Merges to android Pi release (part 12)

These are a set of CLs merged from the wv cdm repo to the android repo. * Correct error logging Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/40000 ] In tests, we set the cipher list to avoid using insecure ciphers when connecting to the provisioning/license service. The result of setting the cipher list was being incorrectly validated. Bug: 64847919 * Move mips cache headers to clear_cache_function.h Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39700 ] Since the clear_cache function has been moved away from the dynamic adapter, we need these conditional includes to be migrated as well for MIPS. * Comment out Level 3 debug call until merge Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39761 ] This call was introduced in go/wvgerrit/34260/. Since the haystack tool in google3 still needs this merge, this should be commented out so the tool can still build until the merge has finished. * Add logging for MAC keys to mock Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39740 ] Bug: 70637842 * Move external interfaces into level3.h + refactor Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39673 ] As part of b/70523618, this CL moves interfaces that partners are responsible for in Level 3 to level3.h so they can be visible as part of the CDM release process. It also cleans up some of the names of the files and adds documentation. * Corrected close session logging level Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/39676 ] Bug: 69460963 * Remove Security Level Path Backward Compatibility Support Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/39505 ] From the android K release onwards certificates were stored in security level specific directories. If upgrading from previous releases persistent information needed to be moved to those directories. Since no device is likely to upgrade from J to Pi, comptibility support can be removed. Bug: 70160032 * Rename privacy_crypto_openssl To privacy_crypto_boringssl Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37122 ] Now that we no longer support OpenSSL in the Shared Source CDM, the name of this file can be updated. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Remove Conditional Compilation from OpenSSL/BoringSSL Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/39460 ] This change removes the usages of conditional compilation to support both BoringSSL and OpenSSL, as well as to support multiple versions of the OpenSSL API. All code is now compiled against one of the two versions of BoringSSL in third_party/. Note that in some cases, the kit/ and legacy_kit/ versions of BoringSSL had different APIs, so when removing the OpenSSL version compatibility conditional compilation, sometimes the older branch was kept and sometimes the newer branch was kept. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Build CE & Jenkins CDMs With BoringSSL from third_party/ Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37120 ] Up until now, integrators have been responsible for providing a compatible crypto library for use by the CE CDM. (either OpenSSL or BoringSSL) After this change, this decision will no longer be in their hands. The CE CDM build will always use the copy of BoringSSL in third_party/, which will be statically linked with our library with hidden visibility. This allows us to better control what crypto library we use and will prevent continuing problems with trying to support both OpenSSL and BoringSSL. Unfortunately, BoringSSL began using C++11 in mid-2017, and we can't support C++11 right now. Until we can, we need to use a C++11-free version of BoringSSL for libssl. The CDM itself will continue to use a recent BoringSSL, as it only needs libcrypto. But the unit tests that need libssl have to use the legacy version. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Modified RNG for Level3 to use more entropy Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39220 ] Bug: 65165076 Modified seed generation to use an xor of clock_gettime and client-implemented code to supply random seeds to the RNG. Modified the RNG as well to use xoroshiro128+ instead of xorshift, since it uses more than one seed/state (which are 64-bit) and has higher "statistical quality". The default implementations for the seed generation use /dev/urandom. * Configure base path for Level3FileSystem Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39506 ] This is in response to b/70354006. This change makes the Android Level3FileSystem use the existing properties method GetDevicesFilesBasePath for binderization. The same is done for the Linux implementation. * Add legacy_kit/ to BoringSSL Directory Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/38861 ] This adds a second copy of BoringSSL to the third_party/boringssl/ directory. This second copy is pinned to the last revision of BoringSSL not to require C++11 and is not updated by the UPDATE_BORINGSSL.sh script. This second copy will be used to provide libssl to the tests on devices that do not support C++11. Once we support C++11 in the CDM again, this weight should be removed and all targets should use the copy of BoringSSL in the kit/ directory. Bug: 67907873 * Use Shared