Merge from Widevine repo of http://go/wvgerrit/101905
The reference OEMCrypto should not be built as part of Android.
Test: Builds
Bug: 146361995
Change-Id: Ic25e6e567fcac519636f64dabc0d59b3df78990e
libcrypto_static has restricted visibility, which is now being
implemented in Make, so we either need to allow it for all vendor
modules, or use the shared library instead.
Bug: 158599308
Test: treehugger
Test: mmma vendor/widevine/libwvdrmengine
Change-Id: I88ddce7ad221c66a20f4e05409ae77421e4196ad
Merge from Widevine repo of http://go/wvgerrit/101243
Changed the version number to 16.3 and the date to June 1st. The
delta document has a short description of CL's added since
April 6th.
Test: documentation changes only
Bug: 157030231
Change-Id: I93c2b09d6a24efc71ed77110b115cafbd6fde1c6
Merge from Widevine repo of http://go/wvgerrit/101144
This CL updates the version string of the oemcrypto unit tests.
Test: unit tests on taimen and with reference oemcrypto v16.
Bug: 156789529
Change-Id: I504a32f0c3781870052b58d30312c58e090b145c
Merge from Widevine repo of http://go/wvgerrit/101143
This CL removes the check for a decrypt hash error when CopyBuffer is
used instead of DecryptCenc because a key was not selected.
We also remove the attempt to check the decrypt hash when there are
multiple buffers, because that is not well defined behavior.
Bug: 155185867
Bug: 155192141
Test: ran unit tests on taimen and on v16 reference oemcrypto
Change-Id: I640e904e256f0913ca606bb5db891430b23f44a3
Merge from Widevine repo of http://go/wvgerrit/100964
The previous nonce-free test used the same session to generate the
request as to load the license. However, it is a realistic use case to
have a new session used for loading the license.
The use case relates to a pre-loaded, shared license.
Test: Ran unit tests on taimen and on v16 ref implementation
Bug: 156853321
Change-Id: Ibc07744a16edcd3952d88d73660a75d0c3e8eeb8
Merge from Widevine repo of http://go/wvgerrit/101130https://cr/314253512
ODK Library: roll version number to 16.3
https://cr/314253425
ODK Library: Accept release request as renewal request
To support forward compatibility, the v16 server should parse a
release request as a renewal request.
https://cr/314213725
ODK: Accept larger message sizes
The ODK should accept a message size that is larger than the
current
API requires. This allows for future API versions to append
fields to
a message that current the current license SDK will
ignore.
https://cr/313962712
ODK: accept messages with future API version numbers
This CL updates the ODK parse functions to accept future versions
of
the message. This will allow a v16 server to talk to a v17
device.
https://cr/313814938
ODK Version String
Add an automatically generated version string to odk_structs.h
Bug: 157030231
Bug: 157512150
Bug: 157822248
Bug: 157512322
Test: unit tests on taimen
Change-Id: I346f73c41bc984fe17856d3b61cd08cf92b39919
Merge of http://go/wvgerrit/101183
This is a combination of multiple commits from google3:
* http://cl/313814938
ODK Version String
* http://cl/313962712
ODK: accept messages with future API version numbers
* http://cl/312219187
Ignore hash if initial load of license, and the nonce not required
(squashed into http://cl/313962712)
Test: OEMCryptoLicenseTest.LoadKeyWithNoRequest
Bug: 157822248
Bug: 156853321
Change-Id: I735d355241876bddb0c52440b0049efb72a4b26f
Merging CL
https://widevine-internal-review.googlesource.com/c/cdm/+/100924 Fix implicit type conversion issue in ODK
1. Implicit cast is reported as error when compiling ODK with Level3
2. Override odk_add_overflow_xxx function with the built in functions can cause
redefinition issue when compiling Level3; Let's use odk customized overflow functions.
Bug: b/157510403
Test: ODK unittests and CDM unittests passed.
Change-Id: Ieef8ccfb41d08007ec72f4a061f92968e55539cb
(This is a merge of http://go/wvgerrit/100053.)
The OEMCrypto Unit Tests were previously deriving keys from the session
key as part of loading the test RSA key. This creates an invalid
function call order, since the OEMCrypto session will likely next be
used for actions that need to be done *before* deriving these keys. With
ODKiTEE, which is more strict about this order, all OEMCrypto tests were
failing.
