The interface is defined in
hardware/interfaces/drm/aidl(http://go/ag/15329852).
Test: build
m android.hardware.drm-service.widevine -j128
Test: build_and_run_all_unit_tests.sh
for hidl tests
Test: atest VtsAidlHalDrmTargetTest
Bug: 200055138
Bug: 170964303
Change-Id: If2f2a129914436ba5cef1c46f6cb9415e12c3d1c
[ Merge of http://go/wvgerrit/128183 ]
As was the case with WvCdmStreamingUsageReportTest.ReportTest, the
following tests were also updated to handle the case where "license
duration" is unlimited:
- WvCdmStreamingNoPstTest.UsageTest
- WvCdmStreamingPstTest.UsageTest
- WvCdmOfflineUsageReportTest.UsageTest
This is due to the new license duration model used for V16 licenses.
Bug: 163542905
Test: cdm_extended_duration_test
Change-Id: I24d3fc17fcf19129a19ed39a5c6c1ddd59ed073d
[ Merge of http://go/wvgerrit/128046 ]
Test case WvCdmStreamingUsageReportTest.WvCdmStreamingUsageReportTest
was failing comparing "license duration" values returned when querying
for key information for licenses with unlimited "rental duration".
This is due to the new license duration model used for V16 licenses.
From the Widevine MediaDrm doc for "LicenseDurationRemaining":
For OEMCrypto v16+ (Android 11 and later), license duration is no
longer being enforced. If rental duration is set to never expire,
”9223372036854775807” (LLONG_MAX) will be returned.
Similarly, the test has been updated for "playback duration" queries
of the same case.
Bug: 163542905
Test: cdm_extended_duration_test
Change-Id: I57e0e435631a151fac45c963d865de256a773644
[ Merge of http://go/wvgerrit/108084 ]
The Widevine License Agreement has been renamed to use inclusive
language. This covers files in the android directory.
Bug: 168562298
Test: verified compilation (comment only change)
Change-Id: I0f9e6445e0168ebe85425baeb81371e182e5a39c
[ Merge of http://go/wvgerrit/105025 ]
Clang and GCC allow for warnings against the arguments for printf-like
functions (e.i. LOGx). These validate that the format type specified
in the format string match the corresponding argument type.
Most of the time, format specifer errors are benign; hence why they
haven't been seen as an error so far. However, with the enabling of
specifier warnings and the enabling of warnings as errors on certain
platforms, these existing errors need to be addressed.
This CL enables format specifier warnings for most of the Widevine
code, with the OEMCrypto L3 implementation which has a single error
which requires a fix in the haystack code before being fixed in the
Widevine branch.
Strict format string warnings are not enabled for non-LP64 systems.
Bug: 137583127
Test: Compiled for Linux and Android
Change-Id: I051398332d31a20457b86563a90ad8f6d428445f
[ Merge of http://go/wvgerrit/100864 and http://go/ag/10704773 ]
ATSC 3.0 allows for licenses to be downloaded OTA and are tied to
a DRM certificate that may be shared across apps. The provisioning
process for ATSC may happen at the factory or during an OS update.
This contrasts from the regular OTT model, which requires that
provisioning and license download have an uplink as well as a
downlink connection.
This adds support for the ATSC mode property. ATSC mode can only be
set (or unset) before sessions are opened. Once the CDM identifier is
set/sealed, requests to modify the ATSC mode will be rejected.
If one needs to open sessions with both ATSC mode and regular (non-ATSC)
mode, separate MediaDrm objects will need to be created. The default
mode is to not use ATSC.
Enable ATSC mode by calling
mediaDrm.setPropertyString("atscMode", "enable")
Disable ATSC mode by calling
mediaDrm.setPropertyString("atscMode", "disable")
Provisioning and unprovisioning requests for ATSC will be rejected as
certificates will be retrieved by the ATSC service.
Bug: 139730600
Test: WV unit/integration test, GtsMediaTestCases
Change-Id: I142f286c711fe007ff42125c3c8cdc6450b6ea36
Merge from Widevine repo of http://go/wvgerrit/99843
When processing a license release, the license is not loaded, so
OEMCrypto does not know nonce version information for the core
message. It assumes that all license releases are v15, so it is not an
error for a license release to not have a core message.
