From 3d5571eaa19d42a255d129cb588ef47fa5ae244a Mon Sep 17 00:00:00 2001
From: Joey Parrish <joeyparrish@google.com>
Date: Mon, 9 Nov 2015 16:40:25 -0800
Subject: [PATCH] Source release v3.0.3

---
 cdm/include/cdm_version.h         |  2 +-
 cdm/src/cdm.cpp                   | 13 ++-----------
 core/src/cdm_engine.cpp           | 14 ++++++++++----
 core/src/privacy_crypto_apple.cpp |  1 +
 oemcrypto/include/OEMCryptoCENC.h |  1 +
 oemcrypto/test/oemcrypto_test.cpp | 21 ++++++++++-----------
 6 files changed, 25 insertions(+), 27 deletions(-)

diff --git a/cdm/include/cdm_version.h b/cdm/include/cdm_version.h
index 232ab469..e68bca20 100644
--- a/cdm/include/cdm_version.h
+++ b/cdm/include/cdm_version.h
@@ -1,2 +1,2 @@
 // Widevine CE CDM Version
-#define CDM_VERSION "v3.0.2-0-g161de1b-ce"
+#define CDM_VERSION "v3.0.3-0-g226db8b-ce"
diff --git a/cdm/src/cdm.cpp b/cdm/src/cdm.cpp
index 154eb136..d79bb042 100644
--- a/cdm/src/cdm.cpp
+++ b/cdm/src/cdm.cpp
@@ -408,12 +408,6 @@ Cdm::Status CdmImpl::update(const std::string& session_id,
     return kInvalidAccess;
   }
 
-  bool predicted_to_be_server_cert_response =
-      property_set_.use_privacy_mode() &&
-      property_set_.service_certificate().empty();
-  (void)predicted_to_be_server_cert_response;
-  // predicted_to_be_server_cert_response is now used when assertions are off.
-
   // NOTE: If the CdmSession object recognizes that this is not the first
   // AddKey(), it will internally delegate to RenewKey().
   CdmKeySetId key_set_id = session_id;
@@ -422,7 +416,7 @@ Cdm::Status CdmImpl::update(const std::string& session_id,
 
   if (result == NEED_KEY) {
     // We just provisioned a server certificate.
-    assert(predicted_to_be_server_cert_response);
+    assert(property_set_.use_privacy_mode());
 
     // The cert is now available to all sessions in this CDM instance.
     // This is consistent with the behavior of the Chrome CDM.
@@ -450,10 +444,7 @@ Cdm::Status CdmImpl::update(const std::string& session_id,
     MessageType message_type = kLicenseRequest;
     listener_->onMessage(session_id, message_type, key_request);
     return kSuccess;
-  }
-  assert(!predicted_to_be_server_cert_response);
-
-  if (result != KEY_ADDED) {
+  } else if (result != KEY_ADDED) {
     LOGE("Unexpected error %d", result);
     return kUnexpectedError;
   }
diff --git a/core/src/cdm_engine.cpp b/core/src/cdm_engine.cpp
index 53509858..620c7faf 100644
--- a/core/src/cdm_engine.cpp
+++ b/core/src/cdm_engine.cpp
@@ -299,12 +299,18 @@ CdmResponseType CdmEngine::AddKey(const CdmSessionId& session_id,
 
   CdmResponseType sts = iter->second->AddKey(key_data, key_set_id);
 
-  if (KEY_ADDED != sts) {
-    LOGE("CdmEngine::AddKey: keys not added, result = %d", sts);
-    return sts;
+  switch (sts) {
+    case KEY_ADDED:
+      break;
+    case NEED_KEY:
+      LOGI("CdmEngine::AddKey: service certificate loaded, no key added");
+      break;
+    default:
+      LOGE("CdmEngine::AddKey: keys not added, result = %d", sts);
+      break;
   }
 
-  return KEY_ADDED;
+  return sts;
 }
 
 CdmResponseType CdmEngine::RestoreKey(const CdmSessionId& session_id,
diff --git a/core/src/privacy_crypto_apple.cpp b/core/src/privacy_crypto_apple.cpp
index 3058d11c..8455d776 100644
--- a/core/src/privacy_crypto_apple.cpp
+++ b/core/src/privacy_crypto_apple.cpp
@@ -228,6 +228,7 @@ bool PSSVerify(const uint8_t *message, size_t messageLength,
   }
 
