Widevine CENC drm engine update

bug: 8601053 This import syncs to the widevine git repository change commit 6a99ad1b59ad39495f62954b3065ddc22b78da49 It includes the following changes from the widevine git repository, which complete the jb-mr2 features Fix Unit Test Makefile Adds support for device certificate provisioning. Support application parameters Certificate based licensing Proto for client files Implement Property Query API Add Device Query For Unique ID Implement Generic Crypto in DrmEngine Do not validate Key IDs on clear playback Allow OEMCrypto_DecryptCTR with clear content and no key Add a case to the MediaDrm API test to repro b/8594163 Implement requiresSecureDecoderComponent Implement Eventing API Add end-to-end decryption test with vectors Refactoring of properties class Refactor OEMCrypto unittest. Fix for b/8567853: License renewal doesn't renew license. Add KEY_ERROR callback to WvContentDecryptionModule() ctor. Merged certificate_provisioning.proto and client_identification.proto to license_protocol.proto. Fix nonce check failure after a malformed key in OEC Mock. asynchronize decryption Allow querying of control information make debugging AddKey & Decrypt statuses easier Revert "Revert "Send KEY_ERROR event to app on license expiration or failure"" Revert "Send KEY_ERROR event to app on license expiration or failure" Send KEY_ERROR event to app on license expiration or failure remove extra session id copy use KeyError constants directly replace variable-length arrays with std::vector and fixed-sized array pass session ids as const references refactor key extraction and update keys on renewal Updates to enable renewals and signaling license expiration. fix error constant in OEMCrypto_DecryptCTR Change-Id: I5f7236c7bdff1d5ece6115fd2893f8a1e1e07c50
2013-04-12 14:12:16 -07:00
parent 2f980d7d7e
commit e6b1fedc4c
63 changed files with 2885 additions and 1134 deletions
--- a/libwvdrmengine/mediadrm/test/Android.mk
+++ b/libwvdrmengine/mediadrm/test/Android.mk
@@ -13,7 +13,7 @@ LOCAL_C_INCLUDES := \
  vendor/widevine/libwvdrmengine/cdm/core/include \
  vendor/widevine/libwvdrmengine/cdm/include \
  vendor/widevine/libwvdrmengine/mediadrm/include \
-  vendor/widevine/libwvdrmengine/mediadrm/test \
+  vendor/widevine/libwvdrmengine/oemcrypto/include \
  vendor/widevine/libwvdrmengine/test/gmock/include \

 LOCAL_STATIC_LIBRARIES := \
@@ -44,8 +44,7 @@ LOCAL_C_INCLUDES += \

 LOCAL_ADDITIONAL_DEPENDENCIES += $(proto_generated_headers)

-LOCAL_WHOLE_STATIC_LIBRARIES := \
-    cdm_protos
+LOCAL_WHOLE_STATIC_LIBRARIES := libcdm_protos

 # End protobuf section

--- a/libwvdrmengine/mediadrm/test/MockCDM.h
+++ b/libwvdrmengine/mediadrm/test/MockCDM.h
@@ -1,53 +0,0 @@
-//
-// Copyright 2013 Google Inc. All Rights Reserved.
-//
-
-#ifndef WV_DRM_PLUGIN_MOCK_CDM_H_
-#define WV_DRM_PLUGIN_MOCK_CDM_H_
-
-#include <string>
-#include <vector>
-
-#include "gmock/gmock.h"
-#include "wv_cdm_types.h"
-#include "wv_content_decryption_module.h"
-
-
-namespace wvcdm {
-
-class MockCDM : public WvContentDecryptionModule {
- public:
-  MOCK_METHOD2(OpenSession, CdmResponseType(const CdmKeySystem&,
-                                            CdmSessionId*));
-
-  MOCK_METHOD1(CloseSession, CdmResponseType(CdmSessionId&));
-
-  MOCK_METHOD5(GenerateKeyRequest, CdmResponseType(const CdmSessionId&,
-                                                   const CdmInitData&,
-                                                   const CdmLicenseType,
-                                                   CdmAppParameterMap&,
-                                                   CdmKeyMessage*));
-
-  MOCK_METHOD2(AddKey, CdmResponseType(const CdmSessionId&,
-                                       const CdmKeyResponse&));
-
-  MOCK_METHOD1(CancelKeyRequest, CdmResponseType(const CdmSessionId&));
-
-  MOCK_METHOD2(QueryKeyStatus, CdmResponseType(const CdmSessionId&,
-                                               CdmQueryMap*));
-
-  MOCK_METHOD2(GetProvisioningRequest, CdmResponseType(CdmProvisioningRequest*,
-                                                       std::string*));
-
-  MOCK_METHOD1(HandleProvisioningResponse,
-      CdmResponseType(CdmProvisioningResponse&));
-
-  MOCK_METHOD1(GetSecureStops, CdmResponseType(CdmSecureStops*));
-
-  MOCK_METHOD1(ReleaseSecureStops,
-      CdmResponseType(const CdmSecureStopReleaseMessage&));
-};
-
-} // namespace wvcdm
-
-#endif // WV_DRM_PLUGIN_MOCK_CDM_H_
--- a/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp
+++ b/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp
@@ -5,11 +5,13 @@
 #include <stdio.h>
 #include <string>

