Source release 14.2.0

core/src/cdm_session.cpp

@@ -49,7 +49,7 @@ CdmSession::CdmSession(FileSystem* file_system,
       mock_policy_engine_in_use_(false) {
   assert(metrics_);  // metrics_ must not be null.
   crypto_metrics_ = metrics_->GetCryptoMetrics();
-  crypto_session_.reset(new CryptoSession(crypto_metrics_));
+  crypto_session_.reset(CryptoSession::MakeCryptoSession(crypto_metrics_));
   life_span_.Start();
 }
 
@@ -186,7 +186,7 @@ CdmResponseType CdmSession::Init(CdmClientPropertySet* cdm_client_property_set,
 }
 
 CdmResponseType CdmSession::RestoreOfflineSession(
-    const CdmKeySetId& key_set_id, const CdmLicenseType license_type) {
+    const CdmKeySetId& key_set_id, CdmLicenseType license_type) {
   if (!initialized_) {
     LOGE("CdmSession::RestoreOfflineSession: not initialized");
     return NOT_INITIALIZED_ERROR;
@@ -214,7 +214,14 @@ CdmResponseType CdmSession::RestoreOfflineSession(
     return GET_LICENSE_ERROR;
   }
 
-  // Do not restore a released offline license, unless a release retry
+  // Attempts to restore a released offline license are treated as a release
+  // retry.
+  if (license_state == DeviceFiles::kLicenseStateReleasing) {
+    license_type = kLicenseTypeRelease;
+  }
+
+  // Only restore offline licenses if they are active or this is a release
+  // retry.
   if (!(license_type == kLicenseTypeRelease ||
         license_state == DeviceFiles::kLicenseStateActive)) {
     LOGE(
@@ -577,18 +584,21 @@ CdmResponseType CdmSession::Decrypt(const CdmDecryptionParameters& params) {
     return NOT_INITIALIZED_ERROR;
   }
 
-  // Playback may not begin until either the start time passes or the license
-  // is updated, so we treat this Decrypt call as invalid.
-  if (params.is_encrypted &&
-      !policy_engine_->CanDecryptContent(*params.key_id)) {
-    if (policy_engine_->IsLicenseForFuture()) return DECRYPT_NOT_READY;
-    if (!policy_engine_->IsSufficientOutputProtection(*params.key_id))
-      return INSUFFICIENT_OUTPUT_PROTECTION;
-    return NEED_KEY;
-  }
-
-  if (!policy_engine_->CanUseKey(*params.key_id, security_level_)) {
-    return KEY_PROHIBITED_FOR_SECURITY_LEVEL;
+  // Encrypted playback may not begin until either the start time passes or the
+  // license is updated, so we treat this Decrypt call as invalid.
+  // For the clear lead, we allow playback even if the key_id is not found or if
+  // the security level is not high enough yet.
+  if (params.is_encrypted) {
+    if (!policy_engine_->CanDecryptContent(*params.key_id)) {
+      if (policy_engine_->IsLicenseForFuture()) return DECRYPT_NOT_READY;
+      if (!policy_engine_->IsSufficientOutputProtection(*params.key_id))
+        return INSUFFICIENT_OUTPUT_PROTECTION;
+      return NEED_KEY;
+    }
+    if (!policy_engine_->CanUseKeyForSecurityLevel(*params.key_id,
+                                                   security_level_)) {
+      return KEY_PROHIBITED_FOR_SECURITY_LEVEL;
+    }
   }
 
   CdmResponseType status = crypto_session_->Decrypt(params);
@@ -732,7 +742,7 @@ CdmResponseType CdmSession::DeleteUsageEntry(uint32_t usage_entry_number) {
   // it, so close and reopen session.
   CdmResponseType sts;
   crypto_session_->Close();
-  crypto_session_.reset(new CryptoSession(crypto_metrics_));
+  crypto_session_.reset(CryptoSession::MakeCryptoSession(crypto_metrics_));
   M_TIME(sts = crypto_session_->Open(requested_security_level_),
          crypto_metrics_, crypto_session_open_, sts, requested_security_level_);
   if (sts != NO_ERROR) return sts;
@@ -868,7 +878,7 @@ bool CdmSession::StoreLicense(DeviceFiles::LicenseState state) {
 
 CdmResponseType CdmSession::RemoveKeys() {
   CdmResponseType sts;
-  crypto_session_.reset(new CryptoSession(crypto_metrics_));
+  crypto_session_.reset(CryptoSession::MakeCryptoSession(crypto_metrics_));
   // Ignore errors
   M_TIME(
       sts = crypto_session_->Open(requested_security_level_),