Some documentation updates.
Merge from Widevine repo of http://go/wvgerrit/50941
bug: 79940606 OEMCrypto_PST_Report are network byte order
bug: 79874942 [Documentation] PST_Report struct layout differs from documentation
bug: 74010869 CGMS Best Effort
test: documentation change only
Change-Id: I1e9149efcfa5d91c503b74e6776ebb8f25cda15c
Merge from Widevine repo of http://go/wvgerrit/47860
This CL updates the copyright notice to indicate that files
shared with partners are shared under the Widevine Master
License Agreement.
bug: 77926774
test: comment change only
Change-Id: I0423668111578b80fb39a932d763df2827e2dfc3
Merge from Widevine repo of http://go/wvgerrit/42063
The dynamic adapter could not load old LoadKeys functions because the
spelling was wrong.
bug: 72646612
Change-Id: Ia6d917a17a95c48925496c5959ddb2bdff771241
Merge from Widevine repo of http://go/wvgerrit/41641
test: In child CL.
bug: 64001862 OEMCrypto V14 for Android P
Change-Id: I707c4dc24aa534c92b099cd310b9afd09168d456
These are a set of CLs merged from the wv cdm repo to the android repo.
* Resolve intermittent decrypt error.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35720 ]
The CdmSession's closed state was not properly
initialized resulting in intermittent
SESSION_NOT_FOUND_FOR_DECRYPT errors.
In CdmEngine::Decrypt the session is looked up by
the key id. A list of open sessions is acquired
by calling CdmSessionMap::GetSessionList and each
session in the list is queried to see if it has
the key.
In building the list in CdmSessionMap::GetSessionList,
sessions are only added to the query list *if* the session
is not closed.
The closed status was not initialized and during testing
the query list would not contain the session causing
CdmEngine::Decrypt to return SESSION_NOT_FOUND_FOR_DECRYPT
resulting in the ce cdm api returning widevine::Cdm::kNoKey.
* No support for pre- C++11 compilation.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35381 ]
* Handle unaligned nonce pointer in RewrapDeviceRSAKey calls.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35340 ]
The pointer points into a message and it may not be aligned.
Always copy the nonce into aligned memory before checking it.
BUG: 38140370
Add note to CHANGELOG for this.
* Compiler strictness: more checks and code cleanup.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35300 ]
Use the switches proposed in b/38033653 (as much as possible - some
conflicts with protobufs and gtest prevent fully accepting them).
Switch to clang for x32 build; ensure that both x86-64 and x86-32 builds
compile and link cleanly.
BUG: 38032429
BUG: 38033653
This partially resolves b/38458986
* Android build fixes
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/35102 ]
These corrections address compile warnings and errors for android
and unit tests.
* Embedded License: Add sub license key sessions.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/33680 ]
NOTE: this adds the AddSubSession() method, but it is not yet being
used. Use and proper cleanup is in an upcoming CL.
* Embedded license: Add track label field.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/33660 ]
A new track label field (a string) is added to the key container and the
sub session data objects.
This field will be used in handling sub license requests.
* Embedded license: extract keys from init_data.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/33621 ]
* Embedded license: add protobuf messages.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/33620 ]
also sync the widevine header definition with recent naming changes.
* Improve handling of provisioning response errors.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/33600 ]
Separate out the case of no response and the case
where the message is believed to be a JSON+base64
message but it doesn't parse properly.
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I3c86f1c54980b071aec7461ac58541836551f896
These are a set of CLs merged from the wv cdm repo to the android repo.
* Enable Cast for Android Things build.
Author: Thoren Paulson <thoren@google.com>
[ Merge of http://go/wvgerrit/29941 ]
Added a path to make_cast_libwvlevel3 for Android Things. Added the new
system id to the preprocessor guards in android_keybox.cpp. Guarded the
references to stderr in page_allocator.cpp because for some reason they
don't get resolved when we link against the resulting library.
BUG: 63443584
* Resolve memory leaks in use of OpenSSL.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32700 ]
Use of EVP_CIPHER_CTX requires a call to EVP_CIPHER_CTX_cleanup().
* Memory leak in OpenSSL RSA key handling.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32621 ]
This fixes a range of tests. --gtest_filter="CdmDecrypt*" runs
five tests and still loses 5 objects totalling 1320 bytes (down
from 6200 bytes).
* Unit test and mock OEMCrypto memory leaks.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32640 ]
More memory leak cleanup. All remaining leaks are due
to calls to CRYPTO_malloc() without the matching free
(i.e., calls into openssl).
* Clean up memory leaks in tests.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32600 ]
This is the first pass at cleaning up memory leaks. These leaks
were affecting a lot of tests, making it hard to identify more
serious leaks.
Switch to unique_ptr<> pointers for CdmEngine in
generic_crypto_unittest tests for FileSystem object in
mock OEMCrypto's CryptoEngine object.
