Clear OTA keybox flag.

[ Cherry-pick of http://ag/16087795 ] [ Merge of http://go/wvgerrit/136432 ] Once OTA keybox succeeds, the |needs_keybox_provisioning_| flag is cleared. Access to the system fallback policy is allowed after provisioning to check status. Bug: 203177668 Test: ExoPlayer test Change-Id: I2d28c896c554cfbc9b008340bb415d4c7fac62f2 (cherry picked from commit cac2dcaa6c)
2021-10-19 13:04:03 -07:00
parent 8b12e5acc9
commit f5e4c94e26
2 changed files with 18 additions and 9 deletions
--- a/libwvdrmengine/cdm/core/include/crypto_session.h
+++ b/libwvdrmengine/cdm/core/include/crypto_session.h
@@ -302,7 +302,7 @@ class CryptoSession {
  // Returns a system-wide singleton instance of SystemFallbackPolicy
  // to be used for communicating OTA keybox provisioning state between
  // apps.  Returns a null pointer if OTA provisioning is not supported,
-  // or if the device has already been provisioned.
+  // or not required.
  static okp::SystemFallbackPolicy* GetOkpFallbackPolicy();
  // Generates an OTA provisioning request.
--- a/libwvdrmengine/cdm/core/src/crypto_session.cpp
+++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp
@@ -3041,8 +3041,6 @@ okp::SystemFallbackPolicy* CryptoSession::GetOkpFallbackPolicy() {
    // If not set, then OTA keybox provisioning is not supported or
    // not needed.
    if (!okp_fallback_policy_l1_) return nullptr;
    // May have already been initialized.
    if (okp_fallback_policy_l1_->IsProvisioned()) return nullptr;
    return okp_fallback_policy_l1_.get();
  };
  return WithStaticFieldReadLock("GetOkpFallbackPolicy", getter);
@@ -3053,8 +3051,11 @@ CdmResponseType CryptoSession::PrepareOtaProvisioningRequest(
  RETURN_IF_NULL(request, PARAMETER_NULL);
  RETURN_IF_NOT_OPEN(CRYPTO_SESSION_NOT_OPEN);
  size_t buffer_length = 0;
-  OEMCryptoResult status = OEMCrypto_GenerateOTARequest(
+  OEMCryptoResult status =
-      oec_session_id_, nullptr, &buffer_length, use_test_key);
+      WithOecWriteLock("PrepareOtaProvisioningRequest", [&] {
        return OEMCrypto_GenerateOTARequest(
            oec_session_id_, nullptr, &buffer_length, use_test_key ? 1 : 0);
      });
  if (status != OEMCrypto_ERROR_SHORT_BUFFER)
    return MapOEMCryptoResult(status, UNKNOWN_ERROR,
                              "PrepareOtaProvisioningRequest");
@@ -3064,8 +3065,10 @@ CdmResponseType CryptoSession::PrepareOtaProvisioningRequest(
  }
  request->resize(buffer_length);
  uint8_t* buf = reinterpret_cast<uint8_t*>(&request->front());
-  status = OEMCrypto_GenerateOTARequest(oec_session_id_, buf, &buffer_length,
+  status = WithOecWriteLock("PrepareOtaProvisioningRequest", [&] {
    return OEMCrypto_GenerateOTARequest(oec_session_id_, buf, &buffer_length,
                                        use_test_key ? 1 : 0);
  });
  if (OEMCrypto_SUCCESS != status) {
    request->clear();
  } else if (buffer_length != request->size()) {
@@ -3078,9 +3081,15 @@ CdmResponseType CryptoSession::PrepareOtaProvisioningRequest(
 CdmResponseType CryptoSession::LoadOtaProvisioning(
    bool use_test_key, const std::string& response) {
  RETURN_IF_NOT_OPEN(CRYPTO_SESSION_NOT_OPEN);
-  const OEMCryptoResult status = OEMCrypto_ProcessOTAKeybox(
+  const OEMCryptoResult status = WithOecWriteLock("LoadOtaProvisioning", [&] {
-      oec_session_id_, reinterpret_cast<const uint8_t*>(response.data()),
+    return OEMCrypto_ProcessOTAKeybox(
-      response.size(), use_test_key ? 1 : 0);
+        oec_session_id_, reinterpret_cast<const uint8_t*>(response.data()),
        response.size(), use_test_key ? 1 : 0);
  });
  if (status == OEMCrypto_SUCCESS) {
    WithOecWriteLock("LoadOtaProvisioning",
                     [&] { needs_keybox_provisioning_ = false; });
  }
  return MapOEMCryptoResult(status, UNKNOWN_ERROR, "LoadOtaProvisioning");
 }