Bug: 36220619
BUG: 64071905
Test: Re-ran existing unit tests. Ran GTS tests. Tested with Google Play.
Change-Id: I79ddc8ed3290e6d74364cf96305054e55243c5ff
Merge of http://go/wvgerrit/31561
If the usage table header is corrupted, or if it is stale, then the
CDM should create a new one.
bug: 64572642
Testing: pushed stale usage table to Fugu, and netflix recovered
gracefully. New unit test UsageTableHeaderTest.StaleHeader.
Change-Id: Ic66854ff6b0b252a0f4ca20e09f27852a50d6fcc
Merge from Widevine repo of http://go/wvgerrit/31340
This CL moves the oemcrypto watchdog timer so that it only watches the
L3 initialization. This will allow L1 initialization to take more
than 5 seconds if it needs to.
TEST: oemcrypto unit tests, Media GTS tests, Play Movies
b/64069544
Change-Id: I7826e4d72eda52ae8b2c9f8b3ac360fb42cbb115
(This is a merge from http://go/wvgerrit/30220)
Previously, extracting the system ID was only supported on Keybox-based
systems. This patch adds support for extracting the system ID from the
OEM Certificate chain on Provisioning 3.0 devices. This is done by
getting the Widevine intermediate cert from the chain, finding the
Widevine System ID extension in that cert, and extracting the value.
The code that does the extraction is separate from any code that calls
OEMCrypto so that it can be unit-tested in isolation. This patch adds a
crypto_session_unittest test to do this unit-testing.
Bug: 34776194
Test: crypto_session_unittest
Change-Id: I3e273968208fb31ae6019ccc383b419625d1ae22
[ Merge of http://go/wvgerrit/29004 ]
Enable support for provisioning with OEM certificates as root of
trust.
b/62972441
Test: WV unit/intgration test, cdm_feature_test and GTSMediaTestCases
Change-Id: I30576fc0bb68a873eeaaca03f6b9c89fa6a14327
The L3 initialization watchdog was previously configured
for 2 seconds vs 5 seconds as originally intended.
Change-Id: Ie31251ac7a58c11262963ef9cb56d0dc08f5dc5b
related-to-bug:62106796
Merge from Widevine repo of http://go/wvgerrit/29861
This code adds a watchdog timer to the oemcrypto initialization. If
initialization does not finish within 5 seconds, the process will
abort.
For branch oc-dr1-dev, unlike nyc-mr2-dev, we save a metric indicating
there was a failure.
Testing: see code in patch 1. Watch dog was forced while using Play
Movies. The busy spinner spun for at least 5 seconds, but Play Movies
was able to restart itself.
b/62106796
Change-Id: Ib59f5bc4a484eff1dc386e07a4b198ecb713c69b
Merge from Widevine repo of http://go/wvgerrit/29861
This code adds a watchdog timer to the oemcrypto initialization. If
initialization does not finish within 5 seconds, the process will
abort.
Testing: see code in patch 1. Watch dog was forced while using Play
Movies. The busy spinner spun for at least 5 seconds, but Play Movies
was able to restart itself.
b/62106796
Change-Id: Ib59f5bc4a484eff1dc386e07a4b198ecb713c69b
(This is a merge of http://go/wvgerrit/29282)
The Android API has long mandated that plugins respond to queries for a
version number, but we'd never hooked it up to the CDM's actual version
number until now.
Bug: 36867286
Test: libwvdrmdrmplugin_test
Test: libwvdrmdrmplugin_hidl_test
Change-Id: I952de4943f8e78b44d526bee66c54d31e9fe5ff1
Merge from http://go/wvgerrit/29800
Add QUERY_KEY_CURRENT_SRM_VERSION and
QUERY_KEY_SRM_UPDATE_SUPPORT.
