widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Source release 17.1.0

Browse Source
This commit is contained in:
John "Juce" Bruce
2022-07-07 17:14:31 -07:00
parent 8c17574083
commit 694cf6fb25
2233 changed files with 272026 additions and 223371 deletions
Download Patch File Download Diff File Expand all files Collapse all files

222
core/test/license_unittest.cpp
View File

@@ -1,6 +1,6 @@
// Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
// source code may only be used and distributed under the Widevine Master
// License Agreement.
// source code may only be used and distributed under the Widevine License
// Agreement.
#include <gmock/gmock.h>
#include <gtest/gtest.h>
@@ -24,6 +24,7 @@
namespace wvcdm {
namespace {
using wvutil::a2bs_hex;
const std::string kEmptyString;
const std::string kAesKey = a2bs_hex("000102030405060708090a0b0c0d0e0f");
@@ -116,7 +117,10 @@ const std::string kLicenseRequestSignature = a2bs_hex(
const std::string kFakeCoreMessage = a2bs_hex("DEADBEEF");
const CryptoSession::SupportedCertificateTypes kDefaultSupportedCertTypes = {
true, true, true};
/* RSA 2048 */ true, /* RSA 3072 */ true,
/* RSA CAST */ false,
/* ECC 256 */ true, /* ECC 384 */ true,
/* ECC 521 */ true};
const std::string kFakeEntitlementKeyId =
a2bs_hex("2a538231c616c67143032a645f9c545d");
@@ -131,46 +135,48 @@ const std::string kFakeKeyTooLong =
a2bs_hex("d4bc8605d662878a46adb2adb6bf3c0b30a54a0c2f");
const std::string kFakeKeyTooShort = a2bs_hex("06e247e7f924208011");
const std::string kFakeIv = a2bs_hex("3d515a3ee0be1687080ac59da9e0d69a");
const std::string kFakeBuildInfo = "Mock Crypto Session - License Test";
class MockCryptoSession : public TestCryptoSession {
public:
MockCryptoSession(metrics::CryptoMetrics* crypto_metrics)
: TestCryptoSession(crypto_metrics) {}
MOCK_METHOD0(IsOpen, bool());
MOCK_METHOD0(request_id, const std::string&());
MOCK_METHOD1(UsageInformationSupport, bool(bool*));
MOCK_METHOD2(GetHdcpCapabilities,
CdmResponseType(HdcpCapability*, HdcpCapability*));
MOCK_METHOD1(GetSupportedCertificateTypes, bool(SupportedCertificateTypes*));
MOCK_METHOD1(GetApiVersion, bool(uint32_t*));
MOCK_METHOD1(GenerateNonce, CdmResponseType(uint32_t*));
MOCK_METHOD3(PrepareAndSignLicenseRequest,
CdmResponseType(const std::string&, std::string*, std::string*));
MOCK_METHOD1(LoadEntitledContentKeys,
CdmResponseType(const std::vector<CryptoKey>& key_array));
MOCK_METHOD1(GetResourceRatingTier, bool(uint32_t*));
MOCK_METHOD(bool, IsOpen, (), (override));
MOCK_METHOD(const std::string&, request_id, (), (override));
MOCK_METHOD(bool, HasUsageInfoSupport, (bool*), (override));
MOCK_METHOD(CdmResponseType, GetHdcpCapabilities,
(HdcpCapability*, HdcpCapability*), (override));
MOCK_METHOD(bool, GetSupportedCertificateTypes, (SupportedCertificateTypes*),
(override));
MOCK_METHOD(bool, GetApiVersion, (uint32_t*), (override));
MOCK_METHOD(CdmResponseType, GenerateNonce, (uint32_t*), (override));
MOCK_METHOD(CdmResponseType, PrepareAndSignLicenseRequest,
(const std::string&, std::string*, std::string*), (override));
MOCK_METHOD(CdmResponseType, LoadEntitledContentKeys,
(const std::vector<CryptoKey>& key_array), (override));
MOCK_METHOD(bool, GetResourceRatingTier, (uint32_t*), (override));
MOCK_METHOD(bool, GetWatermarkingSupport, (CdmWatermarkingSupport*),
(override));
MOCK_METHOD(bool, GetBuildInformation, (std::string*), (override));
CdmSecurityLevel GetSecurityLevel() override { return kSecurityLevelL1; }
};
class MockPolicyEngine : public PolicyEngine {
