[ Merge of http://go/wvgerrit/160857 ]
Reboot tests were attempting to clean up usage info records when the
tests were done. However, usage info are no longer supported.
Unfortunately, the clean up code would trigger a test failure if the
usage info records could not be deleted.
Bug: 258469123
Test: OfflineLicenseTest.VariousTests
Change-Id: I17cebd82da1e45ef53853d35dbe314365a1909be
[ Merge of http://go/wvgerrit/159219 ]
Most API functions of DeviceFiles related to usage info files have
been removed. Storing and retrieving usage info files are no longer
required by the CDM. The only function remaining are the ones that
enabled detecting and deleting the remaining usage info files on the
device.
Bug: 242289743
Test: run_x86_64_tests and device_files_unittest
Change-Id: I002202b47141121a0e5adac569e47d8b8bb69b1a
[ Merge of http://go/wvgerrit/159220 ]
Usage entry info elements of type USAGE_INFO are no longer stored by
DeviceFiles. An earlier CL removed the ability to store USAGE_INFO
entries; but now tests have been updated to exclude USAGE_INFO from
their test data.
A new DeviceFiles tests verifies that USAGE_INFO entries are not
retrieved and that the |has_usage_info_entries| flag is set when
they are encountered when loading pre-usage-info-deprecation
usage table info.
Bug: 242289743
Test: run_x86_64_tests and device_files_unittest
Change-Id: Iefbfe2dd2b0304b4075bfc7c1aeffe3b6ba52624
[ Merge of http://go/wvgerrit/159221 ]
This CL modifies how usage entry info is tracked internally by the
CDM at run time. It removes the different "storage types" that
entries represent (license or usage info), and instead it contains
only the information associated with license types. The presences
of a key-set-id allows the UsageTableHeader to determine if the
entry slot is currently being used, or if it can be treated as
unoccupied.
By removing this different type, it completely prevents the CDM and
its tests from using "usage-info" type entries. This required
significant updates to the UsageTableHeader tests.
Additionally, several of the variable names within the usage table
have been simplified and shortened to reflect their new meanings.
Bug: 242289743
Test: run_x86_64_tests and usage_table_header_unittest
Change-Id: I939e479779425550a17a3c9e6c6d1bc6885e493e
[ Merge of http://go/wvgerrit/158721 ]
This CL removes support for secure stop / usage info sessions from the
CDM engine and CDM session. APIs for related to secure stop
operations will return NOT_IMPLEMENTED_ERROR.
New secure stop licenses will be rejected by the CDM when added.
Bug: 242289743
Test: run_x86_64_tests request_license_test
Change-Id: I30cd47e580d63014e001c903382a28238746f6d4
[ Merge of http://go/wvgerrit/158722 ]
The CDM will delete all usage info / secure stop files on the device
when usage table entries labeled as USAGE_INFO are detected when
restoring the usage table. DeviceFiles no longer transfers the
stored USAGE_INFO entry info into the run-time entry info vector for
the table.
This CL makes only minor changes to test data. Significant updates
to both device file and usage table header unittests are required to
remove usage info / secure stop run-time resources.
Bug: 242289743
Test: run_x86_64_tests
Change-Id: I2d1fc0d6a4c994bc10bfce47818f101f95883979
[ Merge of http://go/wvgerrit/158877 ]
The UsageTableHeader's LRU algorithm for determining which entry to
evict when full uses special considerations based on the type of
entry (offline or secure stop).
This CL removes all secure-stop-specific considerations, and instead
treats secure stop's the same as an unused entry. Secure stop entries
will always be selected for removal before offline licenses (expired
or not).
Additionally, LRU table upgrading will ignore secure-stop entries.
This has no effect in practice as DeviceFiles will not load secure
stop usage entries when UsageTableHeader is initialized on a real
file system.
Bug: 242289743
Test: run_x86_64_tests and request_license_test
Change-Id: Ib3f71f191aed94aad62951667426911e4e202068
[ Merge of http://go/wvgerrit/158872 ]
This CL updates the UsageTableHeader API such that it is no longer
possible to add a "usage info" entry. All new entries that are added
are assumed to be offline licenses.
Bug: 242289743
Test: run_x86_64_tests and request_license_test
Change-Id: I09262da0e4301356156d1715b0301c616be2251b
[ Merge of http://go/wvgerrit/160000 ]
OEMCrypto v15 licenses made use of several now-obsolete API functions
of OEMCrypto (mainly LoadKeys and RefreshKeys). All license handled
by the CDM must be v16 or newer. The CDM can now rely on all license
requests/responses containing a core message, using v16 policy timers,
and requires loading using LoadLicense() / LoadRenewal().
