[ Merge of http://go/wvgerrit/100403 ]
VersionNumberTest.VersionNumberChangeCanary was expecting a version
string of "R". However, Android rvc branch is now far enough into
development to use a numbered version: version "11".
Bug: 156853733
Test: Android license request test
Change-Id: I63d33f742c849b672b2d2402ab8423fdf2450f6f
(This is a merge of http://go/wvgerrit/100053.)
The OEMCrypto Unit Tests were previously deriving keys from the session
key as part of loading the test RSA key. This creates an invalid
function call order, since the OEMCrypto session will likely next be
used for actions that need to be done *before* deriving these keys. With
ODKiTEE, which is more strict about this order, all OEMCrypto tests were
failing.
Bug: 156655072
Test: OEMCrypto Unit Tests
Change-Id: Ibfede587da30cfff4a44a5e0687e4199b1430372
Merge from Widevine repo of http://go/wvgerrit/100110
The unit test TimeRollbackPrevention was broken for several
reasons. This CL reduces the test to its most basic functionality and
updates it to be compatible with a v16 oemcrypto.
This CL also adjusts the fake clock used by the buildbot to fake
sleeping backwards, so that the TimeRollbackPrevention test can also
be run on the buildbot.
Bug: 155773482
Bug: 79422351
Test: unit tests on buildbot, and on flame w/v16 modmock
Change-Id: I3027018b17b738281989e63ae6b0729757217d05
Merge from Widevine repo of http://go/wvgerrit/100385
The map now contains unique_ptr instead of raw pointers
to ensure the memory is released.
Bug: 156780432 OEMCrypto Fuzzing: Fix OEMCrypto Memory Leak.
Test: oemcrypto reference code only
Change-Id: I78054f9207399f052d6e4bfdfa96824f6e050bac
Merge from Widevine repo of http://go/wvgerrit/100328
Several integration tests in WvCdmRequestLicenseRollbackTest had been
testing the duration of a license. However, the license they request
sets the playback duration and not the rental duration. That means the
timer we are checking does not start until the first playback. To fix
the tests, we simply add a decrypt operation right after the license
is received.
Test: integration tests w/v16 mod mock.
Bug: 156854660
Change-Id: Ie4f017c82db8aaf084ad050de3fcb7f51987c97e
Merge from Widevine repo of http://go/wvgerrit/99843
When processing a license release, the license is not loaded, so
OEMCrypto does not know nonce version information for the core
message. It assumes that all license releases are v15, so it is not an
error for a license release to not have a core message.
This CL also adds some extra logging to tests so that we can track
content id and the pssh. This CL also updates some of the test content
policies when running the local license server. The local license
server is only used for debugging problems.
Bug: 152648172 Integration test WvCdmEngineTest.LicenseRenewal failing
Bug: 156259697 License release does not need core message
Test: Unit tests with v16 mod mock
Change-Id: I04c896adadfb17877ce1115345d2419e0d2489f0
[ Merge of http://go/wvgerrit/96071 ]
Changes to how the usage table method InvalidateEntry() behaves
required additional changes to CDM code that uses this method.
This involved some refactoring to AddEntry(), moving the LRU
related code to its own function.
A few unittests had to be changed / removed as the moving
multiple entries changes expectations of several existing tests.
Several additional helper methods have been created to improve
readability. These include getters for information about the
usage table, a method for releasing stale entries, and a method of
recording LRU metrics.
Bug: 150890014
Bug: 150887808
Bug: 154269671
Test: Linux unit tests and Android unit tests
Change-Id: I11a98f9a2dea9b2ae57b37d7d4483a37be721763
[ Merge of http://go/wvgerrit/95365 ]
The changes made to how DeleteEntry (now InvalidateEntry) works
introduced a few additional edge cases which were not covered from the
previous set of unit tests.
Bug: 150887808
Bug: 149100568
Test: Linux unit tests and Android unit tests
Change-Id: I263b72fb708c6546294af23ae5ddbd2e82da34df
[ Merge of http://go/wvgerrit/95406 ]
There was an issue with DeleteEntry() where it would result in an
invalid table state if shrinking the usage table when the number of
sessions is at its max.
This required changing how the usage table invalidates entries. Now,
after invalidating an entry (marking an entry as kStorageTypeUnknown)
the table is defragmented if specified to.
Defragmentation involves:
1) Move valid entries near the end of the table to the position of
invalid entries near the front of the table.
2) Shrinking the table to cut off trailing invalid entries.
This change updates the existing tests to pass, but still needs new
tests for some of the edge cases.
Bug: 150887808
Bug: 149100568
Test: Linux unit tests and Android unit tests
Change-Id: I70c7b296e5e4b367746fcdaabbf0f12dcfb39230
[ Merge of http://go/wvgerrit/97963 ]
There are situations where an offline license file will remain on the
system after it's usage entry has been deleted. This would result in
its key set ID being reported as present by the CDM, but any
operations acting upon it will result in an error.
The app should be able to remove the license without error, so long
as the license file exists and no other OEMCrypto operations fail.