public:
MockPolicyEngine(CryptoSession* crypto)
: PolicyEngine("mock_session_id", nullptr, crypto) {}
MOCK_METHOD1(
SetEntitledLicenseKeys,
void(const std::vector<video_widevine::WidevinePsshData_EntitledKey>&));
};
class MockInitializationData : public InitializationData {
public:
MockInitializationData(const std::string& type, const CdmInitData& data)
: InitializationData(type, data) {}
MOCK_METHOD0(is_supported, bool());
MOCK_METHOD0(is_cenc, bool());
MOCK_METHOD(
void, SetEntitledLicenseKeys,
(const std::vector<video_widevine::WidevinePsshData_EntitledKey>&),
(override));
};
} // namespace
// Protobuf generated classes
using ClientCapabilities =
video_widevine::ClientIdentification::ClientCapabilities;
using video_widevine::ClientIdentification;
using video_widevine::License;
using video_widevine::License_KeyContainer;
@@ -193,7 +199,7 @@ using ::testing::Values;
class CdmLicenseTestPeer : public CdmLicense {
public:
CdmLicenseTestPeer(const CdmSessionId& session_id, Clock* clock)
CdmLicenseTestPeer(const CdmSessionId& session_id, wvutil::Clock* clock)
: CdmLicense(session_id, clock) {}
using CdmLicense::HandleNewEntitledKeys;
@@ -211,7 +217,7 @@ class CdmLicenseTest : public WvCdmTestBase {
WvCdmTestBase::SetUp();
clock_ = new MockClock();
crypto_session_ = new MockCryptoSession(&crypto_metrics_);
init_data_ = new MockInitializationData(CENC_INIT_DATA_FORMAT, pssh_);
init_data_ = new InitializationData(CENC_INIT_DATA_FORMAT, pssh_);
policy_engine_ = new MockPolicyEngine(crypto_session_);
ON_CALL(*crypto_session_, GetSupportedCertificateTypes(NotNull()))
@@ -232,12 +238,12 @@ class CdmLicenseTest : public WvCdmTestBase {
clock_ = nullptr;
}
CdmLicenseTestPeer* cdm_license_;
MockClock* clock_;
CdmLicenseTestPeer* cdm_license_ = nullptr;
MockClock* clock_ = nullptr;
metrics::CryptoMetrics crypto_metrics_;
MockCryptoSession* crypto_session_;
MockInitializationData* init_data_;
MockPolicyEngine* policy_engine_;
MockCryptoSession* crypto_session_ = nullptr;
InitializationData* init_data_ = nullptr;
MockPolicyEngine* policy_engine_ = nullptr;
std::string pssh_;
};
@@ -245,22 +251,13 @@ TEST_F(CdmLicenseTest, InitSuccess) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(kToken, kClientTokenDrmCert, kEmptyString,
false, kEmptyServiceCertificate,
EXPECT_TRUE(cdm_license_->Init(false, kEmptyServiceCertificate,
crypto_session_, policy_engine_));
}
TEST_F(CdmLicenseTest, InitFail_EmptyToken) {
CreateCdmLicense();
EXPECT_FALSE(cdm_license_->Init("", kClientTokenDrmCert, "", false,
kEmptyServiceCertificate, crypto_session_,
policy_engine_));
}
TEST_F(CdmLicenseTest, InitFail_CryptoSessionNull) {
CreateCdmLicense();
EXPECT_FALSE(cdm_license_->Init(kToken, kClientTokenDrmCert, "", false,
kEmptyServiceCertificate, nullptr,
EXPECT_FALSE(cdm_license_->Init(false, kEmptyServiceCertificate, nullptr,
policy_engine_));
}
@@ -268,58 +265,57 @@ TEST_F(CdmLicenseTest, InitFail_PolicyEngineNull) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_FALSE(cdm_license_->Init(kToken, kClientTokenDrmCert, "", false,
kEmptyServiceCertificate, crypto_session_,
nullptr));
EXPECT_FALSE(cdm_license_->Init(false, kEmptyServiceCertificate,
crypto_session_, nullptr));
}
TEST_F(CdmLicenseTest, InitWithEmptyServiceCert) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(kToken, kClientTokenDrmCert, "", true,
kEmptyServiceCertificate, crypto_session_,
policy_engine_));
EXPECT_TRUE(cdm_license_->Init(true, kEmptyServiceCertificate,
crypto_session_, policy_engine_));
