[ CDM CL http://go/wvgerrit/156286 ]
Local test scripts can now run the CDM unit tests without using a test
keybox / test RSA key by setting an environment variable:
DISABLE_TEST_KEYBOX=yes
The default behavior will continue to be that the unit tests will load
a test keybox / test RSA key.
This is to enable testing different provisioning features when the
device uses keyboxes for its ROT. Provisioning methods like 3.0 and
4.0 were never forcibly required to load a test ROT.
This is change is required for the ability to test ECC-enabled
keyboxes.
Bug: 135283522
Test: run_x86_64_tests and build_and_run_all_unit_tests.sh
Change-Id: I2a85be541deec3f60ab8fa82452a4d4cafaed339
[ Merge of http://go/wvgerrit/155070 ]
These functions are internal utilities and should not be exported from
our library. IIRC, this was added to aid in Windows tests, but this is
no longer needed.
Bug: 236317198
Test: build_and_run_all_unit_tests.sh
Change-Id: I19beb35a15f0f87dc8f968e1dd5302aed9463e54
[ Merge of http://go/wvgerrit/153669 ]
The oemcrypto_decrypt_cenc_fuzz fuzz test found a null reference error.
This adds a check to ensure that the input_buffer vector used for the
sample descriptions is not empty before attempting to access it.
Bug: 192310854
Bug: 236317198
Change-Id: If3909b01d3bc19434bbd5b6b77e7cd76182b2bdf
[ Merge of http://go/wvgerrit/154575 ]
[ Cherry-pick of http://ag/19498242 ]
There is a rare race condition experienced by some Android devices
where the a new client property set is being added while another is
being removed. The C++ stl library does not provided thread
protection by default.
This CL adds a new mutex for the client property set map which prevents
multiple threads accessing the property sets concurrently.
Bug: 235238226
Test: GtsMediaTestCases on redfin
Change-Id: I32cf11bfb1332295ba1245071102ff0adc35259d
(cherry picked from commit aaa97a5d60)
(cherry picked from commit 6109ec6d66)
[ Merge of http://go/wvgerrit/153121 ]
`run_oemcrypto_fuzz_tests` script was disabled while OPK was
transitioning between v16 and v17. Now that OPK is v17, the
fuzz tests can be re-enabled.
Some targets could not be built due to a missing header file.
`oemcrypto/ref/src/cppbor.cpp` was updated to include the missing
header.
Bug: 235414753
Bug: 229160033
Bug: 236317198
Test: run_oemcrypto_fuzz_tests
Change-Id: Ieeebae1f6d84c5735a669d44ea45875675fdb5a3
[ Cherry-pick of http://ag/19216679 ]
[ Merge of http://go/wvgerrit/155370 ]
There is a rare race condition experienced by some Android devices
where the a new client property set is being added while another is
being removed. The C++ stl library does not provided thread
protection by default.
This CL adds a new mutex for the client property set map which prevents
multiple threads accessing the property sets concurrently.
Bug: 235238226
Test: GtsMediaTestCases on redfin
Change-Id: I32cf11bfb1332295ba1245071102ff0adc35259d
(cherry picked from commit aaa97a5d60)
After a successful extraction, the vector of BCC should be resized to
the correct value.
This CL picks the change from http://ag/19196496, which fixes the bcc
size for our internal extraction tool.
Test: build and run extraction tool
Bug: 237029566
Change-Id: I0c73861e363215486a93abebac84da2ce49d43a8
[ Merge of http://go/wvgerrit/151597 ]
* missing #include <string> for 'std::string' For more info see go/clang_tidy/checks/google3-build-missing-std-includes (25 times)
* missing #include <utility> for 'std::move' For more info see go/clang_tidy/checks/google3-build-missing-std-includes (3 times)
* missing #include <algorithm> for 'std::find_if' For more info see go/clang_tidy/checks/google3-build-missing-std-includes (2 times)
* missing #include <algorithm> for 'std::sort' For more info see go/clang_tidy/checks/google3-build-missing-std-includes
This CL looks good? Just LGTM and Approve it!