Bug: 252670759
Test: run_x86_64_tests and policy_engine_unittest
Change-Id: I3f65a6ec0326b4c89d1919b8911e065079cb90d2
Merge from http://go/wvgerrit/158917
Use go/yamllint as reference and obfuscate portion of output to
run on an online yaml validator.
Sample output: http://go/cl/481370906
Test: Netflix, Play TV and Movies, Youtube
Test: adb shell dumpsys android.hardware.drm.IDrmFactory/widevine
Test: ./build_and_run_all_unit_tests.sh
Bug: 239462891
Change-Id: I1abf1aa50aa25b97b1f6c10995c324d6de04d056
[ CDM CL http://go/wvgerrit/156286 ]
Local test scripts can now run the CDM unit tests without using a test
keybox / test RSA key by setting an environment variable:
DISABLE_TEST_KEYBOX=yes
The default behavior will continue to be that the unit tests will load
a test keybox / test RSA key.
This is to enable testing different provisioning features when the
device uses keyboxes for its ROT. Provisioning methods like 3.0 and
4.0 were never forcibly required to load a test ROT.
This is change is required for the ability to test ECC-enabled
keyboxes.
Bug: 135283522
Test: run_x86_64_tests and build_and_run_all_unit_tests.sh
Change-Id: I2a85be541deec3f60ab8fa82452a4d4cafaed339
[ Merge of http://go/wvgerrit/154593 ]
This CL updates the initial time used for reboot tests to be
within the valid range used by OPK. Also, the fake clock is
now synced with every use of the TestHost's clock function.
Also, the OPK's system clock is no longer initialized to 0
because this caused some tests to set initial playback time
to 0. That broke code that assumed a time of 0 mean "never".
I also removed some log spam in the WTPI code.
Bug: 222353528
Bug: 236317198
Change-Id: Ibdbdb2440454b9cf561cd9ec65ca3e40cf5a8d93
(This is a merge of http://go/wvgerrit/153552.)
The correct way to create a FileSystem object for testing CdmEngine
depends on the platform. However, our code has historically just
instantiated a new FileSystem object using the default constructor. This
works fine for Android and has historically worked fine for the CE CDM
tests because they did not implement storage correctly. However, an
upcoming commit will fix the implementation of storage in the CE CDM
TestHost, causing tests that use a default FileSystem constructor to
fail. This patch adds a new platform-defined function that instantiates
per-origin test storage in a platform-correct way. For Android, it
continues to use the default constructor, while for CE CDM, it uses the
TestHost.
Bug: 193060708
Test: x86-64 w/ storage separated
Test: build_and_run_all_unit_tests.sh
Change-Id: I0a9b6a4d3943e053d51d6018e392b7f215f50642
(This is a merge of http://go/wvgerrit/153550.)
On CE CDM, storage is split between global and per-origin storage, and
one type of storage cannot be used to access the other. (Though, until
an upcoming commit lands, the tests will allow it.) On Android, both
types of storage access the same filesystem. This means that code may
run fine on Android but fail on CE CDM.
The OEM Cert in Provisioning 4.0 is a global file that should only
exist once, but it was being accessed through the per-origin storage,
which would result in a separate OEM Cert being provisioned for each app
& origin on CE CDM. This patch changes the Prov 4.0 code to access it
through the global storage, using techniques similar to how the Usage
Table Header code does this.
Test: x86-64 w/ storage separated
Test: build_and_run_all_unit_tests.sh
Bug: 236400627
Change-Id: I301d250fc9543e62949a4d9fdcbdd109bd941384
[ Merge of http://go/wvgerrit/149849 ]
With ECC based DRM cert, the session key is expected to be 32, as
compared to 16 bytes in RSA case. This CL adds supports for 32 bytes
session key.
Bug: 236317198
Test: oemcrypto_test
Change-Id: I657fdd92d17736a23375ddcd457f83efa6ca6d1f
[ Merge of http://go/wvgerrit/151311 ]
Missing a check for provision 4.0.
Note: This CL is merged out of sequence with the CDM repo, resulting
in a slightly different CL.
[ Conflicting CL http://ag/18244016 ]
Test: Native test crypto_session_unittest
Bug: 180530495
Bug: 236317198
Change-Id: I79f753ba43098e1a3422c39b9903f57e5df03af2
[ Merge of http://go/wvgerrit/150810 ]
This CL changes the call "Provision()" in some tests to use
"EnsureProvisioned()". The latter can actually call "Provision()" twice
in case of Prov 4 being used: first call to get oemcert.bin and second
call to get drm cert.bin.
