Merge from Widevine repo of http://go/wvgerrit/101243
Changed the version number to 16.3 and the date to June 1st. The
delta document has a short description of CL's added since
April 6th.
Test: documentation changes only
Bug: 157030231
Change-Id: I93c2b09d6a24efc71ed77110b115cafbd6fde1c6
Merge from Widevine repo of http://go/wvgerrit/97763
There were no function signature changes, so the API version number
did not change from 16.2. There were several grammar and spelling
errors. There were also the following corrections:
1. The description of OEMCrypto_LoadProvisioning now says that devices
with a keybox use keys derived from the keybox device key, and devices
using Provisioning 3.0 use keys derived from the session key. The
description was previously reversed.
2. The function OEMCrypto_SupportedPatterns is no longer
discussed. This function was never fully defined.
3. The function OEMCrypto_LoadRenewal no longer says that keys and key
control blocks should be verified. This is because the function
OEMCrypto_LoadRenewal processes a message with no key control
block. It should update timers for the entire license.
Test: doc and comment change only
Bug: 153731804
Change-Id: I11a3069fcdbf67b369e2e2bc3fea8c08842eeb7b
(This is a merge of http://go/wvgerrit/96723.)
This syncs the document with the current version in Google Docs. Changes
since the last version:
* Specified that the Cobalt table only applies to First-Party Platforms
* Filled in gaps in Cobalt table
* Updated the Android R entry to reflect that some devices will stay on
v15
* Added further details on the contents of various OEMCrypto v16
versions
* Corrected Cobalt versions erroneously marked as Supported
* Updated copyright statement for 2020
* Reworded the header on the CE CDM section
* Corrected which CE CDM versions used OEMCrypto v8
* Put a section heading on the first table in the document to clarify
that it is not a table of contents nor a document version history
Bug: 151455443
Test: Verified PDF visually
Change-Id: I0a15f79a58a94cda178018373852582abb6c1463
Merge from Widevine repo of http://go/wvgerrit/92103
The document "docs/Upgrading_Widevine_Drm_to_Pi.pdf" has been updated
to version 1.1, which includes comments about updating level 3 data
when a device is updated from N to P, skipping O.
Bug: 137045379
Test: docs only.
Change-Id: I448efa34d1d3a40aec0b1aa14cf40ddd58846e63
Merge from Widevine repo of http://go/wvgerrit/93404
This is the unit tests, reference code, and documentation for
OEMCrypto v16.2. Backwards compatibility should work for a v15
OEMCrypto.
Some review comments will be addressed in future CLs.
Bug: 141247171
Test: Unit tests
Test: Media GTS tests on bonito
Change-Id: I9d427c07580e180c0a4cfdc4a68f538d351c0ddd
Merge of http://go/wvgerrit/93404
This CL updates the Widevine CDM to support OEMCrypto v16.1
Test: Tested in 16.2 CL
Bug: 141247171
Change-Id: I69bd993500f6fb63bf6010c8b0250dc7acc3d71b
Merge from Widevine repo of http://go/wvgerrit/77604
Test: ran unit tests
Bug: 131326334 Nonce collision should be avoided in open sessions
Bug: 131325434 mac key iv should not be 16 bytes before encrypted mac key
Bug: 129368634 HDCP 2.3 and 2.2 are not distinguishable
Bug: 127423611 Question about OEMCrypto V15 API
Bug: 124312571 Picture-in-Picture -- is it really needed for Android TV?
Bug: 131175454 Extend Provisioning 3.0 Schedule
Bug: 131359743 Do not allow multiple LoadKeys in a session
Change-Id: I8db4ec921978ea918adb17420db86de69e806120
Merge from Widevine repo of http://go/wvgerrit/74624
and http://go/wvgerrit/77025
Several people have asked how many keys / session are required as a
function of OEMCrypto version. That is often enough that this
information should go in the version compatibility document.
Bug: 128628354
Test: documentation change only
Change-Id: I3031013aab2feb38a0c5ce7e5304ec0d50487ea3
Merge from Widevine repo of http://go/wvgerrit/72624
Update the Android supplement for Android Q and OEMCrypto v15.
