387147dffe
These are a set of CLs merged from the wv cdm repo to the android repo. * Update service certificate. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28065 ] The updated service certificate fixes a number of failing tests. There are still some that fail, apparently due to mismatches with key set IDs and usage tables. Also updated QA server URL to point to QA proxy (although neither can be used by this client). Also fixed segfault in CdmTest.ListUsageRecords. * Add CDM APIs for Handling Service Certificates. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28064 ] The responsibility for managing Service Certificates has been moved out of the CDM. Instead, provide CDM and CdmEngine methods to generate a service certificate request message, and handle a service certificate response. The API client can use these calls if it needs to get the service certificate from the License Server. These functions assume the request and response are base64 (web-safe) encoded (see b/37481392). Not all servers are operating this way yet. Any adaptations for non-compliant servers is handled outside the CDM. See test WvCdmEnginePreProvTest::ServiceCertificateRequestResponse in cdm_engine_test.cpp for an example of this. These changes also eliminate the stored init_data and deferred license type which were used to perform a service certificate request during a license request. * Fix and rename ClosesSessionWithoutReturningError test. Author: Edwin Wong <edwinwong@google.com> [ Merge of http://go/wvgerrit/27880 ] ClosesSessionWithoutReturningError should not check for Status::OK since it is expecting an error code back. The test is renamed to ClosesSessionWithError. Test: libwvdrmdrmplugin_hidl_test BUG: 62205215 * Get rid of default service certificate. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27981 ] Instead, we need at least two service certs - one for the QA/Test servers, and one for UAT (and prod?) There are still some issues around the signature verififcation of the service cert, and in license_unittest.cpp, the use of the default service cert has been commented out. I don't know why this test needs a service cert. If it really does, then the same mechanism that is used elsewhere for selecting a specific server type will be needed here. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: Ieab815fb202c809ad5714cd0364c4bdfa068f77d
224 lines
9.4 KiB
C++
224 lines
9.4 KiB
C++
// Copyright 2013 Google Inc. All Rights Reserved.
|
|
//
|
|
#ifndef WVCDM_CORE_DEVICE_FILES_H_
|
|
#define WVCDM_CORE_DEVICE_FILES_H_
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <set>
|
|
#include <string>
|
|
#include <vector>
|
|
|
|
#include "device_files.pb.h"
|
|
#include "scoped_ptr.h"
|
|
#include "wv_cdm_types.h"
|
|
|
|
#if defined(UNIT_TEST)
|
|
#include <gtest/gtest_prod.h>
|
|
#endif
|
|
|
|
namespace wvcdm {
|
|
|
|
class FileSystem;
|
|
|
|
class DeviceFiles {
|
|
public:
|
|
typedef enum {
|
|
kLicenseStateActive,
|
|
kLicenseStateReleasing,
|
|
kLicenseStateUnknown,
|
|
} LicenseState;
|
|
|
|
typedef enum {
|
|
kStorageLicense, // persistent license
|
|
kStorageUsageInfo, // secure stop
|
|
} UsageEntryStorage;
|
|
|
|
struct UsageEntryInfo {
|
|
UsageEntryStorage storage_type;
|
|
std::string key_set_id; // used when storage_type is kStorageLicense
|
|
std::string
|
|
provider_session_token; // used when storage_type is kStorageUsageInfo
|
|
std::string app_id; // used when storage_type is kStorageUsageInfo
|
|
};
|
|
|
|
DeviceFiles(FileSystem*);
|
|
virtual ~DeviceFiles();
|
|
|
|
virtual bool Init(CdmSecurityLevel security_level);
|
|
virtual bool Reset(CdmSecurityLevel security_level) {
|
|
return Init(security_level);
|
|
}
|
|
|
|
virtual bool StoreCertificate(const std::string& certificate,
|
|
const std::string& wrapped_private_key);
|
|
virtual bool RetrieveCertificate(std::string* certificate,
|
|
std::string* wrapped_private_key,
|
|
std::string* serial_number,
|
|
uint32_t* system_id);
|
|
virtual bool HasCertificate();
|
|
virtual bool RemoveCertificate();
|
|
|
|
virtual bool StoreLicense(const std::string& key_set_id,
|
|
const LicenseState state,
|
|
const CdmInitData& pssh_data,
|
|
const CdmKeyMessage& key_request,
|
|
const CdmKeyResponse& key_response,
|
|
const CdmKeyMessage& key_renewal_request,
