File util, generic crypto, and key query

This CL merges several CLs from the widevine repo: http://go/wvgerrit/18012 Add support for querying allowed usage for key. http://go/wvgerrit/17971 Add per-origin storage. http://go/wvgerrit/18152 Add OEMCrypto's generic crypto operations to CDM. http://go/wvgerrit/17911 QueryKeyControlInfo => QueryOemCryptoSessionId Note: numbering in wv_cdm_types.h was added in this CL and will be back ported to wvgerrit in a future CL. Change-Id: Idb9e9a67e94f62f25dc16c5307f75a08b3430b64
2016-09-14 12:44:09 -07:00
parent 24124ea6e3
commit eb3f8b786a
56 changed files with 4632 additions and 2083 deletions
--- a/libwvdrmengine/cdm/core/src/cdm_session.cpp
+++ b/libwvdrmengine/cdm/core/src/cdm_session.cpp
@@ -10,8 +10,6 @@

 #include "cdm_engine.h"
 #include "clock.h"
-#include "crypto_session.h"
-#include "device_files.h"
 #include "file_store.h"
 #include "log.h"
 #include "properties.h"
@@ -25,6 +23,23 @@ const size_t kKeySetIdLength = 14;

 namespace wvcdm {

+CdmSession::CdmSession(FileSystem* file_system) :
+    initialized_(false),
+    crypto_session_(new CryptoSession),
+    file_handle_(new DeviceFiles(file_system)),
+    license_received_(false),
+    is_offline_(false),
+    is_release_(false),
+    is_temporary_(false),
+    security_level_(kSecurityLevelUninitialized),
+    requested_security_level_(kLevelDefault),
+    is_initial_decryption_(true),
+    has_decrypted_since_last_report_(false),
+    is_initial_usage_update_(true),
+    is_usage_update_needed_(false),
+    mock_license_parser_in_use_(false),
+    mock_policy_engine_in_use_(false) {}
+
 CdmSession::~CdmSession() {
  if (!key_set_id_.empty()) {
    // Unreserve the license ID.
@@ -45,6 +60,7 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,
    LOGE("CdmSession::Init: Failed due to previous initialization");
    return SESSION_INIT_ERROR_2;
  }
+
  if (cdm_client_property_set &&
      cdm_client_property_set->security_level() ==
          QUERY_VALUE_SECURITY_LEVEL_L3) {
@@ -63,7 +79,7 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,
  std::string token;
  if (Properties::use_certificates_as_identification()) {
    std::string wrapped_key;
-    if (!file_handle_->RetrieveCertificate(origin_, &token, &wrapped_key) ||
+    if (!file_handle_->RetrieveCertificate(&token, &wrapped_key) ||
        !crypto_session_->LoadCertificatePrivateKey(wrapped_key)) {
      return NEED_PROVISIONING;
    }
@@ -301,7 +317,7 @@ CdmResponseType CdmSession::AddKey(const CdmKeyResponse& key_response) {
  }
 }

-CdmResponseType CdmSession::QueryStatus(CdmQueryMap* key_info) {
+CdmResponseType CdmSession::QueryStatus(CdmQueryMap* query_response) {
  if (crypto_session_.get() == NULL) {
    LOGE("CdmSession::QueryStatus: Invalid crypto session");
    return INVALID_CRYPTO_SESSION_3;
@@ -314,17 +330,20 @@ CdmResponseType CdmSession::QueryStatus(CdmQueryMap* key_info) {

  switch (security_level_) {
    case kSecurityLevelL1:
-      (*key_info)[QUERY_KEY_SECURITY_LEVEL] = QUERY_VALUE_SECURITY_LEVEL_L1;
+      (*query_response)[QUERY_KEY_SECURITY_LEVEL] =
+          QUERY_VALUE_SECURITY_LEVEL_L1;
      break;
    case kSecurityLevelL2:
-      (*key_info)[QUERY_KEY_SECURITY_LEVEL] = QUERY_VALUE_SECURITY_LEVEL_L2;
+      (*query_response)[QUERY_KEY_SECURITY_LEVEL] =
+          QUERY_VALUE_SECURITY_LEVEL_L2;
      break;
    case kSecurityLevelL3:
-      (*key_info)[QUERY_KEY_SECURITY_LEVEL] = QUERY_VALUE_SECURITY_LEVEL_L3;
+      (*query_response)[QUERY_KEY_SECURITY_LEVEL] =
+          QUERY_VALUE_SECURITY_LEVEL_L3;
      break;
    case kSecurityLevelUninitialized:
    case kSecurityLevelUnknown:
-      (*key_info)[QUERY_KEY_SECURITY_LEVEL] =
+      (*query_response)[QUERY_KEY_SECURITY_LEVEL] =
          QUERY_VALUE_SECURITY_LEVEL_UNKNOWN;
      break;
    default:
@@ -333,24 +352,30 @@ CdmResponseType CdmSession::QueryStatus(CdmQueryMap* key_info) {
  return NO_ERROR;
 }

