[ Merge of http://go/wvgerrit/23061 ]
b/34131127
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I27a3cde8e5c86dc8f9b26f9d4e7793f86c016743
[ Merge of http://go/wvgerrit/22980 ]
System Renewability Messages (SRM) contains a list of Key Selection
Vectors, which are HDCP Identifiers that have been revoked.
During HDCP negotiations a transmitter may authenticate a receiver
and verify that its unique identier is not present in the SRM.
This CL enables reporting of the current SRM version and whether SRM
updates are supported. It also loads SRM updates in the license
and specifies SRM version requirements when keys are loaded.
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
b/28955520
Change-Id: Id840078ea2deb01d9619c1cd8d367b50452f76cc
* changes:
Remove missing tests from build_all_test script
Replace PST Report with buffer
Add InactiveUnused to Usage Report status
OEMCrypto v13 Header and Stubs
Log HTTP errors in unit tests
Rename oemcrypto's CryptoEngine configuration functions.
Move keybox and root certificate handling into new class.
Test OEMCrypto with backwards compatible verification
Merge from Widevine repo of http://go/wvgerrit/23044
On some platforms, the compiler will not pack structures. This CL
replaces the OECrypto_PST_Report packed structure with a simple buffer
of uint8_t. This changes the signature of OEMCrypto_ReportUsage as
part of OEMCrypto v13.
There is also a new wrapper class that test code, the mock, and debug
code can use to access data in the report.
The old packed structure definition is moved to the level 3, where we
use a compiler that packs sructs when asked nicely.
arm/libwvlevel3.a Level3 Library 4445 Jan 20 2017 11:29:15
x86/libwvlevel3.a Level3 Library 4464 Jan 20 2017 11:10:49
mips/libwvlevel3.a Level3 Library 4465 Jan 20 2017 10:56:08
b/32180083
Change-Id: Ie138f034cb12780a2f8636888cebf022c52169e5
Merge from Widevine repo of http://go/wvgerrit/22963
This change kInactive to kInactiveUsed and adds kInactiveUnused to the
possible values for the status field in the Usage Report. This CL
updates the header, the unit tests, and haystack and reference code.
b/32714323
Change-Id: If8d8e32ea1e3dc18da34e5fae35f578b027de9c7
Merge from Widevine repo of http://go/wvgerrit/22899
This is most of the header changes for OEMCrypto v13. This updates
just enough of the code that existing unit tests build and pass.
The documentation will be reviewed in http://go/wvgerrit/22887. When
that CL has been approved, comments in the code will be updated to
match.
Real code will be broken into several other CLs.
bug:31458046
arm/libwvlevel3.a Level3 Library 4445 Jan 17 2017 20:01:26
x86/libwvlevel3.a Level3 Library 4464 Jan 17 2017 19:00:37
mips/libwvlevel3.a Level3 Library 4465 Jan 17 2017 19:24:35
Change-Id: I0318c53235c0b33afb623cba933365e09dec4e61
[ Merge of http://go/wvgerrit/22900 ]
Add GetClientToken(), GetProvisioningToken(), GetPreProvisionTokenType()
to CryptoSession. They return the correct token bytes and token type
for preparing the ClientIdentification message for provisioning and
license server transactions.
Also refactor service certificate handling.
OEM certs are introduced in Provisioning 3.0
b/30811184
* Address build breaks
[ Merge of http://go/wvgerrit/23162 ]
This addresses issues introduced by http://go/wvgerrit/22900
b/30811184
* When http://go/wvgerrit/18012 was merged (ag/1446934) some changes
were not merged for mapErrors-inl.h. These changes are included in this CL.
* When ag/1678104 was reverse merged to http//go/wvgerrit/21981/ a variable
was renamed and some comments were added to add clarity in cdm_engine.cpp.
These changes are included in this CL.
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: Ie0215509f2f985f2a610f5a4c865db47edec8662
(This is a merge of go/wvgerrit/22949)
Starting with OEMCrypto v12, we are guaranteeing to integration partners
that the buffers passed to OEMCrypto_DecryptCENC and
OEMCrypto_CopyBuffer will not be more than 100KiB (102400 bytes) in
size. For requests larger than this, we will first try to send the
buffer to OEMCrypto anyway. (in case the integration supports buffers
larger than the minimum) In the event that the buffer is rejected, we
will break it up into 100KiB chunks and send them down individually for
decryption.
Breaking a subsample into smaller subsamples necessitates knowledge of
how to update other decryption parameters (like the offsets and the IV)
that previously the CDM Core has not needed to know about. Until now,
this knowledge lived in the glue layer on the Android CDM and nowhere
on the CE CDM. Now, the CryptoSession has a subset of this knowledge, in
order to break up buffers successfully.
