widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sign fake license request if usage tables are not supported

Browse Source 
Merge of http://go/wvgerrit/106823

Previously, we worked around a problem by signing a fake license
request when a license did not have a usage entry. However, this was
inside a conditional that the device did support usage tables. This CL
moves that code outside the conditional so that a fake license is
signed whenever the license does not have an entry.

Bug: 169591716
Test: unit and integration tests
Change-Id: Ic4d1a91af63503722b088a136c0a8dca9746a962
This commit is contained in:
Rahul Frias
2020-11-02 01:39:13 -08:00
parent 95ff0f14fd
commit ea2b3d3178
1 changed files with 20 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
libwvdrmengine/cdm/core/src/cdm_session.cpp
View File

@@ -336,20 +336,13 @@ CdmResponseType CdmSession::RestoreOfflineSession(const CdmKeySetId& key_set_id,
} }
std::string provider_session_token; std::string provider_session_token;
bool sign_fake_request = false; // TODO(b/169483174): remove this variable.
if (usage_support_type_ == kUsageEntrySupport) { if (usage_support_type_ == kUsageEntrySupport) {
if (!license_parser_->ExtractProviderSessionToken( if (!license_parser_->ExtractProviderSessionToken(
key_response_, &provider_session_token) || key_response_, &provider_session_token) ||
usage_table_header_ == nullptr) { usage_table_header_ == nullptr) {
provider_session_token.clear(); provider_session_token.clear();
// TODO(b/161023174): remove this code in v17. sign_fake_request = true; // TODO(b/169483174): remove this line.
std::string fake_message("empty message");
std::string core_message;
std::string license_request_signature;
// Sign a fake message so that OEMCrypto will start the rental clock. The
// signature and generated core message are ignored.
CdmResponseType status = crypto_session_->PrepareAndSignLicenseRequest(
fake_message, &core_message, &license_request_signature);
if (status != NO_ERROR) return status;
} else if (!VerifyOfflineUsageEntry()) { } else if (!VerifyOfflineUsageEntry()) {
LOGE("License usage entry is invalid, cannot restore"); LOGE("License usage entry is invalid, cannot restore");
return LICENSE_USAGE_ENTRY_MISSING; return LICENSE_USAGE_ENTRY_MISSING;
@@ -362,6 +355,24 @@ CdmResponseType CdmSession::RestoreOfflineSession(const CdmKeySetId& key_set_id,
return sts; return sts;
} }
} }
} else {
sign_fake_request = true; // TODO(b/169483174): remove this block.
}
// TODO(b/169483174): remove this code in v17. For OEMCrypto v16, an offline
// license would not work because the rental clock in OEMCrypto is only
// started when the license request is signed. We will sign a fake license
// request if the device does not support usage tables, or if the license does
// not have a usage entry.
if (sign_fake_request) {
std::string fake_message("empty message");
std::string core_message;
std::string license_request_signature;
// Sign a fake message so that OEMCrypto will start the rental clock. The
// signature and generated core message are ignored.
const CdmResponseType status =
crypto_session_->PrepareAndSignLicenseRequest(
fake_message, &core_message, &license_request_signature);
if (status != NO_ERROR) return status;
} }
CdmResponseType result; CdmResponseType result;