widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Widevine Metrics System

Browse Source 
This change is the complete Widevine metrics system. It will
measure and record runtime information about what is happening
in the CDM - such as errors and throughput.

Bug: 33745339
Bug: 26027857
Change-Id: Ic9a82074f1e2b72c72d751b235f8ae361232787d
This commit is contained in:
Aaron Vaage
2017-01-17 18:31:25 -08:00
parent ee5aff7706
commit edb9f00df7
39 changed files with 2969 additions and 258 deletions
Download Patch File Download Diff File Expand all files Collapse all files

667
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -12,6 +12,7 @@
#include "crypto_key.h"
#include "log.h"
#include "metrics_front_end.h"
#include "properties.h"
#include "pst_report.h"
#include "string_conversions.h"
@@ -39,14 +40,16 @@ bool CryptoSession::initialized_ = false;
int CryptoSession::session_count_ = 0;
uint64_t CryptoSession::request_id_index_ = 0;
CryptoSession::CryptoSession()
: open_(false),
CryptoSession::CryptoSession(metrics::MetricsGroup* metrics)
: metrics_(metrics),
open_(false),
update_usage_table_after_close_session_(false),
is_destination_buffer_type_valid_(false),
requested_security_level_(kLevelDefault),
request_id_base_(0),
cipher_mode_(kCipherModeCtr) {
Init();
life_span_.Start();
}
CryptoSession::~CryptoSession() {
@@ -54,6 +57,7 @@ CryptoSession::~CryptoSession() {
Close();
}
Terminate();
M_RECORD(metrics_, crypto_session_life_span_, life_span_.AsMs());
}
bool CryptoSession::GetProvisioningMethod(CdmClientTokenType* token_type) {
@@ -81,7 +85,12 @@ void CryptoSession::Init() {
AutoLock auto_lock(crypto_lock_);
session_count_ += 1;
if (!initialized_) {
OEMCryptoResult sts = OEMCrypto_Initialize();
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_Initialize(),
metrics_,
oemcrypto_initialize_,
sts);
if (OEMCrypto_SUCCESS != sts) {
LOGE("OEMCrypto_Initialize failed: %d", sts);
return;
@@ -116,8 +125,19 @@ bool CryptoSession::GetTokenFromKeybox(std::string* token) {
// lock is held by caller
size_t buf_size = temp_buffer.size();
uint8_t* buf = reinterpret_cast<uint8_t*>(&temp_buffer[0]);
status = OEMCrypto_GetKeyData(buf, &buf_size, requested_security_level_);
if (status == OEMCrypto_SUCCESS) {
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_GetKeyData(
buf,
&buf_size,
requested_security_level_),
metrics_,
oemcrypto_get_key_data_,
sts,
metrics::Pow2Bucket(buf_size),
requested_security_level_);
if (OEMCrypto_SUCCESS == sts) {
token->swap(temp_buffer);
return true;
}
@@ -158,7 +178,6 @@ bool CryptoSession::GetClientToken(std::string* token) {
if (!initialized_) {
return false;
}
// Only keybox is used for client token. All other cases use DRM Cert.
if (pre_provision_token_type_ != kClientTokenKeybox) {
return false;
@@ -194,8 +213,14 @@ CdmSecurityLevel CryptoSession::GetSecurityLevel() {
return kSecurityLevelUninitialized;
}
std::string security_level =
OEMCrypto_SecurityLevel(requested_security_level_);
std::string security_level;
M_TIME(
security_level = OEMCrypto_SecurityLevel(
requested_security_level_),
metrics_,
oemcrypto_security_level_,
security_level,
requested_security_level_);
if ((security_level.size() != 2) || (security_level.at(0) != 'L')) {
return kSecurityLevelUnknown;
@@ -234,8 +259,16 @@ bool CryptoSession::GetDeviceUniqueId(std::string* device_id) {
size_t id_length = 32;
id.resize(id_length);
OEMCryptoResult sts =
OEMCrypto_GetDeviceID(&id[0], &id_length, requested_security_level_);
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_GetDeviceID(
&id[0],
&id_length,
requested_security_level_),
metrics_,
oemcrypto_get_device_id_,
sts,
requested_security_level_);
if (OEMCrypto_SUCCESS != sts) {
return false;
@@ -255,7 +288,13 @@ bool CryptoSession::GetApiVersion(uint32_t* version) {
if (!initialized_) {
return false;
}
*version = OEMCrypto_APIVersion(requested_security_level_);
M_TIME(
*version = OEMCrypto_APIVersion(requested_security_level_),
metrics_,
oemcrypto_api_version_,
*version,
requested_security_level_);
return true;
}
@@ -273,8 +312,17 @@ bool CryptoSession::GetSystemId(uint32_t* system_id) {
if (!initialized_) {
return false;
}
OEMCryptoResult sts =
OEMCrypto_GetKeyData(buf, &buf_size, requested_security_level_);
