[ Merge of http://go/wvgerrit/101443 ]
The WVDrmPlugin has a single CdmIdentifier. The CdmIdentifier contains
a SPOID that is calculated from the device ID (keybox or OEM cert),
an application reverse domain name and possibly an origin.
The CdmIdentifier is set and SPOID calculated on certain calls into
WVDrmPlugin. Once it is set, it will not be recalculated. We prevent
certain operations such as modifying the origin once the CdmIdentifier
has been set as this will require recalculating the SPOID.
Recalculating the SPOID may affect open sessions or calls in progress.
In a similar way, modifying the security level, will affect the
Device ID value and in turn the SPOID. The security level cannot be modified
if any sessions are open. This does leave open the possibility that the
SPOID may be calculated at one security level, sessions are then closed,
and the security level is then changed without an error being flagged.
The provisioning certificate file name is based on the SPOID. When
the SPOID does not match the security level, either the provisioning
information may not be found even though that security level has
been provisionined or the provisioning information may be stored
in an incorrect location if provisioning occurs.
The correct solution is to prevent modifications to the security level
once the CdmIdentifier is set. This is a behavior change and might
impact apps. We will reevaluate this for the next release.
For now, we will work around this. When the CdmIdentifier is set for L3,
we will calculate SPOIDs with both L1 and L3 device IDs and check if
provisioning previously occurred with SPOIDs calculated for that level.
If so, use that level, otherwise use L3.
Bug: 147703382
Test: Android unit/integration tests, GtsMediaDrmTests
Change-Id: Ia64adfc5848e431ee3876af03eebdb4b6eb83116
[ Merge of http://go/wvgerrit/100864 and http://go/ag/10704773 ]
ATSC 3.0 allows for licenses to be downloaded OTA and are tied to
a DRM certificate that may be shared across apps. The provisioning
process for ATSC may happen at the factory or during an OS update.
This contrasts from the regular OTT model, which requires that
provisioning and license download have an uplink as well as a
downlink connection.
This adds support for the ATSC mode property. ATSC mode can only be
set (or unset) before sessions are opened. Once the CDM identifier is
set/sealed, requests to modify the ATSC mode will be rejected.
If one needs to open sessions with both ATSC mode and regular (non-ATSC)
mode, separate MediaDrm objects will need to be created. The default
mode is to not use ATSC.
Enable ATSC mode by calling
mediaDrm.setPropertyString("atscMode", "enable")
Disable ATSC mode by calling
mediaDrm.setPropertyString("atscMode", "disable")
Provisioning and unprovisioning requests for ATSC will be rejected as
certificates will be retrieved by the ATSC service.
Bug: 139730600
Test: WV unit/integration test, GtsMediaTestCases
Change-Id: I142f286c711fe007ff42125c3c8cdc6450b6ea36
[ Merge of http://go/wvgerrit/97267 ]
In earlier releases, provisioning would occur based on a cached
security level. If an open session call returned a NotProvisionedException
the security level would be cached for use with any future provisioning
call.
An app would have to set the security level, then call openSession,
have it fail and then request provisioning. This fits the normal flow of
most apps. Still on occasion, an app might change requested security level
after an openSession call failed. Using the cached security level
would result in unexpected behavior.
This change allows provisioning to occur at the last security level that
was set.
Bug: 129356527
Test: wv unit/integration tests, GTS tests (GtsMediaTestCases)
Merged-In: I8d9234eec2b23a9c913e77a709943b431e25e43e
Change-Id: I8d9234eec2b23a9c913e77a709943b431e25e43e
[ Merge of http://go/wvgerrit/94323 ]
Content providers wish to know the application package name that is
requesting a license from the content server. The app package name that
is provided to the CDM during initialization is provided to the client
identification message as a key-value pair during license request
generation. App packages names are keyed under 'application_name'.
This feature was tested manually by scraping the content of the license
request for YouTube TV.
