Merge from Widevine repo of http://go/wvgerrit/53980
The provisioning doc changed names, and I accidentally added the new one
without deleting the old one.
I also added a watermark to the newer one.
Change-Id: Ib6e553aa5222c0c59dc03a897229645d37e4189e
[ Merge of http://go/wvgerrit/52040 ]
Information stored in files are serialized and protected by an MD5 hash.
When files cannot be read because the MD5 hash computed over it
fails verification, the file is deleted. This allows for recovery.
However if the protobuf deserialization fails we return an error
but do not delete the file. When errors of this sort occur
with usage information files, the CDM cannot recover.
removeAllSecureStops() will fail as well and new licenses
with PSTs cannot be processed. In order to recover the file will
be deleted when a protobuf deserialization error occurs.
Bug: 109765590
Test: WV unit, integration tests. GTS tests. Netflix and Play Movies playback
Change-Id: I408914924e644d5c22b2ba7865d3a7d598788ee6
[ Merge of http://go/wvgerrit/51322 ]
This avoids taking the session_map_lock_ twice.
Bug: 80248149
Test: WV unit/integration tests, GtsMediaTestCases,
2 days of netflix playback.
Change-Id: Iea1c7b7ba08d7d40c227d21c5abfce13c0a8b395
Merge from Widevine repo of http://go/wvgerrit/49580
This document explains which version of OEMCrypto is compatible with
which version of CE CDM or Android. The intent is to share this on
all Widevine partner repos.
bug: 77637828
Change-Id: Id7db8f9cb5f2a5c6bf35dfecd2ae3b3fabd09c56
testing: documentation only
Merge from Widevine repo of http://go/wvgerrit/51081
Clarifies the Level 3 OEMCrypto library, talks about build files, and data
migration.
test: documentation only
bug: 74242000
Change-Id: Id1c9f9cb44f0b3e5bc084458b1d934b9fea18ac8
Some documentation updates.
Merge from Widevine repo of http://go/wvgerrit/50941
bug: 79940606 OEMCrypto_PST_Report are network byte order
bug: 79874942 [Documentation] PST_Report struct layout differs from documentation
bug: 74010869 CGMS Best Effort
test: documentation change only
Change-Id: I1e9149efcfa5d91c503b74e6776ebb8f25cda15c
(This is a merge of http://go/wvgerrit/51084)
Nominally, OEMCrypto probably shouldn't modify the buffer descriptor we
pass into OEMCrypto_DecryptCENC(), but in practice, we know some
platforms do this, so we make defensive copies in
CryptoSession::DecryptInChunks() just in case. Turns out, some devices
also behave like this in OEMCrypto_CopyBuffer(), so we should also be
doing defensive copies in CryptoSession::CopyBufferInChunks().
Bug: 79779554
Test: ExoPlayer Demo App, played "Secure Subsample UHD (WebM, VP9)"
Test: build_and_run_all_unit_tests.sh
Change-Id: Ib46043a6cc0aa42d1d1cc85f5adb477c566363e9
Merge from Widevine repo of http://go/wvgerrit/50600
The entry count was really 201 -- it should be 200.
test: This code is unit tests only -- no production code.
bug: 79875327
Change-Id: Ib81253ce9d51a7157ea0a64cddeb6cc266b3e25e
* changes:
Protect sessions from concurrent access.
Address concurrency failures between calls to decrypt and periodic timer
Revert of "Prevent race conditions between decrypt and close session"
Merge from Widevine repo of http://go/wvgerrit/50422
This CL adds unit tests to verify that a usage report can have the status
kInactiveUnused.
bug: 79556142
test: unit test code only
Change-Id: I10f71ac2e585ef33727aa8f80d867d80fe156ab8
Locks in earlier releases controlled access to sessions and the list
of sessions for each CdmEngine instance. This guarded against
concurrent access between session management (OpenSession,
CloseSession, etc), periodic timer calls and calls to Decrypt.
The list of sessions and locking was moved to a separate class
CdmSessionMap. This left open the possibility that a session
might be destructed, while being called to decrypt or invoked through the
timer. An attempt was made to add per-session locks in b/73781703
but this was found insufficient.
Per-session locks will be introduced in a future changelist, but for
now the coarser locks will be reintroduced.
