[ Merge of http://go/wvgerrit/15474 ]
Changes to releaseAllSecureStops made use of a session that was
initialized only if getSecureStops had been previously called. If it was not,
accessing the session resulted in a segfault. This was uncovered by a change
in how the Netflix app invoked mediaDrm.
b/23498809
Change-Id: Ib426ae1830c3a42c5e0849f1b6e8bbfe0d2c74ff
(This is a merge of http://go/wvgerrit/15430)
Previously, after provisioning, any existing offline licenses would be
deleted, as they were inevitably tied to the certificate that was just
replaced. However, due to the way per-origin provisioning works on
Android, this is no longer a safe assumption. Licenses from different
origins are all stored together, so this behavior would delete all
offline licenses across all origins every time any origin is
provisioned. And it is not possible to delete only the licenses for
specific origins without changing how licenses are stored. It is too
late to change how licenses are stored in Android M, so we need to
stop proactively cleaning up licenses in this edge case for now. Once
b/23354606 is resolved, we can reinstate this clean-up and properly
only clean up the licenses associated with the origin that was just
provisioned.
Bug: 23324167
Change-Id: Ic21db8c21bdb4243266cd49020ed52287eb21d9a
Prevent usage of client provided address on
non-secure devices spoofed as being secure.
b/23223325
merge of go/wvgerrit/15420 from widevine repo
Change-Id: I1d4f3a652b3d5e78fca508f92005cfa8df5ec6db
[ Merge of http://go/wvgerrit/14900 ]
When releasing a license, usage entries were being released twice with
both OEMCrypto_DeleteUsageEntry and OEMCrypto_ForceDeleteUsageEntry being
called. The second call would always fail because the usage information had
already been released. The CdmSession::DeleteLicense methods will now only
handles deletion of license metadata and leave deletion of usage entries to
the CdmLicense class.
b/22097805
Change-Id: Ic55764d5357043d136e7d88583f709a4ceea3e64
[ Merge of http://go/wvgerrit/14920 ]
The renew_with_client_id field was not being correctly set when licenses
were being restored for usage reporting.
b/22047007
Change-Id: Ib769431b1e49bb498f53d8153a970b6c0a2776d2
The external/gmock project does not include the patches needed for
widevine, so renaming the internal copy allows both to coexist in the
build system.
(cherry-pick of 5b830f19b6 with conflict.)
Change-Id: I77c956db30921afffe31d11e1cd2d99541925f35
[ Merge of http://go/wvgerrit/14824 ]
OEMCrypto v9 added support for secure usage reporting with the help of
a session usage table. This was enabled through the replay control bits
in the key control block. It was expected that streaming licenses
would enable the nonce required bit, while offline licenses would
enable session usage table entry flag. There are certain cases
where content providers would prefer not to enable the flag for offline
licenses and this test verifies that this scenario works.
b/17514500
Change-Id: Icd1bea8cec2fd52be2be249424891ce1755d5f25
merge of http://go/wvgerrit/14807 from the widevine repo.
The mediaDrm API only allows for a single provisioning attempt at a time.
If concurrent provisioning attempts occur, resources are released from
all but the last request, in order to allow at least that one to be successful.
Any provisioning responses received before one from the last request will
be rejected. A side-effect was that all provisioning resources would
then be released. This caused a provisioning response from the last attempt
to be rejected as well. This CL corrects this behavior and releases resources
only if a provisioning attempt is successful.
The side-effect is that, if the response to the last request is not received
or failure occurs while processing, a crypto session may be held until the
next provisioning attempt.
In other cases of concurrency, provisioning responses to requests other than
the last which are received after the last response will be declared successful.
b/21879484
Change-Id: I3a840ceda1a16ee6adb40c2dbca6c4adf3da12c3
(This is a merge of http://go/wvgerrit/14795)
This change restores the ability to build the Widevine CDM for Android
for MIPS devices. It restores the precompiled binaries for MIPS and
re-adds MIPS to all makefiles.
This change includes a new build of the obfuscated binaries for
MIPS32r1 that were built using a MIPS device on the emulator.
level3/mips/libwvlevel3.a Level3 Library Jun 19 2015 12:32:49
Bug: 19482469
Change-Id: Ifa1c299a5751f3772c42289d8333a2b8cec51f69
(This is a merge of http://go/wvgerrit/14783)
When validation was added to the service certificate property, it
broke the associated test, which sends random data. It also did not
do any testing of the new validation itself.
This fix makes the validation method on WvContentDecryptionModule
non-static so that it can be mocked and handled appropriately in the
test.