For testing purposes, the Mock OEMCrypto has been modified to only
support the smallest buffer size. In order to make sure the chunking
code was being exercised by them, the CE CDM tests had to have the
amount of data they decrypt increased by several orders of magnitude. To
contain this growth, I have moved the test data to its own file.
Bug: 31381719
Test: Ran the updated CE CDM integration tests
Test: Modified the OEMCrypto dynamic adapter to pretend both L3 and L1
only support 100KiB buffers on a Marlin and a Ryu. Confirmed that the
GTS H.264 tests (which have subsamples over 100KiB) passed still. A
similar test was attempted on Fugu but Fugu cannot pass these tests even
without this change present.
Change-Id: Iabe7db3d87554cd1352f10a7524cd55352818397
This CL merges several CLs from the widevine repo:
http://go/wvgerrit/18012 Add support for querying allowed usage for key.
http://go/wvgerrit/17971 Add per-origin storage.
http://go/wvgerrit/18152 Add OEMCrypto's generic crypto operations to CDM.
http://go/wvgerrit/17911 QueryKeyControlInfo => QueryOemCryptoSessionId
Note: numbering in wv_cdm_types.h was added in this CL and will be
back ported to wvgerrit in a future CL.
Change-Id: Idb9e9a67e94f62f25dc16c5307f75a08b3430b64
(This is a merge of go/wvgerrit/20500)
This patch removes the logic that calculates the "pattern offset" from
the Android glue layer. There is no such thing as a pattern offset, and
setting this value to anything other than zero may break cens mode on
some devices.
To reduce the risk of setting this value to anything other than zero,
the offset_blocks parameter has been removed from the pattern descriptor
in the CDM Core. It will have to remain part of OEMCrypto v11,
unfortunately, but the code to set it to zero is now centralized in
CryptoSession.
Bug: 28726863
Change-Id: I9c5bfe470fe251c7a57901dc2e998f4dab7fe7d7
[ Merge of http://go/wvgerrit/17959 ]
This will allow the license server to base licensing decisions on the
devices security module revision.
b/28882058
Change-Id: I574e7686bb305397946d2bfaff504cfae242e628
(This is a merge of http://go/wvgerrit/17661)
Because Widevine core always has a decrypt mode set, even on unencrypted
calls where we potentially do not know the crypto mode, it will reject
unencrypted decrypt calls for sessions that have been flagged as
AES-CBC, since the crypto mode defaults to AES-CTR.
The fix is to not validate the crypto mode on unencrypted decrypt calls,
as the data won't be getting decrypted anyway.
Bug: 28423928
Change-Id: If848834dd498ca96983a2b69d448b8d81d50e0a4
[ Merge from http://go/wvgerrit/17429 ]
This is to correct for when HDCP validation failure at the OEMCrypto level
ends up returning a CryptoException through MediaCrypto with error code
Unknown Error (-2998).
b/27849488
Change-Id: Ib3a9b1c3a17b9323f3d079a678cf88dedeec3b4b
Some decryption errors were being reported as
vendor-unique diagnostic codes that were not generally
actionable by an app. Recently a new
MediaCodec.CryptoException code was added so these types
of failures can be reported as ERROR_UNSUPPORTED_OPERATION,
in which case the app can use an alternate DRM
configuration in a way that does not require
vendor-specific handling. This change remaps this class
of decrypt errors to the new error code.
Merge of http://go/wvgerrit/17110
bug: 25929554
Change-Id: Iff44c2f04f9ee28d065fb17d59bca4032c5d55ca
[ Merge from http://go/wvgerrit/16498 ]
The CDM now supports AES CTR and CBC block cipher modes. The license
specifies the mode to be used in the key container. The mode is
also specified in mediaCrypto when calling decrypt. This adds
verification for the cipher block mode.
Change-Id: I2587fc1e4b6d77161f2f8653f8516024c73dd8ac
[ Merge from http://go/wvgerrit/16499 ]
Passing clear subsamples to OEMCrypto_CopyBuffer and encrypted subsamples
to OEMCrypto_DecryptCTR was causing performance issues as a lack of crypto
session information made it hard to associate clear and encrypted
subsamples with each other.
[ Based on a patch from Kelly Ren/Qualcomm ]
b/26538744
Change-Id: I4644f197b2ec481f6aa89d3fce29b22ebb7b0c06
[ Merge of http://go/wvgerrit/16364 ]
http://go/wvgerrit/16249 changed the name of the encryption pattern
structure from OEMCrypto_PatternDesc to OEMCrypto_CENCEncryptPatternDesc
to remove ambiguity. These are matching changes to CDM core.
[ Merge of http://go/wvgerrit/16340 ]
This CL passes the cipher mode in the license to OEMCrypto when
keys are loaded and specifies the pattern encryption scheme to
OEMCrypto_DecryptCENC.
b/20630275
Change-Id: I86b82bbdc891fd0100beb9fad385ca2082176271
Merge from widevine repo of http://go/wvgerrit/16186
These are the OEMCrypto v11 documents and header files. I have updated
just enough code so that existing unit tests pass. New unit tests,
the reference implementation, and the level 3 implementation are in
future CLs.