Test: doc change only
Bug: 119832138
Change-Id: Ie58dcadf4cdb0cd3264b630b5f6f80789ba50e9c
Merge from Widevine repo of http://go/wvgerrit/68184
Please add comments to the original documents at http://go/oemcrypto
or http://go/wvdelta15.
Some unit tests will need to be updated. Those will be in a separate CL.
bug: 120795057 Full Decrypt Path Testing - change design
bug: 119688262 Full Decryption Path Test update section in go/wvdelta15
bug: 117898271 Corrections to Documentation
bug: 119881959 Remove shared license from documentation.
bug: 80540710 Document double call to OEMCrypto_DeactivateUsageEntry
Test: documentation and comment change only
Change-Id: I1ef35e15207d3dabea8329a1f05518370ec099e6
Merge from master branch of Widevine repo of http://go/wvgerrit/66069
Merge from oemcrypto-v15 branch of Widevine repo of http://go/wvgerrit/62420
This is the full API -- not just the delta.
Bug: 111939411
Test: docs only
Test: tested as part of http://go/ag/5501993
Change-Id: Id839bf10666e271c882fc437f9ebbd3941d23784
Merge from master branch of Widevine repo of http://go/wvgerrit/66068
Merge from oemcrypto-v15 branch of Widevine repo of http://go/wvgerrit/62066
Bug: 111939411
Test: docs only
Test: tested as part of http://go/ag/5501993
Change-Id: Ic682b603cd6d90b10df433b76c071c303b4e35cc
Merge from Widevine repo of http://go/wvgerrit/53980
The provisioning doc changed names, and I accidentally added the new one
without deleting the old one.
I also added a watermark to the newer one.
Change-Id: Ib6e553aa5222c0c59dc03a897229645d37e4189e
Merge from Widevine repo of http://go/wvgerrit/49580
This document explains which version of OEMCrypto is compatible with
which version of CE CDM or Android. The intent is to share this on
all Widevine partner repos.
bug: 77637828
Change-Id: Id7db8f9cb5f2a5c6bf35dfecd2ae3b3fabd09c56
testing: documentation only
Merge from Widevine repo of http://go/wvgerrit/51081
Clarifies the Level 3 OEMCrypto library, talks about build files, and data
migration.
test: documentation only
bug: 74242000
Change-Id: Id1c9f9cb44f0b3e5bc084458b1d934b9fea18ac8
Some documentation updates.
Merge from Widevine repo of http://go/wvgerrit/50941
bug: 79940606 OEMCrypto_PST_Report are network byte order
bug: 79874942 [Documentation] PST_Report struct layout differs from documentation
bug: 74010869 CGMS Best Effort
test: documentation change only
Change-Id: I1e9149efcfa5d91c503b74e6776ebb8f25cda15c
Merge from Widevine repo of http://go/wvgerrit/47760
This CL adds a pdf of the document Widevine DRM Device Provisioning
Models, which explains the difference between Provisioning 2.0 and
3.0.
bug: http://b/74242000 Update Integration Guide
test: documentation only.
Change-Id: I64026ab4e93931adaa168d99939ee71d760e5862
Merge from Widevine repo of http://go/wvgerrit/41641
test: In child CL.
bug: 64001862 OEMCrypto V14 for Android P
Change-Id: I707c4dc24aa534c92b099cd310b9afd09168d456
These are a set of CLs merged from the wv cdm repo to the android repo.
* Correct error logging
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/40000 ]
In tests, we set the cipher list to avoid using insecure
ciphers when connecting to the provisioning/license service.
The result of setting the cipher list was being incorrectly
validated.
Bug: 64847919
* Move mips cache headers to clear_cache_function.h
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39700 ]
Since the clear_cache function has been moved away from the dynamic
adapter, we need these conditional includes to be migrated as well for
MIPS.
* Comment out Level 3 debug call until merge
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39761 ]
This call was introduced in go/wvgerrit/34260/. Since the haystack tool
in google3 still needs this merge, this should be commented out so the
tool can still build until the merge has finished.
* Add logging for MAC keys to mock
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39740 ]
Bug: 70637842
* Move external interfaces into level3.h + refactor
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39673 ]
As part of b/70523618, this CL moves interfaces that partners are
responsible for in Level 3 to level3.h so they can be visible as
part of the CDM release process. It also cleans up some of the
names of the files and adds documentation.
