string& service_certificate,
|
||||
CdmProvisioningRequest* request, std::string* default_url) {
|
||||
SecurityLevel requested_security_level, CdmProvisioningRequest* request,
|
||||
std::string* default_url) {
|
||||
CdmEngine* cdm_engine = EnsureCdmForIdentifier(identifier);
|
||||
return cdm_engine->GetProvisioningRequest(
|
||||
cert_type, cert_authority, service_certificate, request, default_url);
|
||||
cert_type, cert_authority, service_certificate, requested_security_level,
|
||||
request, default_url);
|
||||
}
|
||||
|
||||
CdmResponseType WvContentDecryptionModule::HandleProvisioningResponse(
|
||||
const CdmIdentifier& identifier, CdmProvisioningResponse& response,
|
||||
std::string* cert, std::string* wrapped_key) {
|
||||
SecurityLevel requested_security_level, std::string* cert,
|
||||
std::string* wrapped_key) {
|
||||
CdmEngine* cdm_engine = EnsureCdmForIdentifier(identifier);
|
||||
return cdm_engine->HandleProvisioningResponse(response, cert, wrapped_key);
|
||||
return cdm_engine->HandleProvisioningResponse(
|
||||
response, requested_security_level, cert, wrapped_key);
|
||||
}
|
||||
|
||||
CdmResponseType WvContentDecryptionModule::Unprovision(
|
||||
|
||||
@@ -451,7 +451,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
|
||||
|
||||
status = decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server_url);
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg_,
|
||||
&provisioning_server_url);
|
||||
EXPECT_EQ(NO_ERROR, status);
|
||||
if (NO_ERROR != status) return;
|
||||
EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl);
|
||||
@@ -461,7 +462,8 @@ class WvCdmExtendedDurationTest : public WvCdmTestBase {
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(kDefaultCdmIdentifier, response,
|
||||
&cert, &wrapped_key));
|
||||
kLevelDefault, &cert,
|
||||
&wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_->CloseSession(session_id_);
|
||||
|
||||
@@ -410,7 +410,8 @@ TEST_F(WvCdmFeatureTest, OEMCertificateProvisioning) {
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_.GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server_url));
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg_,
|
||||
&provisioning_server_url));
|
||||
EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl);
|
||||
|
||||
ClientIdentification_TokenType token_type;
|
||||
@@ -425,9 +426,9 @@ TEST_F(WvCdmFeatureTest, OEMCertificateProvisioning) {
|
||||
std::string response = GetCertRequestResponse(provisioning_server_url);
|
||||
// GetCertRequestResponse(config_.provisioning_server_url());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_.HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevelDefault,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_.CloseSession(session_id_);
|
||||
@@ -445,7 +446,8 @@ TEST_F(WvCdmFeatureTest, KeyboxProvisioning) {
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_.GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server_url));
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg_,
|
||||
&provisioning_server_url));
|
||||
EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl);
|
||||
|
||||
ClientIdentification_TokenType token_type;
|
||||
@@ -460,9 +462,9 @@ TEST_F(WvCdmFeatureTest, KeyboxProvisioning) {
|
||||
std::string response = GetCertRequestResponse(provisioning_server_url);
|
||||
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_.HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_.HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevelDefault,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_.CloseSession(session_id_);
|
||||
|
||||
@@ -2004,12 +2004,13 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
|
||||
|
||||
void Provision() { Provision(kDefaultCdmIdentifier, kLevelDefault); }
|
||||
|
||||
void Provision(const CdmIdentifier& identifier, SecurityLevel level,
|
||||
void Provision(const CdmIdentifier& identifier,
|
||||
SecurityLevel requested_security_level,
|
||||
CdmProvisioningResponse* provisioning_response = nullptr) {
|
||||
TestWvCdmClientPropertySet property_set_L3;
|
||||
TestWvCdmClientPropertySet* property_set = nullptr;
|
||||
|
||||
if (kLevel3 == level) {
|
||||
if (kLevel3 == requested_security_level) {
|
||||
property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);
|
||||
property_set = &property_set_L3;
|
||||
}
|
||||
@@ -2033,7 +2034,7 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
|
||||
|
||||
status = decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, identifier, kEmptyServiceCertificate,
|
||||
&key_msg_, &provisioning_server);
|
||||
requested_security_level, &key_msg_, &provisioning_server);
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, status);
|
||||
if (NO_ERROR != status) return;
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
@@ -2042,8 +2043,10 @@ class WvCdmRequestLicenseTest : public WvCdmTestBase {
|
||||
GetCertRequestResponse(config_.provisioning_server());
|
||||
if (provisioning_response != nullptr) *provisioning_response = response;
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
identifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(identifier, response,
|
||||
requested_security_level,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_->CloseSession(session_id_);
|
||||
@@ -2151,14 +2154,15 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTest) {
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server));
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg_,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
|
||||
std::string response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevelDefault,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_->CloseSession(session_id_);
|
||||
@@ -2177,15 +2181,15 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTestWithServiceCertificate) {
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
config_.provisioning_service_certificate(), &key_msg_,
|
||||
&provisioning_server));
|
||||
config_.provisioning_service_certificate(), kLevelDefault,
|
||||
&key_msg_, &provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
|
||||
std::string response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevelDefault,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_->CloseSession(session_id_);
|
||||
@@ -2194,26 +2198,22 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningTestWithServiceCertificate) {
|
||||
TEST_F(WvCdmRequestLicenseTest, L3ProvisioningTest) {
|
||||
TestWvCdmClientPropertySet property_set_L3;
|
||||
property_set_L3.set_security_level(QUERY_VALUE_SECURITY_LEVEL_L3);
|
||||
CdmResponseType status =
|
||||
decryptor_->OpenSession(config_.key_system(), &property_set_L3,
|
||||
kDefaultCdmIdentifier, nullptr, &session_id_);
|
||||
EXPECT_TRUE(status == NEED_PROVISIONING || status == NO_ERROR)
|
||||
<< "Failure to open session. error: " << status;
|
||||
std::string provisioning_server;
|
||||
CdmCertificateType cert_type = kCertificateWidevine;
|
||||
std::string cert_authority, cert, wrapped_key;
|
||||
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server));
|
||||
EXPECT_EQ(
|
||||
wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, kLevel3, &key_msg_, &provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
|
||||
std::string response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
kDefaultCdmIdentifier, response, kLevel3, &cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_->CloseSession(session_id_);
|
||||
@@ -2295,22 +2295,24 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) {
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg1, &provisioning_server));
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg1,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg2, &provisioning_server));
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg2,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
|
||||
// Second message should succeed.
|
||||
key_msg_ = key_msg2;
|
||||
std::string response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevelDefault,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
|
||||
@@ -2318,9 +2320,9 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterposedRetryTest) {
|
||||
key_msg_ = key_msg1;
|
||||
response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevelDefault,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_->CloseSession(session_id_);
|
||||
@@ -2338,22 +2340,24 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) {
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg1, &provisioning_server));
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg1,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg2, &provisioning_server));
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg2,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
|
||||
// First request expected to fail, because only one message may be active.
