Below are a set of CLs being merged from the wv cdm repo to the android repo.
* Fix handling of OEM Cert public key.
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/27921 ]
This is a potential fix for b/36656190. Set aside public
key on first call to get the public key, and use it afterwards.
This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(),
which has side-effect of staging the OEM private key.
This also fixes a problem where the public cert string was
not being trimmed to match the size returned by
OEMCrypto_GetOEMPublicCertificate().
* Complete provisioning request/response for Provisioning 3.0
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Fix bug on provisioning request path where GenerateDerivedKeys()
was being called when preparing to generate the signature.
Add message signature verification, and call correct OEMCrypto
routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30).
* Implement Cdm::deleteAllUsageRecords()
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Delete all usage records for current origin. Removes usage
records from file system and retains the PSTs. The deletes
any usage entries matching those PSTs held by OEMCrypto.
BUG: 35319024
* Remove stringencoders library from third_party.
Author: Jacob Trimble <modmaker@google.com>
[ Merge of http://go/wvgerrit/27585 ]
We have a fork of the stringencoders library that we use for base64
encoding. This reimplements base64 encoding to remove the extra
dependency and to reduce the amount of code.
* Add Cdm::deleteUsageRecord() based on key_set_id.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27605 ]
Delete specified usage record from file system usage info and
from OEMCrypto.
BUG: 35319024
* Modifiable OEMCrypto
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/24729 ]
This CL adds a new variant of the OEMCrypto mock code that adjusts its
behavior based on a configuration file. This is intended for
testing.
For example, a tester can set current_hdcp to 2 in the options.txt
file, push it to the device, and verify that a license is granted for
HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and
push the file to the device. Playback should stop because the license
is no longer valid.
This variant uses a real level 1 liboemcrypto.so to push data to a
secure buffer. That means we can test playback for a license that
requires secure buffers on an Android device with real secure buffers.
BUG: 35141278
BUG: 37353534
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I58443c510919e992bb455192e70373490a00e2b6
The tests are using vendor only libs such as libcdm and libwvlevel3,
thus marked as LOCAL_PROPRIETARY_MODULE to use the libs. In addition,
the dependency to libmedia is changed to libmedia_omx since libmedia is
not available to vendor modules. UniquePtr is replaced with
std::unique_ptr since UniquePtr.h in /libnativehelper is not available
to vendors (and will not be completely removed in a near future).
Bug: 37342627
Test: BOARD_VNDK_VERSION=current m -j tests
Change-Id: I4e9d3267b20c1d52f57664b89f15330e2ebd953d
CdmResponseType are mapped to android::status_t, then map to hidl
android::hardware::drm::V1_0::Status. This CL removes the indirection
by mapping cdm errors to hidl Status.
Test: Play Movies (pin and streaming)
Test: Netflix (download and streaming)
Test: libwvdrmmediacrypto_hidl_test and libwvdrmdrmplugin_hidl_test
Test: GtsMediaTestCases module
Test: Vts - VtsHalDrmV1_0Target
bug: 34682447
Change-Id: I0b04f47871f5e4898e7297831d5fceab52e0f7f9
Tradefed needs these tests to be in the /DATA directory.
Test: cd vendor/widevine && ./build_and_run_all_unit_tests
All tests should build and pass.
make tests
unzip android-tests.zip and verify all tests located in DATA/bin
Bug: 62055647
Change-Id: I35925e29558561c4726bb2249499bfee4e54cf45
android.hidl.base@1.0 and android.hidlmanager@1.0 are built into libhidltransport.
Test: links
Bug: 33276472
Change-Id: Id9053e4484275e3404f31a72d2037884ff6bef5b
(cherry picked from commit 80ec937545)
Replace AString, KeyedVector, List, String8 and Vector
with stl containers. Remove corresponding frameworks
libraries.
Test: Play Movies & TV (streaming and pinning)
Test: Netflix
Test: unit tests
bug: 34677927
Change-Id: I125f45054987d69bbca59c1ffdcbe8add38c3c13
This commit changes the unit tests and HAL Service to run as 64-bit on
devices that have enabled 64-bit DRM Plugins.
