[ Merge of http://go/wvgerrit/219452 ]
Allow ProvisioningHolder to load the a provisioning response
without triggering test failure if the CDM rejects the response.
This is to allow testing cases where we expect the CDM to
reject the response.
VIC-specific: No specialized provisioning dump call.
Bug: 391469176
Change-Id: Ief1791f23035fe9b554f8e82e049343aa7e97362
[ Merge of http://go/wvgerrit/219451 ]
An upcoming provisioning test requires the ability to perform
generate, fetch and load operations separately (similar to the
current behavior of LicenseHolder).
This CL separates the 3 operations into different methods and
documents the pre/post conditions of each. The original API
is maintained for backwards compatibility.
VIC-specific: Excludes Golden-data refactoring and merges main
change (216510) and typo fix (216570).
Bug: 391469176
Test: run_x86_64_tests
Change-Id: Iec83dfce9d235eedf04ed32d98f7700de4bade12
[ Merge of http://go/wvgerrit/207457 ]
When parsing Widevine's HLS key data, the key details are contained
in a data URI in the HLS X-KEY URI field. The data of the URI is a
base64 encoded JSON object, containing the information required to
generate the license request. The "content_id" field of the JSON
object is expected to be a base64 encoded; however, the HLS parser
did not verify that the decoding was successful. In the event that
was not successful, the decoder would return an empty string, which
the parser would attempt to access the first element by reference
which may be a null reference.
In C++, creating a reference from a null point (without actually
accessing the value) is undefined; however most C++ implemenations
will not cause a segment fault; but it is not guarenteed by the
standard.
This change checks if the decoding was successful before attempting
to store the decoded "content_id" value.
A unit test is added to ensure that a parser fails gracefully.
Bug: 356210640
Test: HlsParseTest.BadHlsData_InvalidContentId
Change-Id: Ie2ad42d69953258659178dd1464d830b2723c6c7
[ Merge of http://go/wvgerrit/207790 ]
SPOID is only expected to be stable for L1
Bug: 339917270
Test: CoreIntegrationTest.ProvisioningStableSpoidTest
Change-Id: I34aab2b5f873b643e2cfb3c7ad8c996f2134a48b
[ Merge of http://go/wvgerrit/207720 ]
CertificateProvisioningTests were failing because the expected
filename "cert.bin" was not met. The file path being passed in
on android was "/data/vendor/mediadrm/IDM0/L[1|3]/cert.bin"
Bug: 339917270
Test: CertificateProvisioningTests/CertificateProvisioningTests.ProvisioningResponseSuccess/Keybox
Test: CertificateProvisioningTests/CertificateProvisioningTests.ProvisioningResponseSuccess/OemCert
Test: CertificateProvisioningTests/CertificateProvisioningTests.ProvisioningResponseSuccess/DrmCertificateReprovisioning
Change-Id: I0874b9652d54848d58c202fe197af0da0616e8cd
Since the CDM engine handles license releases for CE CDM and Android
differently, this changes the license release test to accomodate for
that.
Bug: 348712053
Change-Id: Ibc768e5d5c31ef8c2226b63dc622ffabfc0591fe
A new set of license data was created on UAT so that we
could have keys that match those in the license returned by
a License SDK and by those generated by UAT.
It should be more clear now which data is just made up, and
which data has to match some golden values based on the made
up data.
Bug: 338323091
Test: WVTS
Change-Id: Ic112b4594afb99c6f43e011f59ee7592d4809189
[ Merge of http://go/wvgerrit/201577 ]
[ Cherry-pick of http://ag/28133919 ]
VIC specific: No DRM reprovisioning support
The SystemIdExtractor did not properly define behavior when working
with opened/closed CryptoSessions. Due to the CryptoSession's class
dual role of being both a session and a general handle into the
crypto engine, small bugs relying on undefined behavior which happened
to return expected output allowed tests to pass.
This CL makes the following changes:
1) Have SystemIdExtractor verify caller expectations when session is
open.
2) Improved SystemIdExtractor to operate when CryptoSession is opened
or closed.
