merge of http://go/wvgerrit/14807 from the widevine repo.
The mediaDrm API only allows for a single provisioning attempt at a time.
If concurrent provisioning attempts occur, resources are released from
all but the last request, in order to allow at least that one to be successful.
Any provisioning responses received before one from the last request will
be rejected. A side-effect was that all provisioning resources would
then be released. This caused a provisioning response from the last attempt
to be rejected as well. This CL corrects this behavior and releases resources
only if a provisioning attempt is successful.
The side-effect is that, if the response to the last request is not received
or failure occurs while processing, a crypto session may be held until the
next provisioning attempt.
In other cases of concurrency, provisioning responses to requests other than
the last which are received after the last response will be declared successful.
b/21879484
Change-Id: I3a840ceda1a16ee6adb40c2dbca6c4adf3da12c3
(This is a merge of http://go/wvgerrit/14795)
This change restores the ability to build the Widevine CDM for Android
for MIPS devices. It restores the precompiled binaries for MIPS and
re-adds MIPS to all makefiles.
This change includes a new build of the obfuscated binaries for
MIPS32r1 that were built using a MIPS device on the emulator.
level3/mips/libwvlevel3.a Level3 Library Jun 19 2015 12:32:49
Bug: 19482469
Change-Id: Ifa1c299a5751f3772c42289d8333a2b8cec51f69
(This is a merge of http://go/wvgerrit/14783)
When validation was added to the service certificate property, it
broke the associated test, which sends random data. It also did not
do any testing of the new validation itself.
This fix makes the validation method on WvContentDecryptionModule
non-static so that it can be mocked and handled appropriately in the
test.
Bug: 21923281
Change-Id: Id5d2315709fce35f9347b3545f594371810349f0
[ Merge from http://go/wvgerrit/14745 ]
License generation errors previously would result in code -2916 being returned
though the mediaDrm API. More descriptive error codes are now being returned
from -2850 to -2836
b/13976775
Change-Id: I613ad650ab0a072ce9d8029e2af52b72dc617236
[ Merge from http://go/wvgerrit/14670 ]
Concurrent provisioning attempts are declared successful if any one of them
succeeds. Earlier only the successful ones were declared as such.
b/21727698
Change-Id: I67dedca44790a4ae236e14f90a8fc91775273905
(This is a merge of http://go/wvgerrit/14630)
To create a better flow when an application sets a service certificate
manually, we will now validate the certificate when it is given to us,
and if it is invalid, we will not allow the property to be set.
Bug: 21307186
Change-Id: If980ad075604223fc962a859fae93e98d86a7f4f
(This is a merge of http://go/wvgerrit/14531)
As an optimization, the Media Server now unloads our library when not
in use. This has exposed a bug by which we were never deleting the CDM
singleton. Fix is to make WvContentDecryptionModule an Android smart
pointer ref base and then make sure all the plugins store a strong
pointer to it. The singleton is a weak pointer, so when the last
plugin is cleaned up, the CDM will be as well. And on the off chance
that the library isn't immediately unloaded, the singleton code will
generate a new CDM next time one is needed.
Bug: 21153732
Change-Id: Ifaf02fa9afe0a70a8b53e8b92ee0a3d1359ca001
[ Merge of http://go/wvgerrit/14480 ]
Server upgrades have been completed and allow these tests to run successfully
against UAT. They were earlier tested against staging.
b/21479112
Change-Id: Ifc5e5780fa5305c6ddfd662ada204db599cb5c6e
[ Merge of http://go/wvgerrit/14410 ]
When specifying a service certificate though mediaDrm, the CDM earlier expected
serialized service certificates rather than signed ones.
b/21334970
Change-Id: I39af2aa25e8dc2a651cbdce84eb32f266b5b3382
Also fix a missing change for
"playback duration should override license duration".
Merged from Widevine CDM repo:
https://widevine-internal-review.googlesource.com/#/c/14435/
Bug: 21393975
Change-Id: Ibfcf3ae4c13db8944ea285bcc79b6312ea621e1b
[ Merge of go/wvgerrit/14360 ]
If within playback window, do not expire license on expiry of rental or
license duration. In this case playback duration will extend the license.
b/17791094
Change-Id: I26d255aa8f0287bd583ebdeec991c613d49d8f22
[ Merge from go/wvgerrit/14286 ]
CDM now reports status information associated with the specified security level.
