Merge from Widevine repo of http://go/wvgerrit/74624
and http://go/wvgerrit/77025
Several people have asked how many keys / session are required as a
function of OEMCrypto version. That is often enough that this
information should go in the version compatibility document.
Bug: 128628354
Test: documentation change only
Change-Id: I3031013aab2feb38a0c5ce7e5304ec0d50487ea3
Bug: b/116056586
Test: CE CDM, Android unit/integration, and GTS tests
Merge of http://go/wvgerrit/75891
Heapification was removed from the Level 3 in b/111246860 due to
contributing to performance issues. These issues are addressed in the
obfuscation tool and these libraries are built using those fixes.
Change-Id: I62dc09b41f845f3f7aa283af6968ac0cbc6cf368
[ Merge from http://go/wvgerrit/75623 ]
This addresses code-review comments during the merge to the wv repo.
Bug: 127828539
Test: WV unit/integration tests
Change-Id: I12abe3eb0767bb9ccb76940dcca12c17d32e8e53
Merge from Widevine repo of http://go/wvgerrit/75383
Because the tests need to find liboemcrypto.so.
Bug: 129354680
Test: ran on taimen and bonito.
Change-Id: I9cc802a2396937739b164851f51726fbc80550d5
[ Merge of http://go/wvgerrit/74627 ]
Limited duration licenses (where license duration is unlimited and
playback window is set to a small value) did not work correctly when
the initial decrypt call occured before the license was received.
Bug: 109653883
Test: WV unit/integration tests
Change-Id: I0738e97db525b239455e2ac93ab0bedd6611b311
Merge from Widevine repo of http://go/wvgerrit/75123
Merge from Widevine repo of http://go/wvgerrit/75114
This changes the encoding for the hash to be hex instead of base64.
Also, the bad frame number is initialized to 0 to make it easier to
debug. And the FDPT test app now uses the correct byte order.
Bug: 129100318
Test: unit tests, FDPT test app.
Change-Id: I296bab990125a4e18bec92f3316e8289a3b25a6b
Merge of http://go/wvgerrit/74965
It isn't always obvious which changes introduced test failures or fixes,
and similarly, it's unideal to have to manually run the tests for HEAD
and with a new change to determine the test diff, so this script runs it
for the last n changes, and diffs the test results by comparing the test
runs. It doesn't handle flaky tests, partly because I don't think it
can.
Change-Id: I5380abcb2f5bcadf172dba3c1270e4258e0c8a82
[ Merge from http://go/wvgerrit/74924 ]
These were not previously being collected or were collected
insufficiently.
BUG: http://b/121090396http://b/112919252
Test: Unit tests, Gplay, Nflix, GTS
Change-Id: I32b7206cbe6071519b4a483fbcd0920dc1a26961
(This is a merge of http://go/wvgerrit/74844)
__attribute__ is not supported on all compilers, notably it's not
supported on MSVC. Commenting out the variable should suppress the
warning this is trying to fix.
Test: Android CDM Build
Bug: 122953649
Change-Id: I0101df1cca271415a6444e5455eb0085676bcabf
[ Merge of http://go/wvgerrit/74343 ]
This replicates a Netflix test that adds secure stops and removes them
one at a time, while some of the sessions are still open. Usage
enties will be deleted at the time, but the usage header table
will not be shrunk if the last entry is in use. This happens later when
sessions are closed and the last usage entry is no longer in use.
Bug: 120894148
Test: WV unit/integration tests, CE CDM tests
Change-Id: Ib572950afc61754fe5f3c417e650d5d08503425a
(This is a merge of http://go/wvgerrit/74628)
There is some old legacy behavior in CryptoSession for supporting
Chromecast. When a platform tries to use a combination of L3 and opaque
handles, it silently substitutes the type "clear buffers" instead.
No platform uses this behavior anymore. In fact, the CE CDM contains
code that explicitly prevents this case from being triggered. That code
has broken in every one of the last 3 releases. To allow the CE CDM to
end that bug farm, this patch removes the behavior that no one wants.
Bug: 112703532
Test: CE CDM Unit Tests
Test: Android Unit Tests
Change-Id: I7f70483fac46c75637da5378c5a8b1bf7a2c2860
[ Merge of http://go/wvgerrit/74443 ]
When deleting a usage entry, a crypto session may need to be closed
and reopened if a usage entry has previously been loaded. Before closing
this session, the usage entry/usage table header information should be
saved.
This is for completeness rather than correctness. Looking at code,
usage header and entry information are saved after the license
release has been generated. This change might be helpful in case
that changes in the future.
Bug: 115920873
Test: CE CDM unit tests, WV unit/integration tests
Change-Id: Ifc8f761497198247db31dab2f47e8323af783681
[ Merge from http://go/wvgerrit/72183 ]
Adds basic metrics for the usage table header. This adds the last rev of
cdm_session.cpp that was merged to the wv repo.