Test: run unit test
adb push $OUT/marlin/data/bin/libwvdrmdrmplugin_hidl_test
/vendor/bin/.
adb shell LD_LIBRARY_PATH="/vendor/lib/mediadrm" \
/vendor/bin/libwvdrmdrmplugin_hidl_test
bug: 63390310
Change-Id: Ie51056d22178565bd7b987aa901f7b7616d29328
[ Merge from http://go/wvgerrit/29041 ]
This brings error codes up to date with wv master
b/62972441
Test: WV Unit/Integration tests on android
Change-Id: If676b35275bb992018b2b8bfcb76079a2fc2d1f9
This fixes a problem where a CdmEngine instance (and its sessions) could
be closed before its metrics could be collected. The change allows the
wv_content_decryption_module to extract metrics from instances about to
be closed. These are held until reported to the caller.
Test: Manually verified that collection is now occurring correctly. Also
added unit test: wv_cdm_metric_test.
This is a merge from wvgerrit/29069
Change-Id: If82bfd5cae3b72b9d14ab4741424a7ae7cc0a3a6
Renames a few metrics for consistency with the logs processing module.
This CL changes the names of several metrics to be consistent with what
we use for the logs parsing module. E.g. for metrics consistency,
CdmSecurityLevel is referred to as "security_level" and SecurityLevel
is referred to as "requested_security_level".
The GetSecurityLevel method was modified to use CdmSecurityLevel instead
of the previous string type.
This CL is a merge from wvgerrit/28423
BUG: 37627621
BUG: 37627483
Test: Updated and ran unit tests to verify no regressions.
Change-Id: Ia4a8b202325386f2e02dcda4f58010dd7957a048
[ Merge of http://go/wvgerrit/29041/ ]
Releasing allocated BIO buffers before logging failure causes the
openssl error to be erased.
b/62486203
Test: Ran WV unit, integration tests on angler
Change-Id: I3315edae2d3bd34887569ab88817f9591c12f409
MetricsGroup split into 3 groups, session, engine, and crypto.
MetricsFrontEnd and Report removed.
This is a merge from wvgerrit/28420
Bug: 36217927
Test: Added unit tests to cover modified code.
Change-Id: I2f39f99ce88cc2229d6d1aa9459c67c5b86ccef4
[ Merge of http://go/wvgerrit/28460 ]
Validate that offline licenses that do not contain a provider session
token are not handled by the TEE.
b/38490468
Test: WV Unit/integration tests, GtsMediaTestCases,
WvCdmRequestLicenseTest.ReleaseRetryL3OfflineKeySessionUsageDisabledTest
Change-Id: Idaf62f2a882ae933c1a3e108d791943034780a46
[ Merge of http://go/wvgerrit/28265 ]
A vendor specific error (10008) in response to OEMCrypto_LoadKeys
indicates that usage table corruption has occurred and that
the only way to recover is to regenerate usage tables.
Recreating usage tables will result in loss of offline licenses
and usage information. To make the app aware that this information
will be lost, a provisioning exception is generated when this error
is detected. The app can then choose to reprovision and in turn
delete and recreate usage tables.
A new OEMCrypto error has been added whose use has been reserved.
Rather than correct OEMCrypto behaviour to use the new error code,
we choose to handle this within the CDM. The fix can then be ported
to prior android releases. Also this error will not be generated
with OEMCrypto V13+.
b/33817629
Test: WV Unit, integration and GTS tests.
Change-Id: I936fc234d101b6a92d86f5735d035d19ddcf19e3
[ Merge of http://go/wvgerrit/28261 ]
Licenses (offline, secure stops) that contain provider session tokens
are handled securely using usage tables. A recent fix did not correctly
handle offline licenses that do not contain a provider session token and
are not handled by the TEE.
b/62340248
Test: WV Unit/integration tests, GtsMediaTestCases
Change-Id: Ia1331fea9deff44dd1d93219b37f5bea4b8ee168
[ Merge of http://go/wvgerrit/26421 ]
* Corrects usage_table_header lifetime management. Earlier the
UsageTableHeader class was a singleton tied to the CdmEngine lifetime.