Bug: 21923281
Change-Id: Id5d2315709fce35f9347b3545f594371810349f0
[ Merge from http://go/wvgerrit/14745 ]
License generation errors previously would result in code -2916 being returned
though the mediaDrm API. More descriptive error codes are now being returned
from -2850 to -2836
b/13976775
Change-Id: I613ad650ab0a072ce9d8029e2af52b72dc617236
[ Merge from http://go/wvgerrit/14670 ]
Concurrent provisioning attempts are declared successful if any one of them
succeeds. Earlier only the successful ones were declared as such.
b/21727698
Change-Id: I67dedca44790a4ae236e14f90a8fc91775273905
(This is a merge of http://go/wvgerrit/14630)
To create a better flow when an application sets a service certificate
manually, we will now validate the certificate when it is given to us,
and if it is invalid, we will not allow the property to be set.
Bug: 21307186
Change-Id: If980ad075604223fc962a859fae93e98d86a7f4f
(This is a merge of http://go/wvgerrit/14531)
As an optimization, the Media Server now unloads our library when not
in use. This has exposed a bug by which we were never deleting the CDM
singleton. Fix is to make WvContentDecryptionModule an Android smart
pointer ref base and then make sure all the plugins store a strong
pointer to it. The singleton is a weak pointer, so when the last
plugin is cleaned up, the CDM will be as well. And on the off chance
that the library isn't immediately unloaded, the singleton code will
generate a new CDM next time one is needed.
Bug: 21153732
Change-Id: Ifaf02fa9afe0a70a8b53e8b92ee0a3d1359ca001
[ Merge of http://go/wvgerrit/14480 ]
Server upgrades have been completed and allow these tests to run successfully
against UAT. They were earlier tested against staging.
b/21479112
Change-Id: Ifc5e5780fa5305c6ddfd662ada204db599cb5c6e
[ Merge of http://go/wvgerrit/14410 ]
When specifying a service certificate though mediaDrm, the CDM earlier expected
serialized service certificates rather than signed ones.
b/21334970
Change-Id: I39af2aa25e8dc2a651cbdce84eb32f266b5b3382
Also fix a missing change for
"playback duration should override license duration".
Merged from Widevine CDM repo:
https://widevine-internal-review.googlesource.com/#/c/14435/
Bug: 21393975
Change-Id: Ibfcf3ae4c13db8944ea285bcc79b6312ea621e1b
[ Merge of go/wvgerrit/14360 ]
If within playback window, do not expire license on expiry of rental or
license duration. In this case playback duration will extend the license.
b/17791094
Change-Id: I26d255aa8f0287bd583ebdeec991c613d49d8f22
[ Merge from go/wvgerrit/14286 ]
CDM now reports status information associated with the specified security level.
Earlier information would be reported from the default security level.
b/18709693
Change-Id: I7a01e8ea9773b56951c207437ce85e567fd32b09
[ Merge of go/wvgerrit/14240 ]
Client information is reported in release and renewal messages based on
flag in the license. License proto has been updated to match server updates.
There are two caveats
* Client IDs will be reported unencrypted when usage reports are requested.
* Release requests that enable privacy mode (encrypted client IDs) but do not
specify a service certificate are not supported.
b/19247020
Change-Id: I95e709922122370f310936fbad3d312262128e49
Merge from widevine of go://wvgerrit/14173
This CL updates the android makefiles to use the libcrypto_static.
Change-Id: I74567ff880ebdce366766a9ab44c92cc9540b8db
Merge from widevine repo of http://go/wvgerrit/14125
This copies code from http://go/wvgerrit/13847 to the oemcrypto unit
tests. It puts the test name in the log file.
I also commented out some unused function parameters to avoid compiler
warnings.
Change-Id: I3ba259de2f408ec60e90db7f0ea1524d5aa8f8a4
The errors in the range ERROR_DRM_VENDOR_MIN to ERROR_DRM_VENDOR_MAX are
reflected in the message that is reported to the app, which is
MediaDrmStateException.getDiagnosticInfo().
Many errors map to kErrorCDMGeneric, especially KEY_ERROR is used as a
generic error in CDM. This fix defines more specific error codes in the
CDM for places where KEY_ERROR is returned.
Merge from http://go/wvgerrit/14071
bug: 19244061
Change-Id: I688bf32828f997000fea041dd29567dde18ac677
[Merge of https://widevine-internal-review.googlesource.com/#/c/14110/ from
widevine cdm repo]
Backward compatibility handling was causing L3 usage and clock information
to be moved. This caused nonce and other failures when attempting to restore
offline keys.
b/20025990
Change-Id: I6e0fa1030bcce1a5bdd811a9064989d3b6ce2f04
Implements the optional setMediaDrmSession() method. To enble this,
support was added to the core to report if a session ID is valid.
As a consequence of this, in the tests for the CryptoPlugin,
construction of the plugin must be deferred until all gMock
expectations are set, as construction now calls into the CDM core.
This is a merge of two changes from the Widevine CDM repo:
http://go/wvgerrit/14083
Allow Setting of Session ID
http://go/wvgerrit/14085
Check If Session ID Is Valid When Changing CryptoPlugin IDs
Bug: 19570317
Change-Id: I7dbd777ce6efebd71fdb5e602663a0e35a48a9c4
