Changes from Widevine CDM repo

Squashed commit of these CLs from the widevine cdm repo:

Update YT CP server URI to point to the UAT server
https://widevine-internal-review.googlesource.com/#/c/9327/

OEMCrypto Version 9 API
https://widevine-internal-review.googlesource.com/#/c/9142/

Correct Device ID length in OEMCrypto reference version
https://widevine-internal-review.googlesource.com/#/c/8723/

Modify tests to prevent intermittent failures
https://widevine-internal-review.googlesource.com/#/c/8982/

Generate a unique license request ID
https://widevine-internal-review.googlesource.com/#/c/8721/

Re-enable android timer mechanisms
https://widevine-internal-review.googlesource.com/#/c/8833/

Do not close CDM session on removeKeys
https://widevine-internal-review.googlesource.com/#/c/8703/

And numerous changes required by Eureka, Steel, and CTE versions of
Widevine CDM, as highlighted here:
https://widevine-internal-review.googlesource.com/#/c/8596/
https://widevine-internal-review.googlesource.com/#/c/8955/
https://widevine-internal-review.googlesource.com/#/c/8922/
https://widevine-internal-review.googlesource.com/#/c/8890/
https://widevine-internal-review.googlesource.com/#/c/8871/
https://widevine-internal-review.googlesource.com/#/c/8706/
https://widevine-internal-review.googlesource.com/#/c/8425/

Change-Id: Iafd33905227e74eb2132c240b929d2282ab68042

libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp

@@ -34,7 +34,7 @@ const size_t kNumKeys = 4;
 const size_t kBufferMaxLength = 256;
 #if defined(TEST_SPEED_MULTIPLIER)  // Can slow test time limits when
                                     // debugging is slowing everything.
-const int kSpeedMultiplier = TEST_SPEED_MULTIPLIER1;
+const int kSpeedMultiplier = TEST_SPEED_MULTIPLIER;
 #else
 const int kSpeedMultiplier = 1;
 #endif
@@ -910,29 +910,39 @@ class Session {
               OEMCrypto_GenerateNonce(session_id(), nonce));
   }
 
-  void GenerateDerivedKeys() {
-    GenerateNonce(&nonce_);
-    vector<uint8_t> mac_context = wvcdm::a2b_hex(
+  void FillDefaultContext(vector<uint8_t>* mac_context,
+                          vector<uint8_t>* enc_context) {
+    /* These context strings are normally created by the CDM layer above from
+       a license request message. */
+    *mac_context = wvcdm::a2b_hex(
         "41555448454e5449434154494f4e000a4c08001248000000020000101907d9ff"
         "de13aa95c122678053362136bdf8408f8276e4c2d87ec52b61aa1b9f646e5873"
         "4930acebe899b3e464189a14a87202fb02574e70640bd22ef44b2d7e3912250a"
         "230a14080112100915007caa9b5931b76a3a85f046523e10011a093938373635"
-        "34333231180120002a0c31383836373837343035000000000100");
-    vector<uint8_t> enc_context = wvcdm::a2b_hex(
+        "34333231180120002a0c31383836373837343035000000000200");
+    *enc_context = wvcdm::a2b_hex(
         "454e4352595054494f4e000a4c08001248000000020000101907d9ffde13aa95"
         "c122678053362136bdf8408f8276e4c2d87ec52b61aa1b9f646e58734930aceb"
         "e899b3e464189a14a87202fb02574e70640bd22ef44b2d7e3912250a230a1408"
         "0112100915007caa9b5931b76a3a85f046523e10011a09393837363534333231"
         "180120002a0c31383836373837343035000000000080");
+
+  }
+
+  void GenerateDerivedKeys() {
+    GenerateNonce(&nonce_);
+    vector<uint8_t> mac_context;
+    vector<uint8_t> enc_context;
+    FillDefaultContext(&mac_context, &enc_context);
     ASSERT_EQ(OEMCrypto_SUCCESS,
               OEMCrypto_GenerateDerivedKeys(
                   session_id(),
                   &mac_context[0], mac_context.size(),
                   &enc_context[0], enc_context.size()));
     mac_key_server_ = wvcdm::a2b_hex(
-        "9D41F0A77A76E071841C33B06104D106641421E651FBE55F0AED453CDA7713AC");
+        "3CFD60254786AF350B353B4FBB700AB382558400356866BA16C256BCD8C502BF");
     mac_key_client_ = wvcdm::a2b_hex(
-        "125283F299AF42C191E1A989846B388BB16A6E50B2F67D4F876A3C1F662CD5C8");
+        "A9DE7B3E4E199ED8D1FBC29CD6B4C772CC4538C8B0D3E208B3E76F2EC0FD6F47");
     enc_key_ = wvcdm::a2b_hex("D0BFC35DA9E33436E81C4229E78CB9F4");
   }
 