|
||||
key_msg_ = key_msg1;
|
||||
std::string response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(LOAD_PROVISIONING_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(LOAD_PROVISIONING_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response,
|
||||
kLevelDefault, &cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
|
||||
@@ -2361,9 +2365,9 @@ TEST_F(WvCdmRequestLicenseTest, ProvisioningInterspersedRetryTest) {
|
||||
key_msg_ = key_msg2;
|
||||
response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevelDefault,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_EQ(0, static_cast<int>(cert.size()));
|
||||
EXPECT_EQ(0, static_cast<int>(wrapped_key.size()));
|
||||
|
||||
@@ -2382,14 +2386,15 @@ TEST_F(WvCdmRequestLicenseTest, DISABLED_X509ProvisioningTest) {
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server));
|
||||
kEmptyServiceCertificate, kLevelDefault, &key_msg_,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
|
||||
std::string response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(wvcdm::NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevelDefault,
|
||||
&cert, &wrapped_key));
|
||||
EXPECT_NE(0, static_cast<int>(cert.size()));
|
||||
EXPECT_NE(0, static_cast<int>(wrapped_key.size()));
|
||||
decryptor_->CloseSession(session_id_);
|
||||
@@ -2472,17 +2477,17 @@ TEST_F(WvCdmRequestLicenseTest, PropertySetTest) {
|
||||
std::string provisioning_server;
|
||||
CdmCertificateType cert_type = kCertificateWidevine;
|
||||
std::string cert_authority, cert, wrapped_key;
|
||||
EXPECT_EQ(NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, kLevel3, &key_msg_,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
std::string response =
|
||||
GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevel3, &cert,
|
||||
&wrapped_key));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->OpenSession(
|
||||
config_.key_system(), &property_set_L3,
|
||||
kDefaultCdmIdentifier, nullptr, &session_id_L3));
|
||||
@@ -2549,16 +2554,16 @@ TEST_F(WvCdmRequestLicenseTest, ForceL3Test) {
|
||||
std::string provisioning_server;
|
||||
CdmCertificateType cert_type = kCertificateWidevine;
|
||||
std::string cert_authority, cert, wrapped_key;
|
||||
EXPECT_EQ(NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, kLevel3, &key_msg_,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
std::string response = GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
kDefaultCdmIdentifier, response, kLevel3, &cert, &wrapped_key));
|
||||
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->OpenSession(
|
||||
config_.key_system(), &property_set,
|
||||
@@ -2812,17 +2817,17 @@ TEST_F(WvCdmRequestLicenseTest, ReleaseRetryL3OfflineKeyTest) {
|
||||
std::string provisioning_server;
|
||||
CdmCertificateType cert_type = kCertificateWidevine;
|
||||
std::string cert_authority, cert, wrapped_key;
|
||||
EXPECT_EQ(NO_ERROR,
|
||||
decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_, &provisioning_server));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, kLevel3, &key_msg_,
|
||||
&provisioning_server));
|
||||
EXPECT_EQ(provisioning_server, kDefaultProvisioningServerUrl);
|
||||
std::string response =
|
||||
GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevel3, &cert,