+#include "gmock/gmock.h"
 #include "gtest/gtest.h"
 #include "media/stagefright/foundation/ABase.h"
 #include "media/stagefright/foundation/AString.h"
-#include "MockCDM.h"
 #include "wv_cdm_constants.h"
+#include "wv_cdm_types.h"
+#include "wv_content_decryption_module.h"
 #include "WVDrmPlugin.h"

 using namespace android;
@@ -18,14 +20,93 @@ using namespace testing;
 using namespace wvcdm;
 using namespace wvdrm;

+class MockCDM : public WvContentDecryptionModule {
+ public:
+  MOCK_METHOD2(OpenSession, CdmResponseType(const CdmKeySystem&,
+                                            CdmSessionId*));
+
+  MOCK_METHOD1(CloseSession, CdmResponseType(const CdmSessionId&));
+
+  MOCK_METHOD5(GenerateKeyRequest, CdmResponseType(const CdmSessionId&,
+                                                   const CdmInitData&,
+                                                   const CdmLicenseType,
+                                                   CdmAppParameterMap&,
+                                                   CdmKeyMessage*));
+
+  MOCK_METHOD2(AddKey, CdmResponseType(const CdmSessionId&,
+                                       const CdmKeyResponse&));
+
+  MOCK_METHOD1(CancelKeyRequest, CdmResponseType(const CdmSessionId&));
+
+  MOCK_METHOD1(QueryStatus, CdmResponseType(CdmQueryMap*));
+
+  MOCK_METHOD2(QueryKeyStatus, CdmResponseType(const CdmSessionId&,
+                                               CdmQueryMap*));
+
+  MOCK_METHOD2(QueryKeyControlInfo, CdmResponseType(const CdmSessionId&,
+                                                    CdmQueryMap*));
+
+  MOCK_METHOD2(GetProvisioningRequest, CdmResponseType(CdmProvisioningRequest*,
+                                                       std::string*));
+
+  MOCK_METHOD1(HandleProvisioningResponse,
+      CdmResponseType(CdmProvisioningResponse&));
+
+  MOCK_METHOD1(GetSecureStops, CdmResponseType(CdmSecureStops*));
+
+  MOCK_METHOD1(ReleaseSecureStops,
+      CdmResponseType(const CdmSecureStopReleaseMessage&));
+
+  MOCK_METHOD2(AttachEventListener, bool(const CdmSessionId&,
+                                         WvCdmEventListener*));
+
+  MOCK_METHOD2(DetachEventListener, bool(const CdmSessionId&,
+                                         WvCdmEventListener*));
+};
+
+class MockCrypto : public WVGenericCryptoInterface {
+ public:
+  MOCK_METHOD3(selectKey, OEMCryptoResult(const OEMCrypto_SESSION,
+                                          const uint8_t*, size_t));
+
+  MOCK_METHOD6(encrypt, OEMCryptoResult(OEMCrypto_SESSION, const uint8_t*,
+                                        size_t, const uint8_t*,
+                                        OEMCrypto_Algorithm, uint8_t*));
+
+  MOCK_METHOD6(decrypt, OEMCryptoResult(OEMCrypto_SESSION, const uint8_t*,
+                                        size_t, const uint8_t*,
+                                        OEMCrypto_Algorithm, uint8_t*));
+
+  MOCK_METHOD6(sign, OEMCryptoResult(OEMCrypto_SESSION, const uint8_t*, size_t,
+                                     OEMCrypto_Algorithm, uint8_t*, size_t*));
+
+  MOCK_METHOD6(verify, OEMCryptoResult(OEMCrypto_SESSION, const uint8_t*,
+                                       size_t, OEMCrypto_Algorithm,
+                                       const uint8_t*, size_t));
+};
+
+class MockDrmPluginListener : public DrmPluginListener {
+ public:
+  MOCK_METHOD4(sendEvent, void(DrmPlugin::EventType, int,
+                               const Vector<uint8_t>*, const Vector<uint8_t>*));
+};
+
+template <uint8_t DIGIT>
+CdmResponseType setSessionIdOnMap(Unused, CdmQueryMap* map) {
+  static const char oecId[] = {DIGIT + '0', '\0'};
+  (*map)[QUERY_KEY_OEMCRYPTO_SESSION_ID] = oecId;
+  return wvcdm::NO_ERROR;
+}
+
 class WVDrmPluginTest : public Test {
 protected:
  static const uint32_t kSessionIdSize = 16;
+  uint8_t sessionIdRaw[kSessionIdSize];
  Vector<uint8_t> sessionId;
  CdmSessionId cdmSessionId;