This CL also adds some extra logging to tests so that we can track
content id and the pssh. This CL also updates some of the test content
policies when running the local license server. The local license
server is only used for debugging problems.
Bug: 152648172 Integration test WvCdmEngineTest.LicenseRenewal failing
Bug: 156259697 License release does not need core message
Test: Unit tests with v16 mod mock
Change-Id: I04c896adadfb17877ce1115345d2419e0d2489f0
[ Merge of http://go/wvgerrit/97267 ]
In earlier releases, provisioning would occur based on a cached
security level. If an open session call returned a NotProvisionedException
the security level would be cached for use with any future provisioning
call.
An app would have to set the security level, then call openSession,
have it fail and then request provisioning. This fits the normal flow of
most apps. Still on occasion, an app might change requested security level
after an openSession call failed. Using the cached security level
would result in unexpected behavior.
This change allows provisioning to occur at the last security level that
was set.
Bug: 129356527
Test: wv unit/integration tests, GTS tests (GtsMediaTestCases)
Merged-In: I8d9234eec2b23a9c913e77a709943b431e25e43e
Change-Id: I8d9234eec2b23a9c913e77a709943b431e25e43e
[ Merge of http://go/wvgerrit/93506 ]
This updates the license_protocol.proto to match the one used by
the license service. It introduces new fields such as
|soft_enforce_rental_duration|. Additional changes address proto field
naming changes.
Bug: 139372190
Test: WV android unit/integration tests
Change-Id: Id0c38b457e9079c0afc6848c355c07f96a19e073
Merge of http://go/wvgerrit/93404
This CL updates the Widevine CDM to support OEMCrypto v16.1
Test: Tested in 16.2 CL
Bug: 141247171
Change-Id: I69bd993500f6fb63bf6010c8b0250dc7acc3d71b
[ Merge of http://go/wvgerrit/92783 ]
The integration test suite cdm_extended_duration_test are failing to run
successfully. This is an interim step which corrects a few failures
including the the PSSH used by some of the tests. Follow on CLs will
address other test failures.
Bug: 148090831
Test: cdm_extended_duration_test (VerifyLicenseRequestTest,
VerifyLicenseRenewalTest, MaxUsageEntryOfflineRecoveryTest)
Change-Id: I918353bfcd6ad2442c40bf0ddb8e3b07232af03d
[ Merge of http://go/wvgerrit/85503 ]
Replacing a few instances of C's NULL with C++'s nullptr in some of the
smaller sub-directories in the CDM.
Note that clang-format has performed additional changes to some of the
test files that have not yet been formatted.
Bug: 120602075
Test: Android unittest
Change-Id: I926135ed4b85e9d2d58a014b4a62098b0cb7a373
[ Merge of http://go/wvgerrit/79884 ]
WvCdmDecryptionModule needs to be refcounted since it inherits
from RefBase. The test code instantiates it as a member variable.
Bug: 133188706
Test: WV unit/integration tests
Change-Id: I8ae3d92ae148677ea9a8290a6c0553c1a43e3454
[ Merge of http://go/wvgerrit/63682 and http://go/wvgerrit/4977904 ]
Enforce OEMCrypto insufficient resources error reporting in CDM tests.
In addition, when CreateNew/LoadUsageEntry fails with OEMCrypto
insufficient resources error, delete a random usage entry
and retry. The current behavior evicts low index entries
from the usage table, which was a crude attempt to emulate a LRU.
This was deficient as, on occasion, it will result in the deletion
of a recently added usage entry.
Bug: 111260263
Bug: 113828866
Bug: 120433165
Test: Widevine OEMCrypto tests, integration tests. GtsMediaTestCases.
Play movies and Netflix playback tests.
GtsMediaTestCases MediaDrmTest#testUsageTableCapacity
Change-Id: I63340f76d1e2af3c6834b98ad816e11eea18fc7f
[ Merge of http://go/wvgerrit/66002 ]
Client authentication was needed when licenses were requested from
the Play movies license service. For UAT/staging client authentication
is set to the empty string.
The play movies license service has not been used recently for testing.
Also, client authentication has not been supported as one of the
command line arguments. This was even before the command line parameters
were consolidated in TestBase.
