widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c45384bf004b732f0f0b0320930926d09299ee01
android/libwvdrmengine/cdm/core/include/policy_engine.h
Rahul Frias 1884cf738e Merges to android Pi release (part 8) 
These are a set of CLs merged from the wv cdm repo to the android
	   repo.

* Android build fixes

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/36322 ]

* Address android compilation errors and warnings

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/36300 ]

* Gyp cleanup and OpenSSL v10.1 support.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/36001 ]

  OpenSSL 10.1 has a small number of incompatible changes.

  A desktop system upgrade exposed some issue in the build scripts.
  Specifically, the linux build was using both third_party/protobufs (2.6.1)
  and the version installed on the system (3.0 in this case). The linux
  cdm.gyp depended on cdm/cdm.gyp which caused that plus some
  additional issues.

  These changes are necessary to support g++ version:
    g++ (Debian 6.3.0-18) 6.3.0 20170516

  Also did some cosmetic rework on run_current_tests to make it easier
  to figure out what is going on when something fails.

  Also tweaked some of the compiler settings for g++ support (revisit
  this later).

* Refactored Service Certificate encryption to allow encryption of arbitrary data.

  Author: Thomas Inskip <tinskip@google.com>

  [ Merge of http://go/wvgerrit/36141 ]

* Send cdm test requests to UAT.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/36221 ]

  This change resolves the all of the
  CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer
  tests.

  The license servers will return different keys and keyids.
  Sending the request to staging returned key ids and keys that were
  not matching what was expected in the unit tests.

* Fix for building L3 OEMCrypto with clang and libc++

  Author: yucliu <yucliu@google.com>

  [ Merge of http://go/wvgerrit/35740 ]

  1. Include <time.h> for time(time_t*).
  2. Create endian check union on stack. Clang may create const union
  somewhere else, which may cause crash.

* Remove error result when a sublicense session does
  not exist. This is not considered an error.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/36080 ]

* Set default mock handler for GetSupportedCertificateTypes
  for all unit tests and removed the use of StrictMock from
  MockCryptoSession.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/35922 ]

  The handler for this was only set for one test and resulted
  in a number of failures.

* Set default handler for GetHdcpCapabilities. For
  now the default action is to call the real
  GetHdcpCapabilities of crypto_session.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/36140 ]

  I also changed the mock to a NiceMock to silence
  responses to unexpected calls to GetHdcpCapabilities.

  The default handler can be overridden as needed in
  the individual tests.

  This resolves the policy engine test failures.

* Finalize merge of cdm_partner_3.4 to master.

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/35360 ]

  This is the final set of updates to merge all v3.4.1
  changes into master.

* Embedded license: Sublicense rotation.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/35360 ]

  Handle sublicense rotation event.

* Embedded license: Initial license phase.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/34280 ]

  Initial license phase - key loading subsession.

* Embedded license: generate session data.

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/33722 ]

  Generate session data and add it to the license request for
  any embedded license material.

* Resolve missing symbol when building cd-cdm

  Author: Jeff Fore <jfore@google.com>

  [ Merge of http://go/wvgerrit/35840 ]

* C++11: Replace OVERRIDE def with override keyword

  Author: Gene Morgan <gmorgan@google.com>

  [ Merge of http://go/wvgerrit/35400 ]

BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
      commit in the chain.

Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c
2018-01-16 19:29:39 -08:00