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_GetKeyData(
buf,
&buf_size,
requested_security_level_),
metrics_,
oemcrypto_get_key_data_,
sts,
metrics::Pow2Bucket(buf_size),
requested_security_level_);
if (OEMCrypto_SUCCESS != sts) {
return false;
@@ -302,9 +350,17 @@ bool CryptoSession::GetProvisioningId(std::string* provisioning_id) {
if (!initialized_) {
return false;
}
OEMCryptoResult sts =
OEMCrypto_GetKeyData(buf, &buf_size, requested_security_level_);
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_GetKeyData(
buf,
&buf_size,
requested_security_level_),
metrics_,
oemcrypto_get_key_data_,
sts,
metrics::Pow2Bucket(buf_size),
requested_security_level_);
if (OEMCrypto_SUCCESS != sts) {
return false;
}
@@ -314,7 +370,15 @@ bool CryptoSession::GetProvisioningId(std::string* provisioning_id) {
}
uint8_t CryptoSession::GetSecurityPatchLevel() {
return OEMCrypto_Security_Patch_Level(requested_security_level_);
uint8_t patch;
M_TIME(
patch = OEMCrypto_Security_Patch_Level(
requested_security_level_),
metrics_,
oemcrypto_security_patch_level_,
patch,
requested_security_level_);
return patch;
}
CdmResponseType CryptoSession::Open(SecurityLevel requested_security_level) {
@@ -325,7 +389,15 @@ CdmResponseType CryptoSession::Open(SecurityLevel requested_security_level) {
OEMCrypto_SESSION sid;
requested_security_level_ = requested_security_level;
OEMCryptoResult sts = OEMCrypto_OpenSession(&sid, requested_security_level);
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_OpenSession(
&sid,
requested_security_level),
metrics_,
oemcrypto_open_session_,
sts,
requested_security_level);
if (OEMCrypto_SUCCESS == sts) {
oec_session_id_ = static_cast<CryptoSessionId>(sid);
LOGV("OpenSession: id= %ld", (uint32_t)oec_session_id_);
@@ -340,8 +412,15 @@ CdmResponseType CryptoSession::Open(SecurityLevel requested_security_level) {
sts, session_count_, (int)initialized_);
return UNKNOWN_ERROR;
}
OEMCrypto_GetRandom(reinterpret_cast<uint8_t*>(&request_id_base_),
sizeof(request_id_base_));
OEMCryptoResult random_sts;
M_TIME(
random_sts = OEMCrypto_GetRandom(
reinterpret_cast<uint8_t*>(&request_id_base_),
sizeof(request_id_base_)),
metrics_,
oemcrypto_get_random_,
random_sts,
metrics::Pow2Bucket(sizeof(request_id_base_)));
++request_id_index_;
return NO_ERROR;
}
@@ -351,12 +430,25 @@ void CryptoSession::Close() {
open_ ? "true" : "false");
AutoLock auto_lock(crypto_lock_);
if (!open_) return;
if (OEMCrypto_SUCCESS == OEMCrypto_CloseSession(oec_session_id_)) {
OEMCryptoResult close_sts;
M_TIME(
close_sts = OEMCrypto_CloseSession(
oec_session_id_),
metrics_,
oemcrypto_close_session_,
close_sts);
if (OEMCrypto_SUCCESS == close_sts) {
open_ = false;
if (update_usage_table_after_close_session_) {
OEMCryptoResult sts = OEMCrypto_UpdateUsageTable();
if (sts != OEMCrypto_SUCCESS)
LOGW("CryptoSession::Close: OEMCrypto_UpdateUsageTable error=%ld", sts);
OEMCryptoResult update_sts;
M_TIME(
update_sts = OEMCrypto_UpdateUsageTable(),
metrics_,
oemcrypto_update_usage_table_,
update_sts);
if ( update_sts != OEMCrypto_SUCCESS)
LOGW("CryptoSession::Close: OEMCrypto_UpdateUsageTable error=%ld", update_sts);
}
}
}
@@ -504,24 +596,39 @@ CdmResponseType CryptoSession::LoadKeys(
}
uint8_t* pst = NULL;
if (!provider_session_token.empty()) {
pst =
const_cast<uint8_t*>(msg) + GetOffset(message, provider_session_token);
pst = const_cast<uint8_t*>(msg) + GetOffset(message, provider_session_token);
}
uint8_t* srm_req = NULL;
if (!srm_requirement.empty())
srm_req = const_cast<uint8_t*>(msg) + GetOffset(message, srm_requirement);
LOGV("LoadKeys: id=%ld", (uint32_t)oec_session_id_);
OEMCryptoResult sts = OEMCrypto_LoadKeys(
oec_session_id_, msg, message.size(),
reinterpret_cast<const uint8_t*>(signature.data()), signature.size(),
enc_mac_key_iv, enc_mac_key, keys.size(), &load_keys[0], pst,
provider_session_token.length(), srm_req);
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_LoadKeys(
oec_session_id_,
msg,
message.size(),
reinterpret_cast<const uint8_t*>(signature.data()),
signature.size(),
enc_mac_key_iv,
enc_mac_key,
keys.size(),
&load_keys[0],
pst,
provider_session_token.length(),
srm_req),
metrics_,
oemcrypto_load_keys_,
sts);
if (OEMCrypto_SUCCESS == sts) {
if (!provider_session_token.empty()) {
update_usage_table_after_close_session_ = true;