Earlier information would be reported from the default security level.
b/18709693
Change-Id: I7a01e8ea9773b56951c207437ce85e567fd32b09
[ Merge of go/wvgerrit/14240 ]
Client information is reported in release and renewal messages based on
flag in the license. License proto has been updated to match server updates.
There are two caveats
* Client IDs will be reported unencrypted when usage reports are requested.
* Release requests that enable privacy mode (encrypted client IDs) but do not
specify a service certificate are not supported.
b/19247020
Change-Id: I95e709922122370f310936fbad3d312262128e49
Merge from widevine of go://wvgerrit/14173
This CL updates the android makefiles to use the libcrypto_static.
Change-Id: I74567ff880ebdce366766a9ab44c92cc9540b8db
Merge from widevine repo of http://go/wvgerrit/14125
This copies code from http://go/wvgerrit/13847 to the oemcrypto unit
tests. It puts the test name in the log file.
I also commented out some unused function parameters to avoid compiler
warnings.
Change-Id: I3ba259de2f408ec60e90db7f0ea1524d5aa8f8a4
The errors in the range ERROR_DRM_VENDOR_MIN to ERROR_DRM_VENDOR_MAX are
reflected in the message that is reported to the app, which is
MediaDrmStateException.getDiagnosticInfo().
Many errors map to kErrorCDMGeneric, especially KEY_ERROR is used as a
generic error in CDM. This fix defines more specific error codes in the
CDM for places where KEY_ERROR is returned.
Merge from http://go/wvgerrit/14071
bug: 19244061
Change-Id: I688bf32828f997000fea041dd29567dde18ac677
[Merge of https://widevine-internal-review.googlesource.com/#/c/14110/ from
widevine cdm repo]
Backward compatibility handling was causing L3 usage and clock information
to be moved. This caused nonce and other failures when attempting to restore
offline keys.
b/20025990
Change-Id: I6e0fa1030bcce1a5bdd811a9064989d3b6ce2f04
Implements the optional setMediaDrmSession() method. To enble this,
support was added to the core to report if a session ID is valid.
As a consequence of this, in the tests for the CryptoPlugin,
construction of the plugin must be deferred until all gMock
expectations are set, as construction now calls into the CDM core.
This is a merge of two changes from the Widevine CDM repo:
http://go/wvgerrit/14083
Allow Setting of Session ID
http://go/wvgerrit/14085
Check If Session ID Is Valid When Changing CryptoPlugin IDs
Bug: 19570317
Change-Id: I7dbd777ce6efebd71fdb5e602663a0e35a48a9c4
This is a merge of several Widevine-side commits that, cumulatively,
allow callers to specify an origin to be used to isolate data storage
as specified in the W3C Encrypted Media Extension specification.
Separate origins have separate certificates, and consequently cannot
share device identifiers with each other.
The changes included in this are:
Add Ability to Check for Existing Certificates
http://go/wvgerrit/13974
Add Ability to Remove the Certificate
http://go/wvgerrit/13975
Make CDM Origin-Aware
http://go/wvgerrit/13977
Add Per-Origin Storage to Widevine CDM on Android
http://go/wvgerrit/14026
Remove Automatic Origin Generation
http://go/wvgerrit/14031
Bug: 19771858
Change-Id: I6a01c705d9b6b4887a9c7e6ff4399a125f781569
(This is a merge of http://go/wvgerrit/13976)
Updates the certificate provisioning protobuf to include the stable_id
field.
Bug: 19771858
Change-Id: I6c1ed8c8c219a8cacc9798d189458d9861aa46d0
(This is a merge of http://go/wvgerrit/13813)
Removes the OS Version property which was only ever implemented on
Android to appease Netflix and never actually used by them. Adds,
instead, a Widevine library version property. Also adds
implementations of this function for both Android and CE Devices.
For Android, the version number is starting at 3.0.0-android, to
reflect that this is the third major revision of the Widevine CDM in
Android.
For CE Devices, the version number is not changing from its current
value (2.2.0) but is gaining a "-ce" on the end in order to
differentiate it from the Android version number.
