Source release v3.5.0

2017-11-28 17:42:16 -08:00
parent 501c22890d
commit 31381a1311
155 changed files with 16680 additions and 3816 deletions
--- a/core/src/certificate_provisioning.cpp
+++ b/core/src/certificate_provisioning.cpp
@@ -66,7 +66,7 @@ void ExtractAndDecodeSignedMessage(const std::string& provisioning_response,
  result->assign(decoded_message.begin(), decoded_message.end());
 }

-}
+}  // namespace

 namespace wvcdm {
 // Protobuf generated classes.
@@ -83,7 +83,8 @@ using video_widevine::SignedProvisioningMessage;
 */
 bool CertificateProvisioning::GetProvisioningTokenType(
    ClientIdentification::TokenType* token_type) {
-  switch (crypto_session_.GetPreProvisionTokenType()) {
+  CdmClientTokenType token = crypto_session_.GetPreProvisionTokenType();
+  switch (token) {
    case kClientTokenKeybox:
      *token_type = ClientIdentification::KEYBOX;
      return true;
@@ -93,6 +94,8 @@ bool CertificateProvisioning::GetProvisioningTokenType(
    case kClientTokenDrmCert:
    default:
      // shouldn't happen
+      LOGE("CertificateProvisioning::GetProvisioningTokenType: unexpected "
+           "provisioning type: %d", token);
      return false;
  }
 }
@@ -107,7 +110,7 @@ bool CertificateProvisioning::SetSpoidParameter(
    const std::string& origin, const std::string& spoid,
    ProvisioningRequest* request) {
  if (!request) {
-    LOGE("CertificateProvisioning::SetSpoidParameter : No request buffer "
+    LOGE("CertificateProvisioning::SetSpoidParameter: No request buffer "
         "passed to method.");
    return false;
  }
@@ -125,7 +128,7 @@ bool CertificateProvisioning::SetSpoidParameter(
  } else if (origin != EMPTY_ORIGIN) {
    // Legacy behavior - Concatenate Unique ID with Origin
    std::string device_unique_id;
-    if (!crypto_session_.GetDeviceUniqueId(&device_unique_id)) {
+    if (!crypto_session_.GetInternalDeviceUniqueId(&device_unique_id)) {
      LOGE("CertificateProvisioning::SetSpoidParameter: Failure getting "
           "device unique ID");
      return false;
@@ -208,7 +211,7 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequest(
  uint32_t nonce;
  if (!crypto_session_.GenerateNonce(&nonce)) {
    LOGE("GetProvisioningRequest: fails to generate a nonce");
-    return CERT_PROVISIONING_REQUEST_ERROR_2;
+    return CERT_PROVISIONING_NONCE_GENERATION_ERROR;
  }

  // The provisioning server does not convert the nonce to uint32_t, it just
@@ -280,29 +283,33 @@ CdmResponseType CertificateProvisioning::GetProvisioningRequest(
 * Returns NO_ERROR for success and CERT_PROVISIONING_RESPONSE_ERROR_? if fails.
 */
 CdmResponseType CertificateProvisioning::HandleProvisioningResponse(
-    FileSystem* file_system, const CdmProvisioningResponse& response,
+    FileSystem* file_system, const CdmProvisioningResponse& response_message,
    std::string* cert, std::string* wrapped_key) {

-  std::string raw_string;
-  if (!wvcdm::Properties::provisioning_messages_are_binary()) {
-    // The response is base64 encoded in a JSON wrapper.
-    // Extract it and decode it. If errors, return an empty string.
-    ExtractAndDecodeSignedMessage(response, &raw_string);
-  } else {
-    raw_string.assign(response);
+  if (response_message.empty()) {
+    LOGE("HandleProvisioningResponse: response message is empty.");
+    return CERT_PROVISIONING_RESPONSE_ERROR_1;
  }

-  if (raw_string.empty()) {
-    LOGE("HandleProvisioningResponse: response message is empty or "
-         "an invalid JSON/base64 string.");
-    return CERT_PROVISIONING_RESPONSE_ERROR_1;
+  std::string response;
+  if (wvcdm::Properties::provisioning_messages_are_binary()) {
+    response.assign(response_message);
+  } else {
+    // The response is base64 encoded in a JSON wrapper.
+    // Extract it and decode it. On error return an empty string.
+    ExtractAndDecodeSignedMessage(response_message, &response);
+    if (response.empty()) {
+      LOGE("HandleProvisioningResponse: response message is "
+           "an invalid JSON/base64 string.");
+      return CERT_PROVISIONING_RESPONSE_ERROR_1;
+    }
  }

  // Authenticates provisioning response using D1s (server key derived from
  // the provisioing request's input). Validate provisioning response and
  // stores private device RSA key and certificate.
  SignedProvisioningMessage signed_response;
-  if (!signed_response.ParseFromString(raw_string)) {
+  if (!signed_response.ParseFromString(response)) {
    LOGE("HandleProvisioningResponse: fails to parse signed response");
    return CERT_PROVISIONING_RESPONSE_ERROR_2;
  }