|
||||
&wrapped_key));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->OpenSession(
|
||||
config_.key_system(), &property_set,
|
||||
kDefaultCdmIdentifier, nullptr, &session_id_));
|
||||
@@ -2890,15 +2895,15 @@ TEST_F(WvCdmRequestLicenseTest,
|
||||
std::string cert_authority, cert, wrapped_key;
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &key_msg_,
|
||||
kEmptyServiceCertificate, kLevel3, &key_msg_,
|
||||
&provisioning_server_url));
|
||||
EXPECT_EQ(provisioning_server_url, kDefaultProvisioningServerUrl);
|
||||
std::string response =
|
||||
GetCertRequestResponse(config_.provisioning_server());
|
||||
EXPECT_NE(0, static_cast<int>(response.size()));
|
||||
EXPECT_EQ(NO_ERROR,
|
||||
decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, &cert, &wrapped_key));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->HandleProvisioningResponse(
|
||||
kDefaultCdmIdentifier, response, kLevel3, &cert,
|
||||
&wrapped_key));
|
||||
EXPECT_EQ(NO_ERROR, decryptor_->OpenSession(
|
||||
config_.key_system(), &property_set,
|
||||
kDefaultCdmIdentifier, nullptr, &session_id_));
|
||||
|
||||
@@ -58,7 +58,8 @@ TEST_F(WvContentDecryptionModuleMetricsTest, EngineOnlyMetrics) {
|
||||
EXPECT_EQ(wvcdm::NO_ERROR,
|
||||
decryptor_.GetProvisioningRequest(
|
||||
cert_type, cert_authority, kDefaultCdmIdentifier,
|
||||
kEmptyServiceCertificate, &request, &provisioning_server_url));
|
||||
kEmptyServiceCertificate, kLevelDefault, &request,
|
||||
&provisioning_server_url));
|
||||
|
||||
drm_metrics::WvCdmMetrics metrics;
|
||||
ASSERT_EQ(wvcdm::NO_ERROR,
|
||||
|
||||
@@ -453,6 +453,8 @@ struct WVDrmPlugin : public IDrmPlugin, IDrmPluginListener,
|
||||
|
||||
SecurityLevel mapSecurityLevel(const std::string& level);
|
||||
|
||||
wvcdm::SecurityLevel getRequestedSecurityLevel() const;
|
||||
|
||||
Status openSessionCommon(std::vector<uint8_t>& sessionId);
|
||||
|
||||
bool initDataResemblesPSSH(const std::vector<uint8_t>& initData);
|
||||
|
||||
@@ -371,10 +371,15 @@ status_t WVDrmPlugin::getProvisionRequest(const String8& cert_type,
|
||||
|
||||
string cdmCertAuthority = cert_authority.string();
|
||||
|
||||
wvcdm::SecurityLevel requested_security_level =
|
||||
mPropertySet.security_level().compare(QUERY_VALUE_SECURITY_LEVEL_L3) == 0
|
||||
? kLevel3
|
||||
: kLevelDefault;
|
||||
|
||||
CdmResponseType res = mCDM->GetProvisioningRequest(
|
||||
cdmCertType, cdmCertAuthority, mCdmIdentifier,
|
||||
mProvisioningServiceCertificate, &cdmProvisionRequest,
|
||||
&cdmDefaultUrl);
|
||||
mProvisioningServiceCertificate, requested_security_level,
|
||||
&cdmProvisionRequest, &cdmDefaultUrl);
|
||||
|
||||
if (isCdmResponseTypeSuccess(res)) {
|
||||
request = ToVector(cdmProvisionRequest);
|
||||
@@ -401,10 +406,15 @@ status_t WVDrmPlugin::provideProvisionResponse(
|
||||
} else {
|
||||
string cdmCertificate;
|
||||
string cdmWrappedKey;
|
||||
CdmResponseType res = mCDM->HandleProvisioningResponse(mCdmIdentifier,
|
||||
cdmResponse,
|
||||
&cdmCertificate,
|
||||
&cdmWrappedKey);
|
||||
wvcdm::SecurityLevel requested_security_level =
|
||||
mPropertySet.security_level()
|
||||
.compare(QUERY_VALUE_SECURITY_LEVEL_L3) == 0
|
||||
? kLevel3
|
||||
: kLevelDefault;