Libraries for Unit Tests Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/38860 ] Some unit tests were using a statically-linked CDM instead of a dynamically-linked one. (Or, in one case, trying to link both ways into the same binary.) For now, we need to only link dynamically, so that the unit tests and the CDM can use different versions of BoringSSL. Long-term, we would like to test both kinds of linkage. (See b/69548115 for that.) Some unit tests were also using a dynamicaly-linked CDM that was named such that it appeared to be statically-linked. This patch renames some targets to make the linkage clearer. Bug: 67907873 * Change CDM_Backwards_Compatiblity_Tests to dedicated brances Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/39003 ] The build scripts used by CDM_Backwards_Compatiblity_Tests now pull old versions of oemcrypto from the dedicated branches oemcrypto-v*, which [will eventually] contain old oemcrypto versions, that build with the current build system with a current boringssl version. bug: 67907873 * Fix spacing on level3 header Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/38760 ] * Correct Query status calls Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38640 ] Bug: 70160032 * Refactoring to allow encryption of client ID Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/37460 ] The code has been restructured to allow encryption of client identification in provisioning requests. This will be enabled when server side changes have been made (b/69427217). * Additional information is included in the Client Identification portion of the provisioning request. * Client identification will be encrypted with a service certificate provided by the app/client. Platform changes to enable passing this to core are needed. If a service certificate is not provided, a default one associated with the production Keysmith will be used. * Switched APIs in CdmEngine to take a service certificate for provisioning rather than licensing. Service certificates for licensing are session based and passed as properties from platform code. Bug: 30737060 * Allow some CDM errors to be reported from multiple locations Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38360 ] This creates some CdmResponseType errors which may be reused PARAMETER_NULL, NOT_INITIALIZED_ERROR, REINIT_ERROR. I have made changes to a few classes to report these errors. Will work on additional classes in a separate CL. Bug: 69864404 BUG: 71650075 Test: WV Unit/integration tests Change-Id: Icc048770d424ac537d11ff327cda2cb142da802d
2018-01-10 23:54:59 -08:00
parent 5d690be108
commit aac1439dea
79 changed files with 582991 additions and 3305 deletions
--- a/libwvdrmengine/cdm/metrics/test/metrics_collections_test.cpp
+++ b/libwvdrmengine/cdm/metrics/test/metrics_collections_test.cpp
@@ -0,0 +1,445 @@
+// Copyright 2017 Google Inc. All Rights Reserved.
+//
+// Unit tests for the metrics collections,
+// EngineMetrics, SessionMetrics and CrytpoMetrics.
+
+#include "metrics_collections.h"
+
+#include <sstream>
+
+#include "gmock/gmock.h"
+#include "google/protobuf/text_format.h"
+#include "gtest/gtest.h"
+#include "log.h"
+#include "metrics.pb.h"
+#include "wv_cdm_types.h"
+
+using drm_metrics::MetricsGroup;
+using google::protobuf::TextFormat;
+
+namespace wvcdm {
+namespace metrics {
+
+// TODO(blueeyes): Improve this implementation by supporting full message
+// API In CDM. That allows us to use MessageDifferencer.
+class EngineMetricsTest : public ::testing::Test {
+};
+
+TEST_F(EngineMetricsTest, AllEngineMetrics) {
+  EngineMetrics engine_metrics;
+
+  // Set some values in all of the engine metrics.
+  engine_metrics.cdm_engine_add_key_.Record(1.0, KEY_ADDED);
+  engine_metrics.cdm_engine_close_session_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_decrypt_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_find_session_for_key_.Record(1.0, false);
+  engine_metrics.cdm_engine_generate_key_request_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_get_provisioning_request_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_get_usage_info_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_handle_provisioning_response_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_life_span_.Record(1.0);
+  engine_metrics.cdm_engine_open_key_set_session_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_open_session_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_query_key_status_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_release_all_usage_info_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_release_usage_info_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_remove_keys_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_restore_key_.Record(1.0, NO_ERROR);
+  engine_metrics.cdm_engine_unprovision_.Record(1.0, NO_ERROR, kSecurityLevelL1);
+
+  drm_metrics::MetricsGroup actual_metrics;
+  engine_metrics.Serialize(&actual_metrics, true, false);
+
+  // For each EventMetric, 2 metrics get serialized since only one sample was
+  // taken. So, the total number of serialized metrics are 2*17.
+  ASSERT_EQ(2 * 17, actual_metrics.metric_size());
+  EXPECT_EQ(0, actual_metrics.metric_sub_group_size());
+
+  // Spot check some metrics.
