(This is a merge of go/wvgerrit/22897)
Bumps the Widevine version to 4.2.0 for NYC-MR2 and also updates the
test to expect the NYC-MR2 OS version number.
Bug: 32955300
Test: request_license_test
Change-Id: I2f186928f20e0848cbeef5fef2182045ad27140a
This CL modifies the haystack code to throw out the keybox if the
system id is wrong. This should help prevent b/33344450 from
persisting.
Part of this code change was to backport some updates to the haystack
tools on master.
arm/libwvlevel3.a Level3 Library 4445 Dec 6 2016 16:58:47
x86/libwvlevel3.a Level3 Library 4464 Dec 6 2016 17:06:21
mips/libwvlevel3.a Level3 Library 4465 Dec 7 2016 13:36:32
b/33556871
Change-Id: I8dadf4bc7981af6afb970533df61d34b80d133a7
This is a merge of go/wvgerrit/22627
The call table was meant to be a long-term way to track
the performance of all OEMCrypto function calls.
This feature does not get used. Apps that call into the
profiler can generate this from the history.
This change was designed to go into Android O
(go/wvgerrit/22503) but since the Call Table is causing problems
on specific chip sets its being removed in NYC MR2.
Bug: 33550032
Bug: 33459261
Change-Id: I2af417a32452e7d0d0a1ada8794efd849c497dc8
Merge from Widevine repo of http://go/wvgerrit/18603
This is the documentation changes for OEMCrypto v12. This
includes Provisioning 3.0 changes.
Comments can be put in the original Google docs:
http://go/oemcrypto WV Modular DRM Security Integration Guide for
Common Encryption (CENC)
http://go/wvdelta12
WV Modular DRM Version 12 Delta
The following features and changes are documented, but not
implemented:
b/28887904 Buffer Size Unit Tests
b/28294273 All OEMCrypto functions should return same error code
when key expires
b/24469550 Enforce Maximum 16 Byte Key ID Length
b/30140448 Minimum 16 keys per OEMCrypto_Session
b/28316108 Feature Request Key Control Block "No Digital Output"
b/8608578 OEMCrypto_RefreshKeys should not alter key control
setting except duration
b/30120064 Add OEMCrypto Unit Test for non-paired subsamples
(for VP9)
b/30141311 Sample OEM Certificate Needed
b/31381719 Divide Samples into Subsamples of at most 100k bytes
Change-Id: Ibf03b55cda822a676cd174ddc292bb35177cddbe
[ Merge of http://go/wvgerrit/21960 ]
When an offline release message is generated, a session is created
internally to generate the release and handle the release response.
If the response is never provided (network, server errors),
or there is an error when the response is being processed, the
session may not be closed. This change introduces a time to live for
release sessions of 60 seconds and will be reclaimed after this period.
Test: verified by unittests on angler
b/32223945
Change-Id: I3bd4637733ddf6c343956ed9f97c68d84dc7d4e4
[ Merge of http://go/wvgerrit/21960 ]
When an offline release message is generated, a session is created
internally to generate the release and handle the release response.
If the response is never provided (network, server errors),
or there is an error when the response is being processed, the
session may not be closed. This change introduces a time to live for
release sessions of 60 seconds and will be reclaimed after this period.
b/32223945
Change-Id: I3bd4637733ddf6c343956ed9f97c68d84dc7d4e4
Merge from Widevine repo of http://go/wvgerrit/22402
This CL updates the oemcrypto reference implementation (mock) to
return OEMCrypto_ERROR_NOT_IMPLEMENTED from OEMCrypto_GetDeviceID when
the device is configured to use provisioning 3.0.
This CL also moves unit test for OEMCrypto_GetDeviceID to the section
that is run only for keybox using devices.
b/33178932
Change-Id: Ie4f9346132ce305bdbd47474dc4c0f6268f3d444
Merge from widevine repo of http://go/wvgerrit/22409
This CL adds unit tests for refreshing online and offline licenses
that have usage table entries.
b/32609464
Change-Id: I5166a43525ebb324bc2f253cee6b6f34da697cec
(This is a merge of go/wvgerrit/22441)
The IV incrementation code in Widevine DRM Plugin includes complexity
for handling partial crypto blocks in "cens" mode, a situation that
cannot actually happen. This commit changes the code to no longer handle
this case specially.
Bug: 28696811
Test: No tests for this code path due to bug 28295739
Change-Id: I77f8434a9785bf028509387c06db217a5de2b91b
Merge from widevine repo of http://go/wvgerrit/22382
This updates the key control verification string in the haystack, in
the reference oemcrypto (mock), and in the oemcrypto unit tests.
The unit tests now set the key control block to be kc12 for all
licenses if the API is set to version 12. Previously, we only used
the more recent verification codes if the key control block used
recent features.
This should help prevent future incidents like b/32830469.
Change-Id: I6c215b4058445a6d807610af94457598f26d591a
Merge from widevine repo of http://go/wvgerrit/21684
This CL adds provisioning 3.0 functionality to the OEMCrypto reference
implementation.
