Source release 16.4.0

core/src/cdm_session.cpp

@@ -111,6 +111,18 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,
     return REINIT_ERROR;
   }
 
+  // Save parameters in case Init needs to be called again (load and restore
+  // offline license)
+  if (cdm_client_property_set)
+    cdm_client_property_set_ = cdm_client_property_set;
+
+  if (forced_session_id) {
+    forced_session_id_value_ = *forced_session_id;
+    forced_session_id_ = &forced_session_id_value_;
+  }
+
+  if (event_listener) event_listener_ = event_listener;
+
   if (cdm_client_property_set && cdm_client_property_set->security_level() ==
                                      QUERY_VALUE_SECURITY_LEVEL_L3) {
     requested_security_level_ = kLevel3;
@@ -229,6 +241,24 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,
   return NO_ERROR;
 }
 
+CdmResponseType CdmSession::ReleaseOfflineResources() {
+  // |license_parser_| and |policy_engine_| are reset in Init. No need to
+  // deallocate here.
+  if (usage_support_type_ == kUsageEntrySupport &&
+      has_provider_session_token() && usage_table_header_ != nullptr &&
+      !is_release_) {
+    UpdateUsageEntryInformation();
+  }
+
+  if (!key_set_id_.empty()) {
+    // Unreserve the license ID.
+    file_handle_->UnreserveLicenseId(key_set_id_);
+  }
+  crypto_session_.reset(CryptoSession::MakeCryptoSession(crypto_metrics_));
+  initialized_ = false;
+  return NO_ERROR;
+}
+
 CdmResponseType CdmSession::RestoreOfflineSession(const CdmKeySetId& key_set_id,
                                                   CdmLicenseType license_type,
                                                   int* error_detail) {
@@ -239,6 +269,31 @@ CdmResponseType CdmSession::RestoreOfflineSession(const CdmKeySetId& key_set_id,
   if (!key_set_id_.empty()) {
     file_handle_->UnreserveLicenseId(key_set_id_);
   }
+
+  // On android, we previously permitted an offline license to be loaded and
+  // restored in the same session. OEMCrypto v16+ disallows it so we need to
+  // release and initialize an OEMCrypto session. We will still prohibit
+  // multiple restore attempts on the same session.
+  // TODO(b/161865160): reevalute this scenario. Should we also
+  // (a) only allow a restore for the same key set ID that was loaded
+  // (b) if (a) is true, indicate success and do nothing else rather than
+  //     release resources and reinitialize.
+  // We need to investigate the conditions that caused an app failure and
+  // led us to add a test to support this use case as there were multiple
+  // related issues.
+  if (!has_license_been_loaded_ && has_license_been_restored_) {
+    LOGE("Disallow multiple offline license restores");
+    return RESTORE_OFFLINE_LICENSE_ERROR_3;
+  }
+
+  if (has_license_been_loaded_) {
+    CdmResponseType status = ReleaseOfflineResources();
+    if (status != NO_ERROR) return status;
+    status =
+        Init(cdm_client_property_set_, forced_session_id_, event_listener_);
+    if (status != NO_ERROR) return status;
+  }
+  has_license_been_restored_ = true;
   key_set_id_ = key_set_id;
 
   DeviceFiles::CdmLicenseData license_data;
@@ -281,19 +336,13 @@ CdmResponseType CdmSession::RestoreOfflineSession(const CdmKeySetId& key_set_id,
   }
 