  virtual void SetUp() {
-    uint8_t sessionIdRaw[kSessionIdSize];
+    // Fill the session ID
    FILE* fp = fopen("/dev/urandom", "r");
    fread(sessionIdRaw, sizeof(uint8_t), kSessionIdSize, fp);
    fclose(fp);
@@ -33,26 +114,34 @@ class WVDrmPluginTest : public Test {
    sessionId.appendArray(sessionIdRaw, kSessionIdSize);
    cdmSessionId.assign(sessionId.begin(), sessionId.end());

-    // Set default CdmResponseType value for gMock
+    // Set default return values for gMock
    DefaultValue<CdmResponseType>::Set(wvcdm::NO_ERROR);
+    DefaultValue<OEMCryptoResult>::Set(OEMCrypto_SUCCESS);
+    DefaultValue<bool>::Set(true);
  }
 };

 TEST_F(WVDrmPluginTest, OpensSessions) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
-
-  uint8_t sessionIdRaw[kSessionIdSize];
-  FILE* fp = fopen("/dev/urandom", "r");
-  fread(sessionIdRaw, sizeof(uint8_t), kSessionIdSize, fp);
-  fclose(fp);
-
-  CdmSessionId cdmSessionId(sessionIdRaw, sessionIdRaw + kSessionIdSize);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
      .WillOnce(DoAll(SetArgPointee<1>(cdmSessionId),
                      Return(wvcdm::NO_ERROR)));

+  // Provide expected behavior when plugin requests session control info
+  EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId, _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(Invoke(setSessionIdOnMap<4>));
+
+  // Let gMock know these calls will happen but we aren't interested in them.
+  EXPECT_CALL(cdm, AttachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  EXPECT_CALL(cdm, DetachEventListener(_, _))
+      .Times(AtLeast(0));
+
  status_t res = plugin.openSession(sessionId);

  ASSERT_EQ(OK, res);
@@ -61,7 +150,8 @@ TEST_F(WVDrmPluginTest, OpensSessions) {

 TEST_F(WVDrmPluginTest, ClosesSessions) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  EXPECT_CALL(cdm, CloseSession(cdmSessionId))
      .Times(1);
@@ -73,7 +163,8 @@ TEST_F(WVDrmPluginTest, ClosesSessions) {

 TEST_F(WVDrmPluginTest, GeneratesKeyRequests) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  static const uint32_t kInitDataSize = 128;
  uint8_t initDataRaw[kInitDataSize];
@@ -141,7 +232,8 @@ TEST_F(WVDrmPluginTest, GeneratesKeyRequests) {

 TEST_F(WVDrmPluginTest, AddsKeys) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  static const uint32_t kResponseSize = 256;
  uint8_t responseRaw[kResponseSize];
@@ -169,7 +261,8 @@ TEST_F(WVDrmPluginTest, AddsKeys) {

 TEST_F(WVDrmPluginTest, QueriesKeyStatus) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  KeyedVector<String8, String8> expectedLicenseStatus;
  CdmQueryMap cdmLicenseStatus;
@@ -201,7 +294,8 @@ TEST_F(WVDrmPluginTest, QueriesKeyStatus) {

 TEST_F(WVDrmPluginTest, GetsProvisioningRequests) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  static const uint32_t kRequestSize = 256;
  uint8_t requestRaw[kRequestSize];
@@ -230,7 +324,8 @@ TEST_F(WVDrmPluginTest, GetsProvisioningRequests) {

 TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  static const uint32_t kResponseSize = 512;
  uint8_t responseRaw[kResponseSize];
@@ -252,7 +347,8 @@ TEST_F(WVDrmPluginTest, HandlesProvisioningResponses) {

 TEST_F(WVDrmPluginTest, GetsSecureStops) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  static const uint32_t kStopSize = 53;
  static const uint32_t kStopCount = 7;
@@ -293,7 +389,8 @@ TEST_F(WVDrmPluginTest, GetsSecureStops) {

