Merge from Widevine repo of http://go/wvgerrit/96843
This CL modifies the system time used by the reference OEMCrypto so
that it recovers from a clock rollback. When the clock rolls back, it
now adjusts the current time and continues forward. This is needed
when running unit tests on some platforms that reset the clock at
the beginning of a test.
Bug: 152649427
Test: unit tests on buildbot. (No production code on Android)
Change-Id: I7edcdc0cd4e5938c9a54e745d3a0e008f9eb13ed
Merge from Widevine repo of http://go/wvgerrit/96783
This CL updates the reference code, unit tests, and adapter to use the
new v16 function OEMCrypto_LoadDRMPrivateKey. This is just an API
change to allow ECC support in the future. The reference code does not
yet support ECC certificates, and the CDM code assumes that all
certificates have an RSA key.
Bug: 152558018
Test: unit tests on taimen and w/v16 mod mock.
Change-Id: I0793b416513b81b3d74849f0b58dbdc91f075ac6
Merge from Widevine repo of http://go/wvgerrit/96508
This adds a unit test for to verify that a preloaded license may be
loaded into OEMCrypto. A preloaded license is a license that does not
have a nonce, and for which there is no license request. This is used
in CAS and ATSC.
I also updated the test version string to
OEMCrypto unit tests for API 16.2. Tests last updated 2020-03-27
Bug: 144105097
Test: ran oemcrypto unit tests on taimen and with v16 modmock.
Change-Id: I6a4926917f36a084d15defa7b908d067612c4dcf
Merge from Widevine repo of http://go/wvgerrit/95945
The reference oemcrypto and testbed still use old style pointers, even
though we now require a more modern C++ compiler. Updated a few places
where smart pointer would be appropriate.
Bug: 141393616
Test: Ran unit tests
Change-Id: I8b1e155bce241075928e373478d6f8e1001233f9
Merge from Widevine repo of http://go/wvgerrit/96163
This CL just addresses some review comments from the big merge to
master. The header OEMCryptoCENC.h is now synced with the
document http://go/oemcrypto.
Test: unit tests
Bug: 148907684
Change-Id: Ic825126e0dd3d7e86eefab2c51b4abb5d57fb568
Merge from Widevine repo of http://go/wvgerrit/95483
This adds a log message to the oemcrypto unit tests so that if
somebody sends us a log, we can tell which version they are
running.
With this CL, the version string is
OEMCrypto unit tests for API 16.2. Tests last updated 2020-03-18
This can be found in the logs and in stdout when running the unit test
OEMCryptoClientTest.VersionNumber. One can verify the executable on
android using
strings $OUT/data/nativetest/oemcrypto_test | grep -i "oemcrypto unit tests"
Test: ran oemcrypto_test and verified version string
Bug: 144713981
Change-Id: Ie10b2f270b783ed10a3ff9855b7ca32a5327ea1c
Merge from Widevine repo of http://go/wvgerrit/95968
Un-initialized int array allocated on heap is detected by MemorySanitizer using this command:
rabbit test --config=msan --keep_going --compilation_mode=opt --runs_per_test=1 //video/widevine/export/common/oemcrypto_core_message/odk:odk_test
Bug: 151339875
Test: cdm and odk unit tests
Change-Id: Ic3329b918636a58eccb518ded7b262c4d98c3644
Merge of http://go/wvgerrit/95666
Mostly fixing coding styles and a few vulnerability check.
Updating tests according to the fix.
Bug: 150614088
Bug: 150881959
Test: Ran cdm and odk unit tests
Change-Id: I109a96ee8ded089d59ab49c2f94b6833c932fd1e
Merge from Widevine repo of http://go/wvgerrit/95463
In the unit tests ReloadUsageTableWithSkew, we load a header that has
a generation number off by 1. This is allowed. However, we then try to
load the current entry, which is newer than the header. Instead, we
should try to load the entry that went with the header.
Bug: 139828114
Test: Ran unit tests
Change-Id: I87261501d8ee2b91a07c2b5dff17fc0ea950244d
Merge from Widevine repo of http://go/wvgerrit/95403
This updates the test code CreateDefaultResponse to make sure that
license releases do not have a core message, and that the key control
block is correctly set for renewals.
Also, the unit test OEMCryptoUsageTableTest.TimingTest is changed to
only a license release when the license is inactive. If the license is
still active, then the license is loaded before generating a usage
report.
Test: Ran full unit tests
Bug: 151092673
Change-Id: I7c01fd17f9b66e88ab3c57aa0f3d40740f13507c
Merge from Widevine repo of http://go/wvgerrit/95283
If an entry is loaded in a second session, the error should be
OEMCrypto_ERROR_INVALID_SESSION.
Bug: 150647218
Test: ran unit tests
Change-Id: I4e666ce6626303a36b16997f0a012d57a7039697
Change-Id: Id0e73dec5879ec9ec4e8ab8ebe1590c568e7f0af
Merge from Widevine repo of http://go/wvgerrit/95263
Some OEMCrypto unit tests are not expected to pass on a v15 device, so
they are being filtered out.
