Merge from Widevine repo of http://go/wvgerrit/100964
The previous nonce-free test used the same session to generate the
request as to load the license. However, it is a realistic use case to
have a new session used for loading the license.
The use case relates to a pre-loaded, shared license.
Test: Ran unit tests on taimen and on v16 ref implementation
Bug: 156853321
Change-Id: Ibc07744a16edcd3952d88d73660a75d0c3e8eeb8
Merge from Widevine repo of http://go/wvgerrit/101130https://cr/314253512
ODK Library: roll version number to 16.3
https://cr/314253425
ODK Library: Accept release request as renewal request
To support forward compatibility, the v16 server should parse a
release request as a renewal request.
https://cr/314213725
ODK: Accept larger message sizes
The ODK should accept a message size that is larger than the
current
API requires. This allows for future API versions to append
fields to
a message that current the current license SDK will
ignore.
https://cr/313962712
ODK: accept messages with future API version numbers
This CL updates the ODK parse functions to accept future versions
of
the message. This will allow a v16 server to talk to a v17
device.
https://cr/313814938
ODK Version String
Add an automatically generated version string to odk_structs.h
Bug: 157030231
Bug: 157512150
Bug: 157822248
Bug: 157512322
Test: unit tests on taimen
Change-Id: I346f73c41bc984fe17856d3b61cd08cf92b39919
Merge of http://go/wvgerrit/101183
This is a combination of multiple commits from google3:
* http://cl/313814938
ODK Version String
* http://cl/313962712
ODK: accept messages with future API version numbers
* http://cl/312219187
Ignore hash if initial load of license, and the nonce not required
(squashed into http://cl/313962712)
Test: OEMCryptoLicenseTest.LoadKeyWithNoRequest
Bug: 157822248
Bug: 156853321
Change-Id: I735d355241876bddb0c52440b0049efb72a4b26f
Merging CL
https://widevine-internal-review.googlesource.com/c/cdm/+/100924 Fix implicit type conversion issue in ODK
1. Implicit cast is reported as error when compiling ODK with Level3
2. Override odk_add_overflow_xxx function with the built in functions can cause
redefinition issue when compiling Level3; Let's use odk customized overflow functions.
Bug: b/157510403
Test: ODK unittests and CDM unittests passed.
Change-Id: Ieef8ccfb41d08007ec72f4a061f92968e55539cb
[ Merge of http://go/wvgerrit/100403 ]
VersionNumberTest.VersionNumberChangeCanary was expecting a version
string of "R". However, Android rvc branch is now far enough into
development to use a numbered version: version "11".
Bug: 156853733
Test: Android license request test
Change-Id: I63d33f742c849b672b2d2402ab8423fdf2450f6f
(This is a merge of http://go/wvgerrit/100053.)
The OEMCrypto Unit Tests were previously deriving keys from the session
key as part of loading the test RSA key. This creates an invalid
function call order, since the OEMCrypto session will likely next be
used for actions that need to be done *before* deriving these keys. With
ODKiTEE, which is more strict about this order, all OEMCrypto tests were
failing.
Bug: 156655072
Test: OEMCrypto Unit Tests
Change-Id: Ibfede587da30cfff4a44a5e0687e4199b1430372
id to which odk fuzz scripts log any bugs.
Bug: b/157252243
Cricticque cl: http://cl/312740650
Test: This is a configuration change to change buganizer component Id.
No functionality testing involved.
Change-Id: I17e76c015b7fc264281aa32eae975165ec8e6bed
Change-Id: If0b8954c606f9359b45bccd5276703138d4e02f5
Merge from Widevine repo of http://go/wvgerrit/100110
The unit test TimeRollbackPrevention was broken for several
reasons. This CL reduces the test to its most basic functionality and
updates it to be compatible with a v16 oemcrypto.
This CL also adjusts the fake clock used by the buildbot to fake
sleeping backwards, so that the TimeRollbackPrevention test can also
be run on the buildbot.
Bug: 155773482
Bug: 79422351
Test: unit tests on buildbot, and on flame w/v16 modmock
Change-Id: I3027018b17b738281989e63ae6b0729757217d05
Merge from Widevine repo of http://go/wvgerrit/100385
The map now contains unique_ptr instead of raw pointers
to ensure the memory is released.
Bug: 156780432 OEMCrypto Fuzzing: Fix OEMCrypto Memory Leak.
Test: oemcrypto reference code only
Change-Id: I78054f9207399f052d6e4bfdfa96824f6e050bac
Merge from Widevine repo of http://go/wvgerrit/100328
Several integration tests in WvCdmRequestLicenseRollbackTest had been
testing the duration of a license. However, the license they request
sets the playback duration and not the rental duration. That means the
timer we are checking does not start until the first playback. To fix
the tests, we simply add a decrypt operation right after the license
is received.
Test: integration tests w/v16 mod mock.
Bug: 156854660
Change-Id: Ie4f017c82db8aaf084ad050de3fcb7f51987c97e
(This is a merge of http://go/wvgerrit/100051. However, only one part of
that change affects the Android code, so I have filtered this
description.)
By default, the CDM builds with Clang on Android and on developers' dev
boxes. The buildbot builds most of the code with an old version of GCC.