}
TEST_F(CdmLicenseTest, InitWithInvalidServiceCert) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_FALSE(cdm_license_->Init(kToken, kClientTokenDrmCert, "", true,
kInvalidServiceCertificate, crypto_session_,
policy_engine_));
EXPECT_FALSE(cdm_license_->Init(true, kInvalidServiceCertificate,
crypto_session_, policy_engine_));
}
TEST_F(CdmLicenseTest, InitWithServiceCert) {
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(kToken, kClientTokenDrmCert, "", true,
kDefaultServiceCertificate, crypto_session_,
policy_engine_));
EXPECT_TRUE(cdm_license_->Init(true, kDefaultServiceCertificate,
crypto_session_, policy_engine_));
}
TEST_F(CdmLicenseTest, PrepareKeyRequestValidation) {
bool usage_information_support = true;
CryptoSession::HdcpCapability current_hdcp_version = HDCP_NO_DIGITAL_OUTPUT;
CryptoSession::HdcpCapability max_hdcp_version = HDCP_V2_1;
uint32_t crypto_session_api_version = 9;
const uint32_t crypto_session_api_version = 16;
const uint32_t resource_rating_tier = RESOURCE_RATING_TIER_LOW;
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
EXPECT_CALL(*crypto_session_, request_id())
.WillOnce(ReturnRef(kCryptoRequestId));
EXPECT_CALL(*crypto_session_, UsageInformationSupport(NotNull()))
EXPECT_CALL(*crypto_session_, HasUsageInfoSupport(NotNull()))
.WillOnce(
DoAll(SetArgPointee<0>(usage_information_support), Return(true)));
EXPECT_CALL(*crypto_session_, GetHdcpCapabilities(NotNull(), NotNull()))
.WillOnce(DoAll(SetArgPointee<0>(current_hdcp_version),
SetArgPointee<1>(max_hdcp_version), Return(NO_ERROR)));
// Supported certificates set by SetUp().
EXPECT_CALL(*crypto_session_, GetSupportedCertificateTypes(NotNull()));
EXPECT_CALL(*crypto_session_, GetApiVersion(NotNull()))
.Times(2)
.WillRepeatedly(
.WillOnce(
DoAll(SetArgPointee<0>(crypto_session_api_version), Return(true)));
EXPECT_CALL(*crypto_session_, GetResourceRatingTier(NotNull()))
.WillOnce(DoAll(SetArgPointee<0>(resource_rating_tier), Return(true)));
EXPECT_CALL(*clock_, GetCurrentTime()).WillOnce(Return(kLicenseStartTime));
EXPECT_CALL(*crypto_session_, GenerateNonce(NotNull()))
.WillOnce(DoAll(SetArgPointee<0>(kNonce), Return(NO_ERROR)));
@@ -328,18 +324,22 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidation) {
.WillOnce(DoAll(SetArgPointee<1>(kFakeCoreMessage),
SetArgPointee<2>(kLicenseRequestSignature),
Return(NO_ERROR)));
EXPECT_CALL(*crypto_session_, GetBuildInformation(NotNull()))
.WillOnce(DoAll(SetArgPointee<0>(kFakeBuildInfo), Return(true)));
EXPECT_CALL(*crypto_session_, GetWatermarkingSupport(NotNull()))
.WillOnce(
DoAll(SetArgPointee<0>(kWatermarkingConfigurable), Return(true)));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(kToken, kClientTokenDrmCert, kEmptyString,
true, kDefaultServiceCertificate,
EXPECT_TRUE(cdm_license_->Init(true, kDefaultServiceCertificate,
crypto_session_, policy_engine_));
CdmAppParameterMap app_parameters;
CdmKeyMessage signed_request;
std::string server_url;
EXPECT_EQ(cdm_license_->PrepareKeyRequest(*init_data_, kLicenseTypeStreaming,
app_parameters, &signed_request,
&server_url),
EXPECT_EQ(cdm_license_->PrepareKeyRequest(
*init_data_, kToken, kLicenseTypeStreaming, app_parameters,
&signed_request, &server_url),
KEY_MESSAGE);
EXPECT_TRUE(!signed_request.empty());
@@ -379,25 +379,25 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidation) {
EXPECT_FALSE(client_id.has_provider_client_token());
EXPECT_FALSE(client_id.has_license_counter());
const ::video_widevine::ClientIdentification_ClientCapabilities&