* Corrected close session logging level
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/39676 ]
Bug: 69460963
* Remove Security Level Path Backward Compatibility Support
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/39505 ]
From the android K release onwards certificates were stored in
security level specific directories. If upgrading from
previous releases persistent information needed to be moved
to those directories.
Since no device is likely to upgrade from J to Pi, comptibility
support can be removed.
Bug: 70160032
* Rename privacy_crypto_openssl To privacy_crypto_boringssl
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37122 ]
Now that we no longer support OpenSSL in the Shared Source CDM, the name
of this file can be updated.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Remove Conditional Compilation from OpenSSL/BoringSSL
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/39460 ]
This change removes the usages of conditional compilation to support
both BoringSSL and OpenSSL, as well as to support multiple versions of
the OpenSSL API. All code is now compiled against one of the two
versions of BoringSSL in third_party/.
Note that in some cases, the kit/ and legacy_kit/ versions of BoringSSL
had different APIs, so when removing the OpenSSL version compatibility
conditional compilation, sometimes the older branch was kept and
sometimes the newer branch was kept.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Build CE & Jenkins CDMs With BoringSSL from third_party/
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37120 ]
Up until now, integrators have been responsible for providing a
compatible crypto library for use by the CE CDM. (either OpenSSL or
BoringSSL) After this change, this decision will no longer be in their
hands. The CE CDM build will always use the copy of BoringSSL in
third_party/, which will be statically linked with our library with
hidden visibility. This allows us to better control what crypto library
we use and will prevent continuing problems with trying to support both
OpenSSL and BoringSSL.
Unfortunately, BoringSSL began using C++11 in mid-2017, and we can't
support C++11 right now. Until we can, we need to use a C++11-free
version of BoringSSL for libssl. The CDM itself will continue to use a
recent BoringSSL, as it only needs libcrypto. But the unit tests that
need libssl have to use the legacy version.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Modified RNG for Level3 to use more entropy
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39220 ]
Bug: 65165076
Modified seed generation to use an xor of clock_gettime and
client-implemented code to supply random seeds to the RNG. Modified the RNG
as well to use xoroshiro128+ instead of xorshift, since it uses more
than one seed/state (which are 64-bit) and has higher "statistical quality".
The default implementations for the seed generation use /dev/urandom.
* Configure base path for Level3FileSystem
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39506 ]
This is in response to b/70354006. This change makes the
Android Level3FileSystem use the existing properties method
GetDevicesFilesBasePath for binderization. The same is done for the
Linux implementation.
* Add legacy_kit/ to BoringSSL Directory
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/38861 ]
This adds a second copy of BoringSSL to the third_party/boringssl/
directory. This second copy is pinned to the last revision of BoringSSL
not to require C++11 and is not updated by the UPDATE_BORINGSSL.sh
script. This second copy will be used to provide libssl to the tests on
devices that do not support C++11.
Once we support C++11 in the CDM again, this weight should be removed
and all targets should use the copy of BoringSSL in the kit/ directory.
Bug: 67907873
* Use Shared Libraries for Unit Tests
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/38860 ]
Some unit tests were using a statically-linked CDM instead of a
dynamically-linked one. (Or, in one case, trying to link both ways into
the same binary.) For now, we need to only link dynamically, so that the
unit tests and the CDM can use different versions of BoringSSL.
Long-term, we would like to test both kinds of linkage. (See b/69548115
for that.)
Some unit tests were also using a dynamicaly-linked CDM that was named
such that it appeared to be statically-linked. This patch renames some
targets to make the linkage clearer.
Bug: 67907873
* Change CDM_Backwards_Compatiblity_Tests to dedicated brances
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/39003 ]
The build scripts used by CDM_Backwards_Compatiblity_Tests now pull
old versions of oemcrypto from the dedicated branches oemcrypto-v*,
which [will eventually] contain old oemcrypto versions, that build
with the current build system with a current boringssl version.
bug: 67907873
* Fix spacing on level3 header
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/38760 ]
* Correct Query status calls
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/38640 ]
Bug: 70160032
* Refactoring to allow encryption of client ID
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/37460 ]
The code has been restructured to allow encryption of client
identification in provisioning requests. This will be enabled
when server side changes have been made (b/69427217).
* Additional information is included in the Client Identification
portion of the provisioning request.
