Merge from Widevine repo of http://go/wvgerrit/22797
CryptoEngine has a number of functions that return constants that
control the configuration of mock OEMCrypto. Give all the functions
a common prefix (config_) so their intent is more clear.
Change-Id: Idf9d3e9e8941fa0e793b0eb17a3f89bf634d9ed5
Merge from Widevine repo of http://go/wvgerrit/22804
Create a class, AuthenticationRoot, to encapsulate the objects and
logic for managing either keyboxes or certificates as the device's
root of trust.
Currently the class provides the existing keybox-related functions
needed by oemcrypto's CryptoEngine. It will be extended to provide
both keybox and certificate related functions, and the logic to
determine whether keybox or certificate based authentication should
be performed.
Change-Id: I792d1bfc8e9a81bbfd2baec20e3b3d182f0392f7
(This is a merge of go/wvgerrit/22949)
Starting with OEMCrypto v12, we are guaranteeing to integration partners
that the buffers passed to OEMCrypto_DecryptCENC and
OEMCrypto_CopyBuffer will not be more than 100KiB (102400 bytes) in
size. For requests larger than this, we will first try to send the
buffer to OEMCrypto anyway. (in case the integration supports buffers
larger than the minimum) In the event that the buffer is rejected, we
will break it up into 100KiB chunks and send them down individually for
decryption.
Breaking a subsample into smaller subsamples necessitates knowledge of
how to update other decryption parameters (like the offsets and the IV)
that previously the CDM Core has not needed to know about. Until now,
this knowledge lived in the glue layer on the Android CDM and nowhere
on the CE CDM. Now, the CryptoSession has a subset of this knowledge, in
order to break up buffers successfully.
For testing purposes, the Mock OEMCrypto has been modified to only
support the smallest buffer size. In order to make sure the chunking
code was being exercised by them, the CE CDM tests had to have the
amount of data they decrypt increased by several orders of magnitude. To
contain this growth, I have moved the test data to its own file.
Bug: 31381719
Test: Ran the updated CE CDM integration tests
Test: Modified the OEMCrypto dynamic adapter to pretend both L3 and L1
only support 100KiB buffers on a Marlin and a Ryu. Confirmed that the
GTS H.264 tests (which have subsamples over 100KiB) passed still. A
similar test was attempted on Fugu but Fugu cannot pass these tests even
without this change present.
Change-Id: Iabe7db3d87554cd1352f10a7524cd55352818397
Merge from Widevine repo of http://go/wvgerrit/22402
This CL updates the oemcrypto reference implementation (mock) to
return OEMCrypto_ERROR_NOT_IMPLEMENTED from OEMCrypto_GetDeviceID when
the device is configured to use provisioning 3.0.
This CL also moves unit test for OEMCrypto_GetDeviceID to the section
that is run only for keybox using devices.
b/33178932
Change-Id: Ie4f9346132ce305bdbd47474dc4c0f6268f3d444
Merge from widevine repo of http://go/wvgerrit/22382
This updates the key control verification string in the haystack, in
the reference oemcrypto (mock), and in the oemcrypto unit tests.
The unit tests now set the key control block to be kc12 for all
licenses if the API is set to version 12. Previously, we only used
the more recent verification codes if the key control block used
recent features.
This should help prevent future incidents like b/32830469.
Change-Id: I6c215b4058445a6d807610af94457598f26d591a
Merge from widevine repo of http://go/wvgerrit/21684
This CL adds provisioning 3.0 functionality to the OEMCrypto reference
implementation.
Change-Id: I60c1fd88f246d443e0ae59ad56862c2ea9d95445
Merge from widevine repo of http://go/wvgerrit/21141
All of the decrypt calls and the SelectKey call should return
OEMCrypto_ERROR_KEY_EXPIRED on error. This CL updates the oemcrypto
unit tests, reference mock, and level 3 code.
b/28294273
Change-Id: I7ac6a3652e0b2fe5a46071e1c2eda00daeed7a33
This CL merges several CLs from the widevine repo:
http://go/wvgerrit/18012 Add support for querying allowed usage for key.
http://go/wvgerrit/17971 Add per-origin storage.
http://go/wvgerrit/18152 Add OEMCrypto's generic crypto operations to CDM.
http://go/wvgerrit/17911 QueryKeyControlInfo => QueryOemCryptoSessionId
Note: numbering in wv_cdm_types.h was added in this CL and will be
back ported to wvgerrit in a future CL.