Bug: 156655072
Test: OEMCrypto Unit Tests
Change-Id: Ibfede587da30cfff4a44a5e0687e4199b1430372
Merge from Widevine repo of http://go/wvgerrit/100110
The unit test TimeRollbackPrevention was broken for several
reasons. This CL reduces the test to its most basic functionality and
updates it to be compatible with a v16 oemcrypto.
This CL also adjusts the fake clock used by the buildbot to fake
sleeping backwards, so that the TimeRollbackPrevention test can also
be run on the buildbot.
Bug: 155773482
Bug: 79422351
Test: unit tests on buildbot, and on flame w/v16 modmock
Change-Id: I3027018b17b738281989e63ae6b0729757217d05
Merge from Widevine repo of http://go/wvgerrit/100385
The map now contains unique_ptr instead of raw pointers
to ensure the memory is released.
Bug: 156780432 OEMCrypto Fuzzing: Fix OEMCrypto Memory Leak.
Test: oemcrypto reference code only
Change-Id: I78054f9207399f052d6e4bfdfa96824f6e050bac
Merge from Widevine repo of http://go/wvgerrit/98265
Previously, if we tried to shrink the usage table over an entry in
use, we expected an error. Now, we expect the specific error,
OEMCrypto_ERROR_ENTRY_IN_USE.
Test: unit tests on taimen
Bug: 124776024
Change-Id: I2b4b872943bf65401c0a6b5dc1237d77341b1f5b
Merge from Widevine repo of http://go/wvgerrit/98264
The generic decrypt tests changed the variable controlling buffer size
after it initialized the buffer -- so the buffer was not changed. This
CL fixes that.
Also, RefreshLargeBuffer changed the size of the license message
buffer, not the renewal message buffer.
Bug: 153590142
Test: ran unit tests on taimen
Change-Id: Ib01b411478a181ba956ac2e23c03634a2d971cc0
Merge from Widevine repo of http://go/wvgerrit/97763
There were no function signature changes, so the API version number
did not change from 16.2. There were several grammar and spelling
errors. There were also the following corrections:
1. The description of OEMCrypto_LoadProvisioning now says that devices
with a keybox use keys derived from the keybox device key, and devices
using Provisioning 3.0 use keys derived from the session key. The
description was previously reversed.
2. The function OEMCrypto_SupportedPatterns is no longer
discussed. This function was never fully defined.
3. The function OEMCrypto_LoadRenewal no longer says that keys and key
control blocks should be verified. This is because the function
OEMCrypto_LoadRenewal processes a message with no key control
block. It should update timers for the entire license.
Test: doc and comment change only
Bug: 153731804
Change-Id: I11a3069fcdbf67b369e2e2bc3fea8c08842eeb7b
Merge from Widevine repo of http://go/wvgerrit/96843
This CL modifies the system time used by the reference OEMCrypto so
that it recovers from a clock rollback. When the clock rolls back, it
now adjusts the current time and continues forward. This is needed
when running unit tests on some platforms that reset the clock at
the beginning of a test.
Bug: 152649427
Test: unit tests on buildbot. (No production code on Android)
Change-Id: I7edcdc0cd4e5938c9a54e745d3a0e008f9eb13ed
Merge from Widevine repo of http://go/wvgerrit/96783
This CL updates the reference code, unit tests, and adapter to use the
new v16 function OEMCrypto_LoadDRMPrivateKey. This is just an API
change to allow ECC support in the future. The reference code does not
yet support ECC certificates, and the CDM code assumes that all
certificates have an RSA key.
Bug: 152558018
Test: unit tests on taimen and w/v16 mod mock.
Change-Id: I0793b416513b81b3d74849f0b58dbdc91f075ac6
Merge from Widevine repo of http://go/wvgerrit/96508
This adds a unit test for to verify that a preloaded license may be
loaded into OEMCrypto. A preloaded license is a license that does not
have a nonce, and for which there is no license request. This is used
in CAS and ATSC.
I also updated the test version string to
OEMCrypto unit tests for API 16.2. Tests last updated 2020-03-27
Bug: 144105097
Test: ran oemcrypto unit tests on taimen and with v16 modmock.
Change-Id: I6a4926917f36a084d15defa7b908d067612c4dcf
Merge from Widevine repo of http://go/wvgerrit/95945
The reference oemcrypto and testbed still use old style pointers, even
though we now require a more modern C++ compiler. Updated a few places
where smart pointer would be appropriate.
