This is a merge of the Widevine change:
https://widevine-internal-review.googlesource.com/#/c/11871
The level 3 oemcrypto fall back now compiles cleanly on a Fugu, and
passes all unit tests.
New version of library:
libwvdrmengine/level3/x86/libwvlevel3.a Level3 Library Dec 3 2014 13:06:03
bug: 17289103
Change-Id: I677888536dd2ca12e27b5985737e080b69d81477
OEMCrypto may report an HDCP status of "No HDCP device attached/using
local display with secure path". This is not propagated upto
the server as an appropriate HDCP value did not exist in the
license protocol. This has now been added. Netflix has requested that
this be reported.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11806/
from Widevine cdm repo ]
b/18377309
Change-Id: I3db88c7ab5e79a3c12dbc8a398c4770e14e5ee5c
This is a merge of the widevine change:
https://widevine-internal-review.googlesource.com/#/c/11781
The OEMCrypto did not save the usage table correctly after a key was
loaded and not used.
Also, oemcrypto uses the keybox to verify and sign the usage table.
On library initialization, the usage table was being loaded before the
keybox, so the signature was not verified correctly.
Both these problems have been corrected.
Current Library Version:
arm: Level3 Library Nov 19 2014 16:53:43
bug: 17328418 Can't play pinned content
Change-Id: Ia753e2f47b36433931fbe8dba78939581e647222
Our recommendation to OEMs is that they support a table of at least 50
usage entries in OEMCrypto. If more usage entries are stored, the PSTs get
added to the CDM but are LRU'ed out of the OEMCrypto usage table. When the
CDM queries those usage entries, OEMCrypto will return a
OEMCrypto_ERROR_INVALID_CONTEXT. Rather than return an error and have
MediaDrm throw an exception, CDM should delete this PST and return the
next usage entry, when queried.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11457/
from Widevine cdm repo ]
b/17994711
Change-Id: I00e3f93000096fb434d94333e22958de795a4bb5
Merge of widevine change
https://widevine-internal-review.googlesource.com/#/c/11501/
A license response can have new signing (mac) keys attached whether
the license can be renewed or not. Previously, the new keys were
ignored if the license could not be renewed.
bug: 18009750 Secure stop release generation failing for Netflix
Change-Id: I06dd76b0ab9f459021f46eecc938aa43d8d29689
Merge of the widevine change:
https://widevine-internal-review.googlesource.com/#/c/11632
Several unit tests in cdm_engine_test.cpp and request_license_test.cpp
were failing regularly. These were caused by either:
1) The device was not provisioned.
This has been fixed by adding a certificate provisioning step in the
test setup for the cdm engine tests and changing the existing
provision steop in the request license tests to provision for both
security levels.
2) The device was hitting a flaky server.
This has been fixed by switching from the GooglePlayServer to the
Widevine server.
3) A null pointer introduced when testing secure stops with an app
id. This has been fixed by directly injecting the app id in the unit
tests.
4) Flaky network connections. The unit tests were requesting data
from the server and were timing out after 3 seconds. I changed that
to 12 seconds.
5) The tests were searching for an end-of-line marker to find the GLS
header in the license response message. The end-of-line marker was
present in a valid DRM message for almost 1% of the test cases. This
code has been replaced by searching for the string "GLS/1" at the
begining of the HTML body.
I also added test_printers.cpp that defines functions used by GTest to
print error codes by name instead of numeric value.
This CL changes unit tests only. It does not change any production
code.
bug: 18316036
Change-Id: I3398580059a03114e782ac7ac59e6b0944012df4
(This is a merge of http://go/wvgerrit/11613 from the Widevine CDM
repo.)
Adds a property for the OS version, implements it on Android, and
adds it to the license request property bag so that Netflix may
use it to discern the supported capabilities of the CDM.
Bug: 18230738
Change-Id: If5174a108093855314f3e0102b83691e20bb247b
The OEMCrypto library should prevent too many nonces from occuring in
a row. Previously, we tested that GenerateNonce generated an error if
there were too many nonce requests.
This CL makes it possible for OEMCrypto to delay the return from
GenerateNonce if there are too many requests. This is an equally
valid solution to the nonce flood attack.
This is a unit test change only. No production code is affected.