This CL doesn’t look good? This is what you can do:
* Revert this CL, by replying "REVERT: <provide reason>"
* File a bug under go/clang-tidy-bug for category ClangTidyBuild if there's an issue with the CL content.
* File a bug under go/rosie-bug if there's an issue with how the CL was managed.
* Revert this CL and not get a CL that cleans up these paths in the future by
replying "BLOCKLIST: <provide reason>". This is not reversible! We recommend to
opt out the respective paths in your CL Robot configuration instead:
go/clrobot-opt-out.
This CL was generated by CL Robot - a tool that cleans up code findings
(go/clrobot). The affected code paths have been enabled for CL Robot in //depot/google3/METADATA.
Anything wrong with the signup? File a bug at go/clrobot-bug.
Bug: 236317198
Change-Id: I28f7899b5cf0637be15833659f8ba0dd6ff3ab90
[ Merge of http://go/wvgerrit/150489 ]
* missing #include <string> for 'std::string' For more info see go/clang_tidy/checks/google3-build-missing-std-includes (2 times)
This CL looks good? Just LGTM and Approve it!
This CL doesn’t look good? This is what you can do:
* Revert this CL, by replying "REVERT: <provide reason>"
* File a bug under go/clang-tidy-bug for category ClangTidyBuild if there's an issue with the CL content.
* File a bug under go/rosie-bug if there's an issue with how the CL was managed.
* Revert this CL and not get a CL that cleans up these paths in the future by
replying "BLOCKLIST: <provide reason>". This is not reversible! We recommend to
opt out the respective paths in your CL Robot configuration instead:
go/clrobot-opt-out.
This CL was generated by CL Robot - a tool that cleans up code findings
(go/clrobot). The affected code paths have been enabled for CL Robot in //depot/google3/METADATA.
Anything wrong with the signup? File a bug at go/clrobot-bug.
Bug: 236317198
Change-Id: I9ccf0ce00ee3f6f7b3a2b6ec9dedeff578535217
[ Merge of http://go/wvgerrit/148691 ]
This is a followup to OEM_CONTENT,
a custom key container that was added to Widevine server.
Bug: 193006094
Bug: 236317198
Change-Id: I82285e4e50f981e0cedf2adac5910643f34f8e46
[ Merge of http://go/wvgerrit/154593 ]
This CL updates the initial time used for reboot tests to be
within the valid range used by OPK. Also, the fake clock is
now synced with every use of the TestHost's clock function.
Also, the OPK's system clock is no longer initialized to 0
because this caused some tests to set initial playback time
to 0. That broke code that assumed a time of 0 mean "never".
I also removed some log spam in the WTPI code.
Bug: 222353528
Bug: 236317198
Change-Id: Ibdbdb2440454b9cf561cd9ec65ca3e40cf5a8d93
After a successful extraction, the vector of BCC should be resized to
the correct value.
Test: build and run extraction tool
Bug: 237029566
Change-Id: I41f39cb72bb1dc27d6d40f3c5ace5265271aab0e
(This is a merge of http://go/wvgerrit/153552.)
The correct way to create a FileSystem object for testing CdmEngine
depends on the platform. However, our code has historically just
instantiated a new FileSystem object using the default constructor. This
works fine for Android and has historically worked fine for the CE CDM
tests because they did not implement storage correctly. However, an
upcoming commit will fix the implementation of storage in the CE CDM
TestHost, causing tests that use a default FileSystem constructor to
fail. This patch adds a new platform-defined function that instantiates
per-origin test storage in a platform-correct way. For Android, it
continues to use the default constructor, while for CE CDM, it uses the
TestHost.
Bug: 193060708
Test: x86-64 w/ storage separated
Test: build_and_run_all_unit_tests.sh
Change-Id: I0a9b6a4d3943e053d51d6018e392b7f215f50642
(This is a merge of http://go/wvgerrit/153551.)
On CE CDM, storage is split between global and per-origin storage, and
one type of storage cannot be used to access the other. (Though, until
an upcoming commit lands, the tests will allow it.) On Android, both
types of storage access the same filesystem. This means that code may
run fine on Android but fail on CE CDM.