sts = OEMCrypto_UpdateUsageTable();
M_TIME(
sts = OEMCrypto_UpdateUsageTable(),
metrics_,
oemcrypto_update_usage_table_,
sts);
if (sts != OEMCrypto_SUCCESS) {
LOGW("CryptoSession::LoadKeys: OEMCrypto_UpdateUsageTable error=%ld",
sts);
@@ -542,10 +649,15 @@ bool CryptoSession::LoadCertificatePrivateKey(std::string& wrapped_key) {
AutoLock auto_lock(crypto_lock_);
LOGV("LoadDeviceRSAKey: id=%ld", (uint32_t)oec_session_id_);
OEMCryptoResult sts = OEMCrypto_LoadDeviceRSAKey(
oec_session_id_, reinterpret_cast<const uint8_t*>(wrapped_key.data()),
wrapped_key.size());
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_LoadDeviceRSAKey(
oec_session_id_,
reinterpret_cast<const uint8_t*>(wrapped_key.data()),
wrapped_key.size()),
metrics_,
oemcrypto_load_device_rsa_key_,
sts);
if (OEMCrypto_SUCCESS != sts) {
LOGE("LoadCertificatePrivateKey: OEMCrypto_LoadDeviceRSAKey error=%d", sts);
return false;
@@ -583,11 +695,20 @@ bool CryptoSession::RefreshKeys(const std::string& message,
}
}
LOGV("RefreshKeys: id=%ld", static_cast<uint32_t>(oec_session_id_));
return (
OEMCrypto_SUCCESS ==
OEMCrypto_RefreshKeys(oec_session_id_, msg, message.size(),
reinterpret_cast<const uint8_t*>(signature.data()),
signature.size(), num_keys, &load_key_array[0]));
OEMCryptoResult refresh_sts;
M_TIME(
refresh_sts = OEMCrypto_RefreshKeys(
oec_session_id_,
msg,
message.size(),
reinterpret_cast<const uint8_t*>(signature.data()),
signature.size(),
num_keys,
&load_key_array[0]),
metrics_,
oemcrypto_refresh_keys_,
refresh_sts);
return OEMCrypto_SUCCESS == refresh_sts;
}
CdmResponseType CryptoSession::SelectKey(const std::string& key_id) {
@@ -602,10 +723,21 @@ CdmResponseType CryptoSession::SelectKey(const std::string& key_id) {
const uint8_t* key_id_string =
reinterpret_cast<const uint8_t*>(cached_key_id_.data());
OEMCryptoResult sts =
OEMCrypto_SelectKey(oec_session_id_, key_id_string,
cached_key_id_.size());
if (OEMCrypto_SUCCESS != sts) cached_key_id_.clear();
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_SelectKey(
oec_session_id_,
key_id_string,
cached_key_id_.size()),
metrics_,
oemcrypto_select_key_,
sts);
if (OEMCrypto_SUCCESS != sts) {
cached_key_id_.clear();
}
switch (sts) {
case OEMCrypto_SUCCESS:
@@ -640,13 +772,17 @@ bool CryptoSession::GenerateDerivedKeys(const std::string& message) {
GenerateEncryptContext(message, &enc_deriv_message);
LOGV("GenerateDerivedKeys: id=%ld", (uint32_t)oec_session_id_);
OEMCryptoResult sts = OEMCrypto_GenerateDerivedKeys(
oec_session_id_,
reinterpret_cast<const uint8_t*>(mac_deriv_message.data()),
mac_deriv_message.size(),
reinterpret_cast<const uint8_t*>(enc_deriv_message.data()),
enc_deriv_message.size());
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_GenerateDerivedKeys(
oec_session_id_,
reinterpret_cast<const uint8_t*>(mac_deriv_message.data()),
mac_deriv_message.size(),
reinterpret_cast<const uint8_t*>(enc_deriv_message.data()),
enc_deriv_message.size()),
metrics_,
oemcrypto_generate_derived_keys_,
sts);
if (OEMCrypto_SUCCESS != sts) {
LOGE("GenerateDerivedKeys: OEMCrypto_GenerateDerivedKeys error=%d", sts);
return false;
@@ -663,13 +799,19 @@ bool CryptoSession::GenerateDerivedKeys(const std::string& message,
GenerateEncryptContext(message, &enc_deriv_message);
LOGV("GenerateDerivedKeys: id=%ld", (uint32_t)oec_session_id_);
OEMCryptoResult sts = OEMCrypto_DeriveKeysFromSessionKey(
oec_session_id_, reinterpret_cast<const uint8_t*>(session_key.data()),
session_key.size(),
reinterpret_cast<const uint8_t*>(mac_deriv_message.data()),
mac_deriv_message.size(),
reinterpret_cast<const uint8_t*>(enc_deriv_message.data()),
enc_deriv_message.size());
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_DeriveKeysFromSessionKey(
oec_session_id_,
reinterpret_cast<const uint8_t*>(session_key.data()),
session_key.size(),
reinterpret_cast<const uint8_t*>(mac_deriv_message.data()),
mac_deriv_message.size(),
reinterpret_cast<const uint8_t*>(enc_deriv_message.data()),
enc_deriv_message.size()),
metrics_,
oemcrypto_derive_keys_from_session_key_,
sts);
if (OEMCrypto_SUCCESS != sts) {
LOGE("GenerateDerivedKeys: OEMCrypto_DeriveKeysFromSessionKey err=%d", sts);
@@ -693,12 +835,17 @@ bool CryptoSession::GenerateSignature(const std::string& message,
// At most two attempts.
