4192c3d04c444c2d0ba080fae7e1113b970d1a00
25 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Rahul Frias
|
0163607fa3 |
Revert of "Prevent race conditions between decrypt and close session"
[ Original CL http://ag/3890635, Merge of http://go/wvgerrit/50340 ] The original fix was not sufficient to address all race conditions. A subsequent CL will address them. Bug: 73781703 Bug: 79158083 Bug: 79262108 Test: WV unit/integration tests, GTS GtsMediaTestCases tests and 24 hours of continuous Netflix playback. Change-Id: I869c22a250e2467b3d49935815e4157dc012fff5 |
||
|
Rahul Frias
|
07bb4de042 |
Prevent race conditions between decrypt and close session
[ Merge of http://go/wvgerrit/47520 ] Bug: 73781703 Test: WV unit/integration tests, GTS GtsMediaTestCases tests and AUPT tests. Change-Id: I618ed8ca38855aecdb31e829a7f4041cbd505a02 |
||
|
Fred Gylys-Colwell
|
1a25cbdad6 |
Update Copyright
Merge from Widevine repo of http://go/wvgerrit/47860 This CL updates the copyright notice to indicate that files shared with partners are shared under the Widevine Master License Agreement. bug: 77926774 test: comment change only Change-Id: I0423668111578b80fb39a932d763df2827e2dfc3 |
||
|
Rahul Frias
|
d102f8a4d2 |
Correct exception returned after RemoveKeys is called.
[ Merge of http://go/wvgerrit/47065 ] RemoveKeys now resets associated crypto and policy resources, rather than just closing the crypto session. This results in a MediaCodec.CryptoException with error code ERROR_NO_KEY rather than ERROR_SESSION_NOT_OPENED, if decrypt is called afterwards. Error SESSION_NOT_FOUND_FOR_DECRYPT is made unique. Error codes were also synchonized between various branches in the widevine repo. Bug: 77304819 Test: WV unit/integration tests, VtsHalDrmV1_0Target tests Change-Id: I6cba2a3e1ce466d58c7727cde2d8f81d9503d655 |
||
|
Rahul Frias
|
f0cd22d4f4 |
Address failures when provisioning methods differ
[ Merge of http://go/wvgerrit/46907 ] The WV client supports root of trusts as keyboxes or OEM certificates. Devices with keyboxes use provisioning 2.0 protocol to provision while those with OEM certificates use 3.0. L3 provisioning failures occur if the L1 and L3 root of trusts differ. The provisioning method is now retrieved and cached when the security level is known, when the session is opened. Earlier it was retrieved and cached at initialization time and always set to the value of L1 OEMCrypto (if present). This led to provisioning failures. A case of acquiring a lock while one was held in GetProvisioningId() has also fixed. Bug: 77606913 Test: WV unit/integration tests Change-Id: I2d66ee2cf64f846cec4a37fbccb554447c8a0e1d |
||
|
Rahul Frias
|
d7d8940174 |
Recovery from usage info corruption
[ Merge of http://go/wvgerrit/46623 ] If corruption of the usage information file is detected while saving a streaming license with a PST, usage information file is deleted, so that a subsequent load keys may succeed. Also when calling the MediaDrm API releaseAllSecureStops(), an error would be returned if usage info file was corrupted. Since this file is deleted successfully, errors have been replaced with warnings. Bug: 73447733 Test: wv unit/integration tests Change-Id: Ie4a63ac202fd6009609105f38ffa8a3b23ed334e |
||
|
Edwin Wong
|
bc66aebfe2 |
Upgrade widevine HIDL service to v1.1.
Merged from http://go/wvgerrit/44803. Upgrade HIDL service to v1.1 and implements new 1.1 media API. Test: Netflix and Play Movies & TV streaming and offline playback Test: GTS WidevineH264PlaybackTests test e.g. ANDROID_BUILD_TOP= ./android-gts/tools/gts-tradefed run gts -m GtsMediaTestCases --test com.google.android.media.gts.WidevineH264PlaybackTests#testL1With480P30 Test: GTS MediaDrmTest tests e.g. ANDROID_BUILD_TOP= ./android-gts/tools/gts-tradefed run gts -m GtsMediaTestCases --test com.google.android.media.gts.MediaDrmTest#testWidevineApi28 Test: unit tests bug: 69674645 Change-Id: I91e7e43f9178b61a531e846beffb5f5c17050a3c |
||
|
Rahul Frias
|
1d9a16c3b9 |
Rename ReleaseAllUsageInfo to RemoveAllUsageInfo
[ Merge of http://go/wvgerrit/44920 ] Bug: 69674645 Test: WV unit and integration tests Change-Id: Iee6e60b9dd20a8ed087c5e44924aa1c05f640920 |
||
|
Jeff Tinker
|
6a4abc15fe |
Remove error code INVALID_QUERY_STATUS
CdmEngine::QueryStatus was mapping all error codes
returned from crypto_session.Open to INVALID_QUERY_STATUS
which caused important failure information to be lost.