Since it is not possible to specify client authentication on the
command line, the configured(default) value is always used.
This CL will remove code in the test to check if it has
been specified on the command line. It can be added back later,
if we decide to support client authentication as an option.
b/119221644
Test: WV unit/integration tests
Change-Id: I4a7fab5ec27b4897c9a73bd3ff34615d8ae11c28
Merge from Widevine repo of http://go/wvgerrit/56521
This CL adds a common main routine for integration tests. It sets a
default test configuration for the provisioning and license server
urls and certificates, and allows the user to set them on the command
line.
Test: current unit tests still pass.
Bug: 72354901 Fix Generic Crypto tests.
Change-Id: I604a3d9e15d50da5041794624c4571c0dcb091f5
Merge from Widevine repo of http://go/wvgerrit/56520
This CL adds a test base that installs a test keybox and catches nonce
flood errors for all CDM tests.
In order to do this, a new class is added called a
CryptoSessionFactory. The default factory just creates a new
CryptoSession. All places in the code that create a new CryptoSession
now call the static method MakeCryptoSession, which uses the current
factory to create a CryptoSession. If MakeCryptoSession is called and
there is no current factory, a default factory is created.
The CryptoSession constructor is now private, so that we do not
accidentally try to create one without using the factory.
For the new test base, we first create a special test
CryptoSessionFactory that creates a TestCryptoSession. The test
factory catches the first call to MakeCryptoSession and injects an
installation of the test keybox after OEMCrypto_Initialize is called.
The TestCryptoSession injects a sleep statement and a retry whenever
it detects a nonce flood.
Test: current unit tests still pass.
bug: 72354901 Fix Generic Crypto tests.
bug: 111361440 Remove #ifdef from unit tests
Change-Id: I248e7f3c53721c04d2af412ef835e19bb4d15d9a
Merge from Widevine repo of http://go/wvgerrit/48841
This test is not providing value to the CDM, as it seems to exist
primarily to validate server behavior. However, it is not doing what
it says it is (the request is rejected because it is using unparseable
garbage data, not because its key ID is unknown) and according to
tinskip@, the behavior it claims to be testing is not valid. (The
licensing service will not fail just because the key ID is unknown.
Indeed, if the test data is fixed to use a valid payload with an
unknown key ID, the test fails because the server does not.)
Bug: 78640287
Test: CE CDM Unit Tests
Test: Android Unit Tests
Test: tested as part of http://go/ag/4674759
Change-Id: Idfcff15ab3d15fdfb6eb111b5dff68aa5a23fb37
[ Merge of http://go/wvgerrit/58460 ]
If OEMCrypto runs out of space in the usage table header+entries adding
a new license or loading/using an existing one might fail. This CL makes
two modifications to handle this scenario.
* OEMCrypto_ERROR_INSUFFICIENT_RESOURCES will be returned from
OEMCrypto_CreateNewUsageEntry or OEMCrypto_LoadUsageEntry. An attempt
will be made to release a LRU entry from the usage table and retry
the operation. This may be retried 3 times unless success
occurs earlier.
* On initialization, the usage table header is loaded. If there are more than
the minimum number of usage entries (200), an attempt is made to
add a usage entry. If this fails, we are likely in an unrecoverable
state. We then delete all offline licenses, usage information and
recreate the usage table header. This will allow future playback
attempts to succeed and offline licenses to be able to be downloaded
but will lose all current offline licenses and secure stops.
Bug: 112486006
Test: WV unit/integration tests, GtsMediaDrmTest
Playback tests using Netflix and Play movies.
Change-Id: I41a18d69a329f8a96c7b607d299ce73af3d56177
[ Merge of http://go/wvgerrit/49980 ]
This CL
* corrects some of the test expectations
* switches test content used to test streaming with provider session tokens.
The policy of the earlier test content had changed.
* adds some more information to log messages
Bug: 63819720
Test: WV unit, integration tests, WvCdmExtendedDuraionTest,
GtsMediaDrmTest
Change-Id: I8fdbc9c38d6018cc6e884e1b95b2e9d26e7aa536
[ Merge of http://go/wvgerrit/48400 ]
Client identification information has recently been enabled in
provisioning messages. For privacy concerns this information
is being encrypted with a default service certificate.