// The first attempt may fail due to buffer too short
for (int i = 0; i < 2; ++i) {
sts = OEMCrypto_GenerateSignature(
oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
message.size(),
reinterpret_cast<uint8_t*>(const_cast<char*>(signature->data())),
&length);
M_TIME(
sts = OEMCrypto_GenerateSignature(
oec_session_id_,
reinterpret_cast<const uint8_t*>(message.data()),
message.size(),
reinterpret_cast<uint8_t*>(const_cast<char*>(signature->data())),
&length),
metrics_,
oemcrypto_generate_signature_,
sts,
metrics::Pow2Bucket(length));
if (OEMCrypto_SUCCESS == sts) {
// Trim signature buffer and done
signature->resize(length);
@@ -731,11 +878,18 @@ bool CryptoSession::GenerateRsaSignature(const std::string& message,
// At most two attempts.
// The first attempt may fail due to buffer too short
for (int i = 0; i < 2; ++i) {
sts = OEMCrypto_GenerateRSASignature(
oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
message.size(),
reinterpret_cast<uint8_t*>(const_cast<char*>(signature->data())),
&length, kSign_RSASSA_PSS);
M_TIME(
sts = OEMCrypto_GenerateRSASignature(
oec_session_id_,
reinterpret_cast<const uint8_t*>(message.data()),
message.size(),
reinterpret_cast<uint8_t*>(const_cast<char*>(signature->data())),
&length,
kSign_RSASSA_PSS),
metrics_,
oemcrypto_generate_rsa_signature_,
sts,
metrics::Pow2Bucket(length));
if (OEMCrypto_SUCCESS == sts) {
// Trim signature buffer and done
@@ -791,9 +945,19 @@ CdmResponseType CryptoSession::Decrypt(const CdmDecryptionParameters& params) {
if (!params.is_encrypted &&
params.subsample_flags ==
(OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample)) {
sts = OEMCrypto_CopyBuffer(requested_security_level_,
params.encrypt_buffer, params.encrypt_length,
&buffer_descriptor, params.subsample_flags);
M_TIME(
sts = OEMCrypto_CopyBuffer(
requested_security_level_,
params.encrypt_buffer,
params.encrypt_length,
&buffer_descriptor,
params.subsample_flags),
metrics_,
oemcrypto_copy_buffer_,
sts,
requested_security_level_,
metrics::Pow2Bucket(params.encrypt_length));
if (sts == OEMCrypto_ERROR_BUFFER_TOO_LARGE &&
params.encrypt_length > kMaximumChunkSize) {
@@ -816,11 +980,22 @@ CdmResponseType CryptoSession::Decrypt(const CdmDecryptionParameters& params) {
CdmResponseType result = SelectKey(*params.key_id);
if (result != NO_ERROR) return result;
}
sts = OEMCrypto_DecryptCENC(
oec_session_id_, params.encrypt_buffer, params.encrypt_length,
params.is_encrypted, &(*params.iv).front(), params.block_offset,
&buffer_descriptor, &pattern_descriptor, params.subsample_flags);
M_TIME(
sts = OEMCrypto_DecryptCENC(
oec_session_id_,
params.encrypt_buffer,
params.encrypt_length,
params.is_encrypted,
&(*params.iv).front(),
params.block_offset,
&buffer_descriptor,
&pattern_descriptor,
params.subsample_flags),
metrics_,
oemcrypto_decrypt_cenc_,
sts,
metrics::Pow2Bucket(params.encrypt_length));
if (sts == OEMCrypto_ERROR_BUFFER_TOO_LARGE) {
// OEMCrypto_DecryptCENC rejected the buffer as too large, so chunk it up
@@ -876,7 +1051,12 @@ CdmResponseType CryptoSession::UpdateUsageInformation() {
AutoLock auto_lock(crypto_lock_);
if (!initialized_) return UNKNOWN_ERROR;
OEMCryptoResult status = OEMCrypto_UpdateUsageTable();
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_UpdateUsageTable(),
metrics_,
oemcrypto_update_usage_table_,
status);
if (status != OEMCrypto_SUCCESS) {
LOGE("CryptoSession::UsageUsageInformation: error=%ld", status);
return UNKNOWN_ERROR;
@@ -893,9 +1073,15 @@ CdmResponseType CryptoSession::DeactivateUsageInformation(
const_cast<char*>(provider_session_token.data()));
// TODO(fredgc or rfrias): make sure oec_session_id_ is valid.