 TEST_F(WVDrmPluginTest, ReleasesSecureStops) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  static const uint32_t kMessageSize = 128;
  uint8_t messageRaw[kMessageSize];
@@ -313,43 +410,85 @@ TEST_F(WVDrmPluginTest, ReleasesSecureStops) {
  ASSERT_EQ(OK, res);
 }

-TEST_F(WVDrmPluginTest, DoesNotGetStringProperties) {
+TEST_F(WVDrmPluginTest, ReturnsExpectedPropertyValues) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

-  String8 result;
+  CdmQueryMap l1Map;
+  l1Map[QUERY_KEY_SECURITY_LEVEL] = QUERY_VALUE_SECURITY_LEVEL_L1;

-  status_t res = plugin.getPropertyString(String8("property"), result);
+  CdmQueryMap l3Map;
+  l3Map[QUERY_KEY_SECURITY_LEVEL] = QUERY_VALUE_SECURITY_LEVEL_L3;

-  ASSERT_NE(OK, res);
-  EXPECT_TRUE(result.isEmpty());
+  static const string uniqueId = "The Universe";
+  CdmQueryMap idMap;
+  idMap[QUERY_KEY_DEVICE_ID] = uniqueId;
+
+  EXPECT_CALL(cdm, QueryStatus(_))
+    .WillOnce(DoAll(SetArgPointee<0>(l1Map),
+                    Return(wvcdm::NO_ERROR)))
+    .WillOnce(DoAll(SetArgPointee<0>(l3Map),
+                    Return(wvcdm::NO_ERROR)))
+    .WillOnce(DoAll(SetArgPointee<0>(idMap),
+                    Return(wvcdm::NO_ERROR)));
+
+  String8 stringResult;
+
+  status_t res = plugin.getPropertyString(String8("vendor"), stringResult);
+  ASSERT_EQ(OK, res);
+  EXPECT_EQ(String8("Google"), stringResult);
+
+  res = plugin.getPropertyString(String8("version"), stringResult);
+  ASSERT_EQ(OK, res);
+  EXPECT_EQ(String8("1.0"), stringResult);
+
+  res = plugin.getPropertyString(String8("description"), stringResult);
+  ASSERT_EQ(OK, res);
+  EXPECT_EQ(String8("Widevine CDM"), stringResult);
+
+  res = plugin.getPropertyString(String8("algorithms"), stringResult);
+  ASSERT_EQ(OK, res);
+  EXPECT_EQ(String8("AES/CBC/NoPadding,HmacSHA256"), stringResult);
+
+  res = plugin.getPropertyString(String8("securityLevel"), stringResult);
+  ASSERT_EQ(OK, res);
+  EXPECT_EQ(String8("L1"), stringResult);
+
+  res = plugin.getPropertyString(String8("securityLevel"), stringResult);
+  ASSERT_EQ(OK, res);
+  EXPECT_EQ(String8("L3"), stringResult);
+
+  Vector<uint8_t> vectorResult;
+
+  res = plugin.getPropertyByteArray(String8("deviceUniqueId"), vectorResult);
+  ASSERT_EQ(OK, res);
+  EXPECT_THAT(vectorResult, ElementsAreArray(uniqueId.data(), uniqueId.size()));
 }

-TEST_F(WVDrmPluginTest, DoesNotGetByteProperties) {
+TEST_F(WVDrmPluginTest, DoesNotGetUnknownProperties) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

-  Vector<uint8_t> result;
-
-  status_t res = plugin.getPropertyByteArray(String8("property"), result);
+  String8 stringResult;
+  Vector<uint8_t> vectorResult;

+  status_t res = plugin.getPropertyString(String8("unknownProperty"),
+                                          stringResult);
  ASSERT_NE(OK, res);
-  EXPECT_TRUE(result.isEmpty());
+  EXPECT_TRUE(stringResult.isEmpty());
+
+  res = plugin.getPropertyByteArray(String8("unknownProperty"),
+                                             vectorResult);
+  ASSERT_NE(OK, res);
+  EXPECT_TRUE(vectorResult.isEmpty());
 }

-TEST_F(WVDrmPluginTest, DoesNotSetStringProperties) {
+TEST_F(WVDrmPluginTest, DoesNotSetProperties) {
  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
-
-  status_t res = plugin.setPropertyString(String8("property"),
-                                          String8("ignored"));
-
-  ASSERT_NE(OK, res);
-}
-
-TEST_F(WVDrmPluginTest, DoesNotSetByteProperties) {
-  MockCDM cdm;
-  WVDrmPlugin plugin(&cdm);
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);

  static const uint32_t kValueSize = 32;
  uint8_t valueRaw[kValueSize];
@@ -360,7 +499,465 @@ TEST_F(WVDrmPluginTest, DoesNotSetByteProperties) {
  Vector<uint8_t> value;
  value.appendArray(valueRaw, kValueSize);