Bug: 148689078
Test: manual
Change-Id: I6b65f2ab9845dbea37aaaab76ecea25c228bde5b
Merge of http://go/wvgerrit/70163
New codes are being added to handle resource
contention, lost session state, frame size too
large and insufficient security level for
decryption. Also cleans up inconsistent use of
tamper detected error where invalid state error
should have been used.
bug:111504510
bug:111505796
test: cts and gts media tests, widevine integration tests
Change-Id: I96ee441717d32ccbcabaa85c8f6a0013055ce16e
[ Merge of http://go/wvgerrit/68083 ]
Add ability to query decrypt hash support, set a hash computed over a frame
and retrieve the last error at a later point.
Bug: 34080802
Test: WV unit/integration tests. New tests added to cdm_engine_test,
libwvdrmdrmplugin_hidl_test and request_license_test.
Change-Id: I7548c8798c873a6af3e1cfc0df57c117e1e474a6
Widevine HIDL service added new v1.2 media APIs,
update the service to support new APIs.
Merged from http://go/wvgerrit/67083
Test: Netflix and Play Movies & TV (streaming and offline playback)
Test: GTS WidevineH264PlaybackTests test
e.g. ANDROID_BUILD_TOP= ./android-gts/toolsefed run gts -m GtsMediaTestCases
--test com.google.android.media.gts.WidevineH264PlaybackTests#testL1With480P30
Test: Widevine unit tests
bug: 117570686
Change-Id: I3a2091e7c62a0d2697ef97f983fd898aedfb4519
This fixes Widevine's getMetrics call so that it will return vendor
metrics through the Drm plugin 1.1 interface.
Bug: 73724453
Test: New and existing unit tests. Updated and existing GTS. Google Play manual.
Change-Id: Ie35128dc80bd6eabf9e1f3b9c1800256af77bc51
[ Merge of http://go/wvgerrit/48400 ]
Client identification information has recently been enabled in
provisioning messages. For privacy concerns this information
is being encrypted with a default service certificate.
Apps need to be able to override the default one to allow
for provisioning with third party provisioning services.
Bug: 78420508
Test: WV unit, integration tests
New WvCdmRequestLicenseTest.ProvisioningTestWithServiceCertificate test
GTS MediaDrmTestCases
Change-Id: Iee61ad47d33ce011efbea4eb90f7e4b1f032d15f
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
This change contains the original change go/ag/3819203 and a fix to the
deadlock that was seen on Marlin and Taimen.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: Ib208204a1b794df9f306fa11d13a8bb6cd6889f7
Merge from Widevine repo of http://go/wvgerrit/47860
This CL updates the copyright notice to indicate that files
shared with partners are shared under the Widevine Master
License Agreement.
bug: 77926774
test: comment change only
Change-Id: I0423668111578b80fb39a932d763df2827e2dfc3
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: I7e041b6cdf3e272d067da49d25a297b4a4663f1f
Merged from http://go/wvgerrit/44803.
Upgrade HIDL service to v1.1 and implements new 1.1 media API.
Test: Netflix and Play Movies & TV
streaming and offline playback
Test: GTS WidevineH264PlaybackTests test
e.g. ANDROID_BUILD_TOP= ./android-gts/tools/gts-tradefed run gts -m GtsMediaTestCases
--test com.google.android.media.gts.WidevineH264PlaybackTests#testL1With480P30
Test: GTS MediaDrmTest tests
e.g. ANDROID_BUILD_TOP= ./android-gts/tools/gts-tradefed run gts -m GtsMediaTestCases
--test com.google.android.media.gts.MediaDrmTest#testWidevineApi28
Test: unit tests
bug: 69674645
Change-Id: I91e7e43f9178b61a531e846beffb5f5c17050a3c
Merge from Widevine repo of http://go/wvgerrit/44505
This CL changes the certificate provisioning code to verify the
provisioning message using a cert from license.widevine.com instead of
the staging certificate.