+  EXPECT_EQ("/drm/widevine/cdm_engine/add_key/time/count{error:2}",
+            actual_metrics.metric(0).name());
+  EXPECT_EQ("/drm/widevine/cdm_engine/close_session/time/mean{error:0}",
+            actual_metrics.metric(3).name());
+  EXPECT_EQ("/drm/widevine/cdm_engine/decrypt/time/mean{error:0}",
+            actual_metrics.metric(5).name());
+  EXPECT_EQ(1.0, actual_metrics.metric(5).value().double_value());
+}
+
+TEST_F(EngineMetricsTest, EngineAndCryptoMetrics) {
+  EngineMetrics engine_metrics;
+
+  // Set some values in some of the engine metrics and some crypto metrics.
+  engine_metrics.cdm_engine_add_key_.Record(1.0, KEY_ADDED);
+  engine_metrics.cdm_engine_close_session_.Record(1.0, NO_ERROR);
+  CryptoMetrics* crypto_metrics = engine_metrics.GetCryptoMetrics();
+
+  crypto_metrics->crypto_session_generic_decrypt_
+      .Record(2.0, NO_ERROR, Pow2Bucket(1025), kEncryptionAlgorithmAesCbc128);
+  crypto_metrics->crypto_session_get_device_unique_id_
+      .Record(4.0, false);
+
+  drm_metrics::MetricsGroup actual_metrics;
+  engine_metrics.Serialize(&actual_metrics, true, false);
+
+  // For each EventMetric, 2 metrics get serialized since only one sample was
+  // taken. So, the total number of serialized metrics are 2*4 since we
+  // touched 4 metrics.
+  ASSERT_EQ(2 * 4, actual_metrics.metric_size());
+  EXPECT_EQ(0, actual_metrics.metric_sub_group_size());
+
+  // Spot check some metrics.
+  EXPECT_EQ("/drm/widevine/cdm_engine/add_key/time/count{error:2}",
+            actual_metrics.metric(0).name());
+  EXPECT_EQ(
+      "/drm/widevine/crypto_session/generic_decrypt/time/count"
+      "{error:0&length:1024&encryption_algorithm:1}",
+      actual_metrics.metric(4).name());
+  EXPECT_EQ(
+      "/drm/widevine/crypto_session/get_device_unique_id/time/mean{success:0}",
+      actual_metrics.metric(7).name());
+  EXPECT_EQ(4.0, actual_metrics.metric(7).value().double_value());
+}
+
+TEST_F(EngineMetricsTest, EmptyEngineMetrics) {
+  EngineMetrics engine_metrics;
+
+  drm_metrics::MetricsGroup actual_metrics;
+  engine_metrics.Serialize(&actual_metrics, true, false);
+
+  EXPECT_EQ(0, actual_metrics.metric_size());
+  EXPECT_EQ(0, actual_metrics.metric_sub_group_size());
+}
+
+TEST_F(EngineMetricsTest, EngineMetricsWithCompletedSessions) {
+  EngineMetrics engine_metrics;
+
+  // Set a values in an engine metric and in a crypto metric.
+  engine_metrics.cdm_engine_add_key_.Record(1.0, KEY_ADDED);
+  engine_metrics.GetCryptoMetrics()
+      ->crypto_session_load_certificate_private_key_.Record(2.0, true);
+
+  // Create two sessions and record some metrics.
+  SessionMetrics* session_metrics_1 = engine_metrics.AddSession();
+  session_metrics_1->SetSessionId("session_id_1");
+  SessionMetrics* session_metrics_2 = engine_metrics.AddSession();
+  session_metrics_2->SetSessionId("session_id_2");
+  // Record a CryptoMetrics metric in the session.
+  session_metrics_2->GetCryptoMetrics()->crypto_session_generic_decrypt_
+      .Record(2.0, NO_ERROR, Pow2Bucket(1025), kEncryptionAlgorithmAesCbc128);
+  session_metrics_2->SetSessionId("session_id_2");
+  // Mark only session 2 as completed.
+  session_metrics_2->SetCompleted();
+
+  drm_metrics::MetricsGroup actual_metrics;
+  engine_metrics.Serialize(&actual_metrics, true, false);
+
+  // Validate metric counts.
+  // For each EventMetric, 2 metrics get serialized since only one sample was
+  // taken. So, the total number of serialized metrics are 2*2 since we
+  // touched 2 metrics.
+  ASSERT_EQ(2 * 2, actual_metrics.metric_size());
+  ASSERT_EQ(1, actual_metrics.metric_sub_group_size());
+  ASSERT_EQ(3, actual_metrics.metric_sub_group(0).metric_size());
+
+  // Spot check some metrics.