This is a merge from the widevine repository of:
https://widevine-internal-review.googlesource.com/#/c/11604/
bug: 17630253
Change-Id: Ie97f712d70230cd8e7ea7089da0aa18039673bb4
(This is a port of http://go/wvgerrit/11614 from the
Widevine repo.)
CDM does not recover if a license file has invalid size
or the hash is incorrect. Remove the corrupted license
file in such cases.
bug: 18002606
Change-Id: I46dec853ce6b2e7c7430297d50df5d30488cde3b
(This is a port of http://go/wvgerrit/11556 from the Widevine CDM
repo.)
This wires up the new method on the crypto interface with the core
code that handles the max-res decode.
Bug: 16034599
Change-Id: Id2ea5635bf732eabf1fd33712ff8bab6cf1a1745
(This is a merge of
https://widevine-internal-review.googlesource.com/#/c/11405
from the Widevine CDM Repo.)
AUPT is revealing a crash when destructing WVDrmPlugin due to
multi-threaded contention over the session map. As a fix, we are now
protecting access to the map via a mutex.
Bug: 17761616
Change-Id: Iddeca657effd3c7f3ff35ce334d7979291667cef
This is a merge of the widevine CL:
https://widevine-internal-review.googlesource.com/11254
On arm64, some devices are having random issues that probaby relate to
a stale instruction cache. This code change flushes the cache for
pages that are going to be made executable.
b/17400000
Current Library Version:
arm64: Level3 Library Sep 25 2014 17:10:03
Change-Id: I3904e96e922654c055a478079aa52c29cbde8b9f
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11110/
The level 3 oemcrypto library version of DeactivateUsageEntry now
returns OEMCrypto_ERROR_INVALID_CONTEXT if there is no entry in the
usage table.
Current Library Version:
arm: Level3 Library Sep 3 2014 18:13:47
b/17373630
Change-Id: Iaeb65b4ad4b2b9f3c6733a2c9c8d96e2be263d09
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11115/
This CL just updates the integration guide. In particular, the
following clarifiaction is made about usage tables:
The sentence:
When the session using this key is closed, the entry in the table will
be marked as inactive.
is replaced by
After the session using this key is closed, the application will
request that the entry in the table will be marked as inactive.
This should make it clear that OEMCrypto should not automaically
deactivate usage entries. This behaviour is already verified by unit
tests.
bug: 17405160
Change-Id: If836c7c76205e6759c1c194a6f31232c52c4f179
When falling back to L3, release requests were failing. Information
requesting falling back to L3 is passed along when the session is opened.
Licenses however are released using the key set ID and information
requesting fallback to L3(CdmClientPropertySet) at that point is
unavailable. The release was actually attempting to release a license
at the default security level which is incorrect.
In addition, the mac keys were not being setup correctly and the release
message was signed with keys derived from the license request and not the
response. Both these issues have been addressed and unit tests added
to track release of offline licenses and usage reporting scenarios.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11062
from wv cdm repo ]
b/17073910
Change-Id: I5cd95a7dfe58ebae7ae27ece6c92e67755c1d665
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11030
It is an error for the key control block to have a nonzero replay
control flag and a null pst. This CL adds unit tests to
oemcrypto_test to verify that oemcrypto checkes this. A unit test is
also added for verifying that an offline license has a valid nonce the
first time it is loaded.
It also updates the reference implementation (mock) to check that the
pst is not empty when the replay control flag is nonzero.
It also updates the level 3 implementation to check that the pst is
not empty when the replay control flag is nonzero.
This change is compiled into the arm library, but because of
compilation errors, is not included in x86 or mips.
Current Library Version:
arm: Level3 Library Aug 27 2014 18:42:40
bug: 16525204 OEMCrypto unit test for reloading offline license
bug: 16844305 Mock OEMCrypto does not catch null pst
Change-Id: Icdb090e80fc92522c187b26f30e5ba082f26363b
UAT issues fixed PSTs for each piece of content. This requires the usage
table to be cleared (or usage records released) between tests. If not
PST collisions occur and OEMCrypto fails with
OEMCrypto_ERROR_INVALID_CONTEXT (0x29).
b/17318063
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11061/
from wv cdm repo ]
Change-Id: I7758e5444637583a171edafcd4fb18315bfa8395