This change introduces a new error code LICENSE_USAGE_ENTRY_MISSING,
which indicates that a license's usage entry cannot be found.
A new integration test checks that the CDM can handle the calls to
removeOfflineLicense().
Bug: 137034719
Test: Android unit and integration tests
Change-Id: Ibdbe963b7f7e3ac97b446300d8e3896cdee7abc5
[ Merge of http://go/wvgerrit/97267 ]
In earlier releases, provisioning would occur based on a cached
security level. If an open session call returned a NotProvisionedException
the security level would be cached for use with any future provisioning
call.
An app would have to set the security level, then call openSession,
have it fail and then request provisioning. This fits the normal flow of
most apps. Still on occasion, an app might change requested security level
after an openSession call failed. Using the cached security level
would result in unexpected behavior.
This change allows provisioning to occur at the last security level that
was set.
Bug: 129356527
Test: wv unit/integration tests, GTS tests (GtsMediaTestCases)
Merged-In: I8d9234eec2b23a9c913e77a709943b431e25e43e
Change-Id: I8d9234eec2b23a9c913e77a709943b431e25e43e
Merge from Widevine repo of http://go/wvgerrit/98265
Previously, if we tried to shrink the usage table over an entry in
use, we expected an error. Now, we expect the specific error,
OEMCrypto_ERROR_ENTRY_IN_USE.
Test: unit tests on taimen
Bug: 124776024
Change-Id: I2b4b872943bf65401c0a6b5dc1237d77341b1f5b
[ Merge of http://go/wvgerrit/98025 ]
This adds mocking for WvContentDecryptionModule::QuerySessionStatus
to WvDrmPluginTest which was missing. This corrects the failure in
WVDrmPluginTest.OpensSessions_1_1 from libwvdrmdrmplugin_hidl_test
Bug: 154011452
Test: wv unit/integration tests
Change-Id: I9904595a62a71541ab534aca7d7dfbf95f3225c9
[ Merge of http://go/wvgerrit/98004 ]
This corrects mapping for KeyStatus event kKeyStatusUsableInFuture in
the legacy WVDrmPlugin. It earlier reported DrmPlugin KeyStatusType
kKeyStatusType_StatusPending and now reports kKeyStatusType_UsableInFuture.
This fixes the test failure WVDrmPluginTest.MarshalsEvents
Bug: 153509007
Bug: 116738851
Test: WV unit/integration tests
Change-Id: I4b2c74f5a0757975861ef41fa575a749ff9da391
Merge from Widevine repo of http://go/wvgerrit/98264
The generic decrypt tests changed the variable controlling buffer size
after it initialized the buffer -- so the buffer was not changed. This
CL fixes that.
Also, RefreshLargeBuffer changed the size of the license message
buffer, not the renewal message buffer.
Bug: 153590142
Test: ran unit tests on taimen
Change-Id: Ib01b411478a181ba956ac2e23c03634a2d971cc0
Merge from Widevine repo of http://go/wvgerrit/97763
There were no function signature changes, so the API version number
did not change from 16.2. There were several grammar and spelling
errors. There were also the following corrections:
1. The description of OEMCrypto_LoadProvisioning now says that devices
with a keybox use keys derived from the keybox device key, and devices
using Provisioning 3.0 use keys derived from the session key. The
description was previously reversed.
2. The function OEMCrypto_SupportedPatterns is no longer
discussed. This function was never fully defined.
3. The function OEMCrypto_LoadRenewal no longer says that keys and key
control blocks should be verified. This is because the function
OEMCrypto_LoadRenewal processes a message with no key control
block. It should update timers for the entire license.
Test: doc and comment change only
Bug: 153731804
Change-Id: I11a3069fcdbf67b369e2e2bc3fea8c08842eeb7b
(This is a merge of http://go/wvgerrit/97083.)
The switch from LoadKeys to LoadLicense broke entitlement licenses
entirely because the LoadLicense path in CryptoSession didn't include
any affordances for updating the KeySession, unlike the LoadKeys path.
This patch adds code to handle this.
Bug: 152814106
Test: CE CDM Unit Tests
Test: Android Unit Tests
Change-Id: Id0c33a566e17e6be8da04e12be4b0fc87559aa8f
Merge from Widevine repo of http://go/wvgerrit/96843
This CL modifies the system time used by the reference OEMCrypto so
that it recovers from a clock rollback. When the clock rolls back, it
now adjusts the current time and continues forward. This is needed
when running unit tests on some platforms that reset the clock at
the beginning of a test.
Bug: 152649427
Test: unit tests on buildbot. (No production code on Android)
Change-Id: I7edcdc0cd4e5938c9a54e745d3a0e008f9eb13ed
In `Combine Decrypt Calls to OEMCrypto`,
OEMCrypto_ERROR_BUFFER_TOO_LARGE is used as the default error code to
signal fallback to legacy decrypt (sending subsamples separately).
The error code would not be updated if no calls to OEMCrypto were
made (e.g. 0-length buffers).