+  EXPECT_EQ("/drm/widevine/cdm_engine/add_key/time/count{error:2}",
+            actual_metrics.metric(0).name());
+  EXPECT_EQ("/drm/widevine/crypto_session/load_certificate_private_key"
+            "/time/count{success:1}",
+            actual_metrics.metric(2).name());
+  EXPECT_EQ("/drm/widevine/cdm_session/session_id",
+            actual_metrics.metric_sub_group(0).metric(0).name());
+  EXPECT_EQ(
+      "session_id_2",
+      actual_metrics.metric_sub_group(0).metric(0).value().string_value());
+  EXPECT_EQ(
+      "/drm/widevine/crypto_session/generic_decrypt/time/count"
+      "{error:0&length:1024&encryption_algorithm:1}",
+      actual_metrics.metric_sub_group(0).metric(1).name());
+}
+
+TEST_F(EngineMetricsTest, EngineMetricsSerializeAllSessions) {
+  EngineMetrics engine_metrics;
+
+  // Create two sessions and record some metrics.
+  SessionMetrics* session_metrics_1 = engine_metrics.AddSession();
+  session_metrics_1->SetSessionId("session_id_1");
+  SessionMetrics* session_metrics_2 = engine_metrics.AddSession();
+  session_metrics_2->SetSessionId("session_id_2");
+  // Mark only session 2 as completed.
+  session_metrics_2->SetCompleted();
+
+  drm_metrics::MetricsGroup actual_metrics;
+  engine_metrics.Serialize(&actual_metrics, false, false);
+
+  // Validate metric counts.
+  // No Engine-level metrics were recorded.
+  ASSERT_EQ(0, actual_metrics.metric_size());
+  // Two sub groups, 1 per session.
+  ASSERT_EQ(2, actual_metrics.metric_sub_group_size());
+  ASSERT_EQ(1, actual_metrics.metric_sub_group(0).metric_size());
+
+  // Spot check some metrics.
+  EXPECT_EQ("/drm/widevine/cdm_session/session_id",
+            actual_metrics.metric_sub_group(0).metric(0).name());
+  EXPECT_EQ(
+      "session_id_1",
+      actual_metrics.metric_sub_group(0).metric(0).value().string_value());
+  EXPECT_EQ("/drm/widevine/cdm_session/session_id",
+            actual_metrics.metric_sub_group(1).metric(0).name());
+  EXPECT_EQ(
+      "session_id_2",
+      actual_metrics.metric_sub_group(1).metric(0).value().string_value());
+}
+
+TEST_F(EngineMetricsTest, EngineMetricsRemoveSessions) {
+  EngineMetrics engine_metrics;
+
+  // Create two sessions and record some metrics.
+  SessionMetrics* session_metrics_1 = engine_metrics.AddSession();
+  session_metrics_1->SetSessionId("session_id_1");
+  SessionMetrics* session_metrics_2 = engine_metrics.AddSession();
+  session_metrics_2->SetSessionId("session_id_2");
+  // Mark only session 2 as completed.
+  session_metrics_2->SetCompleted();
+
+  // Serialize all metrics, don't remove any.
+  drm_metrics::MetricsGroup actual_metrics;
+  engine_metrics.Serialize(&actual_metrics, false, false);
+
+  // Validate metric counts.
+  // Two sub groups, 1 per session.
+  ASSERT_EQ(2, actual_metrics.metric_sub_group_size());
+
+  // Serialize completed metrics, remove them.
+  actual_metrics.Clear();
+  engine_metrics.Serialize(&actual_metrics, true, true);
+  // Validate metric counts.
+  // Only one, completed session should exist.
+  ASSERT_EQ(1, actual_metrics.metric_sub_group_size());
+  ASSERT_EQ(1, actual_metrics.metric_sub_group(0).metric_size());
+  EXPECT_EQ(
+      "session_id_2",
+      actual_metrics.metric_sub_group(0).metric(0).value().string_value());
+
+  // Serialize all metrics, remove them.
+  actual_metrics.Clear();
+  engine_metrics.Serialize(&actual_metrics, false, true);
+  // Validate metric counts.
+  // Only one, non-complete session should exist.
+  ASSERT_EQ(1, actual_metrics.metric_sub_group_size());
+  ASSERT_EQ(1, actual_metrics.metric_sub_group(0).metric_size());
+  EXPECT_EQ(
+      "session_id_1",
+      actual_metrics.metric_sub_group(0).metric(0).value().string_value());
+
+  // Serialize all metrics, don't remove any.