The GTS DrmSessionManagerTest test was failing as a
result, because session reclaiming no longer worked.
merge of http://go/wvgerrit/44800
bug:72705384
test:gts DrmSessionManagerTest
Change-Id: Id404a18b8f66cf6137b69f6b4e1bdd7004706a0c
(cherry picked from commit
|
||
|
Rahul Frias
|
fe2c777a8e |
Disambiguate INSUFFICIENT_CRYPTO_RESOURCES errors
[ Merge of http://go/wvgerrit/43281 ] Bug: 73164325 Test: WV unit/integration test, playback tests using Netflix and Play Movies. Change-Id: Ifc3dd8863da1616eb4a7df35ad010f53b6d5e3d2 |
||
|
Adam Stone
|
795cf8a624 |
Revise a few metrics and add unit tests.
This is a merge of Widevine cl 39040. A few of the metrics were not implemented, or implemented incorrectly in O MR1. This cleans them up Bug: 64001676 Test: Re-ran unit tests and added some additional tests. GPlay Movies check. Change-Id: I1e8bcc36fecd76e72d853306075bc46d82f45161 |
||
|
Rahul Frias
|
aac1439dea |
Merges to android Pi release (part 12)
These are a set of CLs merged from the wv cdm repo to the android repo. * Correct error logging Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/40000 ] In tests, we set the cipher list to avoid using insecure ciphers when connecting to the provisioning/license service. The result of setting the cipher list was being incorrectly validated. Bug: 64847919 * Move mips cache headers to clear_cache_function.h Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39700 ] Since the clear_cache function has been moved away from the dynamic adapter, we need these conditional includes to be migrated as well for MIPS. * Comment out Level 3 debug call until merge Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39761 ] This call was introduced in go/wvgerrit/34260/. Since the haystack tool in google3 still needs this merge, this should be commented out so the tool can still build until the merge has finished. * Add logging for MAC keys to mock Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39740 ] Bug: 70637842 * Move external interfaces into level3.h + refactor Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39673 ] As part of b/70523618, this CL moves interfaces that partners are responsible for in Level 3 to level3.h so they can be visible as part of the CDM release process. It also cleans up some of the names of the files and adds documentation. * Corrected close session logging level Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/39676 ] Bug: 69460963 * Remove Security Level Path Backward Compatibility Support Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/39505 ] From the android K release onwards certificates were stored in security level specific directories. If upgrading from previous releases persistent information needed to be moved to those directories. Since no device is likely to upgrade from J to Pi, comptibility support can be removed. Bug: 70160032 * Rename privacy_crypto_openssl To privacy_crypto_boringssl Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37122 ] Now that we no longer support OpenSSL in the Shared Source CDM, the name of this file can be updated. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Remove Conditional Compilation from OpenSSL/BoringSSL Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/39460 ] This change removes the usages of conditional compilation to support both BoringSSL and OpenSSL, as well as to support multiple versions of the OpenSSL API. All code is now compiled against one of the two versions of BoringSSL in third_party/. Note that in some cases, the kit/ and legacy_kit/ versions of BoringSSL had different APIs, so when removing the OpenSSL version compatibility conditional compilation, sometimes the older branch was kept and sometimes the newer branch was kept. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Build CE & Jenkins CDMs With BoringSSL from third_party/ Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37120 ] Up until now, integrators have been responsible for providing a compatible crypto library for use by the CE CDM. (either OpenSSL or BoringSSL) After this change, this decision will no longer be in their hands. The CE CDM build will always use the copy of BoringSSL in third_party/, which will be statically linked with our library with hidden visibility. This allows us to better control what crypto library we use and will prevent continuing problems with trying to support both OpenSSL and BoringSSL. Unfortunately, BoringSSL began using C++11 in mid-2017, and we can't support C++11 right now. Until we can, we need to use a C++11-free version of BoringSSL for libssl. The CDM itself will continue to use a recent BoringSSL, as it only needs libcrypto. But the unit tests that need libssl have to use the legacy version. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Modified RNG for Level3 to use more entropy Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39220 ] Bug: 65165076 Modified seed generation to use an xor of clock_gettime and client-implemented code to supply random seeds to the RNG. Modified the RNG as well to use xoroshiro128+ instead of xorshift, since it uses more than one seed/state (which are 64-bit) and has higher "statistical quality". The default implementations for the seed generation use /dev/urandom. * Configure base path for Level3FileSystem Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39506 ] This is in response to b/70354006. This change makes the Android Level3FileSystem use the existing properties method GetDevicesFilesBasePath for binderization. The same is done for the Linux implementation. * Add legacy_kit/ to BoringSSL Directory Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/38861 ] This adds a second copy of BoringSSL to the third_party/boringssl/ directory. This second copy is pinned to the last revision of BoringSSL not to require C++11 and is not updated by the UPDATE_BORINGSSL.sh script. This second copy will be used to provide libssl to the tests on devices that do not support C++11. Once we support C++11 in the CDM again, this weight should be removed and all targets should use the copy of BoringSSL in the kit/ directory. Bug: 67907873 * Use Shared Libraries for Unit Tests Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/38860 ] Some unit tests were using a statically-linked CDM instead