This change resets error code to OEMCrypto_SUCCESS after fall back to
legacy decrypt. Consequently, buffers that do no require OEMCrypto
calls would return OEMCrypto_SUCCESS.
Merge of http://go/wvgerrit/96743
Bug: 150188155
Test: GtsMediaTestCases
Test: DashTest#testWidevineH264AdaptiveWithRendererDisabling
Change-Id: Ib23803c51f16bc809bda5c2720e628e81f1df1dc
Merge from Widevine repo of http://go/wvgerrit/96783
This CL updates the reference code, unit tests, and adapter to use the
new v16 function OEMCrypto_LoadDRMPrivateKey. This is just an API
change to allow ECC support in the future. The reference code does not
yet support ECC certificates, and the CDM code assumes that all
certificates have an RSA key.
Bug: 152558018
Test: unit tests on taimen and w/v16 mod mock.
Change-Id: I0793b416513b81b3d74849f0b58dbdc91f075ac6
[ Merge of http://go/wvgerrit/96514 ]
The combined decryption call feature was introduced in android R.
In earlier releases, subsamples were passed one at a time for
decryption within the plugin. A decryption request that consists
entirely of clear data should be passed on to OEMCrypto even if
no keys are loaded.
A sample might consist of subsamples of clear and protected data.
In legacy mode, this proved to be an issue for OEMCrypto if the clear
subsamples were passed on but the protected ones were rejected (b/110251447).
For legacy mode and in the absence of keys being loaded, the subsample will
be passed to OEMCrypto only if the clear lead/frame is in a single subsample
and not broken up across multiple subsamples.
Bug: 150316417
Test: WV android unit/integration tests
Change-Id: Iff8ae8f58530cb9c5d31ce388742443ae807c16f
(This is a merge of http://go/wvgerrit/96723.)
This syncs the document with the current version in Google Docs. Changes
since the last version:
* Specified that the Cobalt table only applies to First-Party Platforms
* Filled in gaps in Cobalt table
* Updated the Android R entry to reflect that some devices will stay on
v15
* Added further details on the contents of various OEMCrypto v16
versions
* Corrected Cobalt versions erroneously marked as Supported
* Updated copyright statement for 2020
* Reworded the header on the CE CDM section
* Corrected which CE CDM versions used OEMCrypto v8
* Put a section heading on the first table in the document to clarify
that it is not a table of contents nor a document version history
Bug: 151455443
Test: Verified PDF visually
Change-Id: I0a15f79a58a94cda178018373852582abb6c1463
Merge from Widevine repo of http://go/wvgerrit/96508
This adds a unit test for to verify that a preloaded license may be
loaded into OEMCrypto. A preloaded license is a license that does not
have a nonce, and for which there is no license request. This is used
in CAS and ATSC.
I also updated the test version string to
OEMCrypto unit tests for API 16.2. Tests last updated 2020-03-27
Bug: 144105097
Test: ran oemcrypto unit tests on taimen and with v16 modmock.
Change-Id: I6a4926917f36a084d15defa7b908d067612c4dcf
Merge from Widevine repo of http://go/wvgerrit/95945
The reference oemcrypto and testbed still use old style pointers, even
though we now require a more modern C++ compiler. Updated a few places
where smart pointer would be appropriate.
Bug: 141393616
Test: Ran unit tests
Change-Id: I8b1e155bce241075928e373478d6f8e1001233f9
Merge from Widevine repo of http://go/wvgerrit/96163
This CL just addresses some review comments from the big merge to
master. The header OEMCryptoCENC.h is now synced with the
document http://go/oemcrypto.
Test: unit tests
Bug: 148907684
Change-Id: Ic825126e0dd3d7e86eefab2c51b4abb5d57fb568
[ Merge of http://go/wvgerrit/95405 ]
There are several OEMCrypto functions that do not require an open
session to be called. This change updates the OEMCrypto functions
related to the Usage Table Header.
Bug: 150888316
Test: Linux unit tests and Android build
Change-Id: Ic879876dd190fb3e058bbe8e0cce37273030b105
[ Merge of http://go/wvgerrit/95404 ]
There are three situtations where error codes from a usage table
operations were not being mapped to unique CDM response types. These
particular errors provide useful information for the CDM during table
defragging.
Also fixed misspelled error code.
Bug: 150890014
Bug: 150891685
Test: Linux unit tests and Android build
Change-Id: I683abdd5fc0871317eede960ea36cfafac7e7f49
Merge from Widevine repo of http://go/wvgerrit/95483
This adds a log message to the oemcrypto unit tests so that if
somebody sends us a log, we can tell which version they are
running.
With this CL, the version string is
OEMCrypto unit tests for API 16.2. Tests last updated 2020-03-18
This can be found in the logs and in stdout when running the unit test
OEMCryptoClientTest.VersionNumber. One can verify the executable on
android using
strings $OUT/data/nativetest/oemcrypto_test | grep -i "oemcrypto unit tests"
Test: ran oemcrypto_test and verified version string
Bug: 144713981
Change-Id: Ie10b2f270b783ed10a3ff9855b7ca32a5327ea1c