Bug: 36076017
Test: Turned on the flag for a device and used the file command to
verify that all binaries were built as 64-bit.
Test: Turned the flag back off and verified that all binaries were built
as 32-bit. This should affect no current devices.
Change-Id: Ieb7218f15b9359f2038a6f60b8c994b16d2b5b53
(This is a merge of wvgerrit/24922)
This contains several fixes and improvements to the
build_and_run_all_unit_tests.sh and run_all_unit_tests.sh scripts:
* All tests are now identified as vendor binaries and thus are stored in
the /vendor/bin/ directory instead of /system/bin/. Previously, some
tests had moved to /vendor/bin/ but the scripts had not been updated,
causing these tests to fail to run.
* The -j parameter can now be passed to build_and_run_all_unit_tests.sh,
for those who want to speed up their build by using multiple cores.
* The 64-bit library directories are now added to the library search
path, in anticipation of devices with 64-bit DRM Plugins.
* Checking for Verity protection is now done in
build_and_run_all_unit_tests.sh (which is the script that actually
modifies the file system) instead of just in run_all_unit_tests.sh.
* The library search path is no longer set unnecessarily for
libwvdrmengine_hidl_test.
* The Treble-only tests and non-Treble-only tests now only run on
devices that meet their respective criteria.
Bug: 36071236
Test: Ran build_and_run_all_unit_tests.sh
Change-Id: Iea236880c4445858111c801dfa278a528bca0f6c
(This is a merge of http://go/wvgerrit/24738)
The change to enable 64-bit as a possible target for Widevine Android
made all the unit tests build as 64-bit on compatible platforms. Since
none of these devices support 64-bit properly yet, this is a mistake.
This patch restores unit test builds to being 32-bit only for now.
In the future, when the switch for 64-bit-supporting devices is added,
it will also switch the unit tests to 64-bit mode.
Bug: 36071236
Test: Verified unit test format with "file" command.
Change-Id: Ib4d3678181f3221b85fe6409f1d842dd15af3daa
This library is local to vendor/widevine HAL service, rename to
indicate this is used only by widevine HAL.
Test: Play Movies & TV (streaming and pinned)
Test: Netflix
bug: 36430909
Change-Id: Iacaf78f4223bf305569e7f1d04dd4e4ad0a87727
(This is a merge of go/wvgerrit/23686)
This patch removes the makefile lines that previously prevented the
Widevine DRM Plugin from being built as 64-bit on Android. 64-bit
builds are now fully supported.
Only one piece of CDM code has had to change. Due to a bug in
libprotobuf before v3.0, int64 values from protobufs are technically a
different type from int64_t values in code on some 64-bit
architectures. Both have the same in-memory representation at runtime
but are seen as distinct types by the compiler. The compiler will
automatically convert in most places, but template instantiation is
not one of them, so a few places that passed a Protobuf int64 directly
into a template had to be modified.
Please note that tweaks to the mediadrmserver (not covered by this
patch) are needed in order for it to run as 64-bit and load 64-bit DRM
Plugins. Please also note that, as we have no 64-bit L1 OEMCrypto on
any devices, using the 64-bit mediadrmserver and Widevine library will
make your device fall back to L3 for the time being.
Bug: 18949752
Test: OEMCrypto unit tests
Test: Widevine unit tests
Test: Google Play (on Marlin)
Test: Widevine GTS Tests (on Marlin)
Change-Id: Ib6cdf2dd1ff75a1c473cacdc5e22397caa0a656c
This change is the complete Widevine metrics system. It will
measure and record runtime information about what is happening
in the CDM - such as errors and throughput.
Bug: 33745339
Bug: 26027857
Change-Id: Ic9a82074f1e2b72c72d751b235f8ae361232787d
This is a merge of go/wvgerrit/22806
This change removed the oemcrypto profiler to allow
the new metrics system free-reign over how to collect
and store measurements.
Bug: 33745339
Bug: 26027857
Change-Id: I6b9051faa6835f13860258c94f8bcfd3a59f1be6
(In addition to being a merge of http://go/wvgerrit/17394, this commit
updates tests/Android.mk to no longer try to build the private gMock.)