Bug: 149861744
Test: unit tests on taimen
Change-Id: Iadff592f4a0005ab7e5613b315a714e737d7e5e0
Merge from Widevine repo of two CLs.
Merge from Widevine repo of http://go/wvgerrit/94743
A license release should not have a core message. This CL adjusts the
existing unit tests to verify this. There is also a new unit test called
SecureStop that explicitly tests sending a secure stop in a new
session without first loading the license.
Merge from Widevine repo of http://go/wvgerrit/94865
This CL has the following changes copied from google3:
http://cr/298871728 Remove odk_static_assert for Message size temporarily
http://cr/298755935 Fix a compiling error during macro expansion
http://cr/298481745 Add missing header for android
http://cr/298448142 Fix odk_test gyp file
http://cr/298419641 Remove header from Android.bp
http://cr/298402053 Separate sizeOf(args) bytes in fuzz tests
http://cr/297730316 No core messages for license release
http://cr/297714346 Add copybara_test and piper_sot_to_gerrit
http://cr/297636713 Adding some comments around boolean conversion code
http://cr/297420679 Autofuzzer when ran with address sanitizer ...
http://cr/296513584 Minor fix with fuzzing odk clock values
http://cr/296322024 Fixing errors in code with how request ...
http://cr/296313159 Fuzzing ODK clock values by setting aside ...
http://cr/295763207 Add more odk tests and move helper functions to test helper
http://cr/294524098 Adding a Build Rule for ODK_KDO_Fuzzer and updating
http://cr/294492213 Address a few review comments of ODK
http://cr/293674368 odk_fuzz: add TODOs & comments
http://cr/293492806 Fix spelling
Bug: 150243585
Bug: 150020278
Bug: 150095506
Bug: 147297226
Bug: 148290294
Bug: 148907684
Bug: 150608451
Test: unit tests
Change-Id: I25fd406f29f4eba40f5cb27e9a1317dce4ffc2f5
(This is a merge of http://go/wvgerrit/93829,
http://go/wvgerrit/93830, http://go/wvgerrit/93832,
http://go/wvgerrit/93833, and http://go/wvgerrit/93834 from the
Widevine repo.)
This implements the CDM code changes necessary to take advantage of
Combined Decrypt Calls on OEMCrypto v16. The result of this is that
WVCryptoPlugin is much lighter now because it can pass the full sample
down to the core in one call, but CryptoSession is heavier, as it now
has to handle more complex fallback logic when devices can't handle
multiple subsamples at once.
This patch also removes support for the 'cens' and 'cbc1' schema, which
are being dropped in OEMCrypto v16. This fixes an overflow in the code
for handling those schemas by removing it entirely.
This patch also fixes the "in chunks" legacy decrypt path to use larger
chunk sizes on devices with higher resource rating tiers.
Bug: 135285640
Bug: 123435824
Bug: 138584971
Bug: 139257871
Bug: 78289910
Bug: 149361893
Test: no new CE CDM Unit Test failures
Test: Google Play plays
Test: Netflix plays
Test: no new GTS failures
Change-Id: Ic4952c9fa3bc7fd5ed08698e88254380a7a18514
Merge from Widevine repo of http://go/wvgerrit/94043
Remove some unused parameters from test code. These had been
generating compiler warnings.
Bug: 149592532
Test: built and ran unit tests on crosshatch
Change-Id: If1325edc3418f77d620ce3765496ef17156bc624
Merge from Widevine repo of http://go/wvgerrit/93686
This CL changes some test logging so that it is always on a single
line, even if verbose logging is turned on.
Test: unit tests
Bug: 149119926
Change-Id: I9473f6e559ff543ced47a7fa3900615866a25688
This CL merges some missed pieces of the merge from Widevine repo of
http://go/wvgerrit/93405
Test: unit tests
Bug: 147879734, 147396294, 141247171
Change-Id: I3b92b983f68f6a529f109bc5dec91b313e3fd7fb
[ Merge of http://go/wvgerrit/93505 ]
During the merge process there were a few CL comments (ag/10122083)
that were not able to be addressed. Most changes in the CL are
spelling / grammar corrections.
Bug: 148907684
Bug: 141247171
Test: CDM unit tests
Change-Id: I9a8648525bbe5ed319521ebf01741a958ab69ae2
Merge from Widevine repo of http://go/wvgerrit/93404
This is the unit tests, reference code, and documentation for
OEMCrypto v16.2. Backwards compatibility should work for a v15
OEMCrypto.
Some review comments will be addressed in future CLs.
Bug: 141247171
Test: Unit tests
Test: Media GTS tests on bonito
Change-Id: I9d427c07580e180c0a4cfdc4a68f538d351c0ddd
Merge of http://go/wvgerrit/93404
This CL updates the Widevine CDM to support OEMCrypto v16.1
Test: Tested in 16.2 CL
Bug: 141247171
Change-Id: I69bd993500f6fb63bf6010c8b0250dc7acc3d71b
Replace libcrypto with libcrypto_static, which can be protected through
visibility to ensure only modules that don't affect FIPS certification
can use it.