Change-Id: Idb9e9a67e94f62f25dc16c5307f75a08b3430b64
Merge from widevine repo of http://go/wvgerrit/17393
This CL changes the installation directory for oemcrypto reference
code. In particular, it uses the new build rules to specifies the library
should go in /vendor/lib instead of /system/lib or /vendor/lib64.
This library should not be used on a production device.
b/26425759
Change-Id: I3a58d0d1ddeb5601b0f2f97cc87c2d4a2a41f0d8
This CL is a merge from the widevine repo of
http://go/wvgerrit/16553 Prebuilt Level 3 OEMCrypto for Android
http://go/wvgerrit/16238 Require OEMCrypto v11 for Android N Unit Tests
http://go/wvgerrit/16484 Shared License Tests (OEMCrypto v11)
http://go/wvgerrit/16448 Pattern Decrypt Unit Tests and Reference Implementation
http://go/wvgerrit/16489 Enforce UNUSED Variables
http://go/wvgerrit/16479 Pattern Decrypt for Level 3 OEMCrypto
http://go/wvgerrit/16280 Correctly handle bad RSA key
http://go/wvgerrit/16315 Security Patch Level - haystack version
http://go/wvgerrit/16282 Correctly handle null pointer in GetKeyData
http://go/wvgerrit/16294 Initialize data for generation number
It contains the Level 3 implementation, as well.
mips/libwvlevel3.a Level3 Library Jan 22 2016 14:30:27
arm/libwvlevel3.a Level3 Library Jan 22 2016 15:03:55
x86/libwvlevel3.a Level3 Library Jan 22 2016 13:52:29
b/26692954 [DRM] OEMCrypto v11 needed for Nexus devices
Change-Id: Ibb1384959620f63a1be1e82ce2952ec9f48f0d3e
Merge of widevine change http://go/wvgerrit/16249
This CL adds unit tests and reference code for the security patch
level, which is a new feature in OEMCrypto v11. This CL also adjusts
the dynamic and static adapters to still run with devices that have a
v10 OEMCrypto.
The level 3 haystack code will be updated in a future CL.
bug: 26188985
Change-Id: I518ef46b4098cf3718fe0c0390bfb6825db4fb6b
Merge from widevine repo of http://go/wvgerrit/16186
These are the OEMCrypto v11 documents and header files. I have updated
just enough code so that existing unit tests pass. New unit tests,
the reference implementation, and the level 3 implementation are in
future CLs.
Change-Id: I9bbf1909e047f63a5877320a2d06740a3c4a3e32
* Fix strict aliasing error in gcc
[ Merge of http://go/wvgerrit/15856 ]
This also ensures the alignment of 64-bit memory access in a portable
way, without using compiler-specific mechanisms like attributes or
platform-specific mechanisms like memalign.
(The aliasing error does not show up in clang.)
* Return kNotSupported for non-Widevine init data
[ Merge of http://go/wvgerrit/15853 ]
This also improves logging for the init data parser by including a
verbose message for non-Widevine PSSHs and by using a new IsEOF()
method to avoid misleading "Unable to read atom size" logs.
* Cast RSA_size() to int
[ Merge of http://go/wvgerrit/15880 ]
It has been suggested that this may be unsigned on some versions of
OpenSSL or BoringSSL.
* Be strict about warnings for CE CDM
[ Merge of http://go/wvgerrit/15831 ]
* Enable all warnings and treat warnings as errors in the CE build.
* Fix all existing warnings (mostly unused variables, consts, and
functions, and one signed/unsigned comparison).
* Exclude protobuf warnings rather than maintain a divergent copy.