However, recent versions of GCC were refusing to build our code for a
variety of reasons. This patch fixes the codebase up so that the
version of GCC 9 included on gLinux workstations can compile the CDM.
The only change that affects Android is that a variable was being set
but never read in one place.
Test: Android Unit Tests
Bug: 145245240
Bug: 152449437
Change-Id: Iaeb0531652bb8e7bd69f850fc6b4bba1efa3271b
Merge from Widevine repo of http://go/wvgerrit/99843
When processing a license release, the license is not loaded, so
OEMCrypto does not know nonce version information for the core
message. It assumes that all license releases are v15, so it is not an
error for a license release to not have a core message.
This CL also adds some extra logging to tests so that we can track
content id and the pssh. This CL also updates some of the test content
policies when running the local license server. The local license
server is only used for debugging problems.
Bug: 152648172 Integration test WvCdmEngineTest.LicenseRenewal failing
Bug: 156259697 License release does not need core message
Test: Unit tests with v16 mod mock
Change-Id: I04c896adadfb17877ce1115345d2419e0d2489f0
Test: The changs have been made in google3 and fuzzer has been running
successfully with improved coverage
Critique CL: http://cl/310633618
Bug: b/155435131
Change-Id: Ib02601302db238ce8fbeb3963ce8e05e864ba985
Change-Id: I11eba4d1aa1536b44929b742a5e2c2bf89d818fb
[ Merge of http://go/wvgerrit/96071 ]
Changes to how the usage table method InvalidateEntry() behaves
required additional changes to CDM code that uses this method.
This involved some refactoring to AddEntry(), moving the LRU
related code to its own function.
A few unittests had to be changed / removed as the moving
multiple entries changes expectations of several existing tests.
Several additional helper methods have been created to improve
readability. These include getters for information about the
usage table, a method for releasing stale entries, and a method of
recording LRU metrics.
Bug: 150890014
Bug: 150887808
Bug: 154269671
Test: Linux unit tests and Android unit tests
Change-Id: I11a98f9a2dea9b2ae57b37d7d4483a37be721763
[ Merge of http://go/wvgerrit/95365 ]
The changes made to how DeleteEntry (now InvalidateEntry) works
introduced a few additional edge cases which were not covered from the
previous set of unit tests.
Bug: 150887808
Bug: 149100568
Test: Linux unit tests and Android unit tests
Change-Id: I263b72fb708c6546294af23ae5ddbd2e82da34df
[ Merge of http://go/wvgerrit/95406 ]
There was an issue with DeleteEntry() where it would result in an
invalid table state if shrinking the usage table when the number of
sessions is at its max.
This required changing how the usage table invalidates entries. Now,
after invalidating an entry (marking an entry as kStorageTypeUnknown)
the table is defragmented if specified to.
Defragmentation involves:
1) Move valid entries near the end of the table to the position of
invalid entries near the front of the table.
2) Shrinking the table to cut off trailing invalid entries.
This change updates the existing tests to pass, but still needs new
tests for some of the edge cases.
Bug: 150887808
Bug: 149100568
Test: Linux unit tests and Android unit tests
Change-Id: I70c7b296e5e4b367746fcdaabbf0f12dcfb39230
[ Merge of http://go/wvgerrit/97963 ]
There are situations where an offline license file will remain on the
system after it's usage entry has been deleted. This would result in
its key set ID being reported as present by the CDM, but any
operations acting upon it will result in an error.
The app should be able to remove the license without error, so long
as the license file exists and no other OEMCrypto operations fail.
This change introduces a new error code LICENSE_USAGE_ENTRY_MISSING,
which indicates that a license's usage entry cannot be found.
A new integration test checks that the CDM can handle the calls to
removeOfflineLicense().
Bug: 137034719
Test: Android unit and integration tests
Change-Id: Ibdbe963b7f7e3ac97b446300d8e3896cdee7abc5
[ Merge of http://go/wvgerrit/97267 ]
In earlier releases, provisioning would occur based on a cached
security level. If an open session call returned a NotProvisionedException
the security level would be cached for use with any future provisioning
call.
An app would have to set the security level, then call openSession,
have it fail and then request provisioning. This fits the normal flow of
most apps. Still on occasion, an app might change requested security level
after an openSession call failed. Using the cached security level
would result in unexpected behavior.
This change allows provisioning to occur at the last security level that
was set.
Bug: 129356527
Test: wv unit/integration tests, GTS tests (GtsMediaTestCases)
Merged-In: I8d9234eec2b23a9c913e77a709943b431e25e43e
Change-Id: I8d9234eec2b23a9c913e77a709943b431e25e43e
[ Merge of http://go/wvgerrit/98694 and http://go/ag/11052323 ]
In earlier releases, provisioning would occur based on a cached
security level. If an open session call returned a NotProvisionedException
the security level would be cached for use with any future provisioning
call.
An app would have to set the security level, then call openSession,
have it fail and then request provisioning. This fits the normal flow of
most apps. Still on occasion, an app might change requested security level
after an openSession call failed. Using the cached security level
would result in unexpected behavior.
This change allows provisioning to occur at the last security level that
was set.
Bug: 129356527
Test: wv unit/integration tests, GTS tests (GtsMediaTestCases)
Change-Id: I8d9234eec2b23a9c913e77a709943b431e25e43e
