android

Author	SHA1	Message	Date
Rahul Frias	1884cf738e	Merges to android Pi release (part 8) These are a set of CLs merged from the wv cdm repo to the android repo. * Android build fixes Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36322 ] * Address android compilation errors and warnings Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36300 ] * Gyp cleanup and OpenSSL v10.1 support. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/36001 ] OpenSSL 10.1 has a small number of incompatible changes. A desktop system upgrade exposed some issue in the build scripts. Specifically, the linux build was using both third_party/protobufs (2.6.1) and the version installed on the system (3.0 in this case). The linux cdm.gyp depended on cdm/cdm.gyp which caused that plus some additional issues. These changes are necessary to support g++ version: g++ (Debian 6.3.0-18) 6.3.0 20170516 Also did some cosmetic rework on run_current_tests to make it easier to figure out what is going on when something fails. Also tweaked some of the compiler settings for g++ support (revisit this later). * Refactored Service Certificate encryption to allow encryption of arbitrary data. Author: Thomas Inskip <tinskip@google.com> [ Merge of http://go/wvgerrit/36141 ] * Send cdm test requests to UAT. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36221 ] This change resolves the all of the CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer tests. The license servers will return different keys and keyids. Sending the request to staging returned key ids and keys that were not matching what was expected in the unit tests. * Fix for building L3 OEMCrypto with clang and libc++ Author: yucliu <yucliu@google.com> [ Merge of http://go/wvgerrit/35740 ] 1. Include <time.h> for time(time_t). 2. Create endian check union on stack. Clang may create const union somewhere else, which may cause crash. Remove error result when a sublicense session does not exist. This is not considered an error. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36080 ] * Set default mock handler for GetSupportedCertificateTypes for all unit tests and removed the use of StrictMock from MockCryptoSession. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35922 ] The handler for this was only set for one test and resulted in a number of failures. * Set default handler for GetHdcpCapabilities. For now the default action is to call the real GetHdcpCapabilities of crypto_session. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36140 ] I also changed the mock to a NiceMock to silence responses to unexpected calls to GetHdcpCapabilities. The default handler can be overridden as needed in the individual tests. This resolves the policy engine test failures. * Finalize merge of cdm_partner_3.4 to master. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35360 ] This is the final set of updates to merge all v3.4.1 changes into master. * Embedded license: Sublicense rotation. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35360 ] Handle sublicense rotation event. * Embedded license: Initial license phase. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/34280 ] Initial license phase - key loading subsession. * Embedded license: generate session data. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33722 ] Generate session data and add it to the license request for any embedded license material. * Resolve missing symbol when building cd-cdm Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35840 ] * C++11: Replace OVERRIDE def with override keyword Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35400 ] BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c	2018-01-16 19:29:39 -08:00
Rahul Frias	80659961ac	Merges to android Pi release (part 7) These are a set of CLs merged from the wv cdm repo to the android repo. * Resolve intermittent decrypt error. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35720 ] The CdmSession's closed state was not properly initialized resulting in intermittent SESSION_NOT_FOUND_FOR_DECRYPT errors. In CdmEngine::Decrypt the session is looked up by the key id. A list of open sessions is acquired by calling CdmSessionMap::GetSessionList and each session in the list is queried to see if it has the key. In building the list in CdmSessionMap::GetSessionList, sessions are only added to the query list if the session is not closed. The closed status was not initialized and during testing the query list would not contain the session causing CdmEngine::Decrypt to return SESSION_NOT_FOUND_FOR_DECRYPT resulting in the ce cdm api returning widevine::Cdm::kNoKey. * No support for pre- C++11 compilation. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35381 ] * Handle unaligned nonce pointer in RewrapDeviceRSAKey calls. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35340 ] The pointer points into a message and it may not be aligned. Always copy the nonce into aligned memory before checking it. BUG: 38140370 Add note to CHANGELOG for this. * Compiler strictness: more checks and code cleanup. