Cas Client repo update-2.

-Parse EMM in Cas plugin -Entitlement key rotation support -Multi_content_license support
2021-06-28 11:34:11 -07:00
parent 4e4f8c468f
commit 065ca035c9
42 changed files with 1748 additions and 234 deletions
--- a/oemcrypto/ref/src/oemcrypto_engine_ref.cpp
+++ b/oemcrypto/ref/src/oemcrypto_engine_ref.cpp
@@ -166,6 +166,22 @@ OEMCryptoResult CryptoEngine::RemoveEntitledKeySession(SessionId key_sid) {
  return OEMCrypto_SUCCESS;
 }

+OEMCryptoResult CryptoEngine::ReassociateEntitledKeySession(SessionId key_sid,
+                                                            SessionId oec_sid) {
+  std::unique_lock<std::mutex> lock(session_table_lock_);
+  if (entitled_key_session_table_ == nullptr) {
+    return OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION;
+  }
+  if (entitled_key_session_table_->FindEntitledKeySession(key_sid) == nullptr) {
+    return OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION;
+  }
+  if (!entitled_key_session_table_->ReassociateEntitledKeySession(key_sid,
+                                                                  oec_sid)) {
+    return OEMCrypto_ERROR_UNKNOWN_FAILURE;
+  }
+  return OEMCrypto_SUCCESS;
+}
+
 EntitledKeySession* CryptoEngine::FindEntitledKeySession(SessionId key_sid) {
  std::unique_lock<std::mutex> lock(session_table_lock_);
  if (entitled_key_session_table_ == nullptr) {
--- a/oemcrypto/ref/src/oemcrypto_engine_ref.h
+++ b/oemcrypto/ref/src/oemcrypto_engine_ref.h
@@ -110,6 +110,8 @@ class CryptoEngine {

  virtual OEMCryptoResult RemoveEntitledKeySession(SessionId key_sid);

+  virtual OEMCryptoResult ReassociateEntitledKeySession(SessionId key_sid, SessionId oec_sid);
+
  EntitledKeySession* FindEntitledKeySession(SessionId key_sid);

  size_t GetNumberOfOpenSessions() { return sessions_.size(); }
--- a/oemcrypto/ref/src/oemcrypto_entitled_key_session.cpp
+++ b/oemcrypto/ref/src/oemcrypto_entitled_key_session.cpp
@@ -279,6 +279,21 @@ void EntitledKeySessionTable::RemoveEntitledKeySession(SessionId key_sid) {
  entitled_key_sessions_.erase(key_sid);
 }

+bool EntitledKeySessionTable::ReassociateEntitledKeySession(SessionId key_sid,
+                                                            SessionId oec_sid) {
+  std::unique_lock<std::mutex> lock(session_lock_);
+  // The given |key_sid| does not exist.
+  if (entitled_key_sessions_.find(key_sid) == entitled_key_sessions_.end()) {
+    return false;
+  }
+
+  oec_session_to_key_sessions_[oec_sid].erase(
+      key_session_to_oec_session_[key_sid]);
+  oec_session_to_key_sessions_[oec_sid].insert(oec_sid);
+  key_session_to_oec_session_[key_sid] = oec_sid;
+  return true;
+}
+
 SessionId EntitledKeySessionTable::GetOEMCryptoSessionId(SessionId key_sid) {
  std::unique_lock<std::mutex> lock(session_lock_);
  if (key_session_to_oec_session_.find(key_sid) ==
--- a/oemcrypto/ref/src/oemcrypto_entitled_key_session.h
+++ b/oemcrypto/ref/src/oemcrypto_entitled_key_session.h
@@ -113,6 +113,9 @@ class EntitledKeySessionTable {
  EntitledKeySession* FindEntitledKeySession(SessionId key_sid);
  // Remove the entitled key session that has |key_sid| as the id.
  void RemoveEntitledKeySession(SessionId key_sid);
+  // Reassociates an existing entitled key session |key_sid| to an existing
+  // OEMCrypto session |oec_sid|.
+  bool ReassociateEntitledKeySession(SessionId key_sid, SessionId oec_sid);

  // Get the referenced OEMCrypto session id of entitled key session |key_sid|.
  SessionId GetOEMCryptoSessionId(SessionId key_sid);
--- a/oemcrypto/ref/src/oemcrypto_ref.cpp
+++ b/oemcrypto/ref/src/oemcrypto_ref.cpp
@@ -1989,4 +1989,38 @@ OEMCrypto_RemoveEntitledKeySession(OEMCrypto_SESSION key_session) {
  return crypto_engine->RemoveEntitledKeySession(key_session);
 }

+OEMCRYPTO_API OEMCryptoResult OEMCrypto_ReassociateEntitledKeySession(
+    OEMCrypto_SESSION key_session, OEMCrypto_SESSION oec_session) {
+  if (crypto_engine == nullptr) {
+    LOGE(
+        "[OEMCrypto_ReassociateEntitledKeySession: OEMCrypto Not "
+        "Initialized.]");
+    return OEMCrypto_ERROR_UNKNOWN_FAILURE;
+  }
+#ifndef NDEBUG
+  if (!crypto_engine->ValidRootOfTrust()) {
+    LOGE("[OEMCrypto_ReassociateEntitledKeySession(): ERROR_KEYBOX_INVALID]");
+    return OEMCrypto_ERROR_KEYBOX_INVALID;
+  }
+#endif
+  if (crypto_engine->SessionTypeBits(key_session) != kSessionTypeEntitledKey) {
+    LOGE(
+        "[OEMCrypto_ReassociateEntitledKeySession: Unexpected key_session "
+        "type.]");
+    return OEMCrypto_ERROR_INVALID_ENTITLED_KEY_SESSION;
+  }
+  if (crypto_engine->SessionTypeBits(oec_session) != kSessionTypeOEMCrypto) {
+    LOGE(
+        "[OEMCrypto_ReassociateEntitledKeySession: Unexpected oec_session "
+        "type.]");
+    return OEMCrypto_ERROR_INVALID_SESSION;
+  }
+  SessionContext* session_ctx = crypto_engine->FindSession(oec_session);
+  if (!session_ctx || !session_ctx->isValid()) {
+    LOGE("[OEMCrypto_ReassociateEntitledKeySession(): ERROR_INVALID_SESSION]");
+    return OEMCrypto_ERROR_INVALID_SESSION;
+  }
+  return crypto_engine->ReassociateEntitledKeySession(key_session, oec_session);
+}
+
 }  // namespace wvoec_ref