of a dynamically-linked one. (Or, in one case, trying to link both ways into the same binary.) For now, we need to only link dynamically, so that the unit tests and the CDM can use different versions of BoringSSL. Long-term, we would like to test both kinds of linkage. (See b/69548115 for that.) Some unit tests were also using a dynamicaly-linked CDM that was named such that it appeared to be statically-linked. This patch renames some targets to make the linkage clearer. Bug: 67907873 * Change CDM_Backwards_Compatiblity_Tests to dedicated brances Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/39003 ] The build scripts used by CDM_Backwards_Compatiblity_Tests now pull old versions of oemcrypto from the dedicated branches oemcrypto-v*, which [will eventually] contain old oemcrypto versions, that build with the current build system with a current boringssl version. bug: 67907873 * Fix spacing on level3 header Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/38760 ] * Correct Query status calls Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38640 ] Bug: 70160032 * Refactoring to allow encryption of client ID Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/37460 ] The code has been restructured to allow encryption of client identification in provisioning requests. This will be enabled when server side changes have been made (b/69427217). * Additional information is included in the Client Identification portion of the provisioning request. * Client identification will be encrypted with a service certificate provided by the app/client. Platform changes to enable passing this to core are needed. If a service certificate is not provided, a default one associated with the production Keysmith will be used. * Switched APIs in CdmEngine to take a service certificate for provisioning rather than licensing. Service certificates for licensing are session based and passed as properties from platform code. Bug: 30737060 * Allow some CDM errors to be reported from multiple locations Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38360 ] This creates some CdmResponseType errors which may be reused PARAMETER_NULL, NOT_INITIALIZED_ERROR, REINIT_ERROR. I have made changes to a few classes to report these errors. Will work on additional classes in a separate CL. Bug: 69864404 BUG: 71650075 Test: WV Unit/integration tests Change-Id: Icc048770d424ac537d11ff327cda2cb142da802d |
||
|
Rahul Frias
|
5d690be108 |
Merges to android Pi release (part 11)
These are a set of CLs merged from the wv cdm repo to the android repo. * Get System ID From OEM Cert Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37940 ] (This is a merge of http://go/wvgerrit/30220 . However, it has been significantly modified in the merge due to needing to support both OpenSSL and BoringSSL.) Previously, extracting the system ID was only supported on Keybox-based systems. This patch adds support for extracting the system ID from the OEM Certificate chain on Provisioning 3.0 devices. This is done by getting the Widevine intermediate cert from the chain, finding the Widevine System ID extension in that cert, and extracting the value. The code that does the extraction is separate from any code that calls OEMCrypto so that it can be unit-tested in isolation. This patch adds a crypto_session_unittest test to do this unit-testing. Bug: 34776194 Test: crypto_session_unittest Test: widevine_ce_cdm_unittest * Remove unique_ptr from oemcrypto mod mock Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/38500 ] Because we can't have C++11. Bug: 69935608 * Update CHANGELOG.md Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/38460 ] - Add items about adapter support. - Add mention of SRM support. Merged from cdm_partner_3.5 (Change-Id: I6d891e157edc3afb2797bf281ef3f06bdb8fe474) * Add Adapter for OEMCrypto v13 to v12. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/38440 ] Also fix OEMCrypto_LoadKeys() definition broken by wvcl/38160 (srm_requirement param). * Allow certain warnings in protobuf build. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/38424 ] maybe-uninitialized is triggered in release build. Allow it. * Enable -fPIC for jsmc.c build. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/38423 ] -fPIC was removed for common c/c++ build rules. Add it back. * Missing OEMCrypto_LoadKeys param in static adapter. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/38422 ] srm_requirement param was omitted in v11 static adapter. * Remove OEMCrypto v12 specification. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/38421 ] * Update documentation for v3.5. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/38420 ] * Added padded preprov key for 7880 Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/36924 ] Bug: 68765915 * Change overrides in CE L3FileSystem Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/38380 ] The 'override's are changed to the macro defined in override.h to be gnu++98 compliant. * Use source android level3 + add cache_flush call Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/37900 ] I put both changes in this CL since I have to generate Level3 libraries for both anyways. The first change involves shifting from using a prebuilt static library to using an obfuscated source library output from the Haystack tool on google3. The second change is from here: https://critique.corp.google.com/#review/176536782, and addresses b/69387416. Since the cache_flush function wasn't being used, the execution on Angler gave inconsistent segfaults, which this CL fixes. Verified on Angler, Sailfish, and Linux. 11/27/17: Added mips and mips64 libraries. * Make CDM result codes constexprs Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38280 ] The values in the enumeration list of CdmResponseType error codes were earlier implicit. Comments were added to denote the actual values. This changes to make it fixed values, which makes it slightly more error prone, but cleaner when errors are retired. * Change watchdog timer to 2 minutes [ Merge of http://go/wvgerrit/36340 ] This relaxes the watchdog timer around the level 3 oemcrypto initialization to 120 seconds. There are also a couple of new log messages at the end of initialization and at termination. Library for arm updated: level3/arm/libwvlevel3.a Level3 Library 4445 Oct 4 2017 17:06:25 Bug: 65379279 Merged from https://widevine-internal-review.googlesource.com/35480 * Add test to get service certificate from server. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/37780 ] This was extracted from Ic38dd27d06dc7528ae4cd995da4261fe6c34ad55 * Add watch dog timer to OEMCrypto L3 commit ec624ea483cbf8fb3d4e8f393bc25c90a0e29d4b Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/34260 ] This code adds a watchdog timer to the level 3 initialization. If initialization does not finish within 5 seconds, the process will abort, printing a small amount of debugging information. arm/libwvlevel3.a Level3 Library 4445 Sep 11 2017 14:05:15 Test: unit tests on bullhead. Video on Play Movies. GTS tests run on loop overnight. Bug: 65379279 Merged from https://widevine-internal-review.googlesource.com/33540 * Remove libwidevinehidl_utils dependency Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/37822 ] libwvdrmcryptoplugin_hidl has a dependency on libwidevinehidl_utils which was introduced due to an out of order merge from oc-mr1-dev to master. Bug: 69573113 * Automatically generate log location information Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36563 ] Currently class and method names are manually added to each log message in the CDM on android and some other platforms. This change prepends log messages with file name, line number and function name automatically. The code is platform specific so it can be enabled and the precise format configured on a per-platform basis. As an example, here is a log on android before the change, 11-01 02:48:48.658 D/WVCdm (32198): CryptoSession::Open: Lock: requested_security_level: Default and after, 11-01 02:48:48.658 D/WVCdm (32198): [crypto_session.cpp(1108):Open] Lock: requested_security_level: Default A follow on CL will remove the manually added class/method information. Bug: 9261010 * Fix BoringSSL Compatibility of oec_session_util.cpp Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37121 ] A previous change inadvertantly used APIs from OpenSSL that do not exist in BoringSSL in oec_session_util.cpp. As a temporary fix until we can move all targets to BoringSSL, this patch switches that file to use conditional compilation to choose the correct API depending on the library in use. It does not otherwise change the behavior of the file. Bug: 67908123 Test: wv_ce_cdm_unittest on x86-64 Test: linux_unit_tests * Create local shared_ptr implementation Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/37600 ] Derived from protobuf version, which came from google3. Removed locking (not thread-safe) and removed weak pointers (not needed for usages in CDM). Locking can easily be added if needed. * Revert C++11 usage - back to gnu++98 Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/37440 ] These changes roll back C++11-specific constructs: std::unique_ptr -> std::auto_ptr container initializers nullptr -> NULL std::shared_ptr to local shared_ptr compiler flags (-std=c++11 -> -sdt=gnu++98) NOTE: the "local" shared_ptr implementation is temporarily a direct reference to the shared_ptr implementation in third_party/protobuf. This has been fixed (implementation extracted and moved to core/include) in CL 37600. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: Ie09ecb970aa06fe9301ac255375ca7d8e7ead8bc |
||
|
Rahul Frias
|
8b416ae165 |
Merges to android Pi release (part 10)
These are a set of CLs merged from the wv cdm repo to the android repo. * Level3 cleanup for SHA + field provision headers Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/37581 ] Moved some redundant macro and struct definitions out of hmac.cpp and sha.cpp into a separate header file to make the build easier and cleaner. Also cleaned up unnecessary includes and method signatures in field_provision.h. * Address CDM_All_Tests failures Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/37580 ] CDM engine tests for CE CDM occasionally fails when CDM_All_Tests is run by the build server. The failures are due to a nonce generation error. If provisioning fails due to a nonce generation error, a delay followed by a retry will be attempted. * Update OEMCrypto version to 13 in cdm.gyp Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/37520 ] * Use per-session service certificates for licensing Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/37260 ] These changes allow for service certificates to be specified on a per-session basis rather than use one common to a CdmEngine instance. This also allows for a service certificate request and response handling when allowed on the platform, when privacy mode is enabled and a service certificate is not provided. Request license tests accept a service certificate command line parameter in hex (ascii). Earlier it expected it in binary. Bug: 68328352 * Refactor service certificate parsing Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/37060 ] Service certificates may still be set in CdmEngine but service certificate requests and responses have been moved from CdmEngine to ServiceCertificate. This allows them to be called from lower in the heirarchy (a class that CdmEngine depends on). Bug: 68328352 * Revert "C++11: Replace OVERRIDE def with override keyword" Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/37020 ] This reverts commit 2d3fb5c4c8f4cf5c986ee43723914a23cf76e8f0. * Modified scripts/makefiles for L3 build Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/37220 ] Changed build-android-haystack.sh and make_fastball_libwvlevel3.sh to build using the new liboemcrypto.cpp file. Also changed makefiles to build using the new file. Renamed liboemcrypto.cc to liboemcrypto.cpp to make it consistent across android and CE CDM. Added static libraries that were rebuilt using this change. * Added android implementations for Level3 Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/37181 ] Moved getUniqueID and added Level3FileSystem implementations for android. Also deleted redundant and unnecessary methods from anroid_keybox.cpp. * Refactored getUniqueID and updated libl3oemcrypto.cc Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/37160 ] Renamed getUniqueID header and added comments to make it clear what the function is doing. Also removed