-  status_t res = plugin.setPropertyByteArray(String8("property"), value);
+  status_t res = plugin.setPropertyString(String8("property"),
+                                          String8("ignored"));
+  ASSERT_NE(OK, res);

+  res = plugin.setPropertyByteArray(String8("property"), value);
  ASSERT_NE(OK, res);
 }
+
+TEST_F(WVDrmPluginTest, FailsGenericMethodsWithoutAnAlgorithmSet) {
+  MockCDM cdm;
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);
+
+  Vector<uint8_t> keyId;
+  Vector<uint8_t> input;
+  Vector<uint8_t> iv;
+  Vector<uint8_t> output;
+  bool match;
+
+  // Provide expected behavior to support session creation
+  EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(DoAll(SetArgPointee<1>(cdmSessionId),
+                      Return(wvcdm::NO_ERROR)));
+
+  EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId, _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(Invoke(setSessionIdOnMap<4>));
+
+  // Let gMock know these calls will happen but we aren't interested in them.
+  EXPECT_CALL(cdm, AttachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  EXPECT_CALL(cdm, DetachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  status_t res = plugin.openSession(sessionId);
+  ASSERT_EQ(OK, res);
+
+  // Note that we do not set the algorithms.  This should cause these methods
+  // to fail.
+
+  res = plugin.encrypt(sessionId, keyId, input, iv, output);
+  EXPECT_EQ(NO_INIT, res);
+
+  res = plugin.decrypt(sessionId, keyId, input, iv, output);
+  EXPECT_EQ(NO_INIT, res);
+
+  res = plugin.sign(sessionId, keyId, input, output);
+  EXPECT_EQ(NO_INIT, res);
+
+  res = plugin.verify(sessionId, keyId, input, output, match);
+  EXPECT_EQ(NO_INIT, res);
+}
+
+MATCHER_P(IsIV, iv, "") {
+  for (size_t i = 0; i < KEY_IV_SIZE; ++i) {
+    if (iv[i] != arg[i]) {
+      return false;
+    }
+  }
+
+  return true;
+}
+
+TEST_F(WVDrmPluginTest, CallsGenericEncrypt) {
+  MockCDM cdm;
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);
+
+  static const size_t kDataSize = 256;
+  uint8_t keyIdRaw[KEY_ID_SIZE];
+  uint8_t inputRaw[kDataSize];
+  uint8_t ivRaw[KEY_IV_SIZE];
+
+  FILE* fp = fopen("/dev/urandom", "r");
+  fread(keyIdRaw, sizeof(uint8_t), KEY_ID_SIZE, fp);
+  fread(inputRaw, sizeof(uint8_t), kDataSize, fp);
+  fread(ivRaw, sizeof(uint8_t), KEY_IV_SIZE, fp);
+  fclose(fp);
+
+  Vector<uint8_t> keyId;
+  keyId.appendArray(keyIdRaw, KEY_ID_SIZE);
+  Vector<uint8_t> input;
+  input.appendArray(inputRaw, kDataSize);
+  Vector<uint8_t> iv;
+  iv.appendArray(ivRaw, KEY_IV_SIZE);
+  Vector<uint8_t> output;
+
+  {
+    InSequence calls;
+
+    EXPECT_CALL(crypto, selectKey(4, _, KEY_ID_SIZE))
+        .With(Args<1, 2>(ElementsAreArray(keyIdRaw, KEY_ID_SIZE)))
+        .Times(1);
+
+    EXPECT_CALL(crypto, encrypt(4, _, kDataSize, IsIV(ivRaw),
+                                OEMCrypto_AES_CBC_128_NO_PADDING, _))
+        .With(Args<1, 2>(ElementsAreArray(inputRaw, kDataSize)))
+        .Times(1);
+  }
+
+  // Provide expected behavior to support session creation
+  EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(DoAll(SetArgPointee<1>(cdmSessionId),
+                      Return(wvcdm::NO_ERROR)));
+
+  EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId, _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(Invoke(setSessionIdOnMap<4>));
+
+  // Let gMock know these calls will happen but we aren't interested in them.
+  EXPECT_CALL(cdm, AttachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  EXPECT_CALL(cdm, DetachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  status_t res = plugin.openSession(sessionId);
+  ASSERT_EQ(OK, res);
+
+  res = plugin.setCipherAlgorithm(sessionId, String8("AES/CBC/NoPadding"));