3) Updates several SystemIdExtractorTest cases to better test defined
behavior without relying on undefined behavior.
4) Better code comments; hopefully some which will help prevent future
misuse of the internal APIs.
Test: system_id_extractor_unittest on Oriole
Test: WVTS on oriole
Bug: 329713288
Change-Id: I65518fe62f43e8060ea752852eb08a3d7132e2a0
The original clear lead integration tests weren't following the flow of
the original bug because there was only one sample, so
DecryptMultipleSamples wasn't being called in the same way. This should
fix this.
Bug: 320785945
Merged from https://widevine-internal-review.googlesource.com/198137
(cherry picked from commit 4141e271d44c32da88dc0f02a0173fae0b45ead9)
Change-Id: Ia70e3fd78381d8d34261b95931fdb303f77f73fd
[ Merge of http://go/wvgerrit/197972 ]
The test only needs to verify that the license has a renewal
server url. It does not need to fetch a renewal from that url.
bug: 338103523
Change-Id: I1513f8692089c3f51a53ffd6ecb62348702b8fb8
The test server for UAT and for the SDKs now accept the same
url format for renewals.
Bug: 328763985
Change-Id: I1a58412047735efa26da7986bf19fa9a7fbaf374
Also added a unit test to verify that decryption without a license fails
with the correct error code. Also changed comment types for policy
integration tests and core integration tests to be picked up by Doxygen.
Bug: 320785945
Merged from https://widevine-internal-review.googlesource.com/194910
Change-Id: Ibdb70683003bb430dde9b4a1bd9fc9839bace342
* changes:
Unit tests for forbidden RSA key usage
Add DRM reprovisioning request generation
Correct copyright header
Fix bcc length for printing
Update ODK version to 18.4
Adjust skipping tests when provisioning skipped
Change test storage to use protobuf
Remove WvCdmEnginePreProvTestStaging
Rename and clarify Drm Reprovisioning token types
The SetUp for child classes do not automatically quit when
the parent SetUp is skipped.
Bug: 305093063
Change-Id: I606a949ef0e94fa87a97268856b7f2d8b9135ebe
[ Merge of http://go/wvgerrit/194310 ]
Resize bcc to the correct length to eliminate the trailing zeros.
Bug: 330645490
Test: core unit tests
Change-Id: I56b6d30120735a4d7a0f39f29a9f255bd2d2d18c
[ Merge of http://go/wvgerrit/194254 ]
For some platforms, we cannot provision. In this case, any
test that needs provisioning is skipped. However, when a
test is skipped in a subroutine, the rest of SetUp is still
run. Any failures in SetUp will cause the test to be marked
as a failure.
This CL duplicates the check for skipping the test in SetUp
and in TearDown.
Bug: 329467151
Test: WV and unit/integration tests
Change-Id: I0087b12a3f26b52ecf62bf7b0e7bcf4fa2c6c763
[ Merge of http://go/wvgerrit/193190 ]
This changes the persistent test storage to use protobufs instead of
manual parsing. This simplifies the code but makes the files less
"human readable". Files can be read using 'gqui' if needed.
Bug: 312529037
Test: unit/integration tests
Change-Id: I1b025eac96458c0061e0883e1e4fd05484842ff2
[ Merge of http://go/wvgerrit/194370 ]
This test explicitly provisions against the staging server,
which we do not require from partners.
Bug: 329293570
Test: WV unit/integration tests
Change-Id: Id88840f188ec99b386837d83f69844b0990594a9
[ Merge of http://go/wvgerrit/194374 ]
Renames and adds clarifying comments to Drm Reprovisioning token types.
All provisioning methods can be forced to reprovision by apps which can
cause reprovisioning to be an overloaded term. Renaming token types
used by the Drm Reprovisioning method to more clearly state they are
used for Drm Certificate Reprovisioning should help to avoid confusion.
This change also adds comments to help clarify when and where Drm
Reprovisioning is used as a provisioning type.
Bug: b/305093063
Test: WVTS
* Added dependency to dynamic perf tests to fix missing header build
error.