OEMCryptoResult status =
OEMCrypto_DeactivateUsageEntry((uint32_t)oec_session_id_,
pst, provider_session_token.length());
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_DeactivateUsageEntry(
(uint32_t)oec_session_id_,
pst,
provider_session_token.length()),
metrics_,
oemcrypto_deactivate_usage_entry_,
status);
switch (status) {
case OEMCrypto_SUCCESS:
@@ -925,9 +1111,17 @@ CdmResponseType CryptoSession::GenerateUsageReport(
const_cast<char*>(provider_session_token.data()));
size_t usage_length = 0;
OEMCryptoResult status = OEMCrypto_ReportUsage(
oec_session_id_, pst, provider_session_token.length(), NULL,
&usage_length);
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_ReportUsage(
oec_session_id_,
pst,
provider_session_token.length(),
NULL,
&usage_length),
metrics_,
oemcrypto_report_usage_,
status);
if (OEMCrypto_SUCCESS != status) {
if (OEMCrypto_ERROR_SHORT_BUFFER != status) {
@@ -938,9 +1132,17 @@ CdmResponseType CryptoSession::GenerateUsageReport(
}
std::vector<uint8_t> buffer(usage_length);
status = OEMCrypto_ReportUsage(oec_session_id_, pst,
provider_session_token.length(),
&buffer[0], &usage_length);
M_TIME(
status = OEMCrypto_ReportUsage(
oec_session_id_,
pst,
provider_session_token.length(),
&buffer[0],
&usage_length),
metrics_,
oemcrypto_report_usage_,
status);
if (OEMCrypto_SUCCESS != status) {
LOGE("CryptoSession::GenerateUsageReport: Report Usage error=%ld", status);
@@ -1008,16 +1210,30 @@ CdmResponseType CryptoSession::ReleaseUsageInformation(
const uint8_t* sig = reinterpret_cast<const uint8_t*>(signature.data());
const uint8_t* pst = msg + GetOffset(message, provider_session_token);
OEMCryptoResult status = OEMCrypto_DeleteUsageEntry(
oec_session_id_, pst, provider_session_token.length(), msg,
message.length(), sig, signature.length());
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_DeleteUsageEntry(
oec_session_id_,
pst,
provider_session_token.length(),
msg,
message.length(),
sig,
signature.length()),
metrics_,
oemcrypto_delete_usage_entry_,
status);
if (OEMCrypto_SUCCESS != status) {
LOGE("CryptoSession::ReleaseUsageInformation: Report Usage error=%ld",
status);
return UNKNOWN_ERROR;
}
status = OEMCrypto_UpdateUsageTable();
M_TIME(
status = OEMCrypto_UpdateUsageTable(),
metrics_,
oemcrypto_update_usage_table_,
status);
if (status != OEMCrypto_SUCCESS) {
LOGW("CryptoSession::ReleaseUsageInformation: update table error=%ld",
status);
@@ -1030,15 +1246,24 @@ CdmResponseType CryptoSession::DeleteUsageInformation(
const std::string& provider_session_token) {
CdmResponseType response = NO_ERROR;
LOGV("CryptoSession::DeleteUsageInformation");
OEMCryptoResult status = OEMCrypto_ForceDeleteUsageEntry(
reinterpret_cast<const uint8_t*>(provider_session_token.c_str()),
provider_session_token.length());
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_ForceDeleteUsageEntry(
reinterpret_cast<const uint8_t*>(provider_session_token.c_str()),
provider_session_token.length()),
metrics_,
oemcrypto_force_delete_usage_entry_,
status);
if (OEMCrypto_SUCCESS != status) {
LOGE("CryptoSession::DeleteUsageInformation: Delete Usage Table error =%ld",
status);
response = UNKNOWN_ERROR;
}
status = OEMCrypto_UpdateUsageTable();
