Merge from Widevine repo of http://go/wvgerrit/154651
Some substring out of range tests uses non-zero offset but
with zero length. This zero length later will be ignored by
v15 oemcrypto, so the tests actually didn't test
anything. These tests are failing on v15 oemcrypto because
the test expect an out of range error but it actually
succeeded since nothing was tested.
Assign the offset to be out of range and then also assign
length to be not zero.
Test: run_fake_l1_tests; run_level3_static_tests;
Bug: 229299394
Test: tested with http://go/ag/20420224
Change-Id: Ic50b6323312e0ecb253dbeb925d9291db6eec075
Merge from Widevine repo of http://go/wvgerrit/158203
Prevent abort, interpreted as a crash by libFuzzer, when
OEMCrypto_CreateUsageTableHeader fails session state checks due to being
called after OEMCrypto_GenerateNonce.
Bug: 251215411
Test: tested with http://go/ag/20420224
Change-Id: I71ad1186ff2cb9ced81f9950d2fa235878aeb54d
Merge from Widevine repo of http://go/wvgerrit/158204
Prevent abort, interpreted as a crash by libFuzzer, when
OEMCrypto_CreateUsageTableHeader fails session state checks due to being
called after OEMCrypto_GenerateNonce.
Bug: 250682470
Test: tested with http://go/ag/20420224
Change-Id: Ia15b8c26fb391a190c32115e398a78ff9f8a7e16
Merge from Widevine repo of http://go/wvgerrit/158077
I ran the script ./oemcrypto/lock-api-for-release
Bug: 235858362
Test: tested with http://go/ag/20420224
Change-Id: I59b808898cdec60bffe36059f75ac413b0f55356
Merge from Widevine repo of http://go/wvgerrit/157923
This adds a C file to be built by Luci to verify that nobody
has made a change to OEMCryptoCENC.h that changes the
signature of any _oecc function. See the new comment in the
header for an explanation why we don't want to chage the
function signature of an oecc function.
We also update the OEMCrypto release script to verify that
all of the functions have been locked. There is a script to
update the lock file that should be run before each release.
Bug: 235858362
Test: tested with http://go/ag/20420224
Change-Id: Id890054e82cf8cc4c75e83c8347a776bda2d8a3b
Merge from Widevine repo of http://go/wvgerrit/157777
(partially merged in http://go/ag/20031768)
In CreateCoreLicenseResponse(), there seems to be an out of bounds
potential error due to a missing check that the index used for
license_response.parsed_license->key_array is valid. Adding a check
for this here.
Bug: 217677571
Test: tested with http://go/ag/20420224
PiperOrigin-RevId: 452114761
Change-Id: Id35ec48bebb564596b8e67c737bc13be9377891b
[ Merge of http://go/wvgerrit/156997 ]
Several of the Android integration tests perform direct URL comparisons
between fixed URLs and the server URL returned by the CDM. With
provisioning 4.0, the CDM will append additional query parameters to
the server URL. This updated URL still contains all of the original
expected information, but with additional parameters. So long as the
URL contains the required fields, any additional parameter should be
considered valid.
The gtest framework used by the integration tests allow for the
creation of custom "matchers", rules that can be used to validate data
and create informative failure logs. The CL creates a new matcher for
checking that a tested URL is a superset of content of the expected
URL.
Bug: 244319313
Test: request_license_test on prov 4 device
Change-Id: Ie721058fa628b3a4a74dc56f4172a3dfcb1f1ef3
[ Merge of http://go/wvgerrit/154575 ]
[ Cherry-pick of http://go/wvgerrit/19216679 ]
There is a rare race condition experienced by some Android devices
where the a new client property set is being added while another is
being removed. The C++ stl library does not provided thread
protection by default.
This CL adds a new mutex for the client property set map which prevents
multiple threads accessing the property sets concurrently.
Bug: 235238226
Test: GtsMediaTestCases on redfin
Change-Id: I32cf11bfb1332295ba1245071102ff0adc35259d
(cherry picked from commit aaa97a5d60)
This is to bring cdm tm-widevine-release in sync with Android
tm-widevine-release.
Originating CL: https://widevine-internal-review.googlesource.com/c/cdm/+/154509
The only difference is in the test name.
Test: run diff against CDM tm-widevine-release
Bug: 239059097
Change-Id: I1279bf780c8faef393b32d73a163756a016d80fc
This is a merge from:
https://widevine-internal-review.googlesource.com/c/cdm/+/152897
and http://go/wvgerrit/153709
Adding a new OEMCrypto unit test will allow partners to correct a
problem earlier in their integration.
Verifies current oemcrypto implementation handles clear KCB in a
mocked 16.4 license response.
Unit test release date updated to 2022-06-17.
Test: run_x86_64_tests; opk_ta
Bug: 235870170
Bug: 234645065
Change-Id: I59fef2c25f5c007624447d4f46147d96adeddad9
[ Merge of http://go/wvgerrit/152674 ]
This allows an app to query the provisioning model. Possible
values are { "DrmCertificate", "Keybox", "OEMCertificate",
"BootCertificateChain" }
An app can use these to disntinguish between provisioning models.
Provisioning 4.0 (boot certificate chain) requires a double provisioning
step.
Bug: 234057551
Test: WV unit/integration tests, libwvdrmdrmplugin_hal_test
Change-Id: I1611488ec632a0e5a9e1d106b7475e8f5a2a5a13
This is a merge from:
https://widevine-internal-review.googlesource.com/c/cdm/+/152372
The L3 source change which produced these libraries is:
https://widevine-internal-review.googlesource.com/c/cdm/+/152371/
Original commit message:
To address the bug with certain 16.4.x SDK versions returning a
clear key control block (KCB) for clients newer than 16.5, the
exact version check to determine whether key control blocks are
clear or not has been loosened.