Change-Id: I158eb5672ad9e655a60bc68e0f4f2f7a0d464b4e
[ Merge of http://go/wvgerrit/192010 ]
Updates the CDM to add support for DRM reprovisioning request creation.
- Load the baked-in certificate for use as the client token.
- Add functions to build and sign a drm reprovisioning request.
- Update the Rikers L3 OEMCrypto implementation to support signing
provisioning requests and getting embedded certificate.
- Update client id token to handle DRM reprovisioning.
- Add OEMCrypto function to load the baked-in device certificate in
Rikers CDMs and stubs for non-Rikers CDMs.
- Add dynamic adapter support for getting embedded device certificate
only on L3.
Bug: 305093063
Test: WVTS
Change-Id: I9a0ecf95e27213b046f03baa0781fb164179323b
[ Merge of http://go/wvgerrit/189590 ]
[ Cherry-pick of http://ag/26541307 ]
The CDM session shares its CryptoSession instance with a few additional
member objects (CdmLicense and PolicyEngine). When the CDM session's
crypto session is reset, it must also reset the CdmLicense and
PolicyEngine otherwise, a potential stale pointer reference may occur.
Test: request_license_test on Oriole
Test: run_x86_64_tests
Bug: 311239278
Change-Id: Ie175513ae652dcd96e12e5e1def574a8a56d5863
This updates the code and tests to allow for using license protocol 2.2
when using OEMCrypto v19.
Issue: 80428549
Issue: 121031064
Issue: 232464183
Change-Id: Ib6bb61f86dd310b566227462658530bca5940b88
Since we want to migrate to using GTEST_SKIP to skip unit tests instead
of GTEST_FILTER, we can remove the RestrictFilter() function which
filters the tests out using GTEST_FILTER. To do this, the RSAPerformance
test needs to be removed, which is acceptable since no one uses this
test anymore. However, b/299135804 is being used to track a new way to
either execute/track permance.
Bug: 251240681, 299135804
Change-Id: Ife59c468ee127f4c39d3be91707ca38a061b7895
Since KDF functions are only used right before specific functions, this
merges them to simplify internal state within OEMCrypto.
Fixes: 299527712
Change-Id: I426cfcdc102bd73cf65cd809b213da2474f44b34
The feature RenewOnLicenseLoad is not expected to work for an offline
license when the device has no usage table.
Bug: 310498829
Merged from https://widevine-internal-review.googlesource.com/190789
Change-Id: I601c332ed6cd17f9682082ea6acda7e67492b381
Creates parameterized certificate provisioning tests to prepare for DRM
reprovisioning implementation.
- Create parameterized certificate provisioning test suite.
- Change RETURN_IF_NOT_OPEN macro to call IsOpen instead of checking
the |open_| variable to make mocking of CryptoSession methods easier.
Bug: b/305093063
Merged from https://widevine-internal-review.googlesource.com/188051
Change-Id: Ic1c344af64073a8ff5626530a0864bfeea90fc6e
This CL is created as a best effort to migrate test targets
to the new android ownership model. If you find incorrect or unnecessary
attribution in this CL, please create a separate CL to fix that.
For more details please refer to the link below,
<add g3 doc link>
Bug: 304529413
Test: N/A
Change-Id: I204c137da43a021bcebe316759d1aadaec99fe2a
Flags are to be used in new tests when creating tests that potentially
take a long time to run. Certain test suites are intended to be quick
and may skip certain long running tests.
New slow tests should check these flags and skip using GTEST_SKIP().
Bug: 311273599
Test: ./build.py x86-64 --debug
Change-Id: I4fc5a026f23f489bf2ad8b8a11dc467f550f0c5e
"client_version" is an optional, information field in the protocol for
license requests. It was requested that the CE CDM includes this
information in the license request. It does not hurt to include this
information in the Android license requests too.
If, for some reason, the client cannot provide this information, the
request is still sent out as normal. No reason to prevent an otherwise
valid license request due to a missing optional field.
Note: This field is directly in the LicenseRequest message and not the
ClientIdentification message.
Bug: 253013596
Test: license_unittest
Change-Id: I9dc342301fffdc174122088af39406150b34562e