|
||||
CdmResponseType res =
|
||||
mCDM->HandleProvisioningResponse(mCdmIdentifier, cdmResponse,
|
||||
requested_security_level,
|
||||
&cdmCertificate, &cdmWrappedKey);
|
||||
if (isCdmResponseTypeSuccess(res)) {
|
||||
certificate = ToVector(cdmCertificate);
|
||||
wrapped_key = ToVector(cdmWrappedKey);
|
||||
|
||||
@@ -719,7 +719,8 @@ Return<void> WVDrmPlugin::getProvisionRequest_1_2(
|
||||
|
||||
CdmResponseType res = mCDM->GetProvisioningRequest(
|
||||
cdmCertType, cdmCertAuthority, identifier,
|
||||
mProvisioningServiceCertificate, &cdmProvisionRequest, &cdmDefaultUrl);
|
||||
mProvisioningServiceCertificate, getRequestedSecurityLevel(),
|
||||
&cdmProvisionRequest, &cdmDefaultUrl);
|
||||
if (isCdmResponseTypeSuccess(res)) {
|
||||
request = StrToVector(cdmProvisionRequest);
|
||||
defaultUrl.clear();
|
||||
@@ -765,7 +766,8 @@ Return<void> WVDrmPlugin::provideProvisionResponse(
|
||||
std::string cdmCertificate;
|
||||
std::string cdmWrappedKey;
|
||||
CdmResponseType res = mCDM->HandleProvisioningResponse(
|
||||
identifier, cdmResponse, &cdmCertificate, &cdmWrappedKey);
|
||||
identifier, cdmResponse, getRequestedSecurityLevel(), &cdmCertificate,
|
||||
&cdmWrappedKey);
|
||||
if (isCdmResponseTypeSuccess(res)) {
|
||||
certificate = StrToVector(cdmCertificate);
|
||||
wrappedKey = StrToVector(cdmWrappedKey);
|
||||
@@ -1951,12 +1953,7 @@ void WVDrmPlugin::OnSessionLostState(const CdmSessionId& cdmSessionId) {
|
||||
|
||||
Status WVDrmPlugin::queryProperty(const std::string& property,
|
||||
std::string& stringValue) const {
|
||||
wvcdm::SecurityLevel securityLevel =
|
||||
mPropertySet.security_level().compare(
|
||||
wvcdm::QUERY_VALUE_SECURITY_LEVEL_L3) == 0
|
||||
? wvcdm::kLevel3
|
||||
: wvcdm::kLevelDefault;
|
||||
return queryProperty(securityLevel, property, stringValue);
|
||||
return queryProperty(getRequestedSecurityLevel(), property, stringValue);
|
||||
}
|
||||
|
||||
Status WVDrmPlugin::queryProperty(wvcdm::SecurityLevel securityLevel,
|
||||
@@ -2047,6 +2044,13 @@ Status WVDrmPlugin::mapOEMCryptoResult(OEMCryptoResult res) {
|
||||
}
|
||||
}
|
||||
|
||||
wvcdm::SecurityLevel WVDrmPlugin::getRequestedSecurityLevel() const {
|
||||
return mPropertySet.security_level().compare(
|
||||
wvcdm::QUERY_VALUE_SECURITY_LEVEL_L3) == 0
|
||||
? wvcdm::kLevel3
|
||||
: wvcdm::kLevelDefault;
|
||||
}
|
||||
|
||||
bool WVDrmPlugin::initDataResemblesPSSH(const std::vector<uint8_t>& initData) {
|
||||
const uint8_t* const initDataArray = initData.data();
|
||||
|
||||
|
||||
@@ -7,25 +7,26 @@
|
||||
#define LOG_TAG "WVDrmPluginTest"
|
||||
#include <utils/Log.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <ostream>
|
||||
#include <string>
|
||||
#include <list>
|
||||
#include <ostream>
|
||||
#include <stdio.h>
|
||||
#include <string>
|
||||
#include <vector>
|
||||
|
||||
#include "cdm_client_property_set.h"
|
||||
#include "gmock/gmock.h"
|
||||
#include "gtest/gtest.h"
|
||||
#include "media/stagefright/foundation/ABase.h"
|
||||
#include "media/stagefright/MediaErrors.h"
|
||||
#include "string_conversions.h"
|
||||
#include "wv_cdm_constants.h"
|
||||
#include "wv_cdm_types.h"
|
||||
#include "wv_content_decryption_module.h"
|
||||
|
||||