* Client identification will be encrypted with a service
certificate provided by the app/client. Platform changes
to enable passing this to core are needed. If a service certificate
is not provided, a default one associated with the production Keysmith
will be used.
* Switched APIs in CdmEngine to take a service certificate for
provisioning rather than licensing. Service certificates for
licensing are session based and passed as properties from platform
code.
Bug: 30737060
* Allow some CDM errors to be reported from multiple locations
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/38360 ]
This creates some CdmResponseType errors which may be reused
PARAMETER_NULL, NOT_INITIALIZED_ERROR, REINIT_ERROR.
I have made changes to a few classes to report these errors.
Will work on additional classes in a separate CL.
Bug: 69864404
BUG: 71650075
Test: WV Unit/integration tests
Change-Id: Icc048770d424ac537d11ff327cda2cb142da802d
Merge from Widevine repo of http://go/wvgerrit/27462
This updates the documentation for OEMCrypto:
1) Clarification on values for the key control block verification
field. Unit tests for this change are already in the code.
2) Clarification on how Offline License Release messages are signed.
And for the Android supplement:
3) liboemcrypto.so may be installed in several places.
b/38422219
Testing: docs only change. no testing needed.
Change-Id: Iab3f5b585a41c80c5d7aa5f00aabce2de2df3a79
Merge from Widevine repo of http://go/wvgerrit/24305
This CL adds a pdf of the document "Widevine L1 Provisiong Models"
to the source directory so we can share with partners.
bug: 35880276
Change-Id: I60ea958b2e4cefc783c692ad78784b7071f59e2e
Merge from Widevine repo of http://go/wvgerrit/23482
Now that the documentation has been approved, it's time to
copy text from http://go/oemcrypto to OEMCryptoCENC.h
This also has all the little tweaks to the documents that have been
requested over the past couple of weeks.
b/31458046
Change-Id: I5b865031eb7945005c06bf1b00ecfaaedcad15f4
Merge from Widevine repo of http://go/wvgerrit/22788
Merge from Widevine repo of http://go/wvgerrit/22887
This CL updates the documents for OEMCrypto v13, and adds the version
number to the file name. There are no code changes.
b/34080119 Source and destination buffers may point to same buffer
b/32776334 Support 3072 bit RSA keys
b/33815454 Add Flag to disable Analog Outputs
b/28955873 Add support for Google hosted SRM
b/32554171 Usage table entry eviction and sharing by apps
b/31458046 Android Requires OEMCrypto v13
Change-Id: Id99f3c41e70451d0c73209797e9fa14e7b15cc1d
Merge from Widevine repo of http://go/wvgerrit/18603
This is the documentation changes for OEMCrypto v12. This
includes Provisioning 3.0 changes.
Comments can be put in the original Google docs:
http://go/oemcrypto WV Modular DRM Security Integration Guide for
Common Encryption (CENC)
http://go/wvdelta12
WV Modular DRM Version 12 Delta
The following features and changes are documented, but not
implemented:
b/28887904 Buffer Size Unit Tests
b/28294273 All OEMCrypto functions should return same error code
when key expires
b/24469550 Enforce Maximum 16 Byte Key ID Length
b/30140448 Minimum 16 keys per OEMCrypto_Session
b/28316108 Feature Request Key Control Block "No Digital Output"
b/8608578 OEMCrypto_RefreshKeys should not alter key control
setting except duration
b/30120064 Add OEMCrypto Unit Test for non-paired subsamples
(for VP9)
b/30141311 Sample OEM Certificate Needed
b/31381719 Divide Samples into Subsamples of at most 100k bytes
Change-Id: Ibf03b55cda822a676cd174ddc292bb35177cddbe
Merge from widevine repo of http://go/wvgerrit/17877
The final spec for CENC says that partial encrypted blocks are only
allowed for "cenc" mode, and not for "cens" mode. Also, the
pattern_offset must be 0 for all calls to OEMCrypto_DecryptCENC.
Review doc changes http://go/wvdelta11 and http://go/oemcrypto
Notice that this CL affects documentation and test code only. No
production code is affected.
b/28718266
b/28817376
Change-Id: I1d6a38a763a2b693ea0c26bc909e1c721b8facaf
Merge from widevine repo of http://go/wvgerrit/17463
This CL updates the unit tests to verify that
OEMCrypto_Generic_Encrypt and OEMCrypto_Generic_Decrypt can handle a
buffer size of at least 100k. It also adds code to the
oemcrypto_dynamic_adapter so that buffer sizes that are larger than
100k are broken into chunks of 100k.