Bug: http://b/112919252
Test: Unit tests. Manual GPlay
Change-Id: I9494caf6fcdfb3d335ea10fe8b712585e95c79e5
(This is a merge of http://go/wvgerrit/73743 and
http://go/wvgerrit/73903)
The CE CDM implements the ability to silence all logging with a "silent"
log level. However, under the covers, this assigned a value to g_cutoff
that was not a member of LogPriority, which fails some extremely strict
checks. This patch just adds a matching entry to LogPriority so that
"silent" is now a valid level in that enum.
A previous merge of this change broke builds on Elfin because it uses
stricter compiler settings that rejected the lack of LOG_SILENT in
certain switch statements. I've gone through the codebase and found
every switch on a LogLevel variable and updated it, of which only one
affects the Android build.
Bug: 118622359
Test: CE CDM Build
Test: Android Build
Test: Android Elfin Build Specifically
Change-Id: I6ba3556e0e70f5e7e1692754a8a2f54adae59a6b
This reverts commit 9a40a107f8.
Reason for revert: Elfin has stricter compiler settings than other platforms and breaks when this is checked in.
Change-Id: I169a43ff6b9d90101276690b1d3aae7865946eb0
(This is a merge of http://go/wvgerrit/73803)
While playing around with compiler settings, I found that
EntitlementKeySession::Type() is missing the `override` keyword.
Bug: 127498046
Test: CE CDM Build
Test: Android Build
Change-Id: I5a18dbbd425b0a493575a34b9f5f77b2d7c8f10d
(This is a merge of the parts of http://go/wvgerrit/73763 that affect
the Widevine Android CDM.)
Netflix found some cases of benign shadowing & unused parameters through
having different warning settings than we do. No harm in fixing these.
Bug: 126864496
Bug: 126864495
Test: CE CDM Build
Test: Android Build
Change-Id: Ifb2a705a64071900b69aea17d6add46a36068ebb
(This is a merge of http://go/wvgerrit/73743)
The CE CDM implements the ability to silence all logging with a "silent"
log level. However, under the covers, this assigned a value to g_cutoff
that was not a member of LogPriority, which fails some extremely strict
checks. This patch just adds a matching entry to LogPriority so that
"silent" is now a valid level in that enum.
Bug: 118622359
Test: CE CDM Build
Test: Android Build
Change-Id: Idafb26b7c5f9a24a32c84da9b3c5595434ef07fe
Merge from Widevine repo of http://go/wvgerrit/73383
Partners have been requesting more explanation for what each test is
doing. This is an attempt to clarify some of the tests.
Bug: 119640588
Test: unit tests
Change-Id: I270203b4e8fa7e65abb55297788e4d55856e7dcd
(This is a merge of http://go/wvgerrit/71883)
This moves all the SSL code to privacy_crypto so we can use the
iOS-specific versions and not use any BoringSSL. The iOS version
doesn't support OEM certificates.
Note that the tests still use BoringSSL.
Bug: 126559819
Test: build_and_run_all_unit_tests.sh
Change-Id: Ib0fad5d95b283b6cd6e02d8a08bcf248c5900bc4
Test: CE CDM tests, Android unit/integration tests
Merge of http://go/wvgerrit/73464
LoadEntitledContentKeys result is logged in SelectKey when it fails.
Requested as part of http://go/wvgerrit/73144.
Change-Id: I063497144ff3370b817e12c0535580e54cfec1d8
(This is a merge of http://go/wvgerrit/72867)
This patch replaces the previous static std::mutexes in CryptoSession
with shared_mutexes, allowing multiple readers to access the resources
they protect. For the shared fields, this means only Initialize(),
Terminate(), and the code that sets up the usage table headers needs
exclusive access. All other CryptoSession code is able to read these
fields in parallel.
For OEMCrypto, the static OEMCrypto lock is joined by a per-session
std::mutex, which are used in concert to enforce the OEMCrypto v15
threading guarantees.
On my machine this results in a noticeable increase in performance for
the parallel unit tests.
Bug: 70889998
Bug: 118584039
Test: CE CDM Unit Tests
Test: Android Unit Tests
Test: Jenkins Tests
Change-Id: Ie6332ae4926ed4f14af897685d37bfe63831b14f
Test: CE CDM tests, Android unit/integration tests
Bug: b/124773017
Merge of http://go/wvgerrit/73144
Since OEMCrypto supports one content key per entitlement key,
LoadEntitledContentKeys must be called every time we want to select a
key. EntitlementKeySession::SelectKey calls ContentKeySession::SelectKey
after loading the keys, which caches the key id from the previous call,
and if the key id hasn't changed, doesn't call SelectKey. This caching
is fine for content keys since we don't call LoadKeys every time, but
not fine for entitled keys since we do call LoadEntitledContentKeys
every time. So, we instead cache the current content key id per
entitlement key and only call LoadEntitledContentKeys and SelectKey if
the entitled content key id changes. Furthermore, the test
HandlesKeyRotationWithOnlyOneLicenseRequest is modified to complete
multiple decrypts per key to test this behavior.
Change-Id: I9d0d94e49da0fe1965beadbddec99d8dff744d73