   std::string provider_session_token;
+  bool sign_fake_request = false;  // TODO(b/169483174): remove this variable.
   if (usage_support_type_ == kUsageEntrySupport) {
     if (!license_parser_->ExtractProviderSessionToken(
             key_response_, &provider_session_token) ||
         usage_table_header_ == nullptr) {
       provider_session_token.clear();
-      std::string fake_message("empty message");
-      std::string core_message;
-      std::string license_request_signature;
-      // Sign a fake message so that OEMCrypto will start the rental clock. The
-      // signature and generated core message are ignored.
-      CdmResponseType status = crypto_session_->PrepareAndSignLicenseRequest(
-          fake_message, &core_message, &license_request_signature);
-      if (status != NO_ERROR) return status;
+      sign_fake_request = true;  // TODO(b/169483174): remove this line.
     } else if (!VerifyOfflineUsageEntry()) {
       LOGE("License usage entry is invalid, cannot restore");
       return LICENSE_USAGE_ENTRY_MISSING;
@@ -306,6 +355,24 @@ CdmResponseType CdmSession::RestoreOfflineSession(const CdmKeySetId& key_set_id,
         return sts;
       }
     }
+  } else {
+    sign_fake_request = true;  // TODO(b/169483174): remove this block.
+  }
+  // TODO(b/169483174): remove this code in v17. For OEMCrypto v16, an offline
+  // license would not work because the rental clock in OEMCrypto is only
+  // started when the license request is signed. We will sign a fake license
+  // request if the device does not support usage tables, or if the license does
+  // not have a usage entry.
+  if (sign_fake_request) {
+    std::string fake_message("empty message");
+    std::string core_message;
+    std::string license_request_signature;
+    // Sign a fake message so that OEMCrypto will start the rental clock. The
+    // signature and generated core message are ignored.
+    const CdmResponseType status =
+        crypto_session_->PrepareAndSignLicenseRequest(
+            fake_message, &core_message, &license_request_signature);
+    if (status != NO_ERROR) return status;
   }
 
   CdmResponseType result;
@@ -429,6 +496,7 @@ CdmResponseType CdmSession::GenerateKeyRequestInternal(
   switch (license_type) {
     case kLicenseTypeTemporary:
       is_temporary_ = true;
+      is_offline_ = false;
       break;
     case kLicenseTypeStreaming:
       is_offline_ = false;
@@ -536,7 +604,8 @@ CdmResponseType CdmSession::AddKeyInternal(const CdmKeyResponse& key_response) {
         if (sts != NO_ERROR) return sts;
       }
     }
-    sts = license_parser_->HandleKeyResponse(key_response);
+    sts = license_parser_->HandleKeyResponse(/* is restore */ false,
+                                             key_response);
 
     // Update the license sdk and service versions.
     const VersionInfo& version_info = license_parser_->GetServiceVersion();
@@ -569,7 +638,7 @@ CdmResponseType CdmSession::AddKeyInternal(const CdmKeyResponse& key_response) {
          license_parser_->provider_session_token().c_str(),
          license_parser_->provider_session_token().size());
 
-    if (is_offline_ || has_provider_session_token()) {
+    if ((is_offline_ || has_provider_session_token()) && !is_temporary_) {
       if (has_provider_session_token() &&
           usage_support_type_ == kUsageEntrySupport &&
           usage_table_header_ != nullptr) {
@@ -584,6 +653,7 @@ CdmResponseType CdmSession::AddKeyInternal(const CdmKeyResponse& key_response) {
       sts = StoreLicense();
       if (sts != NO_ERROR) return sts;
     }
+    has_license_been_loaded_ = true;
 
     return KEY_ADDED;
   }
@@ -732,8 +802,9 @@ CdmResponseType CdmSession::RenewKey(const CdmKeyResponse& key_response) {
     LOGE("CDM session not initialized");
     return NOT_INITIALIZED_ERROR;
   }
-  CdmResponseType sts =
-      license_parser_->HandleKeyUpdateResponse(true, key_response);
+  CdmResponseType sts = license_parser_->HandleKeyUpdateResponse(
+      /* is renewal */ true,
+      /* is restore */ false, key_response);
 
   // Record the timing on success.
   UpdateRequestLatencyTiming(sts);
@@ -797,8 +868,9 @@ CdmResponseType CdmSession::ReleaseKey(const CdmKeyResponse& key_response) {
     LOGE("CDM session not initialized");
     return NOT_INITIALIZED_ERROR;
   }
-  CdmResponseType sts =
-      license_parser_->HandleKeyUpdateResponse(false, key_response);
+  CdmResponseType sts = license_parser_->HandleKeyUpdateResponse(
+      /* is renewal */ false,
+      /* is restore */ false, key_response);
   // Record the timing on success.
   UpdateRequestLatencyTiming(sts);