Also added a file clean up during test tear-down.
Test: opk_ta with prov2 and prov4
Bug: 180530495
Bug: 236317198
Change-Id: I37c8708ead7f18e8b4d619bf6a080424e45406ee
(This is a merge of http://go/wvgerrit/152969.)
C++ makes absolutely no guarantees about the order of initialization of
global variables in different compilation units. The class-scope static
WvCdmTestBase::default_config_ in test_base.cpp invokes the
ConfigTestEnv constructor on creation, which depends on the prior
initialization of several file-scope static variables in
config_test_env.cpp. Since those are different compilation units, there
is no guarantee that they will initialize in the correct order to avoid
referencing uninitialized memory. This is one of the reasons Google
Style really encourages people not to have global-scope variables with
complex types.
As it happens, on all our internal platforms, these files get linked in
such a way that the variables get initialized in the right order and
there is no crash. But that's not guaranteed, and some partners have
reported crashes here. In at least one case, the "right" linker order
was platform-dependent, and the partner ended up having to maintain
separate linker orders for separate platforms.
This patch defers default_config_ initialization until
WvCdmTestBase::Initialize() is called. By that time, all static
variables will be initialized, so it will be safe to reference them.
Bug: 173252165
Test: x86-64
Test: build_and_run_all_unit_tests.sh
Change-Id: If31128a999c7d6945f47293ca57f08e43d8274de
[ Merge of http://go/wvgerrit/153489 ]
OEMCrypto does not provide an API for retrieving the system ID when
the TEE uses a built-in DRM certificate (provisioning 1.0). New OEMs
and Android devices do not use prov 1.0; however, the Zimperium CDM
(at least the tests) use a built-in certificate and are failing
certain tests because of the missing system ID. To address this
failure; the CDM SystemIdExtractor has been updated to return a null
system ID.
Bug: 235879962
Test: system_id_extractor_unittest
Change-Id: Ib4c2bd75a7825967b0aa9e31e144184ae18fe8fb
[ Merge of http://go/wvgerrit/151391 ]
This CL moves the logic for extracting the system ID from keybox or
OEM certificate (from OEMCrypto or device files) to a dedicated
SystemIdExtractor.
Before Provisioning 4.0, the system ID could only be found from data
returned by OEMCrypto. However, with provisioning 4.0, the system ID
can now be found in the OEM certificate that is stored on the device
files.
Bug: 232020319
Test: system_id_extractor_unittest
Test: Forest L37800000954493485
Change-Id: Ie1b7987906e2e4fef015cd659a947b6dbb7594b1
[ Merge of http://go/wvgerrit/148552 ]
Extended the CDM layer to report OEMCrypto's watermarking support.
The reporting of watermarking comes in three (3) mechanisms:
1) ClientCapabilities in license requests
2) CryptoSession metrics when queried to OEMCrypto
3) String property query by apps
If OEMCrypto implementents OEMCrypto_GetWatermarkingSupport(), then
the reported watermarking support by the CDM will match that of
OEMCrypto.
If OEMCrypto does not implement OEMCrypto_GetWatermarkingSupport()
or an error occurs, it is assumed that OEMCrypto does not support
watermarking, and the CDM will report "Not Supported".
Bug: 226443788
Test: run_x86_64_tests request_license_test and license_unittest
Change-Id: Id929a356c395e6bcf45d371ee6887eec40d35329
[ Merged from http://go/wvgerrit/143750 ]
The old test license holder would generate a minimal license response,
but could not correctly mimic important server logic introduced in the
v16 server. Since all integration tests now have policies on the UAT
server, we do not need these minimalist license responses anymore.
Bug: 192700112
Test: GtsMediaTestCases on sunfish
Change-Id: I78c1b6085a6d0239840a11f2b904902210e5e61c
[ Merged from http://go/wvgerrit/143635 ]
Use a license holder for the generic crypto tests.
Bug: 192700112
Test: GtsMediaTestCases on sunfish
Change-Id: Ia2c802263562b11845e55ae0a24254ea54e364c7
[ Merge of http://go/wvgerrit/143749 ]
Tests are added to verify that the policy durations are enforced for
an offline license after a device has been rebooted.
Bug: 26163469
Test: GtsMediaTestCases on sunfish
Change-Id: I54e65d7abc5e59eae7c150555b2244dbf96da3f5
[ Merge of http://go/wvgerrit/143634 ]
Refactor the policy integration tests to use the license holder.
