Merge from widevine repo of http://wvgerrit/14219
This updates the integration guide to include a definition of the
keybox. Previously, there was a broken link in the description of
IsKeyboxValid.
This CL also updates the android supplement to describe how to request
a keybox. I just copied the information from the legacy integration
guide.
Change-Id: I486a3ccad9889a732a9c1374c40b793deb249459
(This is a merge of http://go/wvgerrit/14156)
This was Google-cased, not Android-cased like the rest of the file
it's in.
Change-Id: I79ecf490212428de9a668d49d6feca678379f3ae
Merge from widevine of go://wvgerrit/14173
This CL updates the android makefiles to use the libcrypto_static.
Change-Id: I74567ff880ebdce366766a9ab44c92cc9540b8db
Merge from widevine of http://go/wvgerrit/14134
This CL adjusts the nonce flood test so that the timing is more
explicit. Also, if the test fails, the error message should tell us
exactly how many nonces were generated and the duration of the test.
Thus we'll be able to tell if the test almost passed.
b/19081206
Change-Id: I2c59755466b017910b86f6b02f2883a771d0ccb7
This change:
1) Switches the Makefiles over to using LOCAL_STATIC_LIBRARIES, which I
understand is the new hotness, rather than setting a -I flag directly.
2) Switches to the non-deprecated _ex versions for EVP_EncryptFinal.
3) Uses the EVP_PKEY interface for checking PSS signatures. This is the
only supported interface in OpenSSL: the PSS padding check functions are
only exported in upstream OpenSSL because it's a library from the 90s
and they don't have a concept of "unexported". Also, by using the EVP
functions, OpenSSL/BoringSSL can do a better job of being constant-time.
Since there aren't any obvious tests for checking that the signtaure
verification still works, I tested with the code in the referenced
paste, which includes both the old and new verification functions and
checks that they both work on a sample signature. (And I also checked
that they both fail when a bit in the signature is changed.)
https://paste.googleplex.com/5747976139964416
(cherry picked from commit 4f01ef23d1)
Change-Id: Iae7409c53eeea9c3892a32c180d7181d72467dcb
Merge from widevine repo of http://go/wvgerrit/14125
This copies code from http://go/wvgerrit/13847 to the oemcrypto unit
tests. It puts the test name in the log file.
I also commented out some unused function parameters to avoid compiler
warnings.
Change-Id: I3ba259de2f408ec60e90db7f0ea1524d5aa8f8a4
The errors in the range ERROR_DRM_VENDOR_MIN to ERROR_DRM_VENDOR_MAX are
reflected in the message that is reported to the app, which is
MediaDrmStateException.getDiagnosticInfo().
Many errors map to kErrorCDMGeneric, especially KEY_ERROR is used as a
generic error in CDM. This fix defines more specific error codes in the
CDM for places where KEY_ERROR is returned.
Merge from http://go/wvgerrit/14071
bug: 19244061
Change-Id: I688bf32828f997000fea041dd29567dde18ac677
[Merge of https://widevine-internal-review.googlesource.com/#/c/14110/ from
widevine cdm repo]
Backward compatibility handling was causing L3 usage and clock information
to be moved. This caused nonce and other failures when attempting to restore
offline keys.
b/20025990
Change-Id: I6e0fa1030bcce1a5bdd811a9064989d3b6ce2f04
Implements the optional setMediaDrmSession() method. To enble this,
support was added to the core to report if a session ID is valid.
As a consequence of this, in the tests for the CryptoPlugin,
construction of the plugin must be deferred until all gMock
expectations are set, as construction now calls into the CDM core.
This is a merge of two changes from the Widevine CDM repo:
http://go/wvgerrit/14083
Allow Setting of Session ID
http://go/wvgerrit/14085
Check If Session ID Is Valid When Changing CryptoPlugin IDs
Bug: 19570317
Change-Id: I7dbd777ce6efebd71fdb5e602663a0e35a48a9c4
(This is a merge of http://go/wvgerrit/14082)
Previously, the CryptoFactory had special behavior to defer creation
to Widevine Classic if no session ID was provided. This functionality
has been deprecated, as MediaCodec Mode is no longer supported.