* Fix release build errors
[ Merge of http://go/wvgerrit/15855 ]
* Level 3 Build With Android Emulator
[ Merge of http://go/wvgerrit/15778 ]
This CL rebuilds the level 3 libraries with the android emulator
sdk_phone_*. This seems to avoid problems with the x86 build using
incorrect compiler flags.
These libraries work for arm, x86, mips, arm64, and x86_64. The level
3 library is disabled for mips64.
Versions:
level3/mips/libwvlevel3.a Level3 Library Sep 30 2015 18:29:50
level3/arm/libwvlevel3.a Level3 Library Sep 28 2015 13:18:25
level3/x86/libwvlevel3.a Level3 Library Sep 28 2015 13:08:28
Change-Id: I1e50aa78bdc84ecb905f2e55297d4f48b140341c
Port from the widevine repo of http://go/wvgerrit/15628
This change enables easy support for baked-in certificates. Platforms
using this feature need only change the supports_keybox property to
false, replace keys.cpp with the file provided by Google, and make
sure the cert.bin provided by Google is preinstalled in the storage.
To enable this, new files defining storage for the embedded private
key were added to MockOEMCrypto. When supports_keybox is false, these
are referenced to get the embedded private key. As this code is mostly
shared with the existing test utility function that loads the test
certificate, the shared code was moved to a helper. Also, the behavior
of the MockOEMCrypto implementation OEMCrypto_LoadDeviceRSAKey when
supports_keybox is false was changed from erroring to validating that
the "wrapped private key" is actually the magic value 0xDEADBEEF.
Bug: 23554998
Change-Id: I8b5d7b4d37b8ec80bb4342e441625cbc5046df89
Merge from widevine repo of http://go/wvgerrit/14669
This fixes two timing-related test failures when running the OEMCrypto
tests in the CE test suite. The failures were caused by the TestHost
Clock implementation, which is a fake. Since there is no clear reason
for OEMCrypto/mock to rely on wvcdm::Clock, this replaces it with
time(NULL). Incidentally, this also makes the time source consistent
with the tests themselves, which were already using time(NULL).
Change-Id: I0fad51f14d45f99526146da05b757d4ba7b6aba0
(This is a merge of http://go/wvgerrit/14795)
This change restores the ability to build the Widevine CDM for Android
for MIPS devices. It restores the precompiled binaries for MIPS and
re-adds MIPS to all makefiles.
This change includes a new build of the obfuscated binaries for
MIPS32r1 that were built using a MIPS device on the emulator.
level3/mips/libwvlevel3.a Level3 Library Jun 19 2015 12:32:49
Bug: 19482469
Change-Id: Ifa1c299a5751f3772c42289d8333a2b8cec51f69
Merge from widevine repo of http://go/wvgerrit/14502
If any OEMCrypto session call is made after Terminate is called, then
there was a null pointer access. This is protected by the oemcrypto
adapter, but could still be a problem in unit tests which by-pass the
adapter.
bug: 21642892
Level 3 versions:
level3/arm/libwvlevel3.a Level3 Library May 29 2015 14:03:11
level3/x86/libwvlevel3.a Level3 Library May 29 2015 14:03:12
Change-Id: I84fd098c2faea71a79bc21658485593e22a8e994
Merge from widevine repo of http://go/wvgerrit/14370
In order to run on android, we need the mock to compile with
BoringSSL, which uses a different function call for
RSA_padding_add_PKCS1_PSS.
Change-Id: I9cad4e7d5c1d4a3117fe7c0fc1e27590809a7ac3
Merge from widevine of go://wvgerrit/14173
This CL updates the android makefiles to use the libcrypto_static.
Change-Id: I74567ff880ebdce366766a9ab44c92cc9540b8db
This is a merge from the widevine repository of
http://go/wvgerrit/13923 Switch openssl to use the EVP interface for aes-ctr-128
http://go/wvgerrit/13979 Add Test Certificate to OEMCrypto Mock
http://go/wvgerrit/13978 Add Test Keybox to Level 3 OEMCrypto
http://go/wvgerrit/13873 Enable OEMCrypto Unit Tests
This CL adds a main program to oemcrypto_test.cpp, which filters out
tests that are not supported on the specified platform. It also adds
LoadTestKeybox to the mock. This allows oemcrypto unit tests to be run
on devices that have production keybox. It also allows the same set
of unit tests to work on Android and on non-Android platforms.
b/18962381 Use test certificate (partial fix)
b/19867990 Separate cast receiver tests
Change-Id: If89c31530103ed85aa37d7379bd5b4dc2a927f38
Merge from Widevine repo of http://go/wvgerrit/10308
There was a memory leak in the oemcrypto RSA code.