obfuscation of the method name since it is implemented by the partner. Updated the libl3oemcrypto.cc file to reflect the change as well as be obfuscated. * Moved clear_cache function out of entry_points Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/37040 ] clear_cache function is unobfuscated and relies on compiler flags to work properly, and therefore should be removed from the libl3oemcrypto.cpp file and linked during the final build. * Minor gyp changes and added L3 build file Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/36480 ] Gyp changes to cdm_unittests.gyp to make the test Level3FileSystem build only on a level3 build and to oec_level3.gyp to be compatible with the changes to the x86-64 platform settings changes (and to use -Wno-unused to catch all unused warnings the libl3oemcrypto.cc might cause). This change also includes an x86-64 libl3oemcrypto.cc so a Level3 OEMCrypto can build. * Merge CE & Linux file system/factory + dynamic adapter changes Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/36220 ] This CL merges the changes from I27f5037e4fcea94abd84181f55053843b68f3e8d - it adds the CE implementation for the file system, as well as the factory methods needed to build the file system (and their implementations for both CE and linux). As part of the merge, since the Linux build relies on the dynamic adapter, that was fixed and gyp changes were made to reflect the change. * Cherry pick change to retrieve/save provisioning cert Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/30000 ] This is cherry pick from level3-dev-3.3 of a merge of I4f5dc5c216fa916e0bca0631c4ceda68859baf1d to save the certificate for future tests with the current test host setup. * Merged changes of usage/linux impl of L3FileSystem Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/35541 ] This is a merge of change I15d38b3c36933d061d168e0ec30bcefd0182f32d. It also adds a similar change in usage of L3FileSystem write for a line in usage_table.cpp. * Add cdm build changes for new Level3 build Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/34600 ] Original CL: Ib611cf8a8589afa5cd25d6dc5b0aa43922cfda1e Adds level3 oemcrypto library for static adapter. Includes changes to gyp files to choose between oemcrypto libraries. Also includes changes to the dynamic adapter, level3 headers, and entry_points to be compatible with the function signature differences when using the static adapter. * Merge OEMCrypto Level3FileSystem interface Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/34541 ] This merges in the interface for the Level3FileSystem object from level3_dev_3.3 as well as the linux implementation. Furthermore, this merge includes changes in properties and gyp files to allow compilation. The associated changes are I3f1c58f0e3782de0669a96725a38673a26cc1a49, I9fb2d10b0f966896bea685166c6b6b2e33c995dd, and I4c87a5412a8a022fa9cfba43f33bd4d683e61536. * Merged misc. changes to Level3 files Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/33303 ] Continuation of I03d3aa1a308f2f010dcb6f5e15f927e81e42925b. These changes are miscellaneous changes from level3-dev-3.3 involving include statements, Caligo compatibility, and new Level3 signatures from changes Ibc5befd492b295970e839f3481e2b512b52dcb08 and If599e62c72b5eb40c53633cd72a4d20dc859ee52. * Merged change involving getUniqueId() Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/33302 ] This is a merge from level3-dev-3.3. This change (Ibc5befd492b295970e839f3481e2b512b52dcb08) involves separating out the method getUniqueId() from the linux_ and android_keybox.cpp. This was done so that clients can supply the necessary implementation for the method. * Merged needle file changes from level3-dev-3.3 Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/33301 ] Continuation of I3dbf34bab526945720280f819dd3212ae982d2f7. These are changes (Ibc5befd492b295970e839f3481e2b512b52dcb08) involving the compiled needles for Haystack. Major changes include function signature changes, adding non-state needles automatically, and include statements. * Merged keybox/usage table access and function sigs Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/33300 ] These are changes from level3-dev-3.3. They involve changing function signatures/include files for the new Haystack runtime (Ibc5befd492b295970e839f3481e2b512b52dcb08). They are also related to change I0285e6d85e80b06b7df1ed298cd1145a6c9c4842. Keybox and usage table file names are replaced with constant needles. Furthermore, a state needle was added that removes the OldUsageTable file. In addition, this CL includes removals of method references that are now stale due to the introduction of change I9fb2d10b0f966896bea685166c6b6b2e33c995dd. * Android unit test build fixes Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/37380 ] Removed crypto_session_unittest from build script (introduced in http://go/wvgerrit/32824), since crypto_session.cpp requires some changes to be merged over from oc-mr1-dev (b/64456400). Added oemcrypto_session_tests_helper.cpp to the oemcrypto test makefile so the oemcrypto unit tests can link in the methods from the refactor in http://go/wvgerrit/36562. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I7e45901a151e51da96d192d359edddc5fe74946e |
||
|
Rahul Frias
|
1884cf738e |
Merges to android Pi release (part 8)
These are a set of CLs merged from the wv cdm repo to the android repo. * Android build fixes Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36322 ] * Address android compilation errors and warnings Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36300 ] * Gyp cleanup and OpenSSL v10.1 support. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/36001 ] OpenSSL 10.1 has a small number of incompatible changes. A desktop system upgrade exposed some issue in the build scripts. Specifically, the linux build was using both third_party/protobufs (2.6.1) and the version installed on the system (3.0 in this case). The linux cdm.gyp depended on cdm/cdm.gyp which caused that plus some additional issues. These changes are necessary to support g++ version: g++ (Debian 6.3.0-18) 6.3.0 20170516 Also did some cosmetic rework on run_current_tests to make it easier to figure out what is going on when something fails. Also tweaked some of the compiler settings for g++ support (revisit this later). * Refactored Service Certificate encryption to allow encryption of arbitrary data. Author: Thomas Inskip <tinskip@google.com> [ Merge of http://go/wvgerrit/36141 ] * Send cdm test requests to UAT. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36221 ] This change resolves the all of the CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer tests. The license servers will return different keys and keyids. Sending the request to staging returned key ids and keys that were not matching what was expected in the unit tests. * Fix for building L3 OEMCrypto with clang and libc++ Author: yucliu <yucliu@google.com> [ Merge of http://go/wvgerrit/35740 ] 1. Include <time.h> for time(time_t*). 2. Create endian check union on stack. Clang may create const union somewhere else, which may cause crash. * Remove error result when a sublicense session does not exist. This is not considered an error. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36080 ] * Set default mock handler for GetSupportedCertificateTypes for all unit tests and removed the use of StrictMock from MockCryptoSession. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35922 ] The handler for this was only set for one test and resulted in a number of failures. * Set default handler for GetHdcpCapabilities. For now the default action is to call the real GetHdcpCapabilities of crypto_session. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36140 ] I also changed the mock to a NiceMock to silence responses to unexpected calls to GetHdcpCapabilities. The default handler can be overridden as needed in the individual tests. This resolves the policy engine test failures. * Finalize merge of cdm_partner_3.4 to master. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35360 ] This is the final set of updates to merge all v3.4.1 changes into master. * Embedded license: Sublicense rotation. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35360 ] Handle sublicense rotation event. * Embedded license: Initial license phase. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/34280 ] Initial license phase - key loading subsession. * Embedded license: generate session data. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33722 ] Generate session data and add it to the license request for any embedded license material. * Resolve missing symbol when building cd-cdm Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35840 ] * C++11: Replace OVERRIDE def with override keyword Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35400 ] BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c |
||
|
Rahul Frias
|
80659961ac |
Merges to android Pi release (part 7)
These are a set of CLs merged from the wv cdm repo to the android repo. * Resolve intermittent decrypt error. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35720 ] The CdmSession's closed state was not properly initialized resulting in intermittent SESSION_NOT_FOUND_FOR_DECRYPT errors. In CdmEngine::Decrypt the session is looked up by the key id. A list of open sessions is acquired by calling CdmSessionMap::GetSessionList and each session in the list is queried to see if it has the key. In building the list in CdmSessionMap::GetSessionList, sessions are only added to the query list *if* the session is not closed. The closed status was not initialized and during testing the query list would not contain the session causing CdmEngine::Decrypt to return SESSION_NOT_FOUND_FOR_DECRYPT resulting in the ce cdm api returning widevine::Cdm::kNoKey. * No support for pre- C++11 compilation. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35381 ] * Handle unaligned nonce pointer in RewrapDeviceRSAKey calls. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35340 ] The pointer points into a message and it may not be aligned. Always copy the nonce into aligned memory before checking it. BUG: 38140370 Add note to CHANGELOG for this. * Compiler strictness: more checks and code cleanup. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35300 ] Use the switches proposed in b/38033653 (as much as possible - some conflicts with protobufs and gtest prevent fully accepting them). Switch to clang for x32 build; ensure that both x86-64 and x86-32 builds compile and link cleanly. BUG: 38032429 BUG: 38033653 This partially resolves b/38458986 * Android build fixes Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/35102 ] These corrections address compile warnings and errors for android and unit tests. * Embedded License: Add sub license key sessions. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33680 ] NOTE: this adds the AddSubSession() method, but it is not yet being used. Use and proper cleanup is in an upcoming CL. * Embedded license: Add track label field. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33660 ] A new track label field (a string) is added to the key container and the sub session data objects. This field will be used in handling sub license requests. * Embedded license: extract keys from init_data. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33621 ] * Embedded license: add protobuf messages. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33620 ] also sync the widevine header definition with recent naming changes. * Improve handling of provisioning response errors. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/33600 ] Separate out the case of no response and the case where the message is believed to be a JSON+base64 message but it doesn't parse properly. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I3c86f1c54980b071aec7461ac58541836551f896 |
||
|
Rahul Frias
|
169d0b6cb6 |
Merges to android Pi release (part 4)