Bug: 141393616
Test: Ran unit tests
Change-Id: I8b1e155bce241075928e373478d6f8e1001233f9
Merge from Widevine repo of http://go/wvgerrit/96163
This CL just addresses some review comments from the big merge to
master. The header OEMCryptoCENC.h is now synced with the
document http://go/oemcrypto.
Test: unit tests
Bug: 148907684
Change-Id: Ic825126e0dd3d7e86eefab2c51b4abb5d57fb568
Merge from Widevine repo of http://go/wvgerrit/95483
This adds a log message to the oemcrypto unit tests so that if
somebody sends us a log, we can tell which version they are
running.
With this CL, the version string is
OEMCrypto unit tests for API 16.2. Tests last updated 2020-03-18
This can be found in the logs and in stdout when running the unit test
OEMCryptoClientTest.VersionNumber. One can verify the executable on
android using
strings $OUT/data/nativetest/oemcrypto_test | grep -i "oemcrypto unit tests"
Test: ran oemcrypto_test and verified version string
Bug: 144713981
Change-Id: Ie10b2f270b783ed10a3ff9855b7ca32a5327ea1c
Merge from Widevine repo of http://go/wvgerrit/95968
Un-initialized int array allocated on heap is detected by MemorySanitizer using this command:
rabbit test --config=msan --keep_going --compilation_mode=opt --runs_per_test=1 //video/widevine/export/common/oemcrypto_core_message/odk:odk_test
Bug: 151339875
Test: cdm and odk unit tests
Change-Id: Ic3329b918636a58eccb518ded7b262c4d98c3644
Merge of http://go/wvgerrit/95666
Mostly fixing coding styles and a few vulnerability check.
Updating tests according to the fix.
Bug: 150614088
Bug: 150881959
Test: Ran cdm and odk unit tests
Change-Id: I109a96ee8ded089d59ab49c2f94b6833c932fd1e
Merge from Widevine repo of http://go/wvgerrit/95463
In the unit tests ReloadUsageTableWithSkew, we load a header that has
a generation number off by 1. This is allowed. However, we then try to
load the current entry, which is newer than the header. Instead, we
should try to load the entry that went with the header.
Bug: 139828114
Test: Ran unit tests
Change-Id: I87261501d8ee2b91a07c2b5dff17fc0ea950244d
Merge from Widevine repo of http://go/wvgerrit/95403
This updates the test code CreateDefaultResponse to make sure that
license releases do not have a core message, and that the key control
block is correctly set for renewals.
Also, the unit test OEMCryptoUsageTableTest.TimingTest is changed to
only a license release when the license is inactive. If the license is
still active, then the license is loaded before generating a usage
report.
Test: Ran full unit tests
Bug: 151092673
Change-Id: I7c01fd17f9b66e88ab3c57aa0f3d40740f13507c
Merge from Widevine repo of http://go/wvgerrit/95283
If an entry is loaded in a second session, the error should be
OEMCrypto_ERROR_INVALID_SESSION.
Bug: 150647218
Test: ran unit tests
Change-Id: I4e666ce6626303a36b16997f0a012d57a7039697
Change-Id: Id0e73dec5879ec9ec4e8ab8ebe1590c568e7f0af
Merge from Widevine repo of http://go/wvgerrit/95263
Some OEMCrypto unit tests are not expected to pass on a v15 device, so
they are being filtered out.
Bug: 149861744
Test: unit tests on taimen
Change-Id: Iadff592f4a0005ab7e5613b315a714e737d7e5e0
Merge from Widevine repo of two CLs.
Merge from Widevine repo of http://go/wvgerrit/94743
A license release should not have a core message. This CL adjusts the
existing unit tests to verify this. There is also a new unit test called
SecureStop that explicitly tests sending a secure stop in a new
session without first loading the license.