-CdmResponseType CdmSession::QueryKeyStatus(CdmQueryMap* key_info) {
-  return policy_engine_->Query(key_info);
+CdmResponseType CdmSession::QueryKeyStatus(CdmQueryMap* query_response) {
+  return policy_engine_->Query(query_response);
 }

-CdmResponseType CdmSession::QueryKeyControlInfo(CdmQueryMap* key_info) {
+CdmResponseType CdmSession::QueryKeyAllowedUsage(
+    const std::string& key_id, CdmKeyAllowedUsage* key_usage) {
+  return policy_engine_->QueryKeyAllowedUsage(key_id, key_usage);
+}
+
+CdmResponseType CdmSession::QueryOemCryptoSessionId(
+    CdmQueryMap* query_response) {
  if (crypto_session_.get() == NULL) {
-    LOGW("CdmSession::QueryKeyControlInfo: Invalid crypto session");
+    LOGW("CdmSession::QueryOemCryptoSessionId: Invalid crypto session");
    return INVALID_CRYPTO_SESSION_4;
  }

  if (!crypto_session_->IsOpen()) {
-    LOGW("CdmSession::QueryKeyControlInfo: Crypto session not open");
+    LOGW("CdmSession::QueryOemCryptoSessionId: Crypto session not open");
    return CRYPTO_SESSION_OPEN_ERROR_4;
  }

  std::stringstream ss;
  ss << crypto_session_->oec_session_id();
-  (*key_info)[QUERY_KEY_OEMCRYPTO_SESSION_ID] = ss.str();
+  (*query_response)[QUERY_KEY_OEMCRYPTO_SESSION_ID] = ss.str();
  return NO_ERROR;
 }

@@ -545,6 +570,11 @@ bool CdmSession::StoreLicense(DeviceFiles::LicenseState state) {
      policy_engine_->GetLastPlaybackTime(), app_parameters_);
 }

+CdmResponseType CdmSession::ReleaseCrypto() {
+  crypto_session_->Close();
+  return NO_ERROR;
+}
+
 bool CdmSession::DeleteLicense() {
  if (!is_offline_ && license_parser_->provider_session_token().empty())
    return false;
@@ -596,11 +626,52 @@ CdmResponseType CdmSession::UpdateUsageInformation() {
  return crypto_session_->UpdateUsageInformation();
 }

-CdmResponseType CdmSession::ReleaseCrypto() {
-  crypto_session_->Close();
-  return NO_ERROR;
+CdmResponseType CdmSession::GenericEncrypt(const std::string& in_buffer,
+                                           const std::string& key_id,
+                                           const std::string& iv,
+                                           CdmEncryptionAlgorithm algorithm,
+                                           std::string* out_buffer) {
+  if (!out_buffer) {
+    LOGE("CdmSession::GenericEncrypt: No output destination provided");
+    return INVALID_PARAMETERS_ENG_6;
+  }
+  return crypto_session_->GenericEncrypt(in_buffer, key_id, iv, algorithm,
+                                         out_buffer);
 }

+CdmResponseType CdmSession::GenericDecrypt(const std::string& in_buffer,
+                                           const std::string& key_id,
+                                           const std::string& iv,
+                                           CdmEncryptionAlgorithm algorithm,
+                                           std::string* out_buffer) {
+  if (!out_buffer) {
+    LOGE("CdmSession::GenericDecrypt: No output destination provided");
+    return INVALID_PARAMETERS_ENG_7;
+  }
+  return crypto_session_->GenericDecrypt(in_buffer, key_id, iv, algorithm,
+                                         out_buffer);
+}
+
+CdmResponseType CdmSession::GenericSign(const std::string& message,
+                                        const std::string& key_id,
+                                        CdmSigningAlgorithm algorithm,
+                                        std::string* signature) {
+  if (!signature) {
+    LOGE("CdmSession::GenericSign: No output destination provided");
+    return INVALID_PARAMETERS_ENG_8;
+  }
+  return crypto_session_->GenericSign(message, key_id, algorithm, signature);
+}
+
+CdmResponseType CdmSession::GenericVerify(const std::string& message,
+                                          const std::string& key_id,
+                                          CdmSigningAlgorithm algorithm,
+                                          const std::string& signature) {
+  return crypto_session_->GenericVerify(message, key_id, algorithm, signature);
+}
+
+// For testing only - takes ownership of pointers
+
 void CdmSession::set_license_parser(CdmLicense* license_parser) {
  license_parser_.reset(license_parser);
  mock_license_parser_in_use_ = true;