These are a set of CLs merged from the wv cdm repo to the android repo. * Correct RELEASE_ALL_USAGE_INFO_ERRORs Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/28742 ] RELEASE_ALL_USAGE_INFO_ERROR_4 and 5 were introduced and made use of in http://go/wvgerrit/24022 (branch: oc-dev). The error code definitions were merged over in http://go/wvgerrit/24602. When http://go/wvgerrit/24622 from cdm_partners_3.2 was merged to master (http://go/wvgerrit/27723) there was conflict in error codes. The error codes were adjusted to RELEASE_ALL_USAGE_INFO_ERROR_3 and 4 and were made use of. To avoid renaming the errors between oc-dev and master, new errors RELEASE_ALL_USAGE_INFO_ERROR_6 and 7 have been added to handle the scenarios noted in the merge from cdm_partner_3.2. The other errors have been reverted back to RELEASE_ALL_USAGE_INFO_ERROR_4 and 5. They will be used when http://go/wvgerrit/24602 is merged. * Address compilation issues Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/28740 ] These changes enable compilation of most of the cdm code on android expect for OEMCrypto unit tests (b/62739406) on wv master. * Add property for binary/base64 provisioning msgs. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28074 ] Property is "provisioning_messages_are_binary". Its default setting is false in the CE CDM, but it can be overridden by integrators. Added section to integration guide that discusses Provisioning Server message formats and the new property. Link: https://docs.google.com/document/d/1cBVbhgrajLpDe2W3_vzLzUqzpdDt73chvm4_sZlZlS8/edit#heading=h.hgxw53ddw7jo BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I9168193819974d1ff65d9a94dbd762e45ecc43ca |
||
|
Rahul Frias
|
387147dffe |
Merges to android Pi release (part 2)
These are a set of CLs merged from the wv cdm repo to the android repo. * Update service certificate. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28065 ] The updated service certificate fixes a number of failing tests. There are still some that fail, apparently due to mismatches with key set IDs and usage tables. Also updated QA server URL to point to QA proxy (although neither can be used by this client). Also fixed segfault in CdmTest.ListUsageRecords. * Add CDM APIs for Handling Service Certificates. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28064 ] The responsibility for managing Service Certificates has been moved out of the CDM. Instead, provide CDM and CdmEngine methods to generate a service certificate request message, and handle a service certificate response. The API client can use these calls if it needs to get the service certificate from the License Server. These functions assume the request and response are base64 (web-safe) encoded (see b/37481392). Not all servers are operating this way yet. Any adaptations for non-compliant servers is handled outside the CDM. See test WvCdmEnginePreProvTest::ServiceCertificateRequestResponse in cdm_engine_test.cpp for an example of this. These changes also eliminate the stored init_data and deferred license type which were used to perform a service certificate request during a license request. * Fix and rename ClosesSessionWithoutReturningError test. Author: Edwin Wong <edwinwong@google.com> [ Merge of http://go/wvgerrit/27880 ] ClosesSessionWithoutReturningError should not check for Status::OK since it is expecting an error code back. The test is renamed to ClosesSessionWithError. Test: libwvdrmdrmplugin_hidl_test BUG: 62205215 * Get rid of default service certificate. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27981 ] Instead, we need at least two service certs - one for the QA/Test servers, and one for UAT (and prod?) There are still some issues around the signature verififcation of the service cert, and in license_unittest.cpp, the use of the default service cert has been commented out. I don't know why this test needs a service cert. If it really does, then the same mechanism that is used elsewhere for selecting a specific server type will be needed here. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: Ieab815fb202c809ad5714cd0364c4bdfa068f77d |
||
|
Rahul Frias
|
0419b55222 |
Merges to android Pi release (part: 1)
Below are a set of CLs being merged from the wv cdm repo to the android repo. * Fix handling of OEM Cert public key. Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/27921 ] This is a potential fix for b/36656190. Set aside public key on first call to get the public key, and use it afterwards. This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(), which has side-effect of staging the OEM private key. This also fixes a problem where the public cert string was not being trimmed to match the size returned by OEMCrypto_GetOEMPublicCertificate(). * Complete provisioning request/response for Provisioning 3.0 Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27780 ] Fix bug on provisioning request path where GenerateDerivedKeys() was being called when preparing to generate the signature. Add message signature verification, and call correct OEMCrypto routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30). * Implement Cdm::deleteAllUsageRecords() Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27780 ] Delete all usage records for current origin. Removes usage records from file system and retains the PSTs. The deletes any usage entries matching those PSTs held by OEMCrypto. BUG: 35319024 * Remove stringencoders library from third_party. Author: Jacob Trimble <modmaker@google.com> [ Merge of http://go/wvgerrit/27585 ] We have a fork of the stringencoders library that we use for base64 encoding. This reimplements base64 encoding to remove the extra dependency and to reduce the amount of code. * Add Cdm::deleteUsageRecord() based on key_set_id. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27605 ] Delete specified usage record from file system usage info and from OEMCrypto. BUG: 35319024 * Modifiable OEMCrypto Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/24729 ] This CL adds a new variant of the OEMCrypto mock code that adjusts its behavior based on a configuration file. This is intended for testing. For example, a tester can set current_hdcp to 2 in the options.txt file, push it to the device, and verify that a license is granted for HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and push the file to the device. Playback should stop because the license is no longer valid. This variant uses a real level 1 liboemcrypto.so to push data to a secure buffer. That means we can test playback for a license that requires secure buffers on an Android device with real secure buffers. BUG: 35141278 BUG: 37353534 BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I58443c510919e992bb455192e70373490a00e2b6 |
||
|
Rahul Frias
|
a483c18c59 |
Provisioning 3.0: Changes to Provisioning and Service Certs.