Apps need to be able to override the default one to allow
for provisioning with third party provisioning services.
Bug: 78420508
Test: WV unit, integration tests
New WvCdmRequestLicenseTest.ProvisioningTestWithServiceCertificate test
GTS MediaDrmTestCases
Change-Id: Iee61ad47d33ce011efbea4eb90f7e4b1f032d15f
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
This change contains the original change go/ag/3819203 and a fix to the
deadlock that was seen on Marlin and Taimen.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: Ib208204a1b794df9f306fa11d13a8bb6cd6889f7
Merge from Widevine repo of http://go/wvgerrit/47860
This CL updates the copyright notice to indicate that files
shared with partners are shared under the Widevine Master
License Agreement.
bug: 77926774
test: comment change only
Change-Id: I0423668111578b80fb39a932d763df2827e2dfc3
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: I7e041b6cdf3e272d067da49d25a297b4a4663f1f
A few metrics were missing or not properly collected in the CDM metrics.
This CL addresses them.
Bug: 64570194
Bug: 72866232
Test: Unit tests and Google Play manual test.
Change-Id: I3a3aa4fb3eb8422c9c8c398016f02409307beb33
[ Merge of http://go/wvgerrit/45661 ]
This test was written to verify that the last 50 entries were maintained
by the usage table (OEMCrypto v9-11). With OEMCrypto v13+, that limit has
been removed and this is no longer an appropriate test. I have
disabled the test for now and will replace/rewrite with one
appropriate for big usage tables.
Bug: 30022298
Test: Ran cdm_extended_duration_tests
Change-Id: I23d54bb57c92b391f80817945626898fd590078f
Merge from Widevine repo of http://go/wvgerrit/43440
This CL changes several tests so that they abort after multiple
failures. This prevents a network error from putting one of the usage
table tests into an infinite loop.
bug: 73397596
test: unit tests
Change-Id: Iaaec9eb2b39a6a2b2cfc90ee1c28bae0486aa851
Merge from Widevine repo of http://go/wvgerrit/43420
Remove or mark unused variables. Fix unsigned/signed comparisons.
bug: 73390805
test: unit tests
Change-Id: Ic523400a5decf82fae733042b260e0c39a087cd3
These are a set of CLs merged from the wv cdm repo to the android
repo.
* Android build fixes
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36322 ]
* Address android compilation errors and warnings
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36300 ]
* Gyp cleanup and OpenSSL v10.1 support.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/36001 ]
OpenSSL 10.1 has a small number of incompatible changes.
A desktop system upgrade exposed some issue in the build scripts.
Specifically, the linux build was using both third_party/protobufs (2.6.1)
and the version installed on the system (3.0 in this case). The linux
cdm.gyp depended on cdm/cdm.gyp which caused that plus some
additional issues.
These changes are necessary to support g++ version:
g++ (Debian 6.3.0-18) 6.3.0 20170516
Also did some cosmetic rework on run_current_tests to make it easier
to figure out what is going on when something fails.
Also tweaked some of the compiler settings for g++ support (revisit
this later).
* Refactored Service Certificate encryption to allow encryption of arbitrary data.
Author: Thomas Inskip <tinskip@google.com>
[ Merge of http://go/wvgerrit/36141 ]
* Send cdm test requests to UAT.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36221 ]
This change resolves the all of the
CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer
tests.
The license servers will return different keys and keyids.
Sending the request to staging returned key ids and keys that were
not matching what was expected in the unit tests.
* Fix for building L3 OEMCrypto with clang and libc++
Author: yucliu <yucliu@google.com>
[ Merge of http://go/wvgerrit/35740 ]
1. Include <time.h> for time(time_t*).
2. Create endian check union on stack. Clang may create const union
somewhere else, which may cause crash.
* Remove error result when a sublicense session does
not exist. This is not considered an error.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36080 ]
* Set default mock handler for GetSupportedCertificateTypes
for all unit tests and removed the use of StrictMock from
MockCryptoSession.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35922 ]
The handler for this was only set for one test and resulted
in a number of failures.