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35300 ] Use the switches proposed in b/38033653 (as much as possible - some conflicts with protobufs and gtest prevent fully accepting them). Switch to clang for x32 build; ensure that both x86-64 and x86-32 builds compile and link cleanly. BUG: 38032429 BUG: 38033653 This partially resolves b/38458986 * Android build fixes Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/35102 ] These corrections address compile warnings and errors for android and unit tests. * Embedded License: Add sub license key sessions. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33680 ] NOTE: this adds the AddSubSession() method, but it is not yet being used. Use and proper cleanup is in an upcoming CL. * Embedded license: Add track label field. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33660 ] A new track label field (a string) is added to the key container and the sub session data objects. This field will be used in handling sub license requests. * Embedded license: extract keys from init_data. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33621 ] * Embedded license: add protobuf messages. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33620 ] also sync the widevine header definition with recent naming changes. * Improve handling of provisioning response errors. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/33600 ] Separate out the case of no response and the case where the message is believed to be a JSON+base64 message but it doesn't parse properly. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I3c86f1c54980b071aec7461ac58541836551f896	2018-01-16 19:29:04 -08:00
Rahul Frias	169d0b6cb6	Merges to android Pi release (part 4) These are a set of CLs merged from the wv cdm repo to the android repo. * Correct RELEASE_ALL_USAGE_INFO_ERRORs Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/28742 ] RELEASE_ALL_USAGE_INFO_ERROR_4 and 5 were introduced and made use of in http://go/wvgerrit/24022 (branch: oc-dev). The error code definitions were merged over in http://go/wvgerrit/24602. When http://go/wvgerrit/24622 from cdm_partners_3.2 was merged to master (http://go/wvgerrit/27723) there was conflict in error codes. The error codes were adjusted to RELEASE_ALL_USAGE_INFO_ERROR_3 and 4 and were made use of. To avoid renaming the errors between oc-dev and master, new errors RELEASE_ALL_USAGE_INFO_ERROR_6 and 7 have been added to handle the scenarios noted in the merge from cdm_partner_3.2. The other errors have been reverted back to RELEASE_ALL_USAGE_INFO_ERROR_4 and 5. They will be used when http://go/wvgerrit/24602 is merged. * Address compilation issues Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/28740 ] These changes enable compilation of most of the cdm code on android expect for OEMCrypto unit tests (b/62739406) on wv master. * Add property for binary/base64 provisioning msgs. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28074 ] Property is "provisioning_messages_are_binary". Its default setting is false in the CE CDM, but it can be overridden by integrators. Added section to integration guide that discusses Provisioning Server message formats and the new property. Link: https://docs.google.com/document/d/1cBVbhgrajLpDe2W3_vzLzUqzpdDt73chvm4_sZlZlS8/edit#heading=h.hgxw53ddw7jo BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I9168193819974d1ff65d9a94dbd762e45ecc43ca	2018-01-16 19:27:13 -08:00
Rahul Frias	387147dffe	Merges to android Pi release (part 2) These are a set of CLs merged from the wv cdm repo to the android repo. * Update service certificate. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28065 ] The updated service certificate fixes a number of failing tests. There are still some that fail, apparently due to mismatches with key set IDs and usage tables. Also updated QA server URL to point to QA proxy (although neither can be used by this client). Also fixed segfault in CdmTest.ListUsageRecords. * Add CDM APIs for Handling Service Certificates. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28064 ] The responsibility for managing Service Certificates has been moved out of the CDM. Instead, provide CDM and CdmEngine methods to generate a service certificate request message, and handle a service certificate response. The API client can use these calls if it needs to get the service certificate from the License Server. These functions assume the request and response are base64 (web-safe) encoded (see b/37481392). Not all servers are operating this way yet. Any adaptations for non-compliant servers is handled outside the CDM. See test WvCdmEnginePreProvTest::ServiceCertificateRequestResponse in cdm_engine_test.cpp for an example of this. These changes also eliminate the stored init_data and deferred license type which were used to perform a service certificate request during a license request. * Fix and rename ClosesSessionWithoutReturningError test. Author: Edwin Wong <edwinwong@google.com> [ Merge of http://go/wvgerrit/27880 ] ClosesSessionWithoutReturningError should not check for Status::OK since it is expecting an error code back. The test is renamed to ClosesSessionWithError. Test: libwvdrmdrmplugin_hidl_test BUG: 62205215 * Get rid of default service certificate. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27981 ] Instead, we need at least two service certs - one for the QA/Test servers, and one for UAT (and prod?) There are still some issues around the signature verififcation of the service cert, and in license_unittest.cpp, the use of the default service cert has been commented out. I don't know why this test needs a service cert. If it really does, then the same mechanism that is used elsewhere for selecting a specific server type will be needed here. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: Ieab815fb202c809ad5714cd0364c4bdfa068f77d	2018-01-16 19:22:48 -08:00