[ Merge of http://go/wvgerrit/23360 ] Service Certificates are used in two places, provisioning and licensing. The service certificate code depended on a session_id to get and set the service certificate properties, but the session_id was not available in the provisioning path. This patch pulls out the property lookup by session_id dependency, and passes the CdmImpl's property_set into the provisioning code, so the service certificate can be read and written there. Bug: 62972441 Test: WV unit/integration tests. This introduces three test failures * WvCdmRequestLicenseTest.PrivacyModeWithServiceCertificateTest * Cdm/WvCdmStreamingLicenseRenewalTest.WithClientId/4 * Cdm/WvCdmOfflineLicenseReleaseTest.WithClientId/3 Change-Id: I6e9d4e23a9e7e81a63a994db8ec0b443893449a6 |
||
|
Rahul Frias
|
120c28cd9a |
Corrections when releasing usage information
[ Merge of http://go/wvgerrit/32940 ] Releasing usage entries may cause other entries to be moved or information updated. Instead of retrieving all entries once and trying to release them, refetch them after each release. Test: WV Unit/Integration tests Test: GTS tests (failures seen, but no additional failures due to this CL) Test: Playback testing using play movies and netflix. Bug: 65372189 Change-Id: I700e60834c7f711c9146dfd720f9cac014981311 |
||
|
Edwin Wong
|
485f11483c |
Replace toStatus indirection.
CdmResponseType are mapped to android::status_t, then map to hidl android::hardware::drm::V1_0::Status. This CL removes the indirection by mapping cdm errors to hidl Status. Test: Play Movies (pin and streaming) Test: Netflix (download and streaming) Test: libwvdrmmediacrypto_hidl_test and libwvdrmdrmplugin_hidl_test Test: GtsMediaTestCases module Test: Vts - VtsHalDrmV1_0Target bug: 34682447 Change-Id: I0b04f47871f5e4898e7297831d5fceab52e0f7f9 |
||
|
John W. Bruce
|
19947dfe6f |
Move SPOID Enable/Disable Logic Out of WVDrmPlugin
(This is a merge of http://go/wvgerrit/25580) While writing fixes for b/36660726, b/34716264, and b/36065223, it became clear that having the logic that checks whether the device supports SPOIDs embedded inside WVDrmPlugin was complicating its code and inhibiting testing of the class. By moving this check into the code that instantiates WVDrmPlugin, the result of the calculation can be independently tested while the tests for WVDrmPlugin can put it in whatever state they need for the sake of unit testing. As a consequence of this, the check on retrieving the "deviceUniqueId" byte array property, which was removed when SPOIDs were implemented, can be reinstated. Bug: 36660726 Bug: 34716264 Bug: 36065223 Test: libwvdrmdrmplugin_hidl_test & libwvdrmengine_hidl_test Change-Id: I961d2ee42bbdc42f0c324e36d9a74ac92205a437 |
||
|
Edwin Wong
|
d9e7070de7 |
Remove dependencies from frameworks C++ containers.
Replace AString, KeyedVector, List, String8 and Vector with stl containers. Remove corresponding frameworks libraries. Test: Play Movies & TV (streaming and pinning) Test: Netflix Test: unit tests bug: 34677927 Change-Id: I125f45054987d69bbca59c1ffdcbe8add38c3c13 |
||
|
Edwin Wong
|
2dc53442e7 |
Implement Widevine drm HIDL HAL service.
Modify Android mediadrm and mediacrypto glue layer to use HIDL interface. Test: Play Movies (streaming and offline playback) Test: ANDROID_BUILD_TOP= ./android-gts/tools/gts-tradefed run gts -m GtsMediaTestCases Test: adb shell /system/bin/libwvdrmengine_hidl_test Test: adb shell /system/bin/libwvdrmmediacrypto_hidl_test Test: adb shell /system/bin/libwvdrmdrmplugin_hidl_test bug: 34628973 Change-Id: Icd5f2dd556acb9874697963b4d7d62cb7c943e74 |