@@ -1309,28 +1319,13 @@ class Session {
     return true;
   }
 
-  bool GenerateRSASessionKey(vector<uint8_t>* enc_session_key,
-                             vector<uint8_t>* mac_context,
-                             vector<uint8_t>* enc_context) {
+  bool GenerateRSASessionKey(vector<uint8_t>* enc_session_key) {
     if (!public_rsa_) {
       cout << "No public RSA key loaded in test code.\n";
       return false;
     }
     vector<uint8_t> session_key = wvcdm::a2b_hex(
         "6fa479c731d2770b6a61a5d1420bb9d1");
-    *mac_context = wvcdm::a2b_hex(
-        "41555448454e5449434154494f4e000a4c08001248000000020000101907d9ff"
-        "de13aa95c122678053362136bdf8408f8276e4c2d87ec52b61aa1b9f646e5873"
-        "4930acebe899b3e464189a14a87202fb02574e70640bd22ef44b2d7e3912250a"
-        "230a14080112100915007caa9b5931b76a3a85f046523e10011a093938373635"
-        "34333231180120002a0c31383836373837343035000000000100");
-    *enc_context = wvcdm::a2b_hex(
-        "454e4352595054494f4e000a4c08001248000000020000101907d9ffde13aa95"
-        "c122678053362136bdf8408f8276e4c2d87ec52b61aa1b9f646e58734930aceb"
-        "e899b3e464189a14a87202fb02574e70640bd22ef44b2d7e3912250a230a1408"
-        "0112100915007caa9b5931b76a3a85f046523e10011a09393837363534333231"
-        "180120002a0c31383836373837343035000000000080");
-
     enc_session_key->assign(RSA_size(public_rsa_), 0);
     int status = RSA_public_encrypt(session_key.size(),
                                     &session_key[0],
@@ -1350,13 +1345,12 @@ class Session {
                                          wrapped_rsa_key.size()));
     GenerateNonce(&nonce_);
     vector<uint8_t> enc_session_key;
-    vector<uint8_t> mac_context;
-    vector<uint8_t> enc_context;
     ASSERT_TRUE(PreparePublicKey(kTestRSAPublicKey2_2048,
                                  sizeof(kTestRSAPublicKey2_2048)));
-    ASSERT_TRUE(GenerateRSASessionKey(&enc_session_key, &mac_context,
-                                      &enc_context));
-
+    ASSERT_TRUE(GenerateRSASessionKey(&enc_session_key));
+    vector<uint8_t> mac_context;
+    vector<uint8_t> enc_context;
+    FillDefaultContext(&mac_context, &enc_context);
     ASSERT_EQ(OEMCrypto_SUCCESS,
               OEMCrypto_DeriveKeysFromSessionKey(
                   session_id(), &enc_session_key[0], enc_session_key.size(),
@@ -1364,9 +1358,9 @@ class Session {
                   &enc_context[0], enc_context.size()));
 
     mac_key_server_ = wvcdm::a2b_hex(
-        "B09CB4482675123B66F7A8303D803F6042F43404ED3DE020811CFC13BCDF4C65");
+        "1E451E59CB663DA1646194DD28880788ED8ED2EFF913CBD6A0D535D1D5A90381");
     mac_key_client_ = wvcdm::a2b_hex(
-        "B09CB4482675123B66F7A8303D803F6042F43404ED3DE020811CFC13BCDF4C65");
+        "F9AAE74690909F2207B53B13307FCA096CA8C49CC6DFE3659873CB952889A74B");
     enc_key_ = wvcdm::a2b_hex("CB477D09014D72C9B8DCE76C33EA43B3");
   }
 
@@ -1553,24 +1547,22 @@ TEST_F(OEMCryptoClientTest, GetDeviceIdShortBuffer) {
 
   OEMCryptoResult sts;
   uint8_t dev_id[128];
-  uint32_t req_len = 11;
+  uint32_t req_len = 0;
   for (int i = 0; i < 128; ++i) {
     dev_id[i] = 0x55;
   }
   dev_id[127] = '\0';
   size_t dev_id_len = req_len;
   sts = OEMCrypto_GetDeviceID(dev_id, &dev_id_len);
-  // cout << "GetDeviceIdShortBuffer: sts = " << (int)sts << " request = "
-  //      << req_len << " required = " << dev_id_len << endl;
-
   ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
-
   // On short buffer error, function should return minimum buffer length
   ASSERT_TRUE(dev_id_len > req_len);
-
-  // cout << "NormalGetDeviceId: dev_id = " << dev_id
-  //      << " len = " << dev_id_len << endl;
-
+  // Should also return short buffer if passed a zero length and a null buffer.
+  dev_id_len = req_len;
+  sts = OEMCrypto_GetDeviceID(NULL, &dev_id_len);
+  ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts);
+  // On short buffer error, function should return minimum buffer length
+  ASSERT_TRUE(dev_id_len > req_len);
   testTearDown();
 }
 
@@ -2578,6 +2570,98 @@ TEST_F(DISABLED_TestKeybox, DecryptWithOffset) {
   testTearDown();
 }
 