   // Verify db
+  dbMask[0] &= 0x7F;
   for (int i = 0; i < dbLength - kPssSaltLength - 1; i++) {
     if (dbMask[i] != 0) {
       return false;
diff --git a/oemcrypto/include/OEMCryptoCENC.h b/oemcrypto/include/OEMCryptoCENC.h
index 1dd964b6..1056d691 100644
--- a/oemcrypto/include/OEMCryptoCENC.h
+++ b/oemcrypto/include/OEMCryptoCENC.h
@@ -1557,6 +1557,7 @@ OEMCryptoResult OEMCrypto_LoadTestRSAKey();
  * Returns:
  *   OEMCrypto_SUCCESS success
  *   OEMCrypto_ERROR_INVALID_SESSION
+ *   OEMCrypto_ERROR_INVALID_CONTEXT
  *   OEMCrypto_ERROR_SHORT_BUFFER if the signature buffer is too small.
  *   OEMCrypto_ERROR_INVALID_RSA_KEY
  *   OEMCrypto_ERROR_INSUFFICIENT_RESOURCES
diff --git a/oemcrypto/test/oemcrypto_test.cpp b/oemcrypto/test/oemcrypto_test.cpp
index 2c649c50..e70e7398 100644
--- a/oemcrypto/test/oemcrypto_test.cpp
+++ b/oemcrypto/test/oemcrypto_test.cpp
@@ -678,7 +678,7 @@ class Session {
   }
 
   void RefreshTestKeys(const size_t key_count, uint32_t control_bits,
-                       uint32_t nonce, bool expect_good) {
+                       uint32_t nonce, OEMCryptoResult expected_result) {
     // Note: we store the message in encrypted_license_, but the refresh key
     // message is not actually encrypted.  It is, however, signed.
     FillRefreshMessage(key_count, control_bits, nonce);
@@ -688,17 +688,13 @@ class Session {
     OEMCryptoResult sts = OEMCrypto_RefreshKeys(
         session_id(), message_ptr(), sizeof(MessageData), &signature_[0],
         signature_.size(), key_count, key_array);
-    if (expect_good) {
-      ASSERT_EQ(OEMCrypto_SUCCESS, sts);
-    } else {
-      ASSERT_NE(OEMCrypto_SUCCESS, sts);
-    }
+    ASSERT_EQ(expected_result, sts);
 
     TestDecryptCTR();
     sleep(kShortSleep);  //  Should still be valid key.
     TestDecryptCTR(false);
     sleep(kShortSleep + kLongSleep);  // Should be after first expiration.
-    if (expect_good) {
+    if (expected_result == OEMCrypto_SUCCESS) {
       TestDecryptCTR(false, OEMCrypto_SUCCESS);
     } else {
       TestDecryptCTR(false, OEMCrypto_ERROR_UNKNOWN_FAILURE);
@@ -2157,7 +2153,8 @@ TEST_P(SessionTestRefreshKeyTest, RefreshWithNonce) {
   s.LoadTestKeys("", new_mac_keys_);
   uint32_t nonce;
   s.GenerateNonce(&nonce);
-  s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce, true);
+  s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce,
+                    OEMCrypto_SUCCESS);
 }
 
 TEST_P(SessionTestRefreshKeyTest, RefreshNoNonce) {
@@ -2169,7 +2166,7 @@ TEST_P(SessionTestRefreshKeyTest, RefreshNoNonce) {
   s.LoadTestKeys("", new_mac_keys_);
   uint32_t nonce;
   s.GenerateNonce(&nonce);
-  s.RefreshTestKeys(num_keys_, 0, 0, true);
+  s.RefreshTestKeys(num_keys_, 0, 0, OEMCrypto_SUCCESS);
 }
 
 TEST_P(SessionTestRefreshKeyTest, RefreshOldNonce) {
@@ -2181,7 +2178,8 @@ TEST_P(SessionTestRefreshKeyTest, RefreshOldNonce) {
   s.EncryptAndSign();
   s.LoadTestKeys("", new_mac_keys_);
   uint32_t nonce = s.get_nonce();
-  s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce, false);
+  s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce,
+                    OEMCrypto_ERROR_INVALID_NONCE);
 }
 
 TEST_P(SessionTestRefreshKeyTest, RefreshBadNonce) {
@@ -2195,7 +2193,8 @@ TEST_P(SessionTestRefreshKeyTest, RefreshBadNonce) {
   uint32_t nonce;
   s.GenerateNonce(&nonce);
   nonce ^= 42;
-  s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce, false);
+  s.RefreshTestKeys(num_keys_, wvoec_mock::kControlNonceEnabled, nonce,
+                    OEMCrypto_ERROR_INVALID_NONCE);
 }
 
 // Of only one key control block in the refesh, we update all the keys.