* Set default handler for GetHdcpCapabilities. For
now the default action is to call the real
GetHdcpCapabilities of crypto_session.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36140 ]
I also changed the mock to a NiceMock to silence
responses to unexpected calls to GetHdcpCapabilities.
The default handler can be overridden as needed in
the individual tests.
This resolves the policy engine test failures.
* Finalize merge of cdm_partner_3.4 to master.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35360 ]
This is the final set of updates to merge all v3.4.1
changes into master.
* Embedded license: Sublicense rotation.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35360 ]
Handle sublicense rotation event.
* Embedded license: Initial license phase.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/34280 ]
Initial license phase - key loading subsession.
* Embedded license: generate session data.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/33722 ]
Generate session data and add it to the license request for
any embedded license material.
* Resolve missing symbol when building cd-cdm
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35840 ]
* C++11: Replace OVERRIDE def with override keyword
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35400 ]
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c
These are a set of CLs merged from the wv cdm repo to the android repo.
* Change build options for make protobuf host tools
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/30381 ]
Also revert local change to protobuf/extension_set.cc
This builds after adding -Wno-return-type and -Wno-unused flags.
* OEMCrypto v13 stub
Author: Rintaro Kuroiwa <rkuroiwa@google.com>
[ Merge of http://go/wvgerrit/30004 ]
* Remove merge conflict tags
Author: Edwin Wong <edwinwong@google.com>
[ Merge of http://go/wvgerrit/30120 ]
Remove merge conflict tags for http://go/wvgerrit/29880
* Added Android Things ARM provisioning key to L3
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/29701 ]
BUG: 63443584
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: Ifd867b491dfda5d67d2e225695535b5af9e18260
These are a set of CLs merged from the wv cdm repo to the android repo.
* Correct RELEASE_ALL_USAGE_INFO_ERRORs
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28742 ]
RELEASE_ALL_USAGE_INFO_ERROR_4 and 5 were introduced and made use of in
http://go/wvgerrit/24022 (branch: oc-dev). The error code definitions
were merged over in http://go/wvgerrit/24602.
When http://go/wvgerrit/24622 from cdm_partners_3.2 was merged to master
(http://go/wvgerrit/27723) there was conflict in error codes. The error
codes were adjusted to RELEASE_ALL_USAGE_INFO_ERROR_3 and 4
and were made use of.
To avoid renaming the errors between oc-dev and master, new errors
RELEASE_ALL_USAGE_INFO_ERROR_6 and 7 have been added to handle the
scenarios noted in the merge from cdm_partner_3.2. The other
errors have been reverted back to RELEASE_ALL_USAGE_INFO_ERROR_4 and 5.
They will be used when http://go/wvgerrit/24602 is merged.
* Address compilation issues
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28740 ]
These changes enable compilation of most of the cdm code on android
expect for OEMCrypto unit tests (b/62739406) on wv master.
* Add property for binary/base64 provisioning msgs.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28074 ]
Property is "provisioning_messages_are_binary". Its default setting is
false in the CE CDM, but it can be overridden by integrators.
Added section to integration guide that discusses Provisioning Server
message formats and the new property.
Link: https://docs.google.com/document/d/1cBVbhgrajLpDe2W3_vzLzUqzpdDt73chvm4_sZlZlS8/edit#heading=h.hgxw53ddw7jo
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I9168193819974d1ff65d9a94dbd762e45ecc43ca
These are a set of CLs merged from the wv cdm repo to the android repo.
* Add CDM status return for decrypt blocked by HDCP.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28062 ]
New status code is kKeyUsageBlockedByPolicy. It is returned by the decrypt()
call instead of kDecryptError or kNoKey.
Also shuffled the CDM status returns to define the EME-aligned codes
first, and added comments to highlight the differences in handling.
BUG: 37540672
* Change division and mod ops to relocatables
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/28600 ]
This is similar to I2dad1028acf295288cd10817a2bcff2513c053c9.
We should be using the relocatable functions instead of the
native division and mod operations.
* Cleanup Encrypted ClientID in provisioning request
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28083 ]
b/36897239
Staging server does not support it (or the client is not constructing
it properly). Leave it disabled pending investigation.
* Certificate Provisioning fixes.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28066 ]
Partial fix for BUG: 37482676
Partial fix for BUG: 37481392
Update service certificates, get rid of DEV/QA root certificate.
