Report Insufficient Resources for Crypto

This merges the following changes from the Widevine CDM repository: bef58bc Add new error codes Adds new error codes to OEMCryptoCENC.h and rearranges it to more closely match the documentation. 5fcfbca Handle OEMCrypto_ERROR_INSUFFICIENT_RESOURCES on Decrypt Changes the CDM to support the new errors from the previous change. d59c09d Report Insufficient Crypto Resources Changes the DrmEngine to support the new errors from the previous change. 1085a21 Respond to Too Many Keys or Sessions Errors Allows errors around having too many keys or sessions to result in a unique error in the CDM. Bug: 9695816 Change-Id: I826bc655109fa57e4f75de7158d7f392053666b1
2013-08-08 14:55:11 -07:00
parent b0d85ac1af
commit e3ed6194fe
10 changed files with 140 additions and 85 deletions
--- a/libwvdrmengine/cdm/core/src/cdm_session.cpp
+++ b/libwvdrmengine/cdm/core/src/cdm_session.cpp
@@ -28,7 +28,8 @@ typedef std::set<WvCdmEventListener*>::iterator CdmEventListenerIter;

 CdmResponseType CdmSession::Init() {
  scoped_ptr<CryptoSession> session(new CryptoSession());
-  if (!session->Open()) return UNKNOWN_ERROR;
+  CdmResponseType sts = session->Open();
+  if (NO_ERROR != sts) return sts;

  std::string token;
  if (Properties::use_certificates_as_identification()) {
--- a/libwvdrmengine/cdm/core/src/certificate_provisioning.cpp
+++ b/libwvdrmengine/cdm/core/src/certificate_provisioning.cpp
@@ -57,9 +57,10 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequest(
    std::string* default_url) {
  default_url->assign(kDefaultProvisioningServerUrl);

-  if (!crypto_session_.Open()) {
+  CdmResponseType sts = crypto_session_.Open();
+  if (NO_ERROR != sts) {
    LOGE("GetProvisioningRequest: fails to create a crypto session");
-    return UNKNOWN_ERROR;
+    return sts;
  }

  // Prepares device provisioning request.
--- a/libwvdrmengine/cdm/core/src/crypto_session.cpp
+++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp
@@ -205,19 +205,22 @@ bool CryptoSession::GetProvisioningId(std::string* provisioning_id) {
  return true;
 }

-bool CryptoSession::Open() {
+CdmResponseType CryptoSession::Open() {
  LOGV("CryptoSession::Open: Lock");
  AutoLock auto_lock(crypto_lock_);
  if (!initialized_) return false;
  if (open_) return true;

  OEMCrypto_SESSION sid;
-  if (OEMCrypto_SUCCESS == OEMCrypto_OpenSession(&sid)) {
+  OEMCryptoResult sts = OEMCrypto_OpenSession(&sid);
+  if (OEMCrypto_SUCCESS == sts) {
    oec_session_id_ = static_cast<CryptoSessionId>(sid);
    LOGV("OpenSession: id= %ld", (uint32_t)oec_session_id_);
    open_ = true;
+  } else if (OEMCrypto_ERROR_TOO_MANY_SESSIONS == sts) {
+    return INSUFFICIENT_CRYPTO_RESOURCES;
  }
-  return open_;
+  return open_ ? NO_ERROR : UNKNOWN_ERROR;
 }

 void CryptoSession::Close() {
@@ -319,11 +322,12 @@ size_t CryptoSession::GetOffset(std::string message, std::string field) {
  return pos;
 }

-bool CryptoSession::LoadKeys(const std::string& message,
-                             const std::string& signature,
-                             const std::string& mac_key_iv,
-                             const std::string& mac_key, int num_keys,
-                             const CryptoKey* key_array) {
+CdmResponseType CryptoSession::LoadKeys(const std::string& message,
+                                        const std::string& signature,
+                                        const std::string& mac_key_iv,
+                                        const std::string& mac_key,
+                                        int num_keys,
+                                        const CryptoKey* key_array) {
  LOGV("CryptoSession::LoadKeys: Lock");
  AutoLock auto_lock(crypto_lock_);

@@ -354,11 +358,18 @@ bool CryptoSession::LoadKeys(const std::string& message,
    }
  }
  LOGV("LoadKeys: id=%ld", (uint32_t)oec_session_id_);
-  return (OEMCrypto_SUCCESS ==
-          OEMCrypto_LoadKeys(oec_session_id_, msg, message.size(),
-                             reinterpret_cast<const uint8_t*>(signature.data()),
-                             signature.size(), enc_mac_key_iv, enc_mac_key,
-                             num_keys, &load_key_array[0]));
+  OEMCryptoResult sts = OEMCrypto_LoadKeys(
+      oec_session_id_, msg, message.size(),
+      reinterpret_cast<const uint8_t*>(signature.data()), signature.size(),
+      enc_mac_key_iv, enc_mac_key, num_keys, &load_key_array[0]);
+
+  if (OEMCrypto_SUCCESS == sts) {
+    return KEY_ADDED;
+  } else if (OEMCrypto_ERROR_TOO_MANY_KEYS == sts) {
+    return INSUFFICIENT_CRYPTO_RESOURCES;
+  } else {
+    return KEY_ERROR;
+  }
 }

 bool CryptoSession::LoadCertificatePrivateKey(std::string& wrapped_key) {
@@ -565,7 +576,9 @@ CdmResponseType CryptoSession::Decrypt(const CdmDecryptionParameters& params) {
      &buffer_descriptor,
      params.subsample_flags);

-  if (OEMCrypto_SUCCESS != sts) {
+  if (OEMCrypto_ERROR_INSUFFICIENT_RESOURCES == sts) {
+    return INSUFFICIENT_CRYPTO_RESOURCES;
+  } else if (OEMCrypto_SUCCESS != sts) {
    return UNKNOWN_ERROR;
  }
  return NO_ERROR;
--- a/libwvdrmengine/cdm/core/src/license.cpp
+++ b/libwvdrmengine/cdm/core/src/license.cpp
@@ -368,13 +368,9 @@ CdmResponseType CdmLicense::HandleKeyResponse(
  // merge from Eureka)
  policy_engine_->SetLicense(license);

-  if (session_->LoadKeys(signed_response.msg(), signed_response.signature(),
-                         mac_key_iv, mac_key, key_array.size(),
-                         &key_array[0])) {
-    return KEY_ADDED;
-  } else {
-    return KEY_ERROR;
-  }
+  return session_->LoadKeys(signed_response.msg(), signed_response.signature(),
+                            mac_key_iv, mac_key, key_array.size(),
+                            &key_array[0]);
 }

 CdmResponseType CdmLicense::HandleKeyUpdateResponse(