Change-Id: I9bbf1909e047f63a5877320a2d06740a3c4a3e32
* Update unit test make files to use BoringSSL
[ Merge of http://go/wvgerrit/14173 ]
This CL updates the android makefiles to use the libcrypto_static.
* Do Not Run Provisioning Tests On Devices Without Keyboxes
[ Merge of http://go/wvgerrit/15633 ]
The provisioning tests outside OEMCrypto were failing on devices that
use baked-in certificates because only OEMCrypto knows that the cert
is baked in and the device cannot be reprovisioned. This change
skips those two tests if the device says it does not implement
rewrapping the cert. (i.e. it does not implement provisioning)
Bug: 23554998
* Add new third-party libs (protobuf & gyp)
[ Merge of http://go/wvgerrit/14717 ]
The CE CDM used to expect these to be installed system-wide, which
creates challenges for integrators who must cross-compile the CDM.
These are now used in source form from third_party.
Change-Id: I29cca2f9415fe2fafdf948273e5a0f5d7de50285
Prevent usage of client provided address on
non-secure devices spoofed as being secure.
b/23223325
merge of go/wvgerrit/15420 from widevine repo
Change-Id: I1d4f3a652b3d5e78fca508f92005cfa8df5ec6db
The errors in the range ERROR_DRM_VENDOR_MIN to ERROR_DRM_VENDOR_MAX are
reflected in the message that is reported to the app, which is
MediaDrmStateException.getDiagnosticInfo().
Many errors map to kErrorCDMGeneric, especially KEY_ERROR is used as a
generic error in CDM. This fix defines more specific error codes in the
CDM for places where KEY_ERROR is returned.
Merge from http://go/wvgerrit/14071
bug: 19244061
Change-Id: I688bf32828f997000fea041dd29567dde18ac677
Merge from Widevine repository of http://go/wvgerrit/13912
This CL falls back to OEMCrypto_DecryptCTR if the oemcrypto library
does not implement OEMCrypto_CopyBuffer. This allows devices with
oem crypto version 9 to function as they previously did.
Change-Id: Id3a4a94b1fd559f426ee260cfbf7077fa9101d8b
Copy from Widevine repository of http://go/wvgerrit/13841
This CL adds a nonblocking CopyBuffer to OEMCrypto, its unit tests,
and plumbs it up to the cdm CryptoSession and CdmEngine.
b/19543782
Change-Id: I4c88bd2f8d7f67ecccb549c1934b7c0da15a8429
This is a merge of http://go/wvgerrit/13751 from the widevine
repository.
The CryptoSession had an enumeration for HDCP levels that was copied
from OEMCryptoCENC.h by hand. Since that header is included, there is
no need to have two enumerations.
b/16303994
Change-Id: Ief16ba62163776f9ca80375f3638ef4c7770e742
(This is a merge of http://go/wvgerrit/13761 from the Widevine
repository.)
This cleans up our includes to be in Google Style Guide order and in
alphabetic order, for the parts of the code that are expected to
follow Google Style.
This also converts places in our code that were including C headers
in the C++ style (i.e. <cstring> instead of <string.h>) to use C style
instead. This is because, although it was not causing problems for us
yet, on Android these actually include different headers. (<cstring>
is provided by libcxx, while <string.h> is provided by Bionic)
Lastly, this change puts all headers that do not come from within our
project in <brackets> instead of "quotes," which was not being done
consistently.
This change is explicitly NOT trying to standardize the spacing of our
header includes. I have tried to respect, in each file, the spacing
style already present.
Change-Id: If3dc06532ab9b68010285d64518ef21dce3d6354
Merge of http://go/wvgerrit/13750 in the Widevine repo.
(titled: Add HDCP Capacity to the static adpater)
Updates CryptoSession to use get the HDCP capability from the
oemcrypto with requested security level.
Change-Id: I2338a3f33d0fbe9fe43eb6bf1fe92bf5402f62d6
This is a merge of http://go/wvgerrit/13693 in the Widevine
repository.
This adds level 3 and mock implementation and unit tests for the
OEMCrypto function OEMCrypto_ForceDeleteUsageEntry. It also plumbs
this function up into CdmEngine, CdmSession, and CryptoSession so that
deleting all usage information for a given app id will now delete the
entries in OEMCrypto, too.
b/18194071
Change-Id: Iaea4034a507b323878657215784edfe95876386a
Back when we were being proactive about merging LMP changes to master
in the Widevine repository, there were a few changes that got merged
in a different form than what got checked into the Android repository.