Bug: 141248879
Test: m checkbuild
Change-Id: I53757b813fe2984261a3bde963cac1886523dfdf
Merge from Widevine repo of http://go/wvgerrit/79463 and
http://go/wvgerrit/82383
Several tests explicitly set the log level. This CL unifies that a
little bit. When running the unit tests by hand, on android or for ce
cdm, the log level is 0 (ERROR) and can be incremented on the command
line using the "--verbose" switch.
When running on the desktop, you can set the environment variable
VERBOSE_LOG to "yes", and the log level is set to VERBOSE. This is
done by the buildbot so you can see full logs in the build archive.
When running with the test bed (i.e. Mod Mock) you can edit the
options.txt file and set log_level to 0=ERROR up to 4=VERBOSE. if you
are using the run_current_tests script, you can create a file in the
linux directory called override_options.txt and add the line
log_level 4
This CL only changes test code.
bug: 124390006
Test: unit tests
Change-Id: I1e042004692750e218b8c4220bce3ec1e387004e
Merge from Widevine repo of http://go/wvgerrit/79243
Modify failures for LoadKeyWithSuspiciousIV and SelectKeyNotThereAPI15
This turns on some unit tests that were disabled for Q release.
Merge from Widevine repo of http://go/wvgerrit/77948
Mod Mock: Dump entitlement keys - this allows some logging when
running in a test environment.
Merge from Widevine repo of http://go/wvgerrit/75763
Refactor OEMCrypto Decrypt Tests
This CL refactors the oemcyrpto decryption tests. A bunch of boiler
plate code was moved to a common test setup. Also, buffer handling
was streamlined so that it will be easier to use these test with
secure output buffers.
Bug: 131281966
Bug: 129432708
Test: unit tests
Change-Id: Iebf62611a16e0a4def9c4daed1c6cdf12686ba74
Merge from Widevine repo of http://go/wvgerrit/78949
LoadKeyWithSuspiciousIV is a new test for OEMCrypto v15.2. It is
being disabled since we do not require 15.2 for the Q release.
SelectKeyNotThereAPI15 was failing because the error code is
delayed. This is acceptable.
Bug: 132720732
Test: unit tests on taimen
Change-Id: Iea3fabfb3afd800065119ce812fb454be1e82644
Merge from Widevine repo of http://go/wvgerrit/77609
For v15.2 we require that nonces not collide across sessions and there are
restrictions placed on the mac key's IV in LoadKeys.
Test: ran unit tests on reference code
Bug: 131325434
Bug: 131326334
Change-Id: I1bb01c30d8c15d66d762c28b57d7700c44daa835
Merge from Widevine repo of http://go/wvgerrit/78143
This verifies that the correct mac keys are used to sign a message when
generating a usage report or secure stop.
Test: unit tests on ref code and taimen
Bug: 111261264
Change-Id: I7d56a6ff0aae68a5554f7ce84d467697d1f9997b
Merge from Widevine repo of http://go/wvgerrit/78063
This test incorrectly asserted a buffer size.
Bug: 131864150
Test: Unit tests ran on taimen.
Change-Id: If53fdd4cce9d6b3dfa85f50a3dbc08c99bceebfb
Merge from Widevine repo of http://go/wvgerrit/78144
This CL verifies that LoadKeys cannot be called twice a second time in
an OEMCrypto session.
Bug: 131359743
Test: unit tests on refernce code and taimen
Change-Id: I3da1c7639ed163799ee5996fd9f7f8b427c7ed30
Merge from Widevine repo of http://go/wvgerrit/77604
Test: ran unit tests
Bug: 131326334 Nonce collision should be avoided in open sessions
Bug: 131325434 mac key iv should not be 16 bytes before encrypted mac key
Bug: 129368634 HDCP 2.3 and 2.2 are not distinguishable
Bug: 127423611 Question about OEMCrypto V15 API
Bug: 124312571 Picture-in-Picture -- is it really needed for Android TV?
Bug: 131175454 Extend Provisioning 3.0 Schedule
Bug: 131359743 Do not allow multiple LoadKeys in a session
Change-Id: I8db4ec921978ea918adb17420db86de69e806120
(This is a merge of http://go/wvgerrit/76063)
Now that we have C++11, many places that do string formatting or parsing
can be replaced with std::to_string() or one of the std::sto*() family
of functions. This patch updates places that do simple stringifying or
parsing to use these functions. Some parts of the code are left
untouched because they were using StringStream to do more complex
actions, such as constructing more complex output or checking the status
of the parsing.
Bug: 120599938
Test: CE CDM Unit Tests
Test: Android Unit Tests
Change-Id: I482dc234ecd7c6014fa9b6874387ff51e04b772f
