From eeeb0304ed990b052e24244107332aae74f5ba61 Mon Sep 17 00:00:00 2001
From: Fred Gylys-Colwell <fredgc@google.com>
Date: Tue, 11 Feb 2020 13:59:23 -0800
Subject: [PATCH] Don't use empty core message

Merge from Widevine repo of http://go/wvgerrit/93824

This treats an empty core message as not having a core message.

Bug: 149110740
Change-Id: Icacfc5d9a5bdce9b136c25c59205eee575cfba72
Tests: Ran ExoPlayer on taimen
---
 .gitallowed                                      |  1 +
 .../cdm/core/src/certificate_provisioning.cpp    |  6 ++++--
 libwvdrmengine/cdm/core/src/license.cpp          | 16 +++++++++++-----
 libwvdrmengine/cdm/test/request_license_test.cpp |  2 +-
 4 files changed, 17 insertions(+), 8 deletions(-)
 create mode 100644 .gitallowed

diff --git a/.gitallowed b/.gitallowed
new file mode 100644
index 00000000..5826462a
--- /dev/null
+++ b/.gitallowed
@@ -0,0 +1 @@
+key=AIzaSyB-5OLKTx2iU5mko18DfdwK5611JIjbUhE
diff --git a/libwvdrmengine/cdm/core/src/certificate_provisioning.cpp b/libwvdrmengine/cdm/core/src/certificate_provisioning.cpp
index a669ac0a..f62b5687 100644
--- a/libwvdrmengine/cdm/core/src/certificate_provisioning.cpp
+++ b/libwvdrmengine/cdm/core/src/certificate_provisioning.cpp
@@ -360,11 +360,13 @@ CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
   }
 
   if (supports_core_messages() &&
-      !signed_response.has_oemcrypto_core_message()) {
+      (!signed_response.has_oemcrypto_core_message() ||
+       signed_response.oemcrypto_core_message().empty())) {
     LOGE("Signed response does not have core message");
     error = true;
   } else if (!supports_core_messages() &&
-             signed_response.has_oemcrypto_core_message()) {
+             (signed_response.has_oemcrypto_core_message() &&
+              !signed_response.oemcrypto_core_message().empty())) {
     const std::string& core_message = signed_response.oemcrypto_core_message();
     // This case should not occur.  However, the CDM will let OEMCrypto
     // fail.
diff --git a/libwvdrmengine/cdm/core/src/license.cpp b/libwvdrmengine/cdm/core/src/license.cpp
index e6211938..aeb69608 100644
--- a/libwvdrmengine/cdm/core/src/license.cpp
+++ b/libwvdrmengine/cdm/core/src/license.cpp
@@ -363,7 +363,9 @@ CdmResponseType CdmLicense::PrepareKeyRequest(
   signed_message.set_type(SignedMessage::LICENSE_REQUEST);
   signed_message.set_signature(license_request_signature);
   signed_message.set_msg(serialized_license_req);
-  signed_message.set_oemcrypto_core_message(core_message);
+  if (core_message.size() > 0) {
+    signed_message.set_oemcrypto_core_message(core_message);
+  }
 
   signed_message.SerializeToString(signed_request);
 
@@ -560,7 +562,8 @@ CdmResponseType CdmLicense::HandleKeyResponse(
   // the server is assumed to operate as V15.  This will imply that the
   // |signature| field in the response does not include a core message
   // either.
-  if (!signed_response.has_oemcrypto_core_message()) {
+  if (!signed_response.has_oemcrypto_core_message() ||
+      signed_response.oemcrypto_core_message().empty()) {
     supports_core_messages_ = false;
   }
 
@@ -706,7 +709,8 @@ CdmResponseType CdmLicense::HandleKeyUpdateResponse(
   // present; otherwise there might have beeen some tampering with the
   // request or response.
   if (supports_core_messages() &&
-      !signed_response.has_oemcrypto_core_message()) {
+      (!signed_response.has_oemcrypto_core_message() ||
+       signed_response.oemcrypto_core_message().empty())) {
     LOGE("Renewal response is missing |core_message| field");
     return CORE_MESSAGE_NOT_FOUND;
   }
@@ -797,7 +801,8 @@ CdmResponseType CdmLicense::RestoreOfflineLicense(
     return INVALID_LICENSE_REQUEST_TYPE_1;
   }
 
-  if (!signed_request.has_oemcrypto_core_message()) {
+  if (!signed_request.has_oemcrypto_core_message() ||
+      signed_request.oemcrypto_core_message().empty()) {
     // Pre V16 license did not include |core_message| components.
     // The license response is checked by HandleKeyResponse().
     supports_core_messages_ = false;
@@ -905,7 +910,8 @@ CdmResponseType CdmLicense::RestoreLicenseForRelease(
     return SIGNATURE_NOT_FOUND_2;
   }
 
-  if (!signed_response.has_oemcrypto_core_message()) {
+  if (!signed_response.has_oemcrypto_core_message() ||
+      signed_response.oemcrypto_core_message().empty()) {
     // Possible that the request contains a |core_message|, but the
     // response does not.  This would occur if the licensing server
     // is v15.
diff --git a/libwvdrmengine/cdm/test/request_license_test.cpp b/libwvdrmengine/cdm/test/request_license_test.cpp
index c618eeb3..a5d42083 100644
--- a/libwvdrmengine/cdm/test/request_license_test.cpp
+++ b/libwvdrmengine/cdm/test/request_license_test.cpp
@@ -3755,7 +3755,7 @@ TEST_F(WvCdmRequestLicenseTest, UsageInfo_ReleaseThreeRecords) {
       decryptor_->GetUsageInfo(app_id, kProviderSessionTokenStreamingClip4,
                                kDefaultCdmIdentifier, &usage_info);
   EXPECT_EQ(KEY_MESSAGE, status);
-  EXPECT_EQ(1, usage_info.size());
+  ASSERT_EQ(1, usage_info.size());
   release_msg = GetUsageInfoResponse(config_.license_server(),
                                      config_.client_auth(), usage_info[0]);
   EXPECT_EQ(NO_ERROR,