#include "HidlTypes.h"
|
||||
#include "TypeConvert.h"
|
||||
#include "WVDrmPlugin.h"
|
||||
#include "WVErrors.h"
|
||||
#include "cdm_client_property_set.h"
|
||||
#include "media/stagefright/MediaErrors.h"
|
||||
#include "media/stagefright/foundation/ABase.h"
|
||||
#include "string_conversions.h"
|
||||
#include "wv_cdm_constants.h"
|
||||
#include "wv_cdm_types.h"
|
||||
#include "wv_content_decryption_module.h"
|
||||
|
||||
namespace wvdrm {
|
||||
namespace hardware {
|
||||
@@ -174,16 +175,17 @@ class MockCDM : public WvContentDecryptionModule {
|
||||
MOCK_METHOD2(QueryOemCryptoSessionId, CdmResponseType(const CdmSessionId&,
|
||||
CdmQueryMap*));
|
||||
|
||||
MOCK_METHOD6(GetProvisioningRequest, CdmResponseType(CdmCertificateType,
|
||||
MOCK_METHOD7(GetProvisioningRequest, CdmResponseType(CdmCertificateType,
|
||||
const std::string&,
|
||||
const CdmIdentifier&,
|
||||
const std::string&,
|
||||
wvcdm::SecurityLevel,
|
||||
CdmProvisioningRequest*,
|
||||
std::string*));
|
||||
|
||||
MOCK_METHOD4(HandleProvisioningResponse,
|
||||
MOCK_METHOD5(HandleProvisioningResponse,
|
||||
CdmResponseType(const CdmIdentifier&, CdmProvisioningResponse&,
|
||||
std::string*, std::string*));
|
||||
wvcdm::SecurityLevel, std::string*, std::string*));
|
||||
|
||||
MOCK_METHOD2(Unprovision, CdmResponseType(CdmSecurityLevel,
|
||||
const CdmIdentifier&));
|
||||
@@ -838,13 +840,27 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) {
|
||||
|
||||
static const char* kDefaultUrl = "http://google.com/";
|
||||
|
||||
EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(),
|
||||
HasOrigin(EMPTY_ORIGIN), IsEmpty(),
|
||||
_, _))
|
||||
.WillOnce(DoAll(SetArgPointee<4>(cdmRequest),
|
||||
SetArgPointee<5>(kDefaultUrl),
|
||||
EXPECT_CALL(*cdm, QueryStatus(_, QUERY_KEY_SECURITY_LEVEL, _))
|
||||
.WillOnce(DoAll(SetArgPointee<2>(QUERY_VALUE_SECURITY_LEVEL_L1),
|
||||
testing::Return(wvcdm::NO_ERROR)));
|
||||
|
||||
// The first and the third invocation should be at default security level,
|
||||
// while the second one should be L3
|
||||
EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(),
|
||||
HasOrigin(EMPTY_ORIGIN), IsEmpty(),
|
||||
wvcdm::kLevelDefault, _, _))
|
||||
.Times(2)
|
||||
.WillRepeatedly(DoAll(SetArgPointee<5>(cdmRequest),
|
||||
SetArgPointee<6>(kDefaultUrl),
|
||||
testing::Return(wvcdm::NO_ERROR)));
|
||||
EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(),
|
||||
HasOrigin(EMPTY_ORIGIN), IsEmpty(),
|
||||
wvcdm::kLevel3, _, _))
|
||||
.WillOnce(DoAll(SetArgPointee<5>(cdmRequest),
|
||||
SetArgPointee<6>(kDefaultUrl),
|
||||
testing::Return(wvcdm::NO_ERROR)));
|
||||
|
||||
// Make 3 provisioning requests at security level default then L3 then L1
|
||||
WVDrmPlugin plugin(cdm.get(), appPackageName, &crypto, false);
|
||||
plugin.getProvisionRequest(
|
||||
hidl_string(""), hidl_string(""),
|
||||
@@ -855,6 +871,34 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) {
|
||||
EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize));
|
||||
EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str());
|
||||
});
|
||||
|
||||
// Set L3 security level
|
||||
Status status = plugin.setPropertyString(hidl_string("securityLevel"),
|
||||
hidl_string("L3"));
|
||||