All Nexus devices targeted for N pass these tests.
b/27040752
Change-Id: Iaf5c65d2f0b69e60f03cc99732d1ecab60658049
Merge of http://go/wvgerrit/17040
The delta document specified the wrong error code if
Minimum_Security_Patch_Level is not valid. The correct error is
OEMCrypto_ERROR_UNKNOWN_FAILURE.
b/27524999
Change-Id: I0c5d9b6d40b384ae3550348569d78c60093a65d4
Merge of http://go/wvgerrit/16300
This CL removes gtest and boringssl from
build_and_run_all_unit_tests.sh. Instead, we change each "mm"
to "mm || mma". Thus, if mm fails, we assume it is because of a
missing dependency and try mma which builds all dependencies.
bug: 25297287
Change-Id: Ief76fa4077e4cd8653da9306cc92ed14cf080564
Merge of widevine change http://go/wvgerrit/16249
This CL adds unit tests and reference code for the security patch
level, which is a new feature in OEMCrypto v11. This CL also adjusts
the dynamic and static adapters to still run with devices that have a
v10 OEMCrypto.
The level 3 haystack code will be updated in a future CL.
bug: 26188985
Change-Id: I518ef46b4098cf3718fe0c0390bfb6825db4fb6b
Merge from widevine repo of http://go/wvgerrit/16186
These are the OEMCrypto v11 documents and header files. I have updated
just enough code so that existing unit tests pass. New unit tests,
the reference implementation, and the level 3 implementation are in
future CLs.
Change-Id: I9bbf1909e047f63a5877320a2d06740a3c4a3e32
Merge from widevine repo of http://wvgerrit/14219
This updates the integration guide to include a definition of the
keybox. Previously, there was a broken link in the description of
IsKeyboxValid.
This CL also updates the android supplement to describe how to request
a keybox. I just copied the information from the legacy integration
guide.
Change-Id: I486a3ccad9889a732a9c1374c40b793deb249459
This is a merge from the Widevine repository of
http://go/wvgerrit/14024
Add Level 3 Oemcrypto Unit Tests To Run All Tests Script
This CL adds the ability to restrict the oemcrypto unit tests to only
use the fall back level 3. This restriction is per-process, and is
only used while running the unit tests. This allows us to automate
running the unit tests on an android device as both level 1 and level
3 without modifying files in /system/lib. To turn on the restriction,
set the environment variable: FORCE_LEVEL3_OEMCRYPTO=yes.
New level 3 library versions are:
level3/arm/libwvlevel3.a Level3 Library Apr 8 2015 13:09:05
level3/x86/libwvlevel3.a Level3 Library Apr 8 2015 13:15:42
http://go/wvgerrit/14055
Remove Redundant Tests
This CL modifies the UsageTableTests in oemcrypto_test.cpp so that
they are not all parameterized by new_mac_keys_. This parameter is
used when testing signatures. In particular, we do not need to verify
timing twice.
Also, I modified the run_all_unit_tests.sh script so that the
environment variable GTEST_FILTER is passed down to the android
process. This allows us to use the script to run a limited list of
tests while debugging.
http://go/wvgerrit/14054
Filter Out API Version 10 Tests
This CL updates the OEMCrypto tests so that all but one test will pass
for a device that implements the version 9 API.
Android LMP devices should pass tests with
GTEST_FILTER="*-*MNC*:*CanLoadTestKeys*"
http://go/wvgerrit/13886
Update Documentation about Optional Features
The intergration guide has been updated to include reference to
OEMCrypto_LoadTestRSAKey. It also now discusses optional features.
The Delta 10 document now mentions OEMCrypto_LoadTestRSAKey.
The android supplement warns that most optional features are required.
This also adds clarification about which functions should save the
usage table, in answer to:
b/16799904 OEMCrypto v9 ambiguous about saving usage table information
Change-Id: Ifb517d58952c9b332b2958ca99af64bc293b985f
This is a merge of http://go/wvgerrit/13391 from the Widevine
repository. Most of the changes were already merged, but I forgot to
"git add" this new file.