Previously, we maintained our own version of gMock (named libwvgmock
to avoid naming conflicts) and depended on it for our unit tests. Now
that Android has gMock in the externals/ directory and vaage@ has
eliminated the need for us to customize gMock's arity, we can stop
depending on or maintaining our own copy.
Bug: 26907374
Change-Id: Ia01d6c02e2f28a642480d7ef178b9bc3dde6d306
[ Merge of http://go/wvgerrit/16628 ]
Jsmn will replace a local method that parsed json init data.
Added a fix to include all key Ids in the WidevineCencHeader rather than
just the first. Also modified the content_id to reflect that it is a
base64 encoded value.
b/20630275
Change-Id: I7080c8cea21be4dea09a4905a96b4cc03e584c1d
(This is a merge of http://go/wvgerrit/14795)
This change restores the ability to build the Widevine CDM for Android
for MIPS devices. It restores the precompiled binaries for MIPS and
re-adds MIPS to all makefiles.
This change includes a new build of the obfuscated binaries for
MIPS32r1 that were built using a MIPS device on the emulator.
level3/mips/libwvlevel3.a Level3 Library Jun 19 2015 12:32:49
Bug: 19482469
Change-Id: Ifa1c299a5751f3772c42289d8333a2b8cec51f69
The external/gmock project does not include the patches needed for
widevine, so renaming the internal copy allows both to coexist in the
build system.
Change-Id: I77c956db30921afffe31d11e1cd2d99541925f35
Merge from widevine of go://wvgerrit/14173
This CL updates the android makefiles to use the libcrypto_static.
Change-Id: I74567ff880ebdce366766a9ab44c92cc9540b8db
* Replace an stlport static assert with a C++11 static_assert.
* Move some libraries that were being built with the NDK but
statically included into platform code off the NDK.
* Rebuild the obfuscated binaries to use the new STL.
* Remove MIPS support temporarily due to an inability to generate
obfuscated binaries for it. (To be fixed in b/19482469.)
Bug: 15193147
Change-Id: Icc166583b0c6af68550baf17ab8c33076a1179d3
This project is still using stlport (without telling the build system
about it), which was causing (broken) stlport headers to override
libc++ headers, leading to a broken copy of std::enable_if, which in
turn caused <atomic> to fail to compile. Since this project has
prebuilts that will need to be updated before this project can
actually move away from stlport, tell the build system that it is
still using stlport for now.
Bug: 18433002
Change-Id: I38b356428977ed2184eb28a07bd5e7424a4ace8d
This change updates gMock to the new release, 1.7.0. This is
necessary for Android, as Android Master has updated their gTest to
1.7.0, and we must always use the matching version of gMock.
This should not break any existing tests, as 1.7.0 is
backwards-compatible with 1.6.0 code in nearly all cases. There are
a few bugfixes around being too generous with type coercion in
EXPECT_THAT() and ASSERT_THAT() that could break code that was
accepted by the compiler before but was never technically safe.
For a full list of changes, including all the awesome new matchers
you can now use in your tests, see CHANGES, which is included from
gMock unchanged.
For a full list of modifications made to allow this to work on
Android Master, see the updated README.android.
No changes to the GYP files were necessary as part of this upgrade.
Change-Id: Ib1445044e78c9fe0cf16031d544577d65ebbf6df
This merges the following changes from the Widevine CDM repository:
564f4cc Add CdmClientPropertySet to CDM
Adds an interface to the CDM that allows it to query its client for
certain properties. In this case, this includes the ability to
specify what security level is desired, as well as support for
service ceritifcate privacy mode.
9cfbd3e Force Level 3 fallback
Adds support for voluntarily invoking L3 crypto to the OEMCrypto
wrapper.
95d12c1 Add pointer to CdmClientPropertySet class to OpenSession.
Adds support for storing the property set on a session-by-session
basis and choosing the appropriate crypto level.
17de442 Add Settable Properties for Clank to Android
Adds support for setting the aforementioned properties to the
DrmEngine
bbe704d Fixes to force fallback to level three security
Corrections to invoke provisioning, OEMCrypto API with configured
security level rather than the default. Unit tests were also revised.