Merge from Widevine repo of http://go/wvgerrit/94865
This CL has the following changes copied from google3:
http://cr/298871728 Remove odk_static_assert for Message size temporarily
http://cr/298755935 Fix a compiling error during macro expansion
http://cr/298481745 Add missing header for android
http://cr/298448142 Fix odk_test gyp file
http://cr/298419641 Remove header from Android.bp
http://cr/298402053 Separate sizeOf(args) bytes in fuzz tests
http://cr/297730316 No core messages for license release
http://cr/297714346 Add copybara_test and piper_sot_to_gerrit
http://cr/297636713 Adding some comments around boolean conversion code
http://cr/297420679 Autofuzzer when ran with address sanitizer ...
http://cr/296513584 Minor fix with fuzzing odk clock values
http://cr/296322024 Fixing errors in code with how request ...
http://cr/296313159 Fuzzing ODK clock values by setting aside ...
http://cr/295763207 Add more odk tests and move helper functions to test helper
http://cr/294524098 Adding a Build Rule for ODK_KDO_Fuzzer and updating
http://cr/294492213 Address a few review comments of ODK
http://cr/293674368 odk_fuzz: add TODOs & comments
http://cr/293492806 Fix spelling
Bug: 150243585
Bug: 150020278
Bug: 150095506
Bug: 147297226
Bug: 148290294
Bug: 148907684
Bug: 150608451
Test: unit tests
Change-Id: I25fd406f29f4eba40f5cb27e9a1317dce4ffc2f5
(This is a merge of http://go/wvgerrit/93829,
http://go/wvgerrit/93830, http://go/wvgerrit/93832,
http://go/wvgerrit/93833, and http://go/wvgerrit/93834 from the
Widevine repo.)
This implements the CDM code changes necessary to take advantage of
Combined Decrypt Calls on OEMCrypto v16. The result of this is that
WVCryptoPlugin is much lighter now because it can pass the full sample
down to the core in one call, but CryptoSession is heavier, as it now
has to handle more complex fallback logic when devices can't handle
multiple subsamples at once.
This patch also removes support for the 'cens' and 'cbc1' schema, which
are being dropped in OEMCrypto v16. This fixes an overflow in the code
for handling those schemas by removing it entirely.
This patch also fixes the "in chunks" legacy decrypt path to use larger
chunk sizes on devices with higher resource rating tiers.
Bug: 135285640
Bug: 123435824
Bug: 138584971
Bug: 139257871
Bug: 78289910
Bug: 149361893
Test: no new CE CDM Unit Test failures
Test: Google Play plays
Test: Netflix plays
Test: no new GTS failures
Change-Id: Ic4952c9fa3bc7fd5ed08698e88254380a7a18514
Merge from Widevine repo of http://go/wvgerrit/94043
Remove some unused parameters from test code. These had been
generating compiler warnings.
Bug: 149592532
Test: built and ran unit tests on crosshatch
Change-Id: If1325edc3418f77d620ce3765496ef17156bc624
Merge from Widevine repo of http://go/wvgerrit/93686
This CL changes some test logging so that it is always on a single
line, even if verbose logging is turned on.
Test: unit tests
Bug: 149119926
Change-Id: I9473f6e559ff543ced47a7fa3900615866a25688
This CL merges some missed pieces of the merge from Widevine repo of
http://go/wvgerrit/93405
Test: unit tests
Bug: 147879734, 147396294, 141247171
Change-Id: I3b92b983f68f6a529f109bc5dec91b313e3fd7fb
[ Merge of http://go/wvgerrit/93505 ]
During the merge process there were a few CL comments (ag/10122083)
that were not able to be addressed. Most changes in the CL are
spelling / grammar corrections.
Bug: 148907684
Bug: 141247171
Test: CDM unit tests
Change-Id: I9a8648525bbe5ed319521ebf01741a958ab69ae2
Merge from Widevine repo of http://go/wvgerrit/93404
This is the unit tests, reference code, and documentation for
OEMCrypto v16.2. Backwards compatibility should work for a v15
OEMCrypto.
Some review comments will be addressed in future CLs.
Bug: 141247171
Test: Unit tests
Test: Media GTS tests on bonito
Change-Id: I9d427c07580e180c0a4cfdc4a68f538d351c0ddd
Merge of http://go/wvgerrit/93404
This CL updates the Widevine CDM to support OEMCrypto v16.1
Test: Tested in 16.2 CL
Bug: 141247171
Change-Id: I69bd993500f6fb63bf6010c8b0250dc7acc3d71b
Replace libcrypto with libcrypto_static, which can be protected through
visibility to ensure only modules that don't affect FIPS certification
can use it.
Bug: 141248879
Test: m checkbuild
Change-Id: I53757b813fe2984261a3bde963cac1886523dfdf