Also, when saving the usage table, some session variables were
allocated twice. This results in session data being lost.
There were also some leaks and uninitialized values in oemcrypto_test.
I added some checks and profiling to the debug runtime for the
haystack. It will warn if a variable is left unencrypted or is
unencrypted twice. I also added the profile code.
Versions of L3 library:
android/level3/arm/libwvlevel3.a Level3 Library Apr 1 2015 11:40:06
android/level3/x86/libwvlevel3.a Level3 Library Apr 1 2015 12:44:32
b/19950814
Change-Id: Ic752e36c09fce121dcaf92f9209591e74f3eb070
Merge from Widevine repository of http://go/wvgerrit/13912
This CL falls back to OEMCrypto_DecryptCTR if the oemcrypto library
does not implement OEMCrypto_CopyBuffer. This allows devices with
oem crypto version 9 to function as they previously did.
Change-Id: Id3a4a94b1fd559f426ee260cfbf7077fa9101d8b
Copy from Widevine repository of http://go/wvgerrit/13841
This CL adds a nonblocking CopyBuffer to OEMCrypto, its unit tests,
and plumbs it up to the cdm CryptoSession and CdmEngine.
b/19543782
Change-Id: I4c88bd2f8d7f67ecccb549c1934b7c0da15a8429
Merge from Widevine repo http://go/wvgerrit/13818
This CL adds the ability to query OEMCrypto about the key control
block and duration of a key that has been loaded. There are unit
tests and implementation in the level 3 and reference implementation.
b/18503541
Change-Id: I8e40d90a3c64c1ce030af6fef9e98c8eac0df1a5
(This is a merge of http://go/wvgerrit/13761 from the Widevine
repository.)
This cleans up our includes to be in Google Style Guide order and in
alphabetic order, for the parts of the code that are expected to
follow Google Style.
This also converts places in our code that were including C headers
in the C++ style (i.e. <cstring> instead of <string.h>) to use C style
instead. This is because, although it was not causing problems for us
yet, on Android these actually include different headers. (<cstring>
is provided by libcxx, while <string.h> is provided by Bionic)
Lastly, this change puts all headers that do not come from within our
project in <brackets> instead of "quotes," which was not being done
consistently.
This change is explicitly NOT trying to standardize the spacing of our
header includes. I have tried to respect, in each file, the spacing
style already present.
Change-Id: If3dc06532ab9b68010285d64518ef21dce3d6354
This is a merge of http://go/wvgerrit/13752
Replace the mock's macro with a memcmp because that is
even cleaner.
Change-Id: Ie402689ca9e14a67736db7eea928204f067427ac
This is a merge of http://go/wvgerrit/13701 and http://go/wvgerrit/13780.
I added a new set of engine properties for the mock oemcrypto. This
set pretends to be level 1. This allows the widevine build bot to test
the dual security level path: a level 1 liboemcrypto.so and a fall
back to L3.
I also adjusted the failing test in oemcrypto_test.cpp. A correct fix
requires us to rewrite some of the oemcrypto mock code so that it
returns real error codes instead of just 'false' on error.
Change-Id: I9cdbfc23c87ad2fb6068eac1394ce4c5b6a32dae
This is a merge of http://go/wvgerrit/13693 in the Widevine
repository.
This adds level 3 and mock implementation and unit tests for the
OEMCrypto function OEMCrypto_ForceDeleteUsageEntry. It also plumbs
this function up into CdmEngine, CdmSession, and CryptoSession so that
deleting all usage information for a given app id will now delete the
entries in OEMCrypto, too.
b/18194071
Change-Id: Iaea4034a507b323878657215784edfe95876386a
This is a merge of http://go/wvgerrit/13391 from the Widevine repository.