M_TIME(
status = OEMCrypto_UpdateUsageTable(),
metrics_,
oemcrypto_update_usage_table_,
status);
if (status != OEMCrypto_SUCCESS) {
LOGE("CryptoSession::DeleteUsageInformation: update table error=%ld",
status);
@@ -1052,16 +1277,26 @@ CdmResponseType CryptoSession::DeleteMultipleUsageInformation(
LOGV("CryptoSession::DeleteMultipleUsageInformation");
CdmResponseType response = NO_ERROR;
for (size_t i=0; i < provider_session_tokens.size(); ++i) {
OEMCryptoResult status = OEMCrypto_ForceDeleteUsageEntry(
reinterpret_cast<const uint8_t*>(provider_session_tokens[i].c_str()),
provider_session_tokens[i].length());
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_ForceDeleteUsageEntry(
reinterpret_cast<const uint8_t*>(provider_session_tokens[i].c_str()),
provider_session_tokens[i].length()),
metrics_,
oemcrypto_force_delete_usage_entry_,
status);
if (OEMCrypto_SUCCESS != status) {
LOGW("CryptoSession::DeleteMultipleUsageInformation: "
"Delete Usage Table error =%ld", status);
response = UNKNOWN_ERROR;
}
}
OEMCryptoResult status = OEMCrypto_UpdateUsageTable();
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_UpdateUsageTable(),
metrics_,
oemcrypto_update_usage_table_,
status);
if (status != OEMCrypto_SUCCESS) {
LOGE("CryptoSession::DeleteMultipleUsageInformation: update table error=%ld",
status);
@@ -1072,14 +1307,22 @@ CdmResponseType CryptoSession::DeleteMultipleUsageInformation(
CdmResponseType CryptoSession::DeleteAllUsageReports() {
LOGV("DeleteAllUsageReports");
OEMCryptoResult status = OEMCrypto_DeleteOldUsageTable();
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_DeleteOldUsageTable(),
metrics_,
oemcrypto_delete_usage_table_,
status);
if (OEMCrypto_SUCCESS != status) {
LOGE("CryptoSession::DeleteAllUsageReports: Delete Usage Table error =%ld",
status);
}
status = OEMCrypto_UpdateUsageTable();
M_TIME(
status = OEMCrypto_UpdateUsageTable(),
metrics_,
oemcrypto_update_usage_table_,
status);
if (status != OEMCrypto_SUCCESS) {
LOGE("CryptoSession::DeletaAllUsageReports: update table error=%ld",
status);
@@ -1089,7 +1332,14 @@ CdmResponseType CryptoSession::DeleteAllUsageReports() {
}
bool CryptoSession::IsAntiRollbackHwPresent() {
return OEMCrypto_IsAntiRollbackHwPresent(requested_security_level_);
bool is_present;
M_TIME(
is_present = OEMCrypto_IsAntiRollbackHwPresent(requested_security_level_),
metrics_,
oemcrypto_is_anti_rollback_hw_present_,
is_present,
requested_security_level_);
return is_present;
}
bool CryptoSession::GenerateNonce(uint32_t* nonce) {
@@ -1101,7 +1351,15 @@ bool CryptoSession::GenerateNonce(uint32_t* nonce) {
LOGV("CryptoSession::GenerateNonce: Lock");
AutoLock auto_lock(crypto_lock_);
return (OEMCrypto_SUCCESS == OEMCrypto_GenerateNonce(oec_session_id_, nonce));
OEMCryptoResult result;
M_TIME(
result = OEMCrypto_GenerateNonce(
oec_session_id_,
nonce),
metrics_,
oemcrypto_generate_nonce_,
result);
return OEMCrypto_SUCCESS == result;
}
bool CryptoSession::SetDestinationBufferType() {
@@ -1146,23 +1404,45 @@ bool CryptoSession::RewrapDeviceRSAKey(const std::string& message,
// Gets wrapped_rsa_key_length by passing NULL as uint8_t* wrapped_rsa_key
// and 0 as wrapped_rsa_key_length.