Change-Id: I60c1fd88f246d443e0ae59ad56862c2ea9d95445
Merge from widevine repo of http://go/wvgerrit/21683
This CL adds unit tests for OEMCrypto_RewrapDeviceRSAKey30 for devices
that use provisioning 3.0.
Change-Id: Ib1a5566de343365b2ae3531f375ac2cc6d86ee53
Merge from widevine repo of http://go/wvgerrit/21682
This CL updates oemcrypto/test/oec_device_features.cpp to figure out
the provisioning method and filter out tests that are not relevant to
the device's method.
This CL also introduces unit tests for GetOEMPublicCertificate.
Unit tests for RewrapDeviceRSAKey30 will be in a future CL.
Change-Id: Ib7065ce866d1171ca61b9aa08188fa2ac8d90fc2
Merge from widevine repo of http://go/wvgerrit/21681
This CL refactors some oemcrypto unit tests in preparation for adding
Provisioning 3.0 tests.
- The signature GenerateNonce has changed. Instead of the caller
passing in a pointer for the nonce, we store the nonce in a member
variable of Session.
- GenerateDerivedKeys is being replaced by InstallTestSessionKeys.
This sets up and calls the appropriate derive keys method. This
function is in the test class, instead of the session class so that
multiple sessions in a class can share the same wrapped rsa key.
This will be modified for provisioning 3.0 in a future CL.
- Rename tests that require a keybox. Some tests are specific for
using a keybox to request a DRM cert. These tests are renamed so we
can filter them out on devices that use an OEM Cert. Corresponding
tests for devices using provisioning 3.0 will be in a future CL.
- Some member variables and methods in the class Session were not
used. They are removed.
- Added openssl smart pointer.
- Comments. I added comments.
- clang format.
Change-Id: Ib579a322858e0ef92652a42167241b35cf85a041
Merge of several CLs from the widevine repo.
Merge from widevine repo of http://go/wvgerrit/22440
Build OEMCrypto v12 Haystacks with cache flush
level3/mips/libwvlevel3.a Level3 Library 4465 Nov 29 2016 13:34:45
level3/arm/libwvlevel3.a Level3 Library 4445 Nov 29 2016 14:02:08
level3/x86/libwvlevel3.a Level3 Library 4464 Nov 29 2016 14:22:21
Merge from widevine repo of http://go/wvgerrit/22403
Pull cache flush out of Haystack
Merge from widevine repo of http://go/wvgerrit/21145
OEMCrypto v12 stubs -- just the header file changes.
Merge from widevine repo of http://go/wvgerrit/21146
Add OEMCrypto v12 functions to profiler
This CL adds the new oemcrypto v12 functions for provision 3.0 to the
list of profiler functions.
Merge from widevine repo of http://go/wvgerrit/21143
OEMCrypto v12 adapter
This CL updates the oemcrypto dynamic and static adpaters to include
oemcrypto v12 funtionality. It adds the three new Provisioning 3.0
functions.
It also adds code in the initialization routine to null out all of
the function pointers if any of them fail to load. It is better to
fall back to level 3 than to use an inconsistent level 1.
b/31528025
Change-Id: I3579dc93e00ad7e7c743beecdd8291eac557d4e4
Merge from widevine repo of http://go/wvgerrit/21710
This is the header changes for OEMCrypto v12. This includes
Provisioning 3.0 changes.
This CL was split off from http://go/wvgerrit//18603 because that
review is now concentrating on clarification and wording issues.
This CL is just for the header, and API changes.
Change-Id: I7cc423726433dcac9fb907246b6b6dd64f5c3367
Merge from widevine repo of http://go/wvgerrit/21521
On devices that use provisioning 3.0, the function
OEMCrypto_GenerateSignature will only be used for a license renewal.
This CL adds a call to OEMCrypto_GenerateSignature to the refresh key
tests. Otherwise, there would be no coverage at all for that
function.
Change-Id: Icbd568eea3f9f256cc9b0b441f7907b316bb5b69
Merge from widevine repo of http://go/wvgerrit/21141
All of the decrypt calls and the SelectKey call should return
OEMCrypto_ERROR_KEY_EXPIRED on error. This CL updates the oemcrypto
unit tests, reference mock, and level 3 code.
b/28294273
Change-Id: I7ac6a3652e0b2fe5a46071e1c2eda00daeed7a33
Merge from widevine repo of http://go/wvgerrit/21560
For OEMCrypto v12 we explicitly require OEMCrypto_GetRandom to handle
buffers up to 32 bytes long. This CL relaces the use of GetRandom
with openssl's RAND_psuedo_bytes to fill test vectors.
b/31464102
Change-Id: Ia0006b92bb12b98e9c130068dbb31b5f67281de2
Merge from widevine repo of http://go/wvgerrit/21260
This CL adds some oemcrypto unit tests for various buffer sizes, as
described in b/28887904 and the OEMCrypto v12 specification.
Encryption and Decryption buffers can be 100k large. License request
and response messages can be 8k. A provider session token (pst) can be
at most 255 bytes long.
I also passed the code through clang-format.
b/28887904
Change-Id: Ia3e317c0f6466e663461e66b610c9a98a90efb0a