This CL adds the OEMCrypto version 10 API to the header, and changes
just enough code so that code still compiles. There are no unit tests
or implementation.
The level 3 libraries are just stubs so that tests will compile.
level3/arm/libwvlevel3.a Level3 Library Mar 11 2015 13:33:21
level3/x86/libwvlevel3.a Level3 Library Mar 11 2015 15:20:27
Change-Id: I41de753a2a60da29b756c3327341ece72069d8bb
* Replace an stlport static assert with a C++11 static_assert.
* Move some libraries that were being built with the NDK but
statically included into platform code off the NDK.
* Rebuild the obfuscated binaries to use the new STL.
* Remove MIPS support temporarily due to an inability to generate
obfuscated binaries for it. (To be fixed in b/19482469.)
Bug: 15193147
Change-Id: Icc166583b0c6af68550baf17ab8c33076a1179d3
This project is still using stlport (without telling the build system
about it), which was causing (broken) stlport headers to override
libc++ headers, leading to a broken copy of std::enable_if, which in
turn caused <atomic> to fail to compile. Since this project has
prebuilts that will need to be updated before this project can
actually move away from stlport, tell the build system that it is
still using stlport for now.
Bug: 18433002
Change-Id: I38b356428977ed2184eb28a07bd5e7424a4ace8d
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11030
It is an error for the key control block to have a nonzero replay
control flag and a null pst. This CL adds unit tests to
oemcrypto_test to verify that oemcrypto checkes this. A unit test is
also added for verifying that an offline license has a valid nonce the
first time it is loaded.
It also updates the reference implementation (mock) to check that the
pst is not empty when the replay control flag is nonzero.
It also updates the level 3 implementation to check that the pst is
not empty when the replay control flag is nonzero.
This change is compiled into the arm library, but because of
compilation errors, is not included in x86 or mips.
Current Library Version:
arm: Level3 Library Aug 27 2014 18:42:40
bug: 16525204 OEMCrypto unit test for reloading offline license
bug: 16844305 Mock OEMCrypto does not catch null pst
Change-Id: Icdb090e80fc92522c187b26f30e5ba082f26363b
Copy of widevine change:
https://widevine-internal-review.googlesource.com/#/c/10911/
OEMCrypto_DeleteUsageTable used to return an error on every call
because UsageTable::Clear always returned false. Since there is no
error checking that Clear can do, its return type has been changed to
void, and DeleteUsageTable now returns OEMCrypto_SUCCESS for all
calls.
bug: 16799906
Change-Id: Iaa2f572e4b0feb554877579596a7f43a64d20954
This CL removes TODOs and email addresses from comments, unifies some
namespaces and cleans a few variable names. It is a copy of multiple
CLs on the widevine side.
Change-Id: I1bb649096476a5001a56d746427399de6a88ff69
This is a copy of the Widevine CL:
https://widevine-internal-review.googlesource.com/#/c/9708/
This CL refactors some of code in oemcrypto/mock and oemcrypto/test in
preparation for adding usage table code.
Change-Id: I7e58c8ecd6d92b3e177cb915733212fcad645485
This is a copy of the Widevine CL:
https://widevine-internal-review.googlesource.com/#/c/9480/
This change is part of OEMCrypto API version 9.
This CL adds verification that a key control block which requires a
specific version of HDCP can be loaded. Also, if secure data path is
not set, it verifies that data is still decrypted.
This CL also adds test that verify DecryptCTR fails when the current
HDCP version is below that in the key control block. The expected
error is OEMCrypto_ERROR_INSUFFICIENT_HDCP. This error code is newly
introduced in this CL.
This is one attempt to clarify HDCP, as specified in b/13626021, and
is a slight modification from previous behavior for the mock and the
level 3 haystacked code.
This CL also tests the two valid verification codes "kctl"
and "kc09".
bug: 13626021
Change-Id: If380709d2306a3489470b29fb148a45b609b089d