|
|
const CdmKeyResponse& key_renewal_response,
|
|
const std::string& release_server_url,
|
|
int64_t playback_start_time,
|
|
int64_t last_playback_time,
|
|
int64_t grace_period_end_time,
|
|
const CdmAppParameterMap& app_parameters,
|
|
const CdmUsageEntry& usage_entry);
|
|
virtual bool RetrieveLicense(
|
|
const std::string& key_set_id, LicenseState* state,
|
|
CdmInitData* pssh_data, CdmKeyMessage* key_request,
|
|
CdmKeyResponse* key_response, CdmKeyMessage* key_renewal_request,
|
|
CdmKeyResponse* key_renewal_response, std::string* release_server_url,
|
|
int64_t* playback_start_time, int64_t* last_playback_time,
|
|
int64_t* grace_period_end_time, CdmAppParameterMap* app_parameters,
|
|
CdmUsageEntry* usage_entry);
|
|
virtual bool DeleteLicense(const std::string& key_set_id);
|
|
virtual bool ListLicenses(std::vector<std::string>* key_set_ids);
|
|
virtual bool DeleteAllFiles();
|
|
virtual bool DeleteAllLicenses();
|
|
virtual bool LicenseExists(const std::string& key_set_id);
|
|
virtual bool ReserveLicenseId(const std::string& key_set_id);
|
|
virtual bool UnreserveLicenseId(const std::string& key_set_id);
|
|
|
|
// Store a usage record to the set of usage information on the file system.
|
|
virtual bool StoreUsageInfo(const std::string& provider_session_token,
|
|
const CdmKeyMessage& key_request,
|
|
const CdmKeyResponse& key_response,
|
|
const std::string& app_id,
|
|
const std::string& key_set_id,
|
|
const CdmUsageEntry& usage_entry);
|
|
|
|
// Extract KSIDs from usage information on the file system.
|
|
virtual bool ListUsageRecords(const std::string& app_id,
|
|
std::vector<std::string>* ksids);
|
|
|
|
// Get the provider session token for the given key_set_id.
|
|
virtual bool GetProviderSessionToken(const std::string& app_id,
|
|
const std::string& key_set_id,
|
|
std::string* provider_session_token);
|
|
|
|
// Delete the usage record for the given PST.
|
|
virtual bool DeleteUsageInfo(const std::string& app_id,
|
|
const std::string& provider_session_token);
|
|
|
|
// Delete usage information from the file system. Puts a list of all the
|
|
// psts that were deleted from the file into |provider_session_tokens|.
|
|
virtual bool DeleteAllUsageInfoForApp(
|
|
const std::string& app_id,
|
|
std::vector<std::string>* provider_session_tokens);
|
|
|
|
// Retrieve one usage info from the file. Subsequent calls will retrieve
|
|
// subsequent entries in the table for this app_id.
|
|
virtual bool RetrieveUsageInfo(
|
|
const std::string& app_id,
|
|
std::vector<std::pair<CdmKeyMessage, CdmKeyResponse> >* usage_info);
|
|
|
|
// Retrieve the usage info entry specified by |provider_session_token|.
|
|
// Returns false if the entry could not be found.
|
|
virtual bool RetrieveUsageInfo(const std::string& app_id,
|
|
const std::string& provider_session_token,
|
|
CdmKeyMessage* license_request,
|
|
CdmKeyResponse* license_response,
|
|
CdmUsageEntry* usage_entry);
|
|
|
|
// Retrieve the usage info entry specified by |key_set_id|.
|
|
// Returns false if the entry could not be found.
|
|
virtual bool RetrieveUsageInfoByKeySetId(const std::string& app_id,
|
|
const std::string& key_set_id,
|
|
CdmKeyMessage* license_request,
|
|
CdmKeyResponse* license_response,
|
|
CdmUsageEntry* usage_entry);
|
|
|
|
virtual bool StoreHlsAttributes(const std::string& key_set_id,
|
|
const CdmHlsMethod method,
|
|
const std::vector<uint8_t>& media_segment_iv);
|
|
virtual bool RetrieveHlsAttributes(const std::string& key_set_id,
|
|
CdmHlsMethod* method,
|
|
std::vector<uint8_t>* media_segment_iv);
|
|
virtual bool DeleteHlsAttributes(const std::string& key_set_id);
|
|
|
|
virtual bool StoreUsageTableInfo(
|
|
const CdmUsageTableHeader& usage_table_header,
|
|
const std::vector<UsageEntryInfo>& usage_entry_info);
|
|
|
|
virtual bool RetrieveUsageTableInfo(
|
|
CdmUsageTableHeader* usage_table_header,
|
|
std::vector<UsageEntryInfo>* usage_entry_info);
|
|
|
|
private:
|
|
// Extract serial number and system ID from DRM Device certificate
|
|
bool ExtractDeviceInfo(const std::string& device_certificate,
|
|
std::string* serial_number,
|
|
uint32_t* system_id);
|
|
|
|
// Helpers that wrap the File interface and automatically handle hashing, as
|
|
// well as adding the device files base path to to the file name.
