functions
In CL https://widevine-internal-review.git.corp.google.com/c/cdm/+/183531
KDF was merged into new OEMCrypto_LoadLicense() and
OEMCrypto_LoadProvisioning().
This change renames L3 existing old functions with suffix _V18, and adds
the two new functions.
Note: jenkins/run_dynamic_level3 and jenkis/run_level3_static_tests
can't be enabled util https://b.corp.google.com/issues/320525541 is
resolved.
Test: the generated L3 from this CL can pass static and dynamic adapter
tests with commit ID 567069f2fb800c4ec4e844e03273d1924ae6673b. More
updates may be need to L3 source for it to work with the latest
oemcrypto-v19 branch.
Bug: 299333403
Change-Id: If6dec630c00b65468d4194196f3ff6f308c6dbe8
Since the L3 functions are meant to alias the OEMCrypto functions,
they shouldn't appear in a namespace.
Change-Id: I8d11279ff86c5b5c9eab0598d134f6904f0021ad
BCC supports two types of format: CBOR and X509. The latter will be
used by Chrome OS. In case of Prov4, BCC type will be queried by
OEMCrypto_GetBCCType() and the returned value is populated in the
provisioning request.
This CL adds X509 type to protobuf, a call from CDM to query BCC type
and OEMCrypto adapter changes for this call.
Test: run_fake_l1_tests, opk_ta_p40
Bug: 307969500
Change-Id: I88acc36da6cb413d537a9ea9dfd2a150d4557595
The deprecated GenerateDerivedKeys_V18() should only be called by
OEMCrypto_PrepAndSignProvisioningRequest() in case of prov2.
Test: run_dynamic_oemcrypto_v18_p40
Bug: 317900423
Change-Id: Iff75c26a3ea107fb01e636c53528e845e24193bd
Also removed L3 function pointers to the function headers added in
go/wvgerrit/186010 because they weren't stubbed out and was causing the
new script to fail.
Bug: 293359147
Change-Id: I15606bb636a8bd2637bcf48c421a85d82044762b
Add new OEMCrypto_GetBCCType() function in v19.
Re-generate serialization and test files.
Test: opk_ta, opk_linux_ipc_ta, run_fake_l1_tests
Bug: 297918188
Change-Id: Id5f422776cd50c71ab483c06bbe3ac399461fb31
This updates the code and tests to allow for using license protocol 2.2
when using OEMCrypto v19.
Issue: 80428549
Issue: 121031064
Issue: 232464183
Change-Id: Ib6bb61f86dd310b566227462658530bca5940b88
Since we want to migrate to using GTEST_SKIP to skip unit tests instead
of GTEST_FILTER, we can remove the RestrictFilter() function which
filters the tests out using GTEST_FILTER. To do this, the RSAPerformance
test needs to be removed, which is acceptable since no one uses this
test anymore. However, b/299135804 is being used to track a new way to
either execute/track permance.
Bug: 251240681, 299135804
Change-Id: Ife59c468ee127f4c39d3be91707ca38a061b7895
Since KDF functions are only used right before specific functions, this
merges them to simplify internal state within OEMCrypto.
Fixes: 299527712
Change-Id: I426cfcdc102bd73cf65cd809b213da2474f44b34
In v19, SetDecryptHash() was updated to only work with CRC-32.
While updating OEMCrypto, L1 (opk, intertrust, etc.) and L3, the
V18 version was not added to the dynamic adapter. This change
adds the backwards compatible call for L1s running V18 and earlier.
Bug: 296918528
Test: run_dynamic_oemcrypto_v18
Change-Id: I8f3efc1ffac4fa7a87e029166ee866567829897d
The current implementation of OEMCrypto_SetDecryptHash gives developers
flexibility to use different types of hashes. However, all the
implementations we have seen thus far use crc32. Because of this, crc32
should be sufficient and we can refactor OEMCrypto_SetDecryptHash to
only use the crc32 hash.
Bug: 287706586
Change-Id: I4aaa253b2656dfd9c984f77dfb08fe160b23b47c
The feature RenewOnLicenseLoad is not expected to work for an offline
license when the device has no usage table.