client_capabilities = client_id.client_capabilities();
const ClientCapabilities& client_capabilities =
client_id.client_capabilities();
EXPECT_TRUE(client_capabilities.has_client_token());
EXPECT_TRUE(client_capabilities.has_session_token());
EXPECT_FALSE(client_capabilities.video_resolution_constraints());
EXPECT_EQ(video_widevine::
ClientIdentification_ClientCapabilities_HdcpVersion_HDCP_V2_1,
EXPECT_EQ(ClientCapabilities::HDCP_V2_1,
client_capabilities.max_hdcp_version());
EXPECT_EQ(crypto_session_api_version,
client_capabilities.oem_crypto_api_version());
EXPECT_THAT(
client_capabilities.supported_certificate_key_type(),
UnorderedElementsAre(
video_widevine::
ClientIdentification_ClientCapabilities_CertificateKeyType_RSA_2048,
video_widevine::
ClientIdentification_ClientCapabilities_CertificateKeyType_RSA_3072));
EXPECT_FALSE(client_capabilities.has_resource_rating_tier());
EXPECT_THAT(client_capabilities.supported_certificate_key_type(),
UnorderedElementsAre(ClientCapabilities::RSA_2048,
ClientCapabilities::RSA_3072,
ClientCapabilities::ECC_SECP256R1,
ClientCapabilities::ECC_SECP384R1,
ClientCapabilities::ECC_SECP521R1));
EXPECT_TRUE(client_capabilities.has_resource_rating_tier());
EXPECT_EQ(client_capabilities.watermarking_support(),
ClientCapabilities::WATERMARKING_CONFIGURABLE);
// Verify Content Identification
const LicenseRequest_ContentIdentification& content_id =
@@ -425,16 +425,17 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidation) {
}
TEST_F(CdmLicenseTest, PrepareKeyRequestValidationV15) {
bool usage_information_support = true;
CryptoSession::HdcpCapability current_hdcp_version = HDCP_NO_DIGITAL_OUTPUT;
CryptoSession::HdcpCapability max_hdcp_version = HDCP_V2_1;
uint32_t crypto_session_api_version = 15;
uint32_t resource_rating_tier = RESOURCE_RATING_TIER_LOW;
const bool usage_information_support = true;
const CryptoSession::HdcpCapability current_hdcp_version =
HDCP_NO_DIGITAL_OUTPUT;
const CryptoSession::HdcpCapability max_hdcp_version = HDCP_V2_1;
const uint32_t crypto_session_api_version = 15;
const uint32_t resource_rating_tier = RESOURCE_RATING_TIER_LOW;
EXPECT_CALL(*crypto_session_, IsOpen()).WillOnce(Return(true));
EXPECT_CALL(*crypto_session_, request_id())
.WillOnce(ReturnRef(kCryptoRequestId));
EXPECT_CALL(*crypto_session_, UsageInformationSupport(NotNull()))
EXPECT_CALL(*crypto_session_, HasUsageInfoSupport(NotNull()))
.WillOnce(
DoAll(SetArgPointee<0>(usage_information_support), Return(true)));
EXPECT_CALL(*crypto_session_, GetHdcpCapabilities(NotNull(), NotNull()))
@@ -442,8 +443,7 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidationV15) {
SetArgPointee<1>(max_hdcp_version), Return(NO_ERROR)));
EXPECT_CALL(*crypto_session_, GetSupportedCertificateTypes(NotNull()));
EXPECT_CALL(*crypto_session_, GetApiVersion(NotNull()))
.Times(2)
.WillRepeatedly(
.WillOnce(
DoAll(SetArgPointee<0>(crypto_session_api_version), Return(true)));
EXPECT_CALL(*crypto_session_, GetResourceRatingTier(NotNull()))
.WillOnce(DoAll(SetArgPointee<0>(resource_rating_tier), Return(true)));
@@ -455,18 +455,22 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidationV15) {
.WillOnce(DoAll(SetArgPointee<1>(kFakeCoreMessage),
SetArgPointee<2>(kLicenseRequestSignature),
Return(NO_ERROR)));
EXPECT_CALL(*crypto_session_, GetBuildInformation(NotNull()))
.WillOnce(DoAll(SetArgPointee<0>(kFakeBuildInfo), Return(true)));
EXPECT_CALL(*crypto_session_, GetWatermarkingSupport(NotNull()))
.WillOnce(