Change-Id: Ie6875dc7f0d5a81c04bc5247e7d5ae0d033f695b
This is a merge of http://go/wvgerrit/13391 from the Widevine repository.
This CL adds the OEMCrypto version 10 API to the header, and changes
just enough code so that code still compiles. There are no unit tests
or implementation.
The level 3 libraries are just stubs so that tests will compile.
level3/arm/libwvlevel3.a Level3 Library Mar 11 2015 13:33:21
level3/x86/libwvlevel3.a Level3 Library Mar 11 2015 15:20:27
Change-Id: I41de753a2a60da29b756c3327341ece72069d8bb
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11115/
This CL just updates the integration guide. In particular, the
following clarifiaction is made about usage tables:
The sentence:
When the session using this key is closed, the entry in the table will
be marked as inactive.
is replaced by
After the session using this key is closed, the application will
request that the entry in the table will be marked as inactive.
This should make it clear that OEMCrypto should not automaically
deactivate usage entries. This behaviour is already verified by unit
tests.
bug: 17405160
Change-Id: If836c7c76205e6759c1c194a6f31232c52c4f179
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11030
It is an error for the key control block to have a nonzero replay
control flag and a null pst. This CL adds unit tests to
oemcrypto_test to verify that oemcrypto checkes this. A unit test is
also added for verifying that an offline license has a valid nonce the
first time it is loaded.
It also updates the reference implementation (mock) to check that the
pst is not empty when the replay control flag is nonzero.
It also updates the level 3 implementation to check that the pst is
not empty when the replay control flag is nonzero.
This change is compiled into the arm library, but because of
compilation errors, is not included in x86 or mips.
Current Library Version:
arm: Level3 Library Aug 27 2014 18:42:40
bug: 16525204 OEMCrypto unit test for reloading offline license
bug: 16844305 Mock OEMCrypto does not catch null pst
Change-Id: Icdb090e80fc92522c187b26f30e5ba082f26363b
Because the OEMCrypto_PST_Report is sent as a signed block to the
server, it needs to be a fixed, platform independent, size. This CL
adds the packed attribute to the structure, which reduces its size
from 56 bytes to 48 bytes.
Copy of widevine change:
https://widevine-internal-review.googlesource.com/#/c/10321/
Library Versions:
libwvdrmengine/level3/x86/libwvlevel3.a Level3 Library May 30 2014 15:40:50
libwvdrmengine/level3/arm/libwvlevel3.a Level3 Library May 30 2014 15:39:04
bug: 15184821
Change-Id: I54db2c3bbc4e20ee0c19c33d6fd56f86f432e110
What can the user do with the security setting:
- open and view the doc
- print the doc
- no copying of content
- can add comment, filling in forms and signing existing signature fields
(no forms or signature fields in the doc),this option is bundled together
(it is nice to allow the user to add notes to the doc)
bug: 14294953
Change-Id: I8690ccd16daffbd62549c1e4e137880b196c12d4
This change is copied from the widevine CL:
https://widevine-internal-review.googlesource.com/#/c/10163/
Because the OEMCrypto_PST_Report is sent as a signed block to the
server, it needs to be a fixed, platform independent, size. This CL
adds the packed attribute to the structure, which reduces its size
from 56 bytes to 47 bytes.
Change-Id: I2bae058b7eb0ac54ba9fad355f3d85ddc2cd4a58
This is a copy of the Widevine CL:
https://widevine-internal-review.googlesource.com/#/c/9480/
This change is part of OEMCrypto API version 9.
This CL adds verification that a key control block which requires a
specific version of HDCP can be loaded. Also, if secure data path is
not set, it verifies that data is still decrypted.
This CL also adds test that verify DecryptCTR fails when the current
HDCP version is below that in the key control block. The expected
error is OEMCrypto_ERROR_INSUFFICIENT_HDCP. This error code is newly
introduced in this CL.
This is one attempt to clarify HDCP, as specified in b/13626021, and
is a slight modification from previous behavior for the mock and the
level 3 haystacked code.
This CL also tests the two valid verification codes "kctl"
and "kc09".
bug: 13626021
Change-Id: If380709d2306a3489470b29fb148a45b609b089d
