Correct setting of service certificate.

[ Merge of http://go/wvgerrit/23380 ] The service certificate was setup correctly if specified in mediadrm properties. If instead the service certificate was later fetched from the license service, it would not be marked as valid. This led to an infinite loop of service certificate fetches and processing. This prevented the license from being fetched and playback failures. b/34638410 Test: Verified by new service certificate unittests + Hulu playback using fugu. Change-Id: I2a4f8754614fccdad3c80d3e13fba0b44d177d61
2017-01-27 02:44:38 -08:00
parent ace09c710f
commit ee5aff7706
5 changed files with 198 additions and 11 deletions
--- a/libwvdrmengine/cdm/core/src/service_certificate.cpp
+++ b/libwvdrmengine/cdm/core/src/service_certificate.cpp
@@ -95,18 +95,20 @@ bool ServiceCertificate::IsAvailable() {
 CdmResponseType ServiceCertificate::VerifyAndSet(
    const std::string& signed_service_certificate) {
  CdmResponseType status;
-  std::string certificate;
  bool has_provider_id;
  status = VerifyAndExtractFromSignedCertificate(signed_service_certificate,
-                                                 &certificate, &has_provider_id,
+                                                 &certificate_,
+                                                 &has_provider_id,
                                                 NULL);
-  if (status == NO_ERROR) {
-    Properties::SetServiceCertificate(session_id_, certificate);
-  } else {
+  if (status != NO_ERROR) {
    LOGE("ServiceCertificate::VerifyAndSet: verify and extract failed with "
         "status %d", status);
+    return status;
  }
-  return status;
+
+  Properties::SetServiceCertificate(session_id_, signed_service_certificate);
+  valid_ = true;
+  return NO_ERROR;
 }

 bool ServiceCertificate::PrepareServiceCertificateRequest(
@@ -130,7 +132,7 @@ bool ServiceCertificate::PrepareServiceCertificateRequest(

 CdmResponseType ServiceCertificate::VerifyAndExtractFromSignedCertificate(
    const std::string& signed_certificate, std::string* certificate,
-    bool* has_provider_id, std::string* provider_id) {
+    bool* /* has_provider_id */, std::string* /* provider_id */) {
  SignedDrmDeviceCertificate signed_service_certificate;
  if (!signed_service_certificate.ParseFromString(signed_certificate)) {
    LOGE(
@@ -185,7 +187,8 @@ CdmResponseType ServiceCertificate::VerifyAndExtractFromSignedCertificate(
  }
 #endif

-  if (certificate != NULL) {
+  if (certificate != NULL &&
+      !signed_service_certificate.drm_certificate().empty()) {
    *certificate = signed_service_certificate.drm_certificate();
  }
  return NO_ERROR;
@@ -246,11 +249,16 @@ bool ServiceCertificate::SetupServiceCertificate() {
  certificate_.clear();

  if (!Properties::GetServiceCertificate(session_id_, &signed_certificate)) {
+    LOGV("ServiceCertificate::SetupServiceCertificate: no signed service "
+       "certificate set");
    return false;
  }
  if (signed_certificate.empty()) {
+    LOGV("ServiceCertificate::SetupServiceCertificate: service certificate "
+        "empty");
    return false;
  }
+
  std::string extracted_certificate;
  std::string extracted_provider_id;
  bool has_provider_id;
@@ -259,9 +267,6 @@ bool ServiceCertificate::SetupServiceCertificate() {
          &has_provider_id, &extracted_provider_id)) {
    return false;
  }
-  if (extracted_certificate.empty()) {
-    return false;
-  }
  has_provider_id_ = has_provider_id;
  if (has_provider_id_) {
    provider_id_ = extracted_provider_id;