|
|
bool StoreFileWithHash(const std::string& name,
|
|
const std::string& serialized_file);
|
|
bool StoreFileRaw(const std::string& name,
|
|
const std::string& serialized_file);
|
|
bool RetrieveHashedFile(const std::string& name,
|
|
video_widevine_client::sdk::File* file);
|
|
bool FileExists(const std::string& name);
|
|
bool ListFiles(std::vector<std::string>* names);
|
|
bool RemoveFile(const std::string& name);
|
|
ssize_t GetFileSize(const std::string& name);
|
|
|
|
static std::string GetCertificateFileName();
|
|
static std::string GetHlsAttributesFileNameExtension();
|
|
static std::string GetLicenseFileNameExtension();
|
|
static std::string GetUsageInfoFileName(const std::string& app_id);
|
|
static std::string GetUsageTableFileName();
|
|
static std::string GetFileNameSafeHash(const std::string& input);
|
|
|
|
#if defined(UNIT_TEST)
|
|
FRIEND_TEST(DeviceFilesSecurityLevelTest, SecurityLevel);
|
|
FRIEND_TEST(DeviceCertificateStoreTest, StoreCertificate);
|
|
FRIEND_TEST(DeviceCertificateTest, DISABLED_ReadCertificate);
|
|
FRIEND_TEST(DeviceCertificateTest, HasCertificate);
|
|
FRIEND_TEST(DeviceFilesStoreTest, StoreLicense);
|
|
FRIEND_TEST(DeviceFilesHlsAttributesTest, Delete);
|
|
FRIEND_TEST(DeviceFilesHlsAttributesTest, Read);
|
|
FRIEND_TEST(DeviceFilesHlsAttributesTest, Store);
|
|
FRIEND_TEST(DeviceFilesTest, DeleteLicense);
|
|
FRIEND_TEST(DeviceFilesTest, ReserveLicenseIdsDoesNotUseFileSystem);
|
|
FRIEND_TEST(DeviceFilesTest, RetrieveLicenses);
|
|
FRIEND_TEST(DeviceFilesTest, AppParametersBackwardCompatibility);
|
|
FRIEND_TEST(DeviceFilesTest, StoreLicenses);
|
|
FRIEND_TEST(DeviceFilesTest, UpdateLicenseState);
|
|
FRIEND_TEST(DeviceFilesUsageInfoTest, Delete);
|
|
FRIEND_TEST(DeviceFilesUsageInfoTest, DeleteAll);
|
|
FRIEND_TEST(DeviceFilesUsageInfoTest, Read);
|
|
FRIEND_TEST(DeviceFilesUsageInfoTest, Store);
|
|
FRIEND_TEST(DeviceFilesUsageTableTest, Read);
|
|
FRIEND_TEST(DeviceFilesUsageTableTest, Store);
|
|
FRIEND_TEST(WvCdmRequestLicenseTest, UnprovisionTest);
|
|
FRIEND_TEST(WvCdmRequestLicenseTest, ForceL3Test);
|
|
FRIEND_TEST(WvCdmRequestLicenseTest, UsageInfoRetryTest);
|
|
FRIEND_TEST(WvCdmRequestLicenseTest, UsageReleaseAllTest);
|
|
FRIEND_TEST(WvCdmUsageInfoTest, UsageInfo);
|
|
FRIEND_TEST(WvCdmUsageTest, WithClientId);
|
|
FRIEND_TEST(WvCdmExtendedDurationTest, UsageOverflowTest);
|
|
#endif
|
|
|
|
static std::set<std::string> reserved_license_ids_;
|
|
|
|
FileSystem* file_system_;
|
|
CdmSecurityLevel security_level_;
|
|
bool initialized_;
|
|
|
|
CORE_DISALLOW_COPY_AND_ASSIGN(DeviceFiles);
|
|
};
|
|
|
|
} // namespace wvcdm
|
|
|
|
#endif // WVCDM_CORE_DEVICE_FILES_H_
|