size_t wrapped_rsa_key_length = 0;
OEMCryptoResult status = OEMCrypto_RewrapDeviceRSAKey(
oec_session_id_, signed_msg, message.size(),
reinterpret_cast<const uint8_t*>(signature.data()), signature.size(),
msg_nonce, msg_rsa_key, enc_rsa_key.size(), msg_rsa_key_iv, NULL,
&wrapped_rsa_key_length);
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_RewrapDeviceRSAKey(
oec_session_id_,
signed_msg,
message.size(),
reinterpret_cast<const uint8_t*>(signature.data()),
signature.size(),
msg_nonce,
msg_rsa_key,
enc_rsa_key.size(),
msg_rsa_key_iv,
NULL,
&wrapped_rsa_key_length),
metrics_,
oemcrypto_rewrap_device_rsa_key_,
status);
if (status != OEMCrypto_ERROR_SHORT_BUFFER) {
LOGE("OEMCrypto_RewrapDeviceRSAKey fails to get wrapped_rsa_key_length");
return false;
}
wrapped_rsa_key->resize(wrapped_rsa_key_length);
status = OEMCrypto_RewrapDeviceRSAKey(
oec_session_id_, signed_msg, message.size(),
reinterpret_cast<const uint8_t*>(signature.data()), signature.size(),
msg_nonce, msg_rsa_key, enc_rsa_key.size(), msg_rsa_key_iv,
reinterpret_cast<uint8_t*>(&(*wrapped_rsa_key)[0]),
&wrapped_rsa_key_length);
M_TIME(
status = OEMCrypto_RewrapDeviceRSAKey(
oec_session_id_,
signed_msg,
message.size(),
reinterpret_cast<const uint8_t*>(signature.data()),
signature.size(),
msg_nonce,
msg_rsa_key,
enc_rsa_key.size(),
msg_rsa_key_iv,
reinterpret_cast<uint8_t*>(&(*wrapped_rsa_key)[0]),
&wrapped_rsa_key_length),
metrics_,
oemcrypto_rewrap_device_rsa_key_,
status);
wrapped_rsa_key->resize(wrapped_rsa_key_length);
@@ -1182,8 +1462,16 @@ bool CryptoSession::GetHdcpCapabilities(HdcpCapability* current,
LOGE("CryptoSession::GetHdcpCapabilities: |current|, |max| cannot be NULL");
return false;
}
OEMCryptoResult status = OEMCrypto_GetHDCPCapability(
requested_security_level_, current, max);
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_GetHDCPCapability(
requested_security_level_,
current,
max),
metrics_,
oemcrypto_get_hdcp_capability_,
status,
requested_security_level_);
if (OEMCrypto_SUCCESS != status) {
LOGW("OEMCrypto_GetHDCPCapability fails with %d", status);
return false;
@@ -1214,7 +1502,15 @@ bool CryptoSession::GetRandom(size_t data_length, uint8_t* random_data) {
LOGE("CryptoSession::GetRandom: random data destination not provided");
return false;
}
OEMCryptoResult sts = OEMCrypto_GetRandom(random_data, data_length);
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_GetRandom(
random_data,
data_length),
metrics_,
oemcrypto_get_random_,
sts,
metrics::Pow2Bucket(data_length));
if (sts != OEMCrypto_SUCCESS) {
LOGE("OEMCrypto_GetRandom fails with %d", sts);
@@ -1233,8 +1529,15 @@ bool CryptoSession::GetNumberOfOpenSessions(size_t* count) {
}
size_t sessions_count;
OEMCryptoResult status = OEMCrypto_GetNumberOfOpenSessions(
requested_security_level_, &sessions_count);
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_GetNumberOfOpenSessions(
requested_security_level_,
&sessions_count),
metrics_,
oemcrypto_get_number_of_open_sessions_,
status,
requested_security_level_);
if (OEMCrypto_SUCCESS != status) {
LOGW("OEMCrypto_GetNumberOfOpenSessions fails with %d", status);
return false;
@@ -1252,8 +1555,16 @@ bool CryptoSession::GetMaxNumberOfSessions(size_t* max) {
}
size_t max_sessions;
OEMCryptoResult status = OEMCrypto_GetMaxNumberOfSessions(
requested_security_level_, &max_sessions);
OEMCryptoResult status;
M_TIME(
status = OEMCrypto_GetMaxNumberOfSessions(
requested_security_level_,
&max_sessions),
metrics_,
oemcrypto_get_max_number_of_sessions_,
status,
requested_security_level_);
if (OEMCrypto_SUCCESS != status) {
LOGW("OEMCrypto_GetMaxNumberOfSessions fails with %d", status);
return false;
@@ -1323,11 +1634,20 @@ CdmResponseType CryptoSession::GenericEncrypt(const std::string& in_buffer,
CdmResponseType result = SelectKey(key_id);
if (result != NO_ERROR) return result;
OEMCryptoResult sts = OEMCrypto_Generic_Encrypt(
oec_session_id_, reinterpret_cast<const uint8_t*>(in_buffer.data()),
in_buffer.size(), reinterpret_cast<const uint8_t*>(iv.data()),
oec_algorithm,
reinterpret_cast<uint8_t*>(const_cast<char*>(out_buffer->data())));
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_Generic_Encrypt(
oec_session_id_,
reinterpret_cast<const uint8_t*>(in_buffer.data()),
in_buffer.size(),
reinterpret_cast<const uint8_t*>(iv.data()),
oec_algorithm,
reinterpret_cast<uint8_t*>(const_cast<char*>(out_buffer->data()))),
metrics_,
oemcrypto_generic_encrypt_,
sts,
metrics::Pow2Bucket(in_buffer.size()));
if (OEMCrypto_SUCCESS != sts) {
LOGE("GenericEncrypt: OEMCrypto_Generic_Encrypt err=%d", sts);
@@ -1363,11 +1683,20 @@ CdmResponseType CryptoSession::GenericDecrypt(const std::string& in_buffer,
CdmResponseType result = SelectKey(key_id);
if (result != NO_ERROR) return result;
OEMCryptoResult sts = OEMCrypto_Generic_Decrypt(
oec_session_id_, reinterpret_cast<const uint8_t*>(in_buffer.data()),
in_buffer.size(), reinterpret_cast<const uint8_t*>(iv.data()),
oec_algorithm,
reinterpret_cast<uint8_t*>(const_cast<char*>(out_buffer->data())));
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_Generic_Decrypt(
oec_session_id_,
reinterpret_cast<const uint8_t*>(in_buffer.data()),
in_buffer.size(),
reinterpret_cast<const uint8_t*>(iv.data()),
oec_algorithm,
reinterpret_cast<uint8_t*>(const_cast<char*>(out_buffer->data()))),
metrics_,
oemcrypto_generic_decrypt_,
sts,
metrics::Pow2Bucket(in_buffer.size()));
if (OEMCrypto_SUCCESS != sts) {
LOGE("GenericDecrypt: OEMCrypto_Generic_Decrypt err=%d", sts);
@@ -1406,11 +1735,18 @@ CdmResponseType CryptoSession::GenericSign(const std::string& message,
// At most two attempts.