Bug: 195691232
Test: GtsMediaTestCases on sunfish
Change-Id: I58ffa64caec05c617065e4781657e85914f8369e
Merged from http://go/wvgerrit/146154
Many integration tests require a license from a license server. This
CL creates a helper class to fetch, load, and hold a license.
Test: ./build_and_run_all_unit_tests.sh
Bug: 194342800
Bug: 194342778
Change-Id: I0de7bcab4db1b365f074bad29fc157a5eca135d8
[ Merge of http://go/wvgerrit/143630 ]
When we run a test with the fake clock, the clock had been initialized
to the current time, or to 0. This causes a problem for reboot tests
because the clock might go backwards over the reboot. With this
change, we monitor the clock at the end of one reboot pass and
initialize the clock for the next pass based on the previous value.
Bug: 26163469
Test: GtsMediaTestCases on sunfish
Change-Id: Ibd0024f963634382af70553fced38da6e1d857d2
[ Merge of http://go/wvgerrit/143629 ]
The standard b2a_hex only saves about 2k, so we need a special version
that can handle larger strings. This is needed because a license file
is about 7k.
Bug: 194342751
Test: GtsMediaTestCases on sunfish
Change-Id: I6a6ac3f8f4fa6d9cd8a0119fc64fc8f3cc5f3ae8
The interface is defined in
hardware/interfaces/drm/aidl(http://go/ag/15329852).
Test: build
m android.hardware.drm-service.widevine -j128
Test: build_and_run_all_unit_tests.sh
for hidl tests
Test: atest VtsAidlHalDrmTargetTest
Bug: 200055138
Bug: 170964303
Change-Id: If2f2a129914436ba5cef1c46f6cb9415e12c3d1c
(This is a merge of http://go/wvgerrit/140850.)
This patch fixes a number of minor issues in the codebase (mostly
instances of 0-as-nullptr, but also some member shadowing and a missing
override) that were being hidden by the fact that depending on Protobuf
disables these diagnostics. And which will be unhidden when a later
patch removes that behavior from Protobuf.
Bug: 208304830
Test: x86-64
Change-Id: I4b0b1264748880b3726a6388d589868d898f949e
(This is a merge of http://go/wvgerrit/139989.)
Googletest added a new, more powerful MOCK_METHOD() macro in 1.10. This
patch updates all our usage of the old MOCK_METHOD family to the new
macro. Full details can be found at
https://github.com/google/googletest/blob/release-1.10.0/googlemock/docs/cook_book.md#creating-mock-classes
but in brief, the new MOCK_METHOD() replaces the entire old MOCK_METHOD
family and has the following advantages:
1) No need to count parameters or update the macro name when changing
parameters.
2) No need for a different macro for const methods.
3) The ability to specify override, noexcept, and other function
qualifiers.
4) The macro order is now the same as C++ method definition order:
Return Type -> Name -> Arguments -> Qualifiers
In addition to upgrading all our usage sites to the new macro, the
addition of the override qualifier to our MOCK_METHODs helped uncover
several cases where we were using MOCK_METHOD to override methods that
didn't exist. This is a great example of why the override qualifier is
so useful. These places have been updated, by removing the invalid and
unused mock method.
Bug: 207693687
Test: build_and_run_all_unit_tests
Change-Id: Iaad4a22c7f72bb48b1356fe01a41eb0a2f555244
Merge from Widevine repo of http://go/wvgerrit/142150 (part 2)
For an EVT device, without a keybox or with a test keybox, we want it
to fall back to L3. However, when running the unit or integration
tests it should continue running tests with test keybox. This will
allow us to test L1 oemcrypto on an EVT device, while still using an
EVT device for dogfooding video content at the L3 level.
Bug: 210807585
Bug: 210823889
Change-Id: I30c35134239db35bb39f11f75220063181987763
Merge from Widevine repo of http://go/wvgerrit/142149
This CL updates the TestCryptoSession so that it will recover from
initializing without a keybox. This allows unit and integration tests
to be run using a test keybox on a device that does not have any
keybox.
Bug: 210807585
Bug: 161925952
Change-Id: I8639bd733a50ae5af3a7c786347b5a06a9d783ce
Merge from Widevine repo of http://go/wvgerrit/142049
This CL is test only code. A nonce flood was causing the OTA test to
be a little flaky when run on the automatic testing platform Luci.
Bug: 205889158
Change-Id: I4f3e5d8469b899e565c430bd46994e098c5d94e6