Provisioning request and response are base64 (web-safe) encoded.
Response is optionally JSON-wrapped.
Change ConfigTestEnv; clearer comments and a closer match to reality.
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I79d3c4bf1124e5e0d3e4d40baead65a8266ea874
Below are a set of CLs being merged from the wv cdm repo to the android repo.
* Fix handling of OEM Cert public key.
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/27921 ]
This is a potential fix for b/36656190. Set aside public
key on first call to get the public key, and use it afterwards.
This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(),
which has side-effect of staging the OEM private key.
This also fixes a problem where the public cert string was
not being trimmed to match the size returned by
OEMCrypto_GetOEMPublicCertificate().
* Complete provisioning request/response for Provisioning 3.0
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Fix bug on provisioning request path where GenerateDerivedKeys()
was being called when preparing to generate the signature.
Add message signature verification, and call correct OEMCrypto
routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30).
* Implement Cdm::deleteAllUsageRecords()
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Delete all usage records for current origin. Removes usage
records from file system and retains the PSTs. The deletes
any usage entries matching those PSTs held by OEMCrypto.
BUG: 35319024
* Remove stringencoders library from third_party.
Author: Jacob Trimble <modmaker@google.com>
[ Merge of http://go/wvgerrit/27585 ]
We have a fork of the stringencoders library that we use for base64
encoding. This reimplements base64 encoding to remove the extra
dependency and to reduce the amount of code.
* Add Cdm::deleteUsageRecord() based on key_set_id.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27605 ]
Delete specified usage record from file system usage info and
from OEMCrypto.
BUG: 35319024
* Modifiable OEMCrypto
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/24729 ]
This CL adds a new variant of the OEMCrypto mock code that adjusts its
behavior based on a configuration file. This is intended for
testing.
For example, a tester can set current_hdcp to 2 in the options.txt
file, push it to the device, and verify that a license is granted for
HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and
push the file to the device. Playback should stop because the license
is no longer valid.
This variant uses a real level 1 liboemcrypto.so to push data to a
secure buffer. That means we can test playback for a license that
requires secure buffers on an Android device with real secure buffers.
BUG: 35141278
BUG: 37353534
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I58443c510919e992bb455192e70373490a00e2b6
[ Merge of http://go/wvgerrit/23360 ]
Service Certificates are used in two places, provisioning and
licensing. The service certificate code depended on a session_id
to get and set the service certificate properties, but the session_id
was not available in the provisioning path.
This patch pulls out the property lookup by session_id dependency,
and passes the CdmImpl's property_set into the provisioning code, so
the service certificate can be read and written there.
Bug: 62972441
Test: WV unit/integration tests. This introduces three test failures
* WvCdmRequestLicenseTest.PrivacyModeWithServiceCertificateTest
* Cdm/WvCdmStreamingLicenseRenewalTest.WithClientId/4
* Cdm/WvCdmOfflineLicenseReleaseTest.WithClientId/3
Change-Id: I6e9d4e23a9e7e81a63a994db8ec0b443893449a6
[ Merge of http://go/wvgerrit/29004 ]
Enable support for provisioning with OEM certificates as root of
trust.
b/62972441
Test: WV unit/intgration test and cdm_feature_test
Change-Id: I30576fc0bb68a873eeaaca03f6b9c89fa6a14327
The methods on WvContentDecryptionModule related to UsageInfo (Secure
Stops) do not work if kDefaultCdmIdentifier has not been provisioned.
This can occur if an app provisions and uses an origin without any app
on that device ever provisioning the default origin. More concerningly,
this will happen 100% of the time on SPOID-using devices, as there is no
way to provision the default identifier on these devices.
The fix is to pass the current identifier to these methods so that they
do not have to use kDefaultCdmIdentifier.
Test: build_and_run_all_unit_tests.sh
Test: WV GTS Tests
Bug: 62431478
Change-Id: I92a8b4acb69c964abe8129bccf2ff48a66c4a9e0
[ Merge from http://go/wvgerrit/27261/ ]
Sessions created to release keys are periodically cleaned up if the
key release operation does not complete within a specific
amount of time. If other sessions are open, they will be released
through the timer thread. This would result in deadlock as a mutex
was taken twice.