// The first attempt may fail due to buffer too short
for (int i = 0; i < 2; ++i) {
sts = OEMCrypto_Generic_Sign(
oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
message.size(), oec_algorithm,
reinterpret_cast<uint8_t*>(const_cast<char*>(signature->data())),
&length);
M_TIME(
sts = OEMCrypto_Generic_Sign(
oec_session_id_,
reinterpret_cast<const uint8_t*>(message.data()),
message.size(),
oec_algorithm,
reinterpret_cast<uint8_t*>(const_cast<char*>(signature->data())),
&length),
metrics_,
oemcrypto_generic_sign_,
sts,
metrics::Pow2Bucket(message.size()));
if (OEMCrypto_SUCCESS == sts) {
// Trim signature buffer and done
@@ -1449,10 +1785,19 @@ CdmResponseType CryptoSession::GenericVerify(const std::string& message,
CdmResponseType result = SelectKey(key_id);
if (result != NO_ERROR) return result;
OEMCryptoResult sts = OEMCrypto_Generic_Verify(
oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
message.size(), oec_algorithm,
reinterpret_cast<const uint8_t*>(signature.data()), signature.size());
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_Generic_Verify(
oec_session_id_,
reinterpret_cast<const uint8_t*>(message.data()),
message.size(),
oec_algorithm,
reinterpret_cast<const uint8_t*>(signature.data()),
signature.size()),
metrics_,
oemcrypto_generic_verify_,
sts,
metrics::Pow2Bucket(signature.size()));
if (OEMCrypto_SUCCESS != sts) {
LOGE("GenericVerify: OEMCrypto_Generic_Verify err=%d", sts);
@@ -1772,9 +2117,20 @@ OEMCryptoResult CryptoSession::CopyBufferInChunks(
subsample_flags |= OEMCrypto_LastSubsample;
}
OEMCryptoResult sts = OEMCrypto_CopyBuffer(
requested_security_level_, params.encrypt_buffer + additional_offset,
chunk_size, &buffer_descriptor, subsample_flags);
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_CopyBuffer(
requested_security_level_,
params.encrypt_buffer + additional_offset,
chunk_size,
&buffer_descriptor,
subsample_flags),
metrics_,
oemcrypto_copy_buffer_,
sts,
requested_security_level_,
metrics::Pow2Bucket(chunk_size));
if (sts != OEMCrypto_SUCCESS) {
return sts;
}
@@ -1841,10 +2197,23 @@ OEMCryptoResult CryptoSession::DecryptInChunks(
// max_chunk_size is guaranteed to be an even multiple of the
// pattern length long, which is also guaranteed to be an exact number
// of AES blocks long.
OEMCryptoResult sts = OEMCrypto_DecryptCENC(
oec_session_id_, params.encrypt_buffer + additional_offset,
chunk_size, params.is_encrypted, &iv.front(), params.block_offset,
&buffer_descriptor, &pattern_descriptor, subsample_flags);
OEMCryptoResult sts;
M_TIME(
sts = OEMCrypto_DecryptCENC(
oec_session_id_,
params.encrypt_buffer + additional_offset,
chunk_size,
params.is_encrypted,
&iv.front(),
params.block_offset,
&buffer_descriptor,
&pattern_descriptor,
subsample_flags),
metrics_,
oemcrypto_decrypt_cenc_,
sts,
metrics::Pow2Bucket(chunk_size));
if (sts != OEMCrypto_SUCCESS) {
return sts;
}