This is necessary as part of supporting the new API for session ID
changes because the expectation is that it is now legal to initialize
a modular CryptoPlugin without a session ID.
Bug: 19570317
Change-Id: Iad0cd01b6a8d2e66c94c5f53a8a60f5787bc02f8
(This is a merge of http://go/wvgerrit/14051)
Adds support for passing a special provisioning response ("delete")
to the provisioning API in order to unprovision the current origin.
Note that the origin MUST be set or else this will fail.
The existing, system-only unprovisionDevice() method is unaffected.
Bug: 12247651
Change-Id: I16d296397d8e9e73c8f43e36c86838873318a398
This is a merge of several Widevine-side commits that, cumulatively,
allow callers to specify an origin to be used to isolate data storage
as specified in the W3C Encrypted Media Extension specification.
Separate origins have separate certificates, and consequently cannot
share device identifiers with each other.
The changes included in this are:
Add Ability to Check for Existing Certificates
http://go/wvgerrit/13974
Add Ability to Remove the Certificate
http://go/wvgerrit/13975
Make CDM Origin-Aware
http://go/wvgerrit/13977
Add Per-Origin Storage to Widevine CDM on Android
http://go/wvgerrit/14026
Remove Automatic Origin Generation
http://go/wvgerrit/14031
Bug: 19771858
Change-Id: I6a01c705d9b6b4887a9c7e6ff4399a125f781569
(This is a merge of http://go/wvgerrit/13976)
Updates the certificate provisioning protobuf to include the stable_id
field.
Bug: 19771858
Change-Id: I6c1ed8c8c219a8cacc9798d189458d9861aa46d0
(This is a merge of http://go/wvgerrit/13813)
Removes the OS Version property which was only ever implemented on
Android to appease Netflix and never actually used by them. Adds,
instead, a Widevine library version property. Also adds
implementations of this function for both Android and CE Devices.
For Android, the version number is starting at 3.0.0-android, to
reflect that this is the third major revision of the Widevine CDM in
Android.
For CE Devices, the version number is not changing from its current
value (2.2.0) but is gaining a "-ce" on the end in order to
differentiate it from the Android version number.
Bug: 18376638
Change-Id: Ifb3fa0d62631b45d9e91a6a53bcab3be38763d3a
This is a merge from the Widevine repository of
http://go/wvgerrit/14024
Add Level 3 Oemcrypto Unit Tests To Run All Tests Script
This CL adds the ability to restrict the oemcrypto unit tests to only
use the fall back level 3. This restriction is per-process, and is
only used while running the unit tests. This allows us to automate
running the unit tests on an android device as both level 1 and level
3 without modifying files in /system/lib. To turn on the restriction,
set the environment variable: FORCE_LEVEL3_OEMCRYPTO=yes.
New level 3 library versions are:
level3/arm/libwvlevel3.a Level3 Library Apr 8 2015 13:09:05
level3/x86/libwvlevel3.a Level3 Library Apr 8 2015 13:15:42
http://go/wvgerrit/14055
Remove Redundant Tests
This CL modifies the UsageTableTests in oemcrypto_test.cpp so that
they are not all parameterized by new_mac_keys_. This parameter is
used when testing signatures. In particular, we do not need to verify
timing twice.
Also, I modified the run_all_unit_tests.sh script so that the
environment variable GTEST_FILTER is passed down to the android
process. This allows us to use the script to run a limited list of
tests while debugging.
http://go/wvgerrit/14054
Filter Out API Version 10 Tests
This CL updates the OEMCrypto tests so that all but one test will pass
for a device that implements the version 9 API.