+// Increment counter for AES-CTR.  The CENC spec specifies we increment only
+// the low 64 bits of the IV counter, and leave the high 64 bits alone.  This is
+// different from the OpenSSL implementation, so we implement the CTR loop
+// ourselves.
+void ctr128_inc64(uint8_t* counter) {
+  uint32_t n = 16;
+  do {
+    if (++counter[--n] != 0) return;
+  } while (n>8);
+}
+vector<uint8_t> EncryptCTR(const vector<uint8_t> &key,
+                           const vector<uint8_t> &iv,
+                           const vector<uint8_t> &in, size_t block_offset) {
+  AES_KEY aes_key;
+  AES_set_encrypt_key(&key[0], AES_BLOCK_SIZE * 8, &aes_key);
+
+  uint8_t aes_iv[AES_BLOCK_SIZE];
+  memcpy(aes_iv, &iv[0], AES_BLOCK_SIZE);
+
+  // Encrypt the IV.
+  uint8_t ecount_buf[AES_BLOCK_SIZE];
+
+  vector<uint8_t> out( in.size());
+
+  size_t cipher_data_length = in.size();
+  size_t l = 0;
+  while (l < cipher_data_length) {
+    AES_encrypt(aes_iv, ecount_buf, &aes_key);
+    for (int n = block_offset; n < AES_BLOCK_SIZE && l < cipher_data_length;
+         ++n, ++l) {
+      out[l] = in[l] ^ ecount_buf[n];
+    }
+    ctr128_inc64(aes_iv);
+    block_offset = 0;
+  }
+  return out;
+}
+
+TEST_F(DISABLED_TestKeybox, DecryptWithNearWrap) {
+  OEMCryptoResult sts;
+  testSetUp();
+  InstallKeybox(kDefaultKeybox, true);
+  Session& s = createSession("ONE");
+  s.open();
+
+  s.GenerateDerivedKeys();
+  s.LoadTestKeys(kDuration, 0, 0);
+
+  // Select the key (from FillSimpleMessage)
+  vector<uint8_t> keyId = wvcdm::a2b_hex("000000000000000000000000");
+  sts = OEMCrypto_SelectKey(s.session_id(),
+                            &keyId[0],
+                            keyId.size());
+  ASSERT_EQ(OEMCrypto_SUCCESS, sts);
+
+  // Set up our expected input and output
+  vector<uint8_t> key = wvcdm::a2b_hex("39AD33E5719656069F9EDE9EBBA7A77D");
+  vector<uint8_t> encryptionIv = wvcdm::a2b_hex(
+      "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE");
+  vector<uint8_t> unencryptedData = wvcdm::a2b_hex(
+      "f344d9cfe336c94cf4e3ea9e3446d1427bc02d2debe6dec5b272b8"
+      "a4004b696c4b37e01d7418510abf32bb071f9a4bc0d2ad7e874b648e50bd0e4f"
+      "7085b70bf9ad2c7f37025dd45f93e90304739b1ce098a52e7b99a90f92544a9b"
+      "dca6f49e0006c80a0cfa018600523ad30e483141fe720d045394815d5c875ad4"
+      "b4387b8d09b6119bd0943e51b0b9103034496b3a83ba593f79baa188aeb6e08f"
+      "f6475933e9ce1bb95fbb526424e7966e25830c20da73c65c6fbff110b08e4def"
+      "eae94f98296770275b0d738207a8217cd6118f6ebc6e393428f2268cfedf800e"
+      "a7ebc606471b9a9dfccd1589e86d88fde508261eaf190efd20554ce9e14ff3c9");
+  size_t block_offset = 5;
+  vector<uint8_t> encryptedData = EncryptCTR(key, encryptionIv, unencryptedData,
+                                             block_offset) ;
+
+  // Describe the output
+  uint8_t outputBuffer[256];
+  OEMCrypto_DestBufferDesc destBuffer;
+  destBuffer.type = OEMCrypto_BufferType_Clear;
+  destBuffer.buffer.clear.address = outputBuffer;
+  destBuffer.buffer.clear.max_length = sizeof(outputBuffer);
+
+  // Decrypt the data
+  sts = OEMCrypto_DecryptCTR(s.session_id(), &encryptedData[0],
+                             encryptedData.size(), true, &encryptionIv[0],
+                             block_offset, &destBuffer,
+                             OEMCrypto_FirstSubsample | OEMCrypto_LastSubsample);
+  ASSERT_EQ(OEMCrypto_SUCCESS, sts);
+  ASSERT_EQ(0, memcmp(&unencryptedData[0], outputBuffer,
+                      unencryptedData.size()));
+
+  s.close();
+  testTearDown();
+}
+
 TEST_F(DISABLED_TestKeybox, DecryptUnencrypted) {
   OEMCryptoResult sts;
   testSetUp();
@@ -3378,7 +3462,7 @@ class DISABLED_GenericDRMTest : public DISABLED_TestKeybox {
     uint8_t signature[SHA256_DIGEST_LENGTH];
     SignBuffer(key_index, clear_buffer_, signature);
     if( alter_data ) {
-      signature[0] = 43;
+      signature[0] ^= 42;
     }
 
     sts = OEMCrypto_SelectKey(s.session_id(),