ASSERT_EQ(Status::OK, status);
|
||||
plugin.getProvisionRequest(
|
||||
hidl_string(""), hidl_string(""),
|
||||
[&](Status status, hidl_vec<uint8_t> hRequest, hidl_string defaultUrl) {
|
||||
ASSERT_EQ(Status::OK, status);
|
||||
|
||||
std::vector<uint8_t> request(hRequest);
|
||||
EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize));
|
||||
EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str());
|
||||
});
|
||||
|
||||
// Reset security level to L1
|
||||
status = plugin.setPropertyString(hidl_string("securityLevel"),
|
||||
hidl_string("L1"));
|
||||
ASSERT_EQ(Status::OK, status);
|
||||
plugin.getProvisionRequest(
|
||||
hidl_string(""), hidl_string(""),
|
||||
[&](Status status, hidl_vec<uint8_t> hRequest, hidl_string defaultUrl) {
|
||||
ASSERT_EQ(Status::OK, status);
|
||||
|
||||
std::vector<uint8_t> request(hRequest);
|
||||
EXPECT_THAT(request, ElementsAreArray(requestRaw, kRequestSize));
|
||||
EXPECT_STREQ(kDefaultUrl, defaultUrl.c_str());
|
||||
});
|
||||
}
|
||||
|
||||
TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
|
||||
@@ -871,15 +915,27 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
|
||||
std::vector<uint8_t> response;
|
||||
response.assign(responseRaw, responseRaw + kResponseSize);
|
||||
|
||||
EXPECT_CALL(*cdm, QueryStatus(_, QUERY_KEY_SECURITY_LEVEL, _))
|
||||
.WillOnce(DoAll(SetArgPointee<2>(QUERY_VALUE_SECURITY_LEVEL_L1),
|
||||
testing::Return(wvcdm::NO_ERROR)));
|
||||
|
||||
// The first and the third invocation should be at default security level,
|
||||
// while the second one should be L3
|
||||
EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN),
|
||||
ElementsAreArray(responseRaw,
|
||||
kResponseSize),
|
||||
_, _))
|
||||
wvcdm::kLevelDefault, _, _))
|
||||
.Times(2);
|
||||
EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN),
|
||||
ElementsAreArray(responseRaw,
|
||||
kResponseSize),
|
||||
wvcdm::kLevel3, _, _))
|
||||
.Times(1);
|
||||
|
||||
std::vector<uint8_t> cert;
|
||||
std::vector<uint8_t> key;
|
||||
|
||||
// Process 3 provisioning responses at security level default then L3 then L1
|
||||
WVDrmPlugin plugin(cdm.get(), appPackageName, &crypto, false);
|
||||
plugin.provideProvisionResponse(
|
||||
toHidlVec(response),
|
||||
@@ -887,6 +943,26 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
|
||||
hidl_vec<uint8_t> /* key */) {
|
||||
ASSERT_EQ(Status::OK, status);
|
||||
});
|
||||
|
||||
// Set L3 security level
|
||||
Status status = plugin.setPropertyString(hidl_string("securityLevel"),
|
||||
hidl_string("L3"));
|
||||
plugin.provideProvisionResponse(
|
||||
toHidlVec(response),
|
||||
[&](Status status, hidl_vec<uint8_t> /* cert */,
|
||||
hidl_vec<uint8_t> /* key */) {
|
||||
ASSERT_EQ(Status::OK, status);
|
||||
});
|
||||
|
||||
// Reset security level to L1
|
||||
status = plugin.setPropertyString(hidl_string("securityLevel"),
|
||||
hidl_string("L1"));
|
||||
plugin.provideProvisionResponse(
|
||||
toHidlVec(response),
|
||||
[&](Status status, hidl_vec<uint8_t> /* cert */,
|
||||
hidl_vec<uint8_t> /* key */) {
|
||||
ASSERT_EQ(Status::OK, status);
|
||||
});
|
||||
}
|
||||
|
||||
TEST_F(WVDrmPluginTest, UnprovisionsDevice) {
|
||||
|
||||
@@ -4,23 +4,23 @@
|
||||
// License Agreement.