Bug: 73781703
Bug: 79158083
Bug: 79262108
Bug: 79436509
Test: WV unit/integration tests, GTS GtsMediaTestCases tests and
24 hours of continuous Netflix playback.
Change-Id: I30a3ede340192370dfe5c92c01b1c76df16b7123
[ http://go/wvgerrit/50341 ]
The shared_ptr implementation was taken from a google3 implementation.
Updates to the reference counter needed to be atomic and were
platform dependent in the original code. These were not carried
over to this codebase. Race conditions between calls to decrypt and
the periodic timer, led to incorrect reference count values.
CdmSession objects were then destructed while references to
them still existed. Segfaults occurred when they were referenced.
Bug: 79431096
Test: WV unit/integration tests, GTS GtsMediaTestCases tests and
24 hours of continuous Netflix playback.
Change-Id: I6008ddba869efcc58972e5ea8644a204f91410ab
[ Original CL http://ag/3890635,
Merge of http://go/wvgerrit/50340 ]
The original fix was not sufficient to address all race conditions.
A subsequent CL will address them.
Bug: 73781703
Bug: 79158083
Bug: 79262108
Test: WV unit/integration tests, GTS GtsMediaTestCases tests and
24 hours of continuous Netflix playback.
Change-Id: I869c22a250e2467b3d49935815e4157dc012fff5
[ Merge of http://go/wvgerrit/49980 ]
This CL
* corrects some of the test expectations
* switches test content used to test streaming with provider session tokens.
The policy of the earlier test content had changed.
* adds some more information to log messages
Bug: 63819720
Test: WV unit, integration tests, WvCdmExtendedDuraionTest,
GtsMediaDrmTest
Change-Id: I8fdbc9c38d6018cc6e884e1b95b2e9d26e7aa536
This fixes Widevine's getMetrics call so that it will return vendor
metrics through the Drm plugin 1.1 interface.
Bug: 73724453
Test: New and existing unit tests. Updated and existing GTS. Google Play manual.
Change-Id: Ie35128dc80bd6eabf9e1f3b9c1800256af77bc51
Merge from Widevine repo of http://go/wvgerrit/49302
This CL adds some unit tests to verify that several OEMCrypto sessions
do not share nonce tables.
bug: 64850992
test: unit tests run on sailfish, taimen, and walleye.
Change-Id: I06cf3fdafb84f8b09cf2f0e58c1866bac511a293
Merge from Widevine repo of http://go/wvgerrit/49805
This aligns the oemcrypto reference code and unit tests to match the
API design doc: http://go/oemcrypto
bug: 79375509
test: unit tests pass
Change-Id: I13761a7384a17e99d88e61aaf80b4a22941fd172
[ Merge of http://go/wvgerrit/49822 ]
This avoids logging an unnecessary error, when the session is not found.
Bug: 79210873
Test: Wv unit/integration test, GtsMediaDrmTest, playback with Play
Movies and Netflix.
Change-Id: Ifef99d1380d763670ad0fa89c885fb5fd41567e2
Merge from Widevine repo of http://go/wvgerrit/47760
This CL adds a pdf of the document Widevine DRM Device Provisioning
Models, which explains the difference between Provisioning 2.0 and
3.0.
bug: http://b/74242000 Update Integration Guide
test: documentation only.
Change-Id: I64026ab4e93931adaa168d99939ee71d760e5862
[ Merge of http://go/wvgerrit/48640 ]
Usage information is saved periodically, in order to avoid excessive
flash writes. This limits our session usage accuracy to
within a usage save period. Saving usage information when
closing a session is an improvement and addresses some failures
seen with Netflix compliance tests.
Bug: 74015553
Test: WV unit/integration tests
Change-Id: I680aad05922f334df0611ff3933082a512f7c002
[ Merge of http://go/wvgerrit/48720 ]
The device ID does not need to be sent in the client identification
information as it is either present in other fields or ignored
by the license service.
This also allows for build information to be reported during
provisioning for devices with OEM certificates.
Bug: 78578351
Test: WV unit/integration tests. GtsMediaTestCases.
Change-Id: I708c63d34f0e2df7e465154d12096a394a1b23d7
[ Merge of http://go/wvgerrit/48400 ]
Client identification information has recently been enabled in
provisioning messages. For privacy concerns this information
is being encrypted with a default service certificate.