Bug: 310498829
Merged from https://widevine-internal-review.googlesource.com/190789
Change-Id: I601c332ed6cd17f9682082ea6acda7e67492b381
Creates parameterized certificate provisioning tests to prepare for DRM
reprovisioning implementation.
- Create parameterized certificate provisioning test suite.
- Change RETURN_IF_NOT_OPEN macro to call IsOpen instead of checking
the |open_| variable to make mocking of CryptoSession methods easier.
Bug: b/305093063
Merged from https://widevine-internal-review.googlesource.com/188051
Change-Id: Ic1c344af64073a8ff5626530a0864bfeea90fc6e
Creates new token types for the DRM reprovisioning scheme that will be
used by L3 CDMs with baked-in certificates to allow for use of unique
serial numbers.
- Create new `CdmClientTokenType` for DRM reprovisioning in the CDM
core.
- Create a new `ProvisioningType` for DRM reprovisioning in the
provisioning message proto.
- Create new enum value for `DEVICE_EMBEDDED` in DrmCertificate type.
- Update uses of the above to include the new token types.
Bug: b/305093063
Merged from https://widevine-internal-review.googlesource.com/186934
Change-Id: I7e6cc8744b80cbbb624d31e5be1eab1be8a9680f
This CL is created as a best effort to migrate test targets
to the new android ownership model. If you find incorrect or unnecessary
attribution in this CL, please create a separate CL to fix that.
For more details please refer to the link below,
<add g3 doc link>
Bug: 304529413
Test: N/A
Change-Id: I204c137da43a021bcebe316759d1aadaec99fe2a
String obfuscation hides string literals from static analysis but
requires string literals be used inside protected functions.
- Enable string obfuscation for all function groups.
- Change some global `std::string` to `const char[]` to ensure that
the `std::string` is constructed inside a protected function so
that string obfuscation correctly applies to the string literal.
Bug: 270566889
Merged from https://widevine-internal-review.googlesource.com/168485
Merge conflicts were caused by formating changes. Resolved by taking
the newer version.
Merged from https://widevine-internal-review.googlesource.com/169511
Change-Id: Ie7f3e94f89671a34e4792efa174f96a17d713f9e
Flags are to be used in new tests when creating tests that potentially
take a long time to run. Certain test suites are intended to be quick
and may skip certain long running tests.
New slow tests should check these flags and skip using GTEST_SKIP().
Bug: 311273599
Test: ./build.py x86-64 --debug
Change-Id: I4fc5a026f23f489bf2ad8b8a11dc467f550f0c5e
"client_version" is an optional, information field in the protocol for
license requests. It was requested that the CE CDM includes this
information in the license request. It does not hurt to include this
information in the Android license requests too.
If, for some reason, the client cannot provide this information, the
request is still sent out as normal. No reason to prevent an otherwise
valid license request due to a missing optional field.
Note: This field is directly in the LicenseRequest message and not the
ClientIdentification message.
Bug: 253013596
Test: license_unittest
Change-Id: I9dc342301fffdc174122088af39406150b34562e
Devices may be revoked by the provisioning server resulting in an
error message contained within the provisioning response. The CDM
core currently returns an error, but the CE CDM would map this to
an kUnexpectedError, which does not provide the information to the
CE client to react. This situation is not immediately recoverable,
but may provide certain apps to use a different DRM plugin if they
support such a thing.
Documentation and tests are needed.
Bug: 179650038
Test: None
Change-Id: I892a23839758264ddd7b29fb739cb00d41d953f8
GetDeviceInformation() and GetDeviceSignedCsrPayload() are added to
cdm_engine and crypto_session, so that they can be queried by DRM
plugin. This is to allow the wv drm HAL to be able to extract BCC and
CSR payload to build CSR for prov 4 device registration, such that we
don't need a separate RKP HAL to do this job.
Changes to the DRM plugin to use the exposed methods will be in the
coming CL.
Bug: 286556950
Test: request_license_test
Merged from https://widevine-internal-review.googlesource.com/178890
Merged from https://widevine-internal-review.googlesource.com/179730
Change-Id: Ibafa3a58c99fbb8f1f25f8951d3749110bd32176