Rahul Frias	0419b55222	Merges to android Pi release (part: 1) Below are a set of CLs being merged from the wv cdm repo to the android repo. * Fix handling of OEM Cert public key. Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/27921 ] This is a potential fix for b/36656190. Set aside public key on first call to get the public key, and use it afterwards. This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(), which has side-effect of staging the OEM private key. This also fixes a problem where the public cert string was not being trimmed to match the size returned by OEMCrypto_GetOEMPublicCertificate(). * Complete provisioning request/response for Provisioning 3.0 Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27780 ] Fix bug on provisioning request path where GenerateDerivedKeys() was being called when preparing to generate the signature. Add message signature verification, and call correct OEMCrypto routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30). * Implement Cdm::deleteAllUsageRecords() Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27780 ] Delete all usage records for current origin. Removes usage records from file system and retains the PSTs. The deletes any usage entries matching those PSTs held by OEMCrypto. BUG: 35319024 * Remove stringencoders library from third_party. Author: Jacob Trimble <modmaker@google.com> [ Merge of http://go/wvgerrit/27585 ] We have a fork of the stringencoders library that we use for base64 encoding. This reimplements base64 encoding to remove the extra dependency and to reduce the amount of code. * Add Cdm::deleteUsageRecord() based on key_set_id. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27605 ] Delete specified usage record from file system usage info and from OEMCrypto. BUG: 35319024 * Modifiable OEMCrypto Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/24729 ] This CL adds a new variant of the OEMCrypto mock code that adjusts its behavior based on a configuration file. This is intended for testing. For example, a tester can set current_hdcp to 2 in the options.txt file, push it to the device, and verify that a license is granted for HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and push the file to the device. Playback should stop because the license is no longer valid. This variant uses a real level 1 liboemcrypto.so to push data to a secure buffer. That means we can test playback for a license that requires secure buffers on an Android device with real secure buffers. BUG: 35141278 BUG: 37353534 BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I58443c510919e992bb455192e70373490a00e2b6	2018-01-16 19:21:54 -08:00
Rahul Frias	a483c18c59	Provisioning 3.0: Changes to Provisioning and Service Certs. [ Merge of http://go/wvgerrit/23360 ] Service Certificates are used in two places, provisioning and licensing. The service certificate code depended on a session_id to get and set the service certificate properties, but the session_id was not available in the provisioning path. This patch pulls out the property lookup by session_id dependency, and passes the CdmImpl's property_set into the provisioning code, so the service certificate can be read and written there. Bug: 62972441 Test: WV unit/integration tests. This introduces three test failures * WvCdmRequestLicenseTest.PrivacyModeWithServiceCertificateTest * Cdm/WvCdmStreamingLicenseRenewalTest.WithClientId/4 * Cdm/WvCdmOfflineLicenseReleaseTest.WithClientId/3 Change-Id: I6e9d4e23a9e7e81a63a994db8ec0b443893449a6	2018-01-16 19:18:52 -08:00
Rahul Frias	120c28cd9a	Corrections when releasing usage information [ Merge of http://go/wvgerrit/32940 ] Releasing usage entries may cause other entries to be moved or information updated. Instead of retrieving all entries once and trying to release them, refetch them after each release. Test: WV Unit/Integration tests Test: GTS tests (failures seen, but no additional failures due to this CL) Test: Playback testing using play movies and netflix. Bug: 65372189 Change-Id: I700e60834c7f711c9146dfd720f9cac014981311	2017-09-06 10:22:43 -07:00
Edwin Wong	485f11483c	Replace toStatus indirection. CdmResponseType are mapped to android::status_t, then map to hidl android::hardware::drm::V1_0::Status. This CL removes the indirection by mapping cdm errors to hidl Status. Test: Play Movies (pin and streaming) Test: Netflix (download and streaming) Test: libwvdrmmediacrypto_hidl_test and libwvdrmdrmplugin_hidl_test Test: GtsMediaTestCases module Test: Vts - VtsHalDrmV1_0Target bug: 34682447 Change-Id: I0b04f47871f5e4898e7297831d5fceab52e0f7f9	2017-08-03 17:57:44 -07:00

8 Commits