Apps need to be able to override the default one to allow
for provisioning with third party provisioning services.
Bug: 78420508
Test: WV unit, integration tests
New WvCdmRequestLicenseTest.ProvisioningTestWithServiceCertificate test
GTS MediaDrmTestCases
Change-Id: Iee61ad47d33ce011efbea4eb90f7e4b1f032d15f
Merge from http://go/wvgerrit/47640
Test: unit/integration tests
Bug: b/62058202
The usage table keeps track of license duration by using the current
system time. However, if a user were to rollback the time, they can
effectively continue offline playback indefinitely. This changes the way
we compute time by computing offsets by which the user rollbacked the
time and adding it to the current time. This change also includes a test
to verify protection against rollback for usage entries that is only run
when the user is root.
Change-Id: I97c430e1443747b0f9759ae5390b8f5d06bdebf1
[ Merge of http://go/wvgerrit/46760 ]
This enables encryption of client ID for provisioning requests for
devices with keyboxes as root of trust. Client ID will not be
provided for those devices with OEM device certificates as root of
trust. That will be addressed in b/78303730.
Bug: 77607585
Test: WV unit/integration tests. Tests with L3 using OEM certs
Change-Id: Id9bd697aa049bd5659ab80714e141dbc50408f6a
(This is a merge of http://go/wvgerrit/47990)
This is a test-only change.
Bug: 78117686
Test: VersionNumberTest.*
Change-Id: I4f53358fd6eacd498ddd1df7324084d0d4ae67fe
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
This change contains the original change go/ag/3819203 and a fix to the
deadlock that was seen on Marlin and Taimen.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: Ib208204a1b794df9f306fa11d13a8bb6cd6889f7
Merge from Widevine repo of http://go/wvgerrit/47860
This CL updates the copyright notice to indicate that files
shared with partners are shared under the Widevine Master
License Agreement.
bug: 77926774
test: comment change only
Change-Id: I0423668111578b80fb39a932d763df2827e2dfc3
Removes an unneccessary and noisy log message.
Bug: 77975999
Test: Re-ran unit tests. Tested with Google Play.
Change-Id: Ibec69a4e72231a87b2bb3c9c341e5ea0af352715
[ Merge of http://go/wvgerrit/47065 ]
RemoveKeys now resets associated crypto and policy resources,
rather than just closing the crypto session. This results in a
MediaCodec.CryptoException with error code ERROR_NO_KEY
rather than ERROR_SESSION_NOT_OPENED, if decrypt is called
afterwards.
Error SESSION_NOT_FOUND_FOR_DECRYPT is made unique. Error codes
were also synchonized between various branches in the widevine repo.
Bug: 77304819
Test: WV unit/integration tests, VtsHalDrmV1_0Target tests
Change-Id: I6cba2a3e1ce466d58c7727cde2d8f81d9503d655
[ Merge of http://go/wvgerrit/46907 ]
The WV client supports root of trusts as keyboxes or OEM certificates.
Devices with keyboxes use provisioning 2.0 protocol to provision
while those with OEM certificates use 3.0. L3 provisioning failures
occur if the L1 and L3 root of trusts differ.
The provisioning method is now retrieved and cached when the
security level is known, when the session is opened.
Earlier it was retrieved and cached at initialization time and
always set to the value of L1 OEMCrypto (if present). This led
to provisioning failures.
A case of acquiring a lock while one was held in GetProvisioningId()
has also fixed.
Bug: 77606913
Test: WV unit/integration tests
Change-Id: I2d66ee2cf64f846cec4a37fbccb554447c8a0e1d
(This is a merge from http://go/wvgerrit/46447)
The Production Provisioning Service is moving to the "widevine.com"
certificate from the "license.widevine.com" certificate it was using.
This replaces the two places this certificate appears in the source
code. This is expected to be the last such update.
Also, the Staging Provisioning Service was already using this
certificate, but our code had it listed as using the old certificate. It
has also been updated.
Bug: 77244492
Test: CE CDM Unit Tests
Test: Android Unit Tests
Change-Id: I2ce14ea8e672c453ce0f74fbd3345f7e40f2f297
