Add AES-ECB as a supported encryption mode in ECMG

common/security_profile_list.h

@@ -18,6 +18,7 @@
 
 #include "absl/synchronization/mutex.h"
 #include "common/hash_algorithm.h"
+#include "common/output_protection_util.h"
 #include "common/status.h"
 #include "protos/public/client_identification.pb.h"
 #include "protos/public/device_security_profile_data.pb.h"
@@ -26,6 +27,7 @@
 #include "protos/public/security_profile.pb.h"
 
 namespace widevine {
+
 using ClientCapabilities = ClientIdentification::ClientCapabilities;
 
 const char kDefaultProfileOwnerName[] = "Widevine";
@@ -56,13 +58,16 @@ class SecurityProfileList {
       const std::vector<std::string>& profiles_to_check,
       const std::string& owner, const ClientIdentification& client_id,
       const ProvisionedDeviceInfo& device_info,
+      PlatformVerificationStatus device_vmp_status,
       std::vector<std::string>* qualified_profiles) const;
 
   // Populates |profiles_to_allow| with a list of profiles that meet the
   // requirements for the this device. The number of profiles is returned.
   virtual int GetQualifiedProfiles(
       const ClientIdentification& client_id,
-      const ProvisionedDeviceInfo& device_info, const std::string& owner,
+      const ProvisionedDeviceInfo& device_info,
+      const PlatformVerificationStatus device_vmp_status,
+      const std::string& owner,
       std::vector<std::string>* qualified_profiles) const;
 
   // Return true if a profile exist matching the specified parameters {|name|,
@@ -121,6 +126,8 @@ class SecurityProfileList {
   void ClearAllProfiles();
 
  private:
+  friend class SecurityProfileListTest;
+
   // Add Widevine default profiles into profile_list. The number of added
   // default profiles will be returned.
   virtual int AddDefaultProfiles();
@@ -133,7 +140,8 @@ class SecurityProfileList {
 
   bool DoesProfileQualify(const SecurityProfile& profile,
                           const ClientIdentification& client_id,
-                          const ProvisionedDeviceInfo& device_info) const;
+                          const ProvisionedDeviceInfo& device_info,
+                          PlatformVerificationStatus device_vmp_status) const;
 
   int64_t GetCurrentTimeSeconds() const;
 
@@ -149,6 +157,10 @@ class SecurityProfileList {
 
   void ClearAllDefaultProfilesLocked() ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_);
   void ClearAllCustomProfilesLocked() ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_);
+
+  // Return true is the client is a Chrome browser.
+  virtual bool IsChromeBrowser(const std::string& device_model) const;
+
   mutable absl::Mutex mutex_;
   // Security profiles
   std::string profile_namespace_;

media_cas_packager_sdk/public/wv_cas_types.h

@@ -30,6 +30,7 @@ enum class CryptoMode : int {
   kDvbCsa3 = 3,
   kAesOfb = 4,
   kAesScte = 5,
+  kAesEcb = 6,
 };
 
 enum class ScramblingLevel : int { kPES = 0, kTS = 1 };

protos/public/media_cas.proto

@@ -71,6 +71,7 @@ message EcmMetaData {
     DVB_CSA3 = 4;
     AES_OFB = 5;
     AES_SCTE52 = 6;
+    AES_ECB = 7;
   }
   // Required. The cipher mode used to encrypt/decrypt the content.
   optional CipherMode cipher_mode = 1;

protos/public/media_cas_encryption.proto

@@ -61,6 +61,7 @@ message CasEncryptionResponse {
     // Optional label used for the key.
     optional string track_type = 3;
     optional KeySlot key_slot = 4;
+    optional uint32 period_index = 5;
   }
   optional Status status = 1;
   optional string status_message = 2;