Bug: 18376638
Change-Id: Ifb3fa0d62631b45d9e91a6a53bcab3be38763d3a
This is a merge from the Widevine repository of
http://go/wvgerrit/14024
Add Level 3 Oemcrypto Unit Tests To Run All Tests Script
This CL adds the ability to restrict the oemcrypto unit tests to only
use the fall back level 3. This restriction is per-process, and is
only used while running the unit tests. This allows us to automate
running the unit tests on an android device as both level 1 and level
3 without modifying files in /system/lib. To turn on the restriction,
set the environment variable: FORCE_LEVEL3_OEMCRYPTO=yes.
New level 3 library versions are:
level3/arm/libwvlevel3.a Level3 Library Apr 8 2015 13:09:05
level3/x86/libwvlevel3.a Level3 Library Apr 8 2015 13:15:42
http://go/wvgerrit/14055
Remove Redundant Tests
This CL modifies the UsageTableTests in oemcrypto_test.cpp so that
they are not all parameterized by new_mac_keys_. This parameter is
used when testing signatures. In particular, we do not need to verify
timing twice.
Also, I modified the run_all_unit_tests.sh script so that the
environment variable GTEST_FILTER is passed down to the android
process. This allows us to use the script to run a limited list of
tests while debugging.
http://go/wvgerrit/14054
Filter Out API Version 10 Tests
This CL updates the OEMCrypto tests so that all but one test will pass
for a device that implements the version 9 API.
Android LMP devices should pass tests with
GTEST_FILTER="*-*MNC*:*CanLoadTestKeys*"
http://go/wvgerrit/13886
Update Documentation about Optional Features
The intergration guide has been updated to include reference to
OEMCrypto_LoadTestRSAKey. It also now discusses optional features.
The Delta 10 document now mentions OEMCrypto_LoadTestRSAKey.
The android supplement warns that most optional features are required.
This also adds clarification about which functions should save the
usage table, in answer to:
b/16799904 OEMCrypto v9 ambiguous about saving usage table information
Change-Id: Ifb517d58952c9b332b2958ca99af64bc293b985f
(This is a merge of http://go/wvgerrit/13971)
gTest provides generators for ranges of numbers and booleans so that
we don't have to roll our own.
Change-Id: Id7d9310c5d5c1314f680200da4457c0e529ac107
This is a merge from the widevine repository of
http://go/wvgerrit/13923 Switch openssl to use the EVP interface for aes-ctr-128
http://go/wvgerrit/13979 Add Test Certificate to OEMCrypto Mock
http://go/wvgerrit/13978 Add Test Keybox to Level 3 OEMCrypto
http://go/wvgerrit/13873 Enable OEMCrypto Unit Tests
This CL adds a main program to oemcrypto_test.cpp, which filters out
tests that are not supported on the specified platform. It also adds
LoadTestKeybox to the mock. This allows oemcrypto unit tests to be run
on devices that have production keybox. It also allows the same set
of unit tests to work on Android and on non-Android platforms.
b/18962381 Use test certificate (partial fix)
b/19867990 Separate cast receiver tests
Change-Id: If89c31530103ed85aa37d7379bd5b4dc2a927f38
Also removes OnSessionExpiration which is no longer needed with
OnSessionKeysChange.
Bug: 19771612
Bug: 19771431
Merged from Widevine CDM repo:
https://widevine-internal-review.googlesource.com/#/c/13951/
Change-Id: I0603e808e8d50ff7bb1fb1d5e44fabd8d268ee8a
This change:
1) Switches the Makefiles over to using LOCAL_STATIC_LIBRARIES, which I
understand is the new hotness, rather than setting a -I flag directly.
2) Switches to the non-deprecated _ex versions for EVP_EncryptFinal.
3) Uses the EVP_PKEY interface for checking PSS signatures. This is the
only supported interface in OpenSSL: the PSS padding check functions are
only exported in upstream OpenSSL because it's a library from the 90s
and they don't have a concept of "unexported". Also, by using the EVP
functions, OpenSSL/BoringSSL can do a better job of being constant-time.
Since there aren't any obvious tests for checking that the signtaure
verification still works, I tested with the code in the referenced
paste, which includes both the old and new verification functions and
checks that they both work on a sample signature. (And I also checked
that they both fail when a bit in the signature is changed.)
https://paste.googleplex.com/5747976139964416
Change-Id: Iae7409c53eeea9c3892a32c180d7181d72467dcb