+  ASSERT_EQ(OK, res);
+
+  res = plugin.encrypt(sessionId, keyId, input, iv, output);
+  ASSERT_EQ(OK, res);
+}
+
+TEST_F(WVDrmPluginTest, CallsGenericDecrypt) {
+  MockCDM cdm;
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);
+
+  static const size_t kDataSize = 256;
+  uint8_t keyIdRaw[KEY_ID_SIZE];
+  uint8_t inputRaw[kDataSize];
+  uint8_t ivRaw[KEY_IV_SIZE];
+
+  FILE* fp = fopen("/dev/urandom", "r");
+  fread(keyIdRaw, sizeof(uint8_t), KEY_ID_SIZE, fp);
+  fread(inputRaw, sizeof(uint8_t), kDataSize, fp);
+  fread(ivRaw, sizeof(uint8_t), KEY_IV_SIZE, fp);
+  fclose(fp);
+
+  Vector<uint8_t> keyId;
+  keyId.appendArray(keyIdRaw, KEY_ID_SIZE);
+  Vector<uint8_t> input;
+  input.appendArray(inputRaw, kDataSize);
+  Vector<uint8_t> iv;
+  iv.appendArray(ivRaw, KEY_IV_SIZE);
+  Vector<uint8_t> output;
+
+  {
+    InSequence calls;
+
+    EXPECT_CALL(crypto, selectKey(4, _, KEY_ID_SIZE))
+        .With(Args<1, 2>(ElementsAreArray(keyIdRaw, KEY_ID_SIZE)))
+        .Times(1);
+
+    EXPECT_CALL(crypto, decrypt(4, _, kDataSize, IsIV(ivRaw),
+                                OEMCrypto_AES_CBC_128_NO_PADDING, _))
+        .With(Args<1, 2>(ElementsAreArray(inputRaw, kDataSize)))
+        .Times(1);
+  }
+
+  // Provide expected behavior to support session creation
+  EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(DoAll(SetArgPointee<1>(cdmSessionId),
+                      Return(wvcdm::NO_ERROR)));
+
+  EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId, _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(Invoke(setSessionIdOnMap<4>));
+
+  // Let gMock know these calls will happen but we aren't interested in them.
+  EXPECT_CALL(cdm, AttachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  EXPECT_CALL(cdm, DetachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  status_t res = plugin.openSession(sessionId);
+  ASSERT_EQ(OK, res);
+
+  res = plugin.setCipherAlgorithm(sessionId, String8("AES/CBC/NoPadding"));
+  ASSERT_EQ(OK, res);
+
+  res = plugin.decrypt(sessionId, keyId, input, iv, output);
+  ASSERT_EQ(OK, res);
+}
+
+TEST_F(WVDrmPluginTest, CallsGenericSign) {
+  MockCDM cdm;
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);
+
+  static const size_t kDataSize = 256;
+  uint8_t keyIdRaw[KEY_ID_SIZE];
+  uint8_t messageRaw[kDataSize];
+
+  FILE* fp = fopen("/dev/urandom", "r");
+  fread(keyIdRaw, sizeof(uint8_t), KEY_ID_SIZE, fp);
+  fread(messageRaw, sizeof(uint8_t), kDataSize, fp);
+  fclose(fp);
+
+  Vector<uint8_t> keyId;
+  keyId.appendArray(keyIdRaw, KEY_ID_SIZE);
+  Vector<uint8_t> message;
+  message.appendArray(messageRaw, kDataSize);
+  Vector<uint8_t> signature;
+
+  {
+    InSequence calls;
+
+    EXPECT_CALL(crypto, selectKey(4, _, KEY_ID_SIZE))
+        .With(Args<1, 2>(ElementsAreArray(keyIdRaw, KEY_ID_SIZE)))
+        .Times(1);
+
+    EXPECT_CALL(crypto, sign(4, _, kDataSize, OEMCrypto_HMAC_SHA256, _,
+                             Pointee(0)))
+        .With(Args<1, 2>(ElementsAreArray(messageRaw, kDataSize)))
+        .WillOnce(DoAll(SetArgPointee<5>(64),
+                        Return(OEMCrypto_ERROR_SHORT_BUFFER)));
+
+    EXPECT_CALL(crypto, sign(4, _, kDataSize, OEMCrypto_HMAC_SHA256, _,
+                             Pointee(64)))
+        .With(Args<1, 2>(ElementsAreArray(messageRaw, kDataSize)))
+        .Times(1);
+  }
+
+  // Provide expected behavior to support session creation
+  EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(DoAll(SetArgPointee<1>(cdmSessionId),
+                      Return(wvcdm::NO_ERROR)));
+
+  EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId, _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(Invoke(setSessionIdOnMap<4>));