Original behavior:
- ODK version >= 16.5.x --> Assume clear
- ODK version <= 16.4.x --> Assume encrypted
New behavior:
- No KCB IV --> Assume clear
- Otherwise --> Assume encrypted
This CL also includes a change to oemcrypto/include/OEMCryptoCENC.h
The changes to OEMCryptoCENC.h in the CL are comments or variable name
change. So it should be safe.
This change was merged to wv tm-dev here:
https://widevine-internal-review.googlesource.com/c/cdm/+/148411
So, adding it to Android tm-dev.
Test: run_level3_static_tests, CdmDecryptTest/CdmTestWithDecryptParam.* against LS SDK 16.4.2 & 17.0
Bug: 232557453
Change-Id: I2bbb5ab3ea33a16bd6c198077e5aefe960737ea0
[ Merge of http://go/wvgerrit/151391 ]
This CL moves the logic for extracting the system ID from keybox or
OEM certificate (from OEMCrypto or device files) to a dedicated
SystemIdExtractor.
Before Provisioning 4.0, the system ID could only be found from data
returned by OEMCrypto. However, with provisioning 4.0, the system ID
can now be found in the OEM certificate that is stored on the device
files.
Bug: 232020319
Test: system_id_extractor_unittest
Test: Forest L37800000954493485
Change-Id: Ie1b7987906e2e4fef015cd659a947b6dbb7594b1
[ Merge of http://go/wvgerrit/151749 ]
Extended CryptoSession for recording the result of
OEMCrypto_ProductionReady().
Only OEMCrypto_SUCCESS is considered "production ready". With the
exception of OEMCrypto_ERROR_NOT_IMPLEMENTED, any other result is
vendor-specific and indicates not being production ready.
Bug: 231655151
Test: metrics_collections_unittest
Change-Id: Ia0e5603d7ee1290238cce63d0194ae1aced424c1
Includes minor format change for easier ingestion by other tools.
Bug: 231677822
Test: adb shell dumpsys android.hardware.drm.IDrmFactory/widevine
Change-Id: Ibd13c84bd8f93ea0fc6cbd38b56ef39541ecc867
[ Merge of http://go/wvgerrit/151518 ]
Extended the CDM layer to report OEMCrypto's production readiness
via string property query.
If OEMCrypto implementents OEMCrypto_ProductionReady(), then the
reported readiness by the CDM will report "True" or "False".
If OEMCrypto does not implement OEMCrypto_ProductionReady() then no
level of readiness is assumed, and the CDM will report "Unknown".
Bug: 231655151
Test: run_prov30_tests and request_license_test
Change-Id: I6afe481ef00ac129d02b004eca89a65810bfbff8
[ Merge from http://go/wvgerrit/151349 ]
- move plugin and mCdm creation in SetUp() test fixture
- replace StrictMock<MockCD<> with NiceMock; otherwise,
"uninteresting mock for isOpenSession" will return fail by default
- replace .WillOnce() for isOpenSession() with .WillRepeatedly
Test: m libwvdrmmediacrypto_hal_test -j128
Test: m libwvdrmmediacrypto_hal_test WV_UNITTESTS_BUILD_TARGET=hidl -j128
Test: adb push $(OUT)/data/nativetest/libwvdrmmediacrypto_hal_test /data/nativetest/.
Test: adb shell LD_LIBRARY_PATH=/vendor/lib64
/data/nativetest/libwvdrmmediacrypto_hal_test
Bug: 217247987
Change-Id: I8d7189473d52738645c73c6665f4f3f6a13042f0
[ Merge of http://go/wvgerrit/151512 ]
Parameterizing GtsMediaDrm tests exposed a few issues. If secure stops
were stored at L3 security level, retrieval would fail. This CL
checks L3 if the secure stop was not found at the default security
level.
Bug: 221249079
Test: GtsMediaTestCases
Change-Id: Ie88197f8e29457981d782199a76d38774f6faa67
[ Merge of http://go/wvgerrit/151571 ]
The android OS version has been updated to 13. Updating WV tests as well.
CDM version has been updated previously, so no additional changes are needed.
Bug: 231646284
Test: WV unit/integration tests
Change-Id: Ifaf2fe1f04627654725b1b221d8c3dc30029ac6c
[ Merge of http://go/wvgerrit/151191 ]
Within the CDM and OEMCrypto tests, there were a few OEMCrypto function
calls where the final size of the output buffers were not being
resized. For several of these functions, an initial call is made with
zero-length output buffers, expecting OEMCrypto to return
ERROR_SHORT_BUFFER; followed by a call with buffers at least as large
as specified by OEMCrypto. However, for some operations, OEMCrypto
makes an estimate on the final size on the first call, specifying the
exact size only after performing the operations.
This is the case for the wrapped key returned by
OEMCrypto_LoadProvisioning(). The provisioning response contains a
padded + encrypted DRM key. OEMCrypto does not know the actual size
of the key until decrypted, and the actual DRM key might be smaller.
There was a OEMCrypto test for OEMCrypto_BuildInformation() which
was enforcing the wrong behaviour. This has been updated.
Bug: 230661565
Test: oemcrypto_test
Change-Id: Iad297d56ffbb085894641fdf8698ce5fd18edbf2
In TestLoadLicenseForOutOfRangeSubStringOffSetAndLengths(),
LoadResponse() should be called after EncryptAndSignResponse() so this
is moved in this CL.
Bug: 231368221
Test: OEMCryptoMemoryLoadLicense tests
Change-Id: I7a0224afb21c3ab1d896ce3cfb64e1ad544a581a