With SPOIDs there might be multiple concurrent CdmEngine objects.
The UsageTableHeader class is now associated with OEMCrypto
lifetime. There are two UsageTableHeader objects one for each L1 and L3.
These get allocated/deallocated on OEMCrypto Initialization/Termination
respectively.
* UsageTableHeader requires OEMCrypto, file read/writes and
metric gathering to perform its required functionality. Because of the
lifetime changes, CryptoSession, DeviceFiles and MetricsGroup objects
need to passed to the methods rather than at Creation time.
* Miscellaneous fixes, when moving or deleteing entries.
* Adds usage_table_header_unittests.
* Addresses failures with request_license_test with secure stop in L3.
b/36858906
b/36855557
b/36048120
b/38341136
b/37100505
b/35946047
Test: Verified by unit and integration tests. Added new
usage_table_header_unittests
Change-Id: I20e396ab2c0afbd14372dd93b969e5b0f1ccd291
This change introduced b/38487636 "Distorted video observed when
playing purchased/rented movie in Google play movies & TV app."
Before resubmitting an updated variant of the original CL, please
test playback with Play Movies and the GTS media tests.
This reverts commit 33f9979b2b.
Change-Id: I4ec2e6fe81323e91e4b62288755c967999e81041
Merge from http://go/wvgerrit/27480.
Revert to the original test using a logical AND operator for
is_encrypted and !CanDecryptContent tests.
Test: GTS WidevineDashPolicyTests
bug: 34258607
Change-Id: If42698aa77f6f49a79dedb11a15d3055d6b76ef2
Merge from Widevine repo of http://go/wvgerrit/27182
This function is not defined for v13, and should not be called by the
adapter.
b/38203780
Test: Ran unit tests specified in bug, on sailfish.
Change-Id: I38b1cc8493dd22da724f415f28d94f47d6d9c942
These tests verify whether a L3 device respects the HDCP policy set in the
license request. L3 device should only play the clear lead, and stop at
encrypted content. MeidaDrm should throw an ERROR_INSUFFICIENT_OUTPUT_PROTECTION
exception. This is because L3 device always returns current HDCP connection
status as HDCP_NONE.
This CL modifies the policy engine CanDecryptContent method to return
CdmResponseType instead of a boolean, so the app can generate the correct
error response if HDCP constriants are not met.
Test: GTS tests
ANDROID_BUILD_TOP= ./android-gts/tooadefed run gts -m GtsMediaTestCases --test
com.google.android.media.gts.WidevineDashPolicyTests#testL3PlayHDCPV*Required
Test: unit tests
adb shell /data/app/policy_engine_unittest
adb shell /data/app/policy_engine_constraints_unittest
Test: Play Movies
bug: 34258607
Change-Id: I11fc9da1e077e18e38f34159daae9d8ebcd948b6
[ Merge from http://go/wvgerrit/27261/ ]
Sessions created to release keys are periodically cleaned up if the
key release operation does not complete within a specific
amount of time. If other sessions are open, they will be released
through the timer thread. This would result in deadlock as a mutex
was taken twice.
Test: Verified by cdm_extended_duration_test
(AutomatedOfflineSessionReleaseOnOpenSession and
AutomatedOfflineSessionReleaseOnTimerEvent tests)
b/37546078
Change-Id: I7d45f939bdce77e5db461a401364da4f42c1c034
Merge from Widevine repo of http://go/wvgerrit/26943
b/37987506
Test: built and run unit tests on sailfish -- no new failures. Ran
Netflix on sailfish.
Change-Id: I96f8bb7a5c060fefd116b165406ce6bfad29f59d
Merge from Widevine repo of http://go/wvgerrit/24730
This CL adds SRM functionality to the modable version of oemcrypto
mock. This can be used for end-to-end testing.
b/28955873
b/37353534
Change-Id: I2c6f513495ccfd42f7a3d7a3449db6f810563c04