+
+  // Let gMock know these calls will happen but we aren't interested in them.
+  EXPECT_CALL(cdm, AttachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  EXPECT_CALL(cdm, DetachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  status_t res = plugin.openSession(sessionId);
+  ASSERT_EQ(OK, res);
+
+  res = plugin.setMacAlgorithm(sessionId, String8("HmacSHA256"));
+  ASSERT_EQ(OK, res);
+
+  res = plugin.sign(sessionId, keyId, message, signature);
+  ASSERT_EQ(OK, res);
+}
+
+TEST_F(WVDrmPluginTest, CallsGenericVerify) {
+  MockCDM cdm;
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);
+
+  static const size_t kDataSize = 256;
+  static const size_t kSignatureSize = 16;
+  uint8_t keyIdRaw[KEY_ID_SIZE];
+  uint8_t messageRaw[kDataSize];
+  uint8_t signatureRaw[kSignatureSize];
+
+  FILE* fp = fopen("/dev/urandom", "r");
+  fread(keyIdRaw, sizeof(uint8_t), KEY_ID_SIZE, fp);
+  fread(messageRaw, sizeof(uint8_t), kDataSize, fp);
+  fread(signatureRaw, sizeof(uint8_t), kSignatureSize, fp);
+  fclose(fp);
+
+  Vector<uint8_t> keyId;
+  keyId.appendArray(keyIdRaw, KEY_ID_SIZE);
+  Vector<uint8_t> message;
+  message.appendArray(messageRaw, kDataSize);
+  Vector<uint8_t> signature;
+  signature.appendArray(signatureRaw, kSignatureSize);
+  bool match;
+
+  {
+    InSequence calls;
+
+    EXPECT_CALL(crypto, selectKey(4, _, KEY_ID_SIZE))
+        .With(Args<1, 2>(ElementsAreArray(keyIdRaw, KEY_ID_SIZE)))
+        .Times(1);
+
+    EXPECT_CALL(crypto, verify(4, _, kDataSize, OEMCrypto_HMAC_SHA256, _,
+                               kSignatureSize))
+        .With(AllOf(Args<1, 2>(ElementsAreArray(messageRaw, kDataSize)),
+                    Args<4, 5>(ElementsAreArray(signatureRaw, kSignatureSize))))
+        .WillOnce(Return(OEMCrypto_SUCCESS));
+
+    EXPECT_CALL(crypto, selectKey(4, _, KEY_ID_SIZE))
+        .With(Args<1, 2>(ElementsAreArray(keyIdRaw, KEY_ID_SIZE)))
+        .Times(1);
+
+    EXPECT_CALL(crypto, verify(4, _, kDataSize, OEMCrypto_HMAC_SHA256, _,
+                               kSignatureSize))
+        .With(AllOf(Args<1, 2>(ElementsAreArray(messageRaw, kDataSize)),
+                    Args<4, 5>(ElementsAreArray(signatureRaw, kSignatureSize))))
+        .WillOnce(Return(OEMCrypto_ERROR_SIGNATURE_FAILURE));
+  }
+
+  // Provide expected behavior to support session creation
+  EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(DoAll(SetArgPointee<1>(cdmSessionId),
+                      Return(wvcdm::NO_ERROR)));
+
+  EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId, _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(Invoke(setSessionIdOnMap<4>));
+
+  // Let gMock know these calls will happen but we aren't interested in them.
+  EXPECT_CALL(cdm, AttachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  EXPECT_CALL(cdm, DetachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  status_t res = plugin.openSession(sessionId);
+  ASSERT_EQ(OK, res);
+
+  res = plugin.setMacAlgorithm(sessionId, String8("HmacSHA256"));
+  ASSERT_EQ(OK, res);
+
+  res = plugin.verify(sessionId, keyId, message, signature, match);
+  ASSERT_EQ(OK, res);
+  EXPECT_TRUE(match);
+
+  res = plugin.verify(sessionId, keyId, message, signature, match);
+  ASSERT_EQ(OK, res);
+  EXPECT_FALSE(match);
+}
+
+TEST_F(WVDrmPluginTest, RegistersForEvents) {
+  MockCDM cdm;
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);
+
+  EXPECT_CALL(cdm, AttachEventListener(cdmSessionId, &plugin))
+      .Times(1);
+
+  // Provide expected behavior to support session creation
+  EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(DoAll(SetArgPointee<1>(cdmSessionId),
+                      Return(wvcdm::NO_ERROR)));
+