+  actual_metrics.Clear();
+  engine_metrics.Serialize(&actual_metrics, false, false);
+  // Validate metric counts.
+  // There should be no more metric subgroups left.
+  ASSERT_EQ(0, actual_metrics.metric_sub_group_size());
+}
+
+class SessionMetricsTest : public ::testing::Test {
+};
+
+TEST_F(SessionMetricsTest, AllSessionMetrics) {
+  SessionMetrics session_metrics;
+  session_metrics.SetSessionId("session_id 1");
+
+  session_metrics.cdm_session_life_span_.Record(1.0);
+  session_metrics.cdm_session_renew_key_.Record(1.0, NO_ERROR);
+  session_metrics.cdm_session_restore_offline_session_.Record(1.0, NO_ERROR);
+  session_metrics.cdm_session_restore_usage_session_.Record(1.0, NO_ERROR);
+
+  // Record a CryptoMetrics metric in the session.
+  session_metrics.GetCryptoMetrics()->crypto_session_generic_decrypt_
+      .Record(2.0, NO_ERROR, Pow2Bucket(1025), kEncryptionAlgorithmAesCbc128);
+
+  MetricsGroup actual_metrics;
+  session_metrics.Serialize(&actual_metrics);
+
+  ASSERT_EQ(11, actual_metrics.metric_size());
+  EXPECT_EQ(0, actual_metrics.metric_sub_group_size());
+
+  // Spot check some metrics.
+  EXPECT_EQ("/drm/widevine/cdm_session/session_id",
+            actual_metrics.metric(0).name());
+  EXPECT_EQ("/drm/widevine/cdm_session/life_span/time/count",
+            actual_metrics.metric(1).name());
+  EXPECT_EQ("/drm/widevine/cdm_session/renew_key/time/mean{error:0}",
+            actual_metrics.metric(4).name());
+  EXPECT_EQ(1.0, actual_metrics.metric(4).value().double_value());
+  EXPECT_EQ("/drm/widevine/crypto_session/generic_decrypt/time/count"
+            "{error:0&length:1024&encryption_algorithm:1}",
+            actual_metrics.metric(9).name());
+}
+
+TEST_F(SessionMetricsTest, EmptySessionMetrics) {
+  SessionMetrics session_metrics;
+
+  MetricsGroup actual_metrics;
+  session_metrics.Serialize(&actual_metrics);
+
+  // Session metric always has a session id.
+  ASSERT_EQ(1, actual_metrics.metric_size());
+  EXPECT_EQ("/drm/widevine/cdm_session/session_id",
+            actual_metrics.metric(0).name());
+  EXPECT_EQ("", actual_metrics.metric(0).value().string_value());
+  EXPECT_EQ(0, actual_metrics.metric_sub_group_size());
+}
+
+class CryptoMetricsTest : public ::testing::Test {
+};
+
+TEST_F(CryptoMetricsTest, AllCryptoMetrics) {
+  CryptoMetrics crypto_metrics;
+
+  // Crypto session metrics.
+  crypto_metrics.crypto_session_delete_all_usage_reports_
+      .Record(1.0, NO_ERROR);
+  crypto_metrics.crypto_session_delete_multiple_usage_information_
+      .Record(1.0, NO_ERROR);
+  crypto_metrics.crypto_session_generic_decrypt_
+      .Record(2.0, NO_ERROR, Pow2Bucket(1025), kEncryptionAlgorithmAesCbc128);
+  crypto_metrics.crypto_session_generic_encrypt_
+      .Record(2.0, NO_ERROR, Pow2Bucket(1025), kEncryptionAlgorithmAesCbc128);
+  crypto_metrics.crypto_session_generic_sign_
+      .Record(2.0, NO_ERROR, Pow2Bucket(1025), kSigningAlgorithmHmacSha256);
+  crypto_metrics.crypto_session_generic_verify_
+      .Record(2.0, NO_ERROR, Pow2Bucket(1025), kSigningAlgorithmHmacSha256);
+  crypto_metrics.crypto_session_get_device_unique_id_.Record(1.0, true);
+  crypto_metrics.crypto_session_get_security_level_
+      .Record(1.0, kSecurityLevelL1);
+  crypto_metrics.crypto_session_get_system_id_.Record(1.0, true, 1234);
+  crypto_metrics.crypto_session_get_token_.Record(1.0, true);
+  crypto_metrics.crypto_session_life_span_.Record(1.0);
+  crypto_metrics.crypto_session_load_certificate_private_key_
+      .Record(1.0, true);
+  crypto_metrics.crypto_session_open_.Record(1.0, NO_ERROR, kLevelDefault);
+  crypto_metrics.crypto_session_update_usage_information_
+      .Record(1.0, NO_ERROR);
+  crypto_metrics.crypto_session_usage_information_support_.Record(1.0, true);
+
+  // Oem crypto metrics.