DoAll(SetArgPointee<0>(kWatermarkingNotSupported), Return(true)));
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(kToken, kClientTokenDrmCert, kEmptyString,
true, kDefaultServiceCertificate,
EXPECT_TRUE(cdm_license_->Init(true, kDefaultServiceCertificate,
crypto_session_, policy_engine_));
CdmAppParameterMap app_parameters;
CdmKeyMessage signed_request;
std::string server_url;
EXPECT_EQ(cdm_license_->PrepareKeyRequest(*init_data_, kLicenseTypeStreaming,
app_parameters, &signed_request,
&server_url),
EXPECT_EQ(cdm_license_->PrepareKeyRequest(
*init_data_, kToken, kLicenseTypeStreaming, app_parameters,
&signed_request, &server_url),
KEY_MESSAGE);
EXPECT_TRUE(!signed_request.empty());
@@ -506,25 +510,25 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidationV15) {
EXPECT_FALSE(client_id.has_provider_client_token());
EXPECT_FALSE(client_id.has_license_counter());
const ::video_widevine::ClientIdentification_ClientCapabilities&
client_capabilities = client_id.client_capabilities();
const ClientCapabilities& client_capabilities =
client_id.client_capabilities();
EXPECT_TRUE(client_capabilities.has_client_token());
EXPECT_TRUE(client_capabilities.has_session_token());
EXPECT_FALSE(client_capabilities.video_resolution_constraints());
EXPECT_EQ(video_widevine::
ClientIdentification_ClientCapabilities_HdcpVersion_HDCP_V2_1,
EXPECT_EQ(ClientCapabilities::HDCP_V2_1,
client_capabilities.max_hdcp_version());
EXPECT_EQ(crypto_session_api_version,
client_capabilities.oem_crypto_api_version());
EXPECT_THAT(
client_capabilities.supported_certificate_key_type(),
UnorderedElementsAre(
video_widevine::
ClientIdentification_ClientCapabilities_CertificateKeyType_RSA_2048,
video_widevine::
ClientIdentification_ClientCapabilities_CertificateKeyType_RSA_3072));
EXPECT_THAT(client_capabilities.supported_certificate_key_type(),
UnorderedElementsAre(ClientCapabilities::RSA_2048,
ClientCapabilities::RSA_3072,
ClientCapabilities::ECC_SECP256R1,
ClientCapabilities::ECC_SECP384R1,
ClientCapabilities::ECC_SECP521R1));
EXPECT_EQ(resource_rating_tier, client_capabilities.resource_rating_tier());
EXPECT_EQ(client_capabilities.watermarking_support(),
ClientCapabilities::WATERMARKING_NOT_SUPPORTED);
// Verify Content Identification
const LicenseRequest_ContentIdentification& content_id =
@@ -552,9 +556,12 @@ TEST_F(CdmLicenseTest, PrepareKeyRequestValidationV15) {
}
struct EntitledKeyVariant {
EntitledKeyVariant(const char* name, const std::string& key,
bool should_succeed)
: name(name), key(key), should_succeed(should_succeed) {}
EntitledKeyVariant(const char* name_param, const std::string& key_param,
bool should_succeed_param)
: name(name_param),
key(key_param),
should_succeed(should_succeed_param) {}
const std::string name;
const std::string key;
const bool should_succeed;
@@ -600,8 +607,7 @@ TEST_P(CdmLicenseEntitledKeyTest, LoadsEntitledKeys) {
// Set up the CdmLicense with the mocks and fake entitlement key
CreateCdmLicense();
EXPECT_TRUE(cdm_license_->Init(kToken, kClientTokenDrmCert, kEmptyString,
true, kDefaultServiceCertificate,
EXPECT_TRUE(cdm_license_->Init(true, kDefaultServiceCertificate,
crypto_session_, policy_engine_));
cdm_license_->set_entitlement_keys(entitlement_license);
@@ -615,7 +621,7 @@ TEST_P(CdmLicenseEntitledKeyTest, LoadsEntitledKeys) {
}
}
INSTANTIATE_TEST_CASE_P(
INSTANTIATE_TEST_SUITE_P(
EntitledKeyTests, CdmLicenseEntitledKeyTest,
Values(EntitledKeyVariant("UnpaddedKey", kFakeUnpaddedKey, true),
EntitledKeyVariant("PaddedKey", kFakePaddedKey, true),