Note that some parts of this are also support for the ability to use
a service certificate-based privacy mode. The remaining code for
supporting this mode is still forthcoming.
Bug: 10109249
Change-Id: I2755e4dea1de3e8a56cff237360298f7b7f1bddc
This merges the following changes from the Widevine CDM repository:
1a72a7e Combine utility code into single library on Android
Combines several previously-separate files into a static library,
libcdm_utils, so that it can easily be used by both CDM and
OEMCrypto.
8c4d04d Install Keybox
If the keybox has not been installed, install it from
/factory/wv.keys.
Bug: 9972451
Change-Id: I8688ecd0adcf321e0c7d0faf55dd10f3910c12ec
bug: 8601053
This import syncs to the widevine git repository change
commit 6a99ad1b59ad39495f62954b3065ddc22b78da49
It includes the following changes from the widevine git
repository, which complete the jb-mr2 features
Fix Unit Test Makefile
Adds support for device certificate provisioning.
Support application parameters
Certificate based licensing
Proto for client files
Implement Property Query API
Add Device Query For Unique ID
Implement Generic Crypto in DrmEngine
Do not validate Key IDs on clear playback
Allow OEMCrypto_DecryptCTR with clear content and no key
Add a case to the MediaDrm API test to repro b/8594163
Implement requiresSecureDecoderComponent
Implement Eventing API
Add end-to-end decryption test with vectors
Refactoring of properties class
Refactor OEMCrypto unittest.
Fix for b/8567853: License renewal doesn't renew license.
Add KEY_ERROR callback to WvContentDecryptionModule() ctor.
Merged certificate_provisioning.proto and
client_identification.proto to license_protocol.proto.
Fix nonce check failure after a malformed key in OEC Mock.
asynchronize decryption
Allow querying of control information
make debugging AddKey & Decrypt statuses easier
Revert "Revert "Send KEY_ERROR event to app on license
expiration or failure""
Revert "Send KEY_ERROR event to app on license expiration
or failure"
Send KEY_ERROR event to app on license expiration or failure
remove extra session id copy
use KeyError constants directly
replace variable-length arrays with std::vector and fixed-sized array
pass session ids as const references
refactor key extraction and update keys on renewal
Updates to enable renewals and signaling license expiration.
fix error constant in OEMCrypto_DecryptCTR
Change-Id: I5f7236c7bdff1d5ece6115fd2893f8a1e1e07c50
This change incorporates the following CLs from the Widevine
cdm repository:
Update the java request/response test app to match Drm API changes
Don't build the mock liboemcrypto.so by default
Do not build CDM tests by default
Fix Build Break in DrmEngine Unit Tests
Fix Build Break in WVDrmPlugin
Initial version of roadmap for CDM projects.
Implement License Query
Implement Generic DRM in OEMCrypto Reference Implementation
Add key_data_length field when calling OEMCrypto_LoadKeys
Policy engine unittests
Generalized DRM API for OEMCrypto
Fixes proto buf libraries build.
Add Version Number to OEMCrypto API
Test key control block duration field in OEMCrypto
Add fix for missing crypto offset.
Fixed android/media*/test builds and added proto files for Cert. provisioning
Refactor and clean up callback code in CDM.
Add "device_id" name-value pair to LicenseRequest::ClientIdentification
Separate unit and end-to-end tests from the top level makefie.
Includes changes for 'fall back to l3 oemcrypto lib' in top level makefile.
Fall Back to Level 3 if Level 1 Fails
Fix compilation error in wvcdm_unittest.
Fix Android build break due to Decrypt() signature change in cdm_engine.h.
Wire up callbacks and errors in the Steel proxy.
Fix lock assert if there is no keybox on the device.
RSA Certificate Unit Test
Change Generic_Verify signature to constant.
Change-Id: I2e42db9d0b4f8d4e833675ae81d0714509bbfd2c
Builds libwvmdrmengine.so, which is loaded by the new
MediaDrm APIs to support playback of Widevine/CENC
protected content.
Change-Id: I6f57dd37083dfd96c402cb9dd137c7d74edc8f1c