|
||||
//
|
||||
|
||||
#include <ostream>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <ostream>
|
||||
#include <string>
|
||||
|
||||
#include "WVDrmPlugin.h"
|
||||
#include "WVErrors.h"
|
||||
#include "cdm_client_property_set.h"
|
||||
#include "gmock/gmock.h"
|
||||
#include "gtest/gtest.h"
|
||||
#include "media/stagefright/MediaErrors.h"
|
||||
#include "media/stagefright/foundation/ABase.h"
|
||||
#include "media/stagefright/foundation/AString.h"
|
||||
#include "media/stagefright/MediaErrors.h"
|
||||
#include "string_conversions.h"
|
||||
#include "wv_cdm_constants.h"
|
||||
#include "wv_cdm_types.h"
|
||||
#include "wv_content_decryption_module.h"
|
||||
#include "WVDrmPlugin.h"
|
||||
#include "WVErrors.h"
|
||||
#include "gmock/gmock.h"
|
||||
#include "gtest/gtest.h"
|
||||
|
||||
using namespace android;
|
||||
using namespace std;
|
||||
@@ -85,16 +85,17 @@ class MockCDM : public WvContentDecryptionModule {
|
||||
MOCK_METHOD2(QueryOemCryptoSessionId, CdmResponseType(const CdmSessionId&,
|
||||
CdmQueryMap*));
|
||||
|
||||
MOCK_METHOD6(GetProvisioningRequest, CdmResponseType(CdmCertificateType,
|
||||
MOCK_METHOD7(GetProvisioningRequest, CdmResponseType(CdmCertificateType,
|
||||
const std::string&,
|
||||
const CdmIdentifier&,
|
||||
const std::string&,
|
||||
SecurityLevel,
|
||||
CdmProvisioningRequest*,
|
||||
std::string*));
|
||||
|
||||
MOCK_METHOD4(HandleProvisioningResponse,
|
||||
MOCK_METHOD5(HandleProvisioningResponse,
|
||||
CdmResponseType(const CdmIdentifier&, CdmProvisioningResponse&,
|
||||
std::string*, std::string*));
|
||||
SecurityLevel, std::string*, std::string*));
|
||||
|
||||
MOCK_METHOD2(Unprovision, CdmResponseType(CdmSecurityLevel,
|
||||
const CdmIdentifier&));
|
||||
@@ -607,9 +608,9 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) {
|
||||
|
||||
EXPECT_CALL(*cdm, GetProvisioningRequest(kCertificateWidevine, IsEmpty(),
|
||||
HasOrigin(EMPTY_ORIGIN), IsEmpty(),
|
||||
_, _))
|
||||
.WillOnce(DoAll(SetArgPointee<4>(cdmRequest),
|
||||
SetArgPointee<5>(kDefaultUrl),
|
||||
wvcdm::kLevelDefault, _, _))
|
||||
.WillOnce(DoAll(SetArgPointee<5>(cdmRequest),
|
||||
SetArgPointee<6>(kDefaultUrl),
|
||||
Return(wvcdm::NO_ERROR)));
|
||||
|
||||
Vector<uint8_t> request;
|
||||
@@ -640,7 +641,7 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
|
||||
EXPECT_CALL(*cdm, HandleProvisioningResponse(HasOrigin(EMPTY_ORIGIN),
|
||||
ElementsAreArray(responseRaw,
|
||||
kResponseSize),
|
||||
_, _))
|
||||
wvcdm::kLevelDefault, _, _))
|
||||
.Times(1);
|
||||
|
||||
Vector<uint8_t> cert;
|
||||
|
||||
Reference in New Issue
Block a user