It also adjusts the certificates in config_test_env.cpp because the
license and provisioning servers are different and may probably have
different certs.
bug: 73031756
test: unit tests with mock oemcrypto, and read oemcrypto on sailfish
Change-Id: I4b457a369a49ef07bda9e5632ab59e5f621ec966
CdmResponseType are mapped to android::status_t, then map to hidl
android::hardware::drm::V1_0::Status. This CL removes the indirection
by mapping cdm errors to hidl Status.
Test: Play Movies (pin and streaming)
Test: Netflix (download and streaming)
Test: libwvdrmmediacrypto_hidl_test and libwvdrmdrmplugin_hidl_test
Test: GtsMediaTestCases module
Test: Vts - VtsHalDrmV1_0Target
bug: 34682447
Change-Id: I0b04f47871f5e4898e7297831d5fceab52e0f7f9
This reverts commit 006506278a.
It needs to be reverted to fix b/38343960 on marlin.
This change is not needed since the root cause of the
resource leak was addressed in ag/2226738.
Change-Id: I93b64d39103d574b7dcde6b1477839a50b64aefd
A strong pointer cycle was preventing the drm plugin
from being released. This change converts the listener
to a weak pointer to break the cycle.
bug:36408047
test: manual testing to verify leaks are fixed
Change-Id: I2e2af392c2b263b7b0943d61dcaee5e94089ce27
(This is a merge of wvgerrit/25583)
Devices that use Provisioning 3.0 did not have a Provisioning-Unique ID
defined. Attempting to retrieve it would result in an error.
Devices that use SPOIDs with keyboxes would expose the keybox's real
Provisioning-Unique ID when asked. This is a security flaw.
To solve both cases, an alternative Provisioning-Unique ID is used,
consisting of the Device-Unique ID bitwise-inverted.
Bug: 36065223
Test: run_all_unit_tests.sh
Change-Id: I32512a3e11403e679939187e156904a57a9e24ef
(This is a merge of http://go/wvgerrit/25581)
To prevent dead DRM Plugins from being instantiated when there are no
sessions available, the time at which the device ID is queried has been
moved from instantiation-time to SPOID-calculation-time.
SPOIDs can now fail to be generated. Which means anything that depends
on a SPOID may fail because of this. However, this is a more actionable
problem for apps than having them receive a dead or unusable DRM Plugin
object.
Bug: 36660726
Test: libwvdrmdrmplugin_hidl_test
Change-Id: Ice6a8eabfee8d48bf2af02e2e7169aa95af9f2e4
(This is a merge of http://go/wvgerrit/25580)
While writing fixes for b/36660726, b/34716264, and b/36065223, it
became clear that having the logic that checks whether the device
supports SPOIDs embedded inside WVDrmPlugin was complicating its code
and inhibiting testing of the class. By moving this check into the code
that instantiates WVDrmPlugin, the result of the calculation can be
independently tested while the tests for WVDrmPlugin can put it in
whatever state they need for the sake of unit testing.
As a consequence of this, the check on retrieving the "deviceUniqueId"
byte array property, which was removed when SPOIDs were implemented, can
be reinstated.
Bug: 36660726
Bug: 34716264
Bug: 36065223
Test: libwvdrmdrmplugin_hidl_test & libwvdrmengine_hidl_test
Change-Id: I961d2ee42bbdc42f0c324e36d9a74ac92205a437
Replace AString, KeyedVector, List, String8 and Vector
with stl containers. Remove corresponding frameworks
libraries.
Test: Play Movies & TV (streaming and pinning)
Test: Netflix
Test: unit tests
bug: 34677927
Change-Id: I125f45054987d69bbca59c1ffdcbe8add38c3c13
Adds code to the Widevine Glue Layer that drives the generation and use
of SPOIDs on platforms that support SPOIDs. (All devices whose first
release is Android O or later.) Note that this only applies to the new,
Treble-ized API. If the Widevine DRM Plugin is accessed through the old
API, it will not use SPOIDs. This is by design because the old API does
not provide an application package name, so SPOID generation is no
better than the existing, origin-based solution.
Bug: 27101531
Test: Unit tests
Test: GTS tests
Test: Google Play
Change-Id: I80f79fca84065105e218e9070a1d5299c8e33500