Android LMP devices should pass tests with
GTEST_FILTER="*-*MNC*:*CanLoadTestKeys*"
http://go/wvgerrit/13886
Update Documentation about Optional Features
The intergration guide has been updated to include reference to
OEMCrypto_LoadTestRSAKey. It also now discusses optional features.
The Delta 10 document now mentions OEMCrypto_LoadTestRSAKey.
The android supplement warns that most optional features are required.
This also adds clarification about which functions should save the
usage table, in answer to:
b/16799904 OEMCrypto v9 ambiguous about saving usage table information
Change-Id: Ifb517d58952c9b332b2958ca99af64bc293b985f
(This is a merge of http://go/wvgerrit/13980)
Adding origins to Android is going to push the number of arguments to
GenerateKeyRequest over the maximum allowed by gMock. This change
increases the maximum to 11 in order to continue supporting us.
Bug: 19771858
Change-Id: Id04609d70da194f1491573b1b4aa9c23a67b78ab
(This is a merge of http://go/wvgerrit/14052)
Adds a hard return at the end of the output of run_all_unit_tests.sh
if tests failed, which was previously missing.
Change-Id: Ie888168fb965e1f116c2cd7d586b46736abc9c80
(This is a merge of http://go/wvgerrit/13973)
The app ID was write-only because no getter was ever written.
Change-Id: Ie5e383ee3a2dcf2843a6671becb6ff1f88e97d24
(This is a merge of http://go/wvgerrit/13971)
gTest provides generators for ranges of numbers and booleans so that
we don't have to roll our own.
Change-Id: Id7d9310c5d5c1314f680200da4457c0e529ac107
This is a merge from the widevine repository of
http://go/wvgerrit/13923 Switch openssl to use the EVP interface for aes-ctr-128
http://go/wvgerrit/13979 Add Test Certificate to OEMCrypto Mock
http://go/wvgerrit/13978 Add Test Keybox to Level 3 OEMCrypto
http://go/wvgerrit/13873 Enable OEMCrypto Unit Tests
This CL adds a main program to oemcrypto_test.cpp, which filters out
tests that are not supported on the specified platform. It also adds
LoadTestKeybox to the mock. This allows oemcrypto unit tests to be run
on devices that have production keybox. It also allows the same set
of unit tests to work on Android and on non-Android platforms.
b/18962381 Use test certificate (partial fix)
b/19867990 Separate cast receiver tests
Change-Id: If89c31530103ed85aa37d7379bd5b4dc2a927f38
Merge from Widevine: http://go/wvgerrit/14022
This test will be called by GTS test to verify secure stops
are reporting the correct time during online playback.
bug: 18625670
Change-Id: Ieb2b9ad860d796eea3c63c4fb349f4e3c6ac8f34
Also removes OnSessionExpiration which is no longer needed with
OnSessionKeysChange.
Bug: 19771612
Bug: 19771431
Merged from Widevine CDM repo:
https://widevine-internal-review.googlesource.com/#/c/13951/
Change-Id: I0603e808e8d50ff7bb1fb1d5e44fabd8d268ee8a
This change:
1) Switches the Makefiles over to using LOCAL_STATIC_LIBRARIES, which I
understand is the new hotness, rather than setting a -I flag directly.
2) Switches to the non-deprecated _ex versions for EVP_EncryptFinal.
3) Uses the EVP_PKEY interface for checking PSS signatures. This is the
only supported interface in OpenSSL: the PSS padding check functions are
only exported in upstream OpenSSL because it's a library from the 90s
and they don't have a concept of "unexported". Also, by using the EVP
functions, OpenSSL/BoringSSL can do a better job of being constant-time.
Since there aren't any obvious tests for checking that the signtaure
verification still works, I tested with the code in the referenced
paste, which includes both the old and new verification functions and
checks that they both work on a sample signature. (And I also checked
that they both fail when a bit in the signature is changed.)
https://paste.googleplex.com/5747976139964416
Change-Id: Iae7409c53eeea9c3892a32c180d7181d72467dcb