Test: Verified by cdm_extended_duration_test
(AutomatedOfflineSessionReleaseOnOpenSession and
AutomatedOfflineSessionReleaseOnTimerEvent tests)
b/37546078
Change-Id: I7d45f939bdce77e5db461a401364da4f42c1c034
[ Merge of http://go/wvgerrit/26201 ]
Race conditions arose when a session was closed while data was
still queued for decryption in MediaCodec buffers. If a session
is closed while data is still queued for decryption, subsequent
decryption requests will be rejected with a CryptoException
ERROR_SESSION_NOT_OPENED.
Test: Verified by wv unit/integration test and
WvCdmExtendedDurationTest.DecryptionCloseSessionConcurrencyTest
b/36747801
Change-Id: I044d1d6b9fc886a1c353d20b9c6365319aa71e80
[ Merge of http://go/wvgerrit/23742 ]
In OEMCrypto V13, usage table header and usage entries are stored in
persistent non-secure storage and loaded and unloaded from the TEE.
Information needs to be maintained to assist finding the associated license
or usage information. This information has been revised for usage information
to use key set id and usage info file name rather than provider session
token and app id.
The app id is stored in a hashed form (usage info file name) and was not
extractable during the upgrade process to OEMCrypto V13. Due to this
DeviceFiles UsageInfo routines have switched to use usage info file name
rather than app id as a key.
b/34327459
Test: Verified by unit/integration tests on angler
Change-Id: I95aa0435d0955c61fc45b951f5b5d44de2ba5cfc
(This is a merge of go/wvgerrit/23182)
This patch adds the framework for Stable Per-Origin Identifiers to the
CDM. Calculating SPOIDs will be done on the client-side, and they are
sent as part of the provisioning request. SPOIDs are also available to
the app as the Device Unique ID, replacing the previous method of
returning the actual Device Unique ID from the keybox / OEM certificate.
Different SPOIDs must use separate storage, just as different origins
already do. Support for this has been added to the Android adapter to the
CDM Core. However, the code in the Android glue layer that would drive
this behavior will be checked in in a separate change. As such, all
Android devices will continue using the legacy behavior even after this
patch goes in, until the glue layer code can be updated.
Bug: 27101531
Test: CE CDM Unit Tests
Test: Linux Jenkins Unit Tests
Test: Android Unit Tests (with and without SPOIDs forced on)
Test: Android GTS Tests
Change-Id: Ia0caf890381cbcb97504d08b19aeab8b29bd07ae
Merge from Widevine repo of http://go/wvgerrit/23044
On some platforms, the compiler will not pack structures. This CL
replaces the OECrypto_PST_Report packed structure with a simple buffer
of uint8_t. This changes the signature of OEMCrypto_ReportUsage as
part of OEMCrypto v13.
There is also a new wrapper class that test code, the mock, and debug
code can use to access data in the report.
The old packed structure definition is moved to the level 3, where we
use a compiler that packs sructs when asked nicely.
arm/libwvlevel3.a Level3 Library 4445 Jan 20 2017 11:29:15
x86/libwvlevel3.a Level3 Library 4464 Jan 20 2017 11:10:49
mips/libwvlevel3.a Level3 Library 4465 Jan 20 2017 10:56:08
b/32180083
Change-Id: Ie138f034cb12780a2f8636888cebf022c52169e5
Merge from Widevine repo of http://go/wvgerrit/22963
This change kInactive to kInactiveUsed and adds kInactiveUnused to the
possible values for the status field in the Usage Report. This CL
updates the header, the unit tests, and haystack and reference code.
b/32714323
Change-Id: If8d8e32ea1e3dc18da34e5fae35f578b027de9c7
* CDM license protocol updates
[ Merge of http://go/wvgerrit/22789 ]
No functional changes (yet) - all tests in widevine_ce_cdm_unittest
run successfully.
* Address android test build failures
[ Merge of http://go/wvgerrit/22983 ]
Updates to the license_protocol.proto in go/wvgerrit/22789
did not include the integration tests for android.
b/34202048
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: Ib9041d397187859b8fcbc1b1f7d275f8c4ef6aba