217 lines
7.8 KiB
C++
Raw Blame History

// Copyright 2013 Google Inc. All Rights Reserved.
#ifndef WVCDM_CORE_POLICY_ENGINE_H_
#define WVCDM_CORE_POLICY_ENGINE_H_
#include <map>
#include <string>
#include "license_key_status.h"
#include "license_protocol.pb.h"
#include "scoped_ptr.h"
#include "wv_cdm_types.h"
namespace wvcdm {
using video_widevine::LicenseIdentification;
class Clock;
class CryptoSession;
class WvCdmEventListener;
// This acts as an oracle that basically says "Yes(true) you may still decrypt
// or no(false) you may not decrypt this data anymore."
class PolicyEngine {
public:
PolicyEngine(CdmSessionId session_id, WvCdmEventListener* event_listener,
CryptoSession* crypto_session);
virtual ~PolicyEngine();
// The value returned should be taken as a hint rather than an absolute
// status. It is computed during the last call to either SetLicense/
// UpdateLicense/OnTimerEvent/BeginDecryption and may be out of sync
// depending on the amount of time elapsed. The current decryption
// status is not calculated to avoid overhead in the decryption path.
virtual bool CanDecryptContent(const KeyId& key_id);
// Returns the current CdmKeyStatus for the given key, or
// kKeyStatusKeyUnknown if the key is not found. This is useful for finding
// out why a key is not usable.
virtual CdmKeyStatus GetKeyStatus(const KeyId& key_id);
// OnTimerEvent is called when a timer fires. It notifies the Policy Engine
// that the timer has fired and dispatches the relevant events through
// |event_listener_|.
virtual void OnTimerEvent();
// SetLicense is used in handling the initial license response. It stores
// an exact copy of the policy information stored in the license.
// The license state transitions to kLicenseStateCanPlay if the license
// permits playback.
virtual void SetLicense(const video_widevine::License& license);
virtual void UpdateLicenseKeys(const video_widevine::License& license);
// SetLicenseForRelease is used when releasing a license. The keys in this
// license will be ignored, and any old keys will be expired.
virtual void SetLicenseForRelease(
const video_widevine::License& license);
// Call this on first decrypt to set the start of playback.
virtual void BeginDecryption(void);
virtual void DecryptionEvent(void);
// UpdateLicense is used in handling a license response for a renewal request.
// The response may only contain any policy fields that have changed. In this
// case an exact copy is not what we want to happen. We also will receive an
// updated license_start_time from the server. The license will transition to
// kLicenseStateCanPlay if the license permits playback.
virtual void UpdateLicense(
const video_widevine::License& license);
// Used for notifying the Policy Engine of resolution changes
virtual void NotifyResolution(uint32_t width, uint32_t height);
virtual void NotifySessionExpiration();
virtual CdmResponseType Query(CdmQueryMap* query_response);
virtual CdmResponseType QueryKeyAllowedUsage(const KeyId& key_id,
CdmKeyAllowedUsage* key_usage);
virtual const LicenseIdentification& license_id() { return license_id_; }
bool GetSecondsSinceStarted(int64_t* seconds_since_started);
bool GetSecondsSinceLastPlayed(int64_t* seconds_since_started);
// for offline save and restore
int64_t GetPlaybackStartTime() { return playback_start_time_; }
int64_t GetLastPlaybackTime() { return last_playback_time_; }
int64_t GetGracePeriodEndTime() { return grace_period_end_time_; }
void RestorePlaybackTimes(int64_t playback_start_time,
int64_t last_playback_time,
int64_t grace_period_end_time);
bool IsLicenseForFuture() { return license_state_ == kLicenseStatePending; }
bool HasPlaybackStarted(int64_t current_time) {
if (playback_start_time_ == 0)
return false;
const int64_t playback_time = current_time - playback_start_time_;
return playback_time >= policy_.play_start_grace_period_seconds();
}
bool HasLicenseOrPlaybackDurationExpired(int64_t current_time);
int64_t GetLicenseOrPlaybackDurationRemaining();
bool CanRenew() { return policy_.can_renew(); }
bool IsSufficientOutputProtection(const KeyId& key_id) {
return license_keys_->MeetsConstraints(key_id);
}
private:
friend class PolicyEngineTest;
friend class PolicyEngineConstraintsTest;
void InitDevice(CryptoSession* crypto_session);
void SetDeviceResolution(uint32_t width, uint32_t height);
void CheckDeviceHdcpStatusOnTimer(int64_t current_time);
void CheckDeviceHdcpStatus();
typedef enum {
kLicenseStateInitial,
kLicenseStatePending, // if license is issued for sometime in the future
kLicenseStateCanPlay,
kLicenseStateNeedRenewal,
kLicenseStateWaitingLicenseUpdate,
kLicenseStateExpired
} LicenseState;
// Gets the clock time that the license expires. This is the hard limit that
// all license types must obey at all times.
int64_t GetHardLicenseExpiryTime();
// Gets the clock time that the rental duration will expire, using the license
// duration if one is not present.
int64_t GetRentalExpiryTime();
// Gets the clock time that the license expires based on whether we have
// started playing. This takes into account GetHardLicenseExpiryTime.
int64_t GetExpiryTime(int64_t current_time,
bool ignore_soft_enforce_playback_duration);
int64_t GetLicenseOrRentalDurationRemaining(int64_t current_time);
int64_t GetPlaybackDurationRemaining(int64_t current_time);
bool HasRenewalDelayExpired(int64_t current_time);
bool HasRenewalRecoveryDurationExpired(int64_t current_time);
bool HasRenewalRetryIntervalExpired(int64_t current_time);
void UpdateRenewalRequest(int64_t current_time);
// Notifies updates in keys information and fire OnKeysChange event if
// key changes.
void NotifyKeysChange(CdmKeyStatus new_status);
// Notifies updates in expiry time and fire OnExpirationUpdate event if
// expiry time changes.
void NotifyExpirationUpdate(int64_t current_time);
// Guard against clock rollbacks
int64_t GetCurrentTime();
// set_clock() is for testing only. It alters ownership of the
// passed-in pointer.
void set_clock(Clock* clock);
LicenseState license_state_;
// This is the current policy information for this license. This gets updated
// as license renewals occur.
video_widevine::License::Policy policy_;
// This is the license id field from server response. This data gets passed
// back to the server in each renewal request. When we get a renewal response
// from the license server we will get an updated id field.
video_widevine::LicenseIdentification license_id_;
// The server returns the license start time in the license/license renewal
// response based off the request time sent by the client in the
// license request/renewal
int64_t license_start_time_;
int64_t playback_start_time_;
int64_t last_playback_time_;
int64_t last_expiry_time_;
int64_t grace_period_end_time_;
bool last_expiry_time_set_;
bool was_expired_on_load_;
// This is used as a reference point for policy management. This value
// represents an offset from license_start_time_. This is used to
// calculate the time where renewal retries should occur.
int64_t next_renewal_time_;
// to assist in clock rollback checks
int64_t last_recorded_current_time_;
// Used to dispatch CDM events.
CdmSessionId session_id_;
WvCdmEventListener* event_listener_;
// Keys associated with license - holds allowed usage, usage constraints,
// and current status (CdmKeyStatus)
scoped_ptr<LicenseKeys> license_keys_;
// Device checks
int64_t next_device_check_;
uint32_t current_resolution_;
CryptoSession* crypto_session_;
scoped_ptr<Clock> clock_;
CORE_DISALLOW_COPY_AND_ASSIGN(PolicyEngine);
};
} // wvcdm
#endif // WVCDM_CORE_POLICY_ENGINE_H_
Reference in New Issue View Git Blame Copy Permalink