+  EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId, _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(Invoke(setSessionIdOnMap<4>));
+
+  // Let gMock know this call will happen but we aren't interested in it.
+  EXPECT_CALL(cdm, DetachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  status_t res = plugin.openSession(sessionId);
+  ASSERT_EQ(OK, res);
+}
+
+TEST_F(WVDrmPluginTest, UnregistersForAllEventsOnDestruction) {
+  MockCDM cdm;
+  MockCrypto crypto;
+
+  {
+    WVDrmPlugin plugin(&cdm, &crypto);
+
+    uint8_t sessionIdRaw1[kSessionIdSize];
+    uint8_t sessionIdRaw2[kSessionIdSize];
+    FILE* fp = fopen("/dev/urandom", "r");
+    fread(sessionIdRaw1, sizeof(uint8_t), kSessionIdSize, fp);
+    fread(sessionIdRaw2, sizeof(uint8_t), kSessionIdSize, fp);
+    fclose(fp);
+
+    CdmSessionId cdmSessionId1(sessionIdRaw1, sessionIdRaw1 + kSessionIdSize);
+    CdmSessionId cdmSessionId2(sessionIdRaw2, sessionIdRaw2 + kSessionIdSize);
+
+    EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
+        .WillOnce(DoAll(SetArgPointee<1>(cdmSessionId1),
+                        Return(wvcdm::NO_ERROR)))
+        .WillOnce(DoAll(SetArgPointee<1>(cdmSessionId2),
+                        Return(wvcdm::NO_ERROR)));
+
+    EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId1, _))
+        .WillOnce(Invoke(setSessionIdOnMap<4>));
+
+    EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId2, _))
+        .WillOnce(Invoke(setSessionIdOnMap<5>));
+
+    EXPECT_CALL(cdm, DetachEventListener(cdmSessionId1, &plugin))
+        .Times(1);
+
+    EXPECT_CALL(cdm, DetachEventListener(cdmSessionId2, &plugin))
+        .Times(1);
+
+    // Let gMock know this call will happen but we aren't interested in it.
+    EXPECT_CALL(cdm, AttachEventListener(_, _))
+        .Times(AtLeast(0));
+
+    status_t res = plugin.openSession(sessionId);
+    ASSERT_EQ(OK, res);
+
+    res = plugin.openSession(sessionId);
+    ASSERT_EQ(OK, res);
+  }
+}
+
+TEST_F(WVDrmPluginTest, MarshalsEvents) {
+  MockCDM cdm;
+  MockCrypto crypto;
+  WVDrmPlugin plugin(&cdm, &crypto);
+
+  sp<MockDrmPluginListener> listener = new MockDrmPluginListener();
+
+  {
+    InSequence calls;
+
+    EXPECT_CALL(*listener, sendEvent(DrmPlugin::kDrmPluginEventKeyExpired, 0,
+                                     Pointee(ElementsAreArray(sessionIdRaw,
+                                                              kSessionIdSize)),
+                                     NULL))
+        .Times(1);
+
+    EXPECT_CALL(*listener, sendEvent(DrmPlugin::kDrmPluginEventKeyNeeded, 0,
+                                     Pointee(ElementsAreArray(sessionIdRaw,
+                                                              kSessionIdSize)),
+                                     NULL))
+        .Times(1);
+  }
+
+  // Provide expected behavior to support session creation
+  EXPECT_CALL(cdm, OpenSession(StrEq("com.widevine"), _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(DoAll(SetArgPointee<1>(cdmSessionId),
+                      Return(wvcdm::NO_ERROR)));
+
+  EXPECT_CALL(cdm, QueryKeyControlInfo(cdmSessionId, _))
+      .Times(AtLeast(1))
+      .WillRepeatedly(Invoke(setSessionIdOnMap<4>));
+
+  // Let gMock know these calls will happen but we aren't interested in them.
+  EXPECT_CALL(cdm, AttachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  EXPECT_CALL(cdm, DetachEventListener(_, _))
+      .Times(AtLeast(0));
+
+  status_t res = plugin.setListener(listener);
+  ASSERT_EQ(OK, res);
+
+  res = plugin.openSession(sessionId);
+  ASSERT_EQ(OK, res);
+
+  plugin.onEvent(cdmSessionId, LICENSE_EXPIRED_EVENT);
+  plugin.onEvent(cdmSessionId, LICENSE_RENEWAL_NEEDED_EVENT);
+}