Mostly, this happened due to several large core changes that were
brought over to the master branch in multiple parts so as not to break
other teams using the Widevine repository. This patch brings the two
trees in sync.
Change-Id: I4e56a742686d73d1c6ace209684ce0e8542fd93f
(This is a merge of http://go/wvgerrit/13400 from the Widevine CDM
repository.)
Replace "}; // namespace" with "} // namespace":
ag -l --ignore-dir third_party "}; //" | \
while read f; do sed -r -i 's/\}; \/\//} \/\//' $f ; done
Replace "// unnamed namespace" with "// namespace":
ag -l --ignore-dir third_party "unnamed namespace" | \
while read f; do sed -r -i 's/unnamed namespace/namespace/' $f ; done
Change-Id: I50ece9a127ce669f15cd532dfae1dd741338a075
This copies over formatting changes from the Widevine CDM repository
that resulted from running clang-format with Google style on the
shared core/ directory. It also copies over some rewordings of log
messages that were made at the same time.
Aside from the changed log messages, this should not affect behavior
or functionality.
Change-Id: I69c57c188f7a79f30fa3517afeed17365929b6b6
Our recommendation to OEMs is that they support a table of at least 50
usage entries in OEMCrypto. If more usage entries are stored, the PSTs get
added to the CDM but are LRU'ed out of the OEMCrypto usage table. When the
CDM queries those usage entries, OEMCrypto will return a
OEMCrypto_ERROR_INVALID_CONTEXT. Rather than return an error and have
MediaDrm throw an exception, CDM should delete this PST and return the
next usage entry, when queried.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11457/
from Widevine cdm repo ]
b/17994711
Change-Id: I00e3f93000096fb434d94333e22958de795a4bb5
* The Usage APIs return usage reports from either L1 or L3 (if available).
* Correction to when usage reports are saved. In addition to other events
they are now saved when keys are loaded, usage reports are released and soon
after first decryption and periodically (60 seconds) after that,
if decryption takes place.
* Usage reports now get deleted on an unprovision request.
* Policy timer is now started when offline licenses are restored.
* Usage session is now released, when a usage response is received.
* Usage tests ahev been enabled.
* Added CDM extended duration (integration) tests to test usage reporting
and querying. These need to be run manually as they take a while (currently
half an hour).
b/15592374
[ Merge of https://widevine-internal-review.googlesource.com/#/c/10800
from the Widevine CDM repo ]
Change-Id: Ia817e03ebbe880e08ba7b4a235ecb82b3ff35fbf
A bug prevented regenerating license release requests. This has
been corrected. A crash due to a formatting error has been addressed.
Clean up of logging and additional logging for open session failures
have been included.
b/16197822
Merge of https://widevine-internal-review.googlesource.com/#/c/10806
from the widevine cdm repo.
Change-Id: I854ead388f311d00b1cd700dfa1b2f58322c2dd4
Merge of CDM change:
https://widevine-internal-review.googlesource.com/#/c/10691/
This prevents the provisioning session from being created unless the
device needs provisioning. And then, after provisioning, it closes
the session it had previously opened.
b/15782159 CertificateProvisioning object keeps unused CryptoSession
Change-Id: Ic52ed864fa47c7ba50b7ca4d9fea1e74930228e9
Merge of https://widevine-internal-review.googlesource.com/#/c/10614/
from the widevine cdm repo.
* b/15467844 - GenerateRSASignature returns OEMCrypto_ERROR_INVALID_CONTEXT
when called with a non-NULL signature pointer and signature length of
0 (rather than OEMCrypto_ERROR_SHORT_BUFFER)
* b/15989260 - OEMCrypto_DecryptCTR does not return OEMCrypto_ERROR_KEY_EXPIRED
after keys have expired
Also addresses
* integration test updated to reflect that loading certificate errors are
returned on OpenSession rather than GenerateKeyRequest
* compiler warning on type casting
b/15989261
Change-Id: Ib68b972651479e99b9d05de4493aac55a96c4f39
[ Merge from Widevine CDM repo of
https://widevine-internal-review.googlesource.com/#/c/10171/ and
https://widevine-internal-review.googlesource.com/#/c/10172/ ]
Updated license_protocol.proto from constituent protos in google3
These changes make use of OEMCrypto v9 changes to support usage reporting.
Usage reporting may be enabled for streaming (by means of secure stops) and
offline playback by a provider session token specified in the license.
Changes include periodically updating usage information for relevant
sessions and reporting and releasing usage information as needed.
The CDM has removed all references to Secure Stops. This change
updates the Android API implementation to comply.
b/11987015
Change-Id: Ibb6f2ced4ef20ee349ca1ae6412ce686b2b5d085
This CL removes TODOs and email addresses from comments, unifies some
namespaces and cleans a few variable names. It is a copy of multiple
CLs on the widevine side.
Change-Id: I1bb649096476a5001a56d746427399de6a88ff69