+  crypto_metrics.oemcrypto_api_version_.Record(1.0, 123, kLevelDefault);
+  crypto_metrics.oemcrypto_close_session_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_copy_buffer_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED,
+              kLevelDefault, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_deactivate_usage_entry_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_decrypt_cenc_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_delete_usage_entry_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_delete_usage_table_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_derive_keys_from_session_key_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_force_delete_usage_entry_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_generate_derived_keys_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_generate_nonce_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_generate_rsa_signature_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_generate_signature_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_generic_decrypt_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_generic_encrypt_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_generic_sign_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_generic_verify_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_get_device_id_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, kLevelDefault);
+  crypto_metrics.oemcrypto_get_hdcp_capability_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, kLevelDefault);
+  crypto_metrics.oemcrypto_get_key_data_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED,
+              Pow2Bucket(1025), kLevelDefault);
+  crypto_metrics.oemcrypto_get_max_number_of_sessions_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, kLevelDefault);
+  crypto_metrics.oemcrypto_get_number_of_open_sessions_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, kLevelDefault);
+  crypto_metrics.oemcrypto_get_oem_public_certificate_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+
+  crypto_metrics.oemcrypto_get_provisioning_method_
+      .Record(1.0, OEMCrypto_Keybox, kLevelDefault);
+
+  crypto_metrics.oemcrypto_get_random_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, Pow2Bucket(1025));
+  crypto_metrics.oemcrypto_initialize_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_install_keybox_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, kLevelDefault);
+  crypto_metrics.oemcrypto_is_anti_rollback_hw_present_
+      .Record(1.0, true, kLevelDefault);
+
+  crypto_metrics.oemcrypto_is_keybox_valid_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, kLevelDefault);
+  crypto_metrics.oemcrypto_load_device_rsa_key_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_load_keys_.Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_load_test_keybox_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_load_test_rsa_key_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_open_session_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, kLevelDefault);
+  crypto_metrics.oemcrypto_refresh_keys_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_report_usage_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_rewrap_device_rsa_key_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_rewrap_device_rsa_key_30_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_security_level_
+      .Record(1.0, kSecurityLevelL2, kLevelDefault);
+  crypto_metrics.oemcrypto_security_patch_level_
+      .Record(1.0, 123, kLevelDefault);
+  crypto_metrics.oemcrypto_select_key_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_supports_usage_table_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED, kLevelDefault);
+  crypto_metrics.oemcrypto_update_usage_table_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+  crypto_metrics.oemcrypto_wrap_keybox_
+      .Record(1.0, OEMCrypto_ERROR_INIT_FAILED);
+
+  // Internal OEMCrypto Metrics
+  crypto_metrics.oemcrypto_initialization_mode_
+      .Record(1.0, OEMCrypto_INITIALIZED_FORCING_L3);
+  crypto_metrics.oemcrypto_l1_api_version_.Record(1.0, 12, 123);
+
+  MetricsGroup actual_metrics;
+  crypto_metrics.Serialize(&actual_metrics);
+
+  // 61 EventMetric instances, 2 values each.
+  ASSERT_EQ(122, actual_metrics.metric_size());
+
+  // Spot check some metrics.
+  EXPECT_EQ(
+      "/drm/widevine/crypto_session/delete_all_usage_reports/time/count"
+      "{error:0}",
+      actual_metrics.metric(0).name());
+  EXPECT_EQ(1, actual_metrics.metric(0).value().int_value());
+  EXPECT_EQ(
+      "/drm/widevine/oemcrypto/l1_api_version/mean{version:12&min_version:123}",
+      actual_metrics.metric(121).name());
+  EXPECT_EQ(1.0, actual_metrics.metric(121).value().double_value());
+
+  // No subgroups should exist.
+  EXPECT_EQ(0, actual_metrics.metric_sub_group_size());
+}
+
+}  // namespace metrics
+}  // namespace wvcdm