The Usage Table Header code normally, explicitly accesses the header
file via global storage. However, a few code paths would try to access
it inconsistently via per-origin storage. This patch updates
StoreTable() to always use the global storage, similar to how
RestoreTable() already functions.
Test: x86-64 w/ storage separated
Test: build_and_run_all_unit_tests.sh
Bug: 236400786
Bug: 192297621
Change-Id: Ie84cef43a7ad169ca8ab701d73c087294ee29705
(This is a merge of http://go/wvgerrit/153550.)
On CE CDM, storage is split between global and per-origin storage, and
one type of storage cannot be used to access the other. (Though, until
an upcoming commit lands, the tests will allow it.) On Android, both
types of storage access the same filesystem. This means that code may
run fine on Android but fail on CE CDM.
The OEM Cert in Provisioning 4.0 is a global file that should only
exist once, but it was being accessed through the per-origin storage,
which would result in a separate OEM Cert being provisioned for each app
& origin on CE CDM. This patch changes the Prov 4.0 code to access it
through the global storage, using techniques similar to how the Usage
Table Header code does this.
Test: x86-64 w/ storage separated
Test: build_and_run_all_unit_tests.sh
Bug: 236400627
Change-Id: I301d250fc9543e62949a4d9fdcbdd109bd941384
[ Merge of http://go/wvgerrit/153589 ]
Some unit tests call InstallTestRSAKey() a few times. In current
provision 2 with Keybox, the test RSA DRM key is hard coded. But for
provision 4, it will be generated by OEMCrypto.
When a test calls multiple times of InstallTestRSAKey(), we don't want
the key to be generated during each call, and we want to use the same
key in order for the decrytion to work.
The fix to cache the drm key once it is created for prov 4 tests.
Bug: 180530495
Bug: 236317198
Test: oemcrypto_test
Change-Id: I1b2d96a89e0619861492e6d9bc56862e2c440c86
[ Merge of http://go/wvgerrit/150349 ]
The device id for prov4 is hash of the encoded device public key
(COSE_key).
Also replaced a few bug numbers if it is prov3 specific (not related to prov4).
Bug: 225216277
Bug: 236317198
Test: oemcrypto_test
Change-Id: Ica1c8579c0a3ef83c70f331283c9cce629c6bb3f
[ Merge of http://go/wvgerrit/149849 ]
With ECC based DRM cert, the session key is expected to be 32, as
compared to 16 bytes in RSA case. This CL adds supports for 32 bytes
session key.
Bug: 236317198
Test: oemcrypto_test
Change-Id: I657fdd92d17736a23375ddcd457f83efa6ca6d1f
[ Merge of http://go/wvgerrit/151311 ]
Missing a check for provision 4.0.
Note: This CL is merged out of sequence with the CDM repo, resulting
in a slightly different CL.
[ Conflicting CL http://ag/18244016 ]
Test: Native test crypto_session_unittest
Bug: 180530495
Bug: 236317198
Change-Id: I79f753ba43098e1a3422c39b9903f57e5df03af2
[ Merge of http://go/wvgerrit/150810 ]
This CL changes the call "Provision()" in some tests to use
"EnsureProvisioned()". The latter can actually call "Provision()" twice
in case of Prov 4 being used: first call to get oemcert.bin and second
call to get drm cert.bin.
Also added a file clean up during test tear-down.
Test: opk_ta with prov2 and prov4
Bug: 180530495
Bug: 236317198
Change-Id: I37c8708ead7f18e8b4d619bf6a080424e45406ee
[ Merge of http://go/wvgerrit/153290 ]
Currently OEMCrypto_Close will be called for entitled key sessions as
well upon destroying, while only OEMCrypto sessions should be called.
This CL adds a session type to the oemcrypto adaptor.
Bug: 232225911
Bug: 236317198
Test: request_license_test
Change-Id: I323fff80139ce949f801cf0df5aa2bd3171dfb51