* Fix broken tests - linux-only & address sanitizer failures.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32460 ]
Fix broken test:
WvCdmEnginePreProvTestStaging.ServiceCertificateInitialNoneTest
Fix failures found by address sanitizer:
DeviceFilesUsageInfoTest.RetrieveByProviderSessionToken
DeviceFilesUsageInfoTest.UpdateUsageInfo
NOTE: address sanitizer cannot handle EXPECT_CALL macros containing
a call with a Contains matcher as an argument, e.g.:
EXPECT_CALL(file,
Write(Contains(certificate, wrapped_private_key, 0),
Gt(certificate.size() + wrapped_private_key.size())))
The address sanitizer reports a crash, issues a report, and stops. A
temporary fix is to replace the "Contains()" argument with "_".
* Usage license handling corrections
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28540 ]
Validate that offline licenses that do not contain a provider session
token are not handled by the TEE.
BUG: 38490468
Test: WV Unit/integration tests, GtsMediaTestCases,
WvCdmRequestLicenseTest.ReleaseRetryL3OfflineKeySessionUsageDisabledTest
* UsageTableEntry::CopyOldUsageEntry memcpy read out of range.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32220 ]
The function copies the pst from a variable length input vector
into a 256 byte character array. But the length argument was a
fixed value - MAC_KEY_SIZE. Depending on the actual PST length this
can lead to memcpy reading out of bounds or the PST getting truncated.
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I81a4593d7d04d0ef6069ce48d0601b6fbdd85de9
Below are a set of CLs being merged from the wv cdm repo to the android repo.
* Fix handling of OEM Cert public key.
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/27921 ]
This is a potential fix for b/36656190. Set aside public
key on first call to get the public key, and use it afterwards.
This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(),
which has side-effect of staging the OEM private key.
This also fixes a problem where the public cert string was
not being trimmed to match the size returned by
OEMCrypto_GetOEMPublicCertificate().
* Complete provisioning request/response for Provisioning 3.0
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Fix bug on provisioning request path where GenerateDerivedKeys()
was being called when preparing to generate the signature.
Add message signature verification, and call correct OEMCrypto
routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30).
* Implement Cdm::deleteAllUsageRecords()
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Delete all usage records for current origin. Removes usage
records from file system and retains the PSTs. The deletes
any usage entries matching those PSTs held by OEMCrypto.
BUG: 35319024
* Remove stringencoders library from third_party.
Author: Jacob Trimble <modmaker@google.com>
[ Merge of http://go/wvgerrit/27585 ]
We have a fork of the stringencoders library that we use for base64
encoding. This reimplements base64 encoding to remove the extra
dependency and to reduce the amount of code.
* Add Cdm::deleteUsageRecord() based on key_set_id.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27605 ]
Delete specified usage record from file system usage info and
from OEMCrypto.
BUG: 35319024
* Modifiable OEMCrypto
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/24729 ]
This CL adds a new variant of the OEMCrypto mock code that adjusts its
behavior based on a configuration file. This is intended for
testing.
For example, a tester can set current_hdcp to 2 in the options.txt
file, push it to the device, and verify that a license is granted for
HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and
push the file to the device. Playback should stop because the license
is no longer valid.
This variant uses a real level 1 liboemcrypto.so to push data to a
secure buffer. That means we can test playback for a license that
requires secure buffers on an Android device with real secure buffers.
BUG: 35141278
BUG: 37353534
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I58443c510919e992bb455192e70373490a00e2b6
[ Merge of http://go/wvgerrit/28265 ]
A vendor specific error (10008) in response to OEMCrypto_LoadKeys
indicates that usage table corruption has occurred and that
the only way to recover is to regenerate usage tables.
Recreating usage tables will result in loss of offline licenses
and usage information. To make the app aware that this information
will be lost, a provisioning exception is generated when this error
is detected. The app can then choose to reprovision and in turn
delete and recreate usage tables.
A new OEMCrypto error has been added whose use has been reserved.
Rather than correct OEMCrypto behaviour to use the new error code,
we choose to handle this within the CDM. The fix can then be ported
to prior android releases. Also this error will not be generated
with OEMCrypto V13+.
b/33817629
Test: WV Unit, integration and GTS tests.
Change-Id: I936fc234d101b6a92d86f5735d035d19ddcf19e3
Merge from Widevine repo of http://go/wvgerrit/24043
This CL simplifies the way the oemcrypto dynamic adapter handles
backwards compatibility while looking up old function pointers.
It also puts in guards for functions that do not have pointers.
Current Level 3 libraries merged from http://go/wvgerrit/23686/
level3/arm64/libwvlevel3.a Level3 Library 7283 Feb 15 2017 13:39:10
level3/mips64/libwvlevel3.a Level3 Library 7285 Feb 15 2017 13:51:12
level3/arm/libwvlevel3.a Level3 Library 4445 Feb 15 2017 14:20:04
level3/x86_64/libwvlevel3.a Level3 Library 7284 Feb 15 2017 13:43:04
level3/x86/libwvlevel3.a Level3 Library 4464 Feb 15 2017 14:14:55
level3/mips/libwvlevel3.a Level3 Library 4465 Feb 15 2017 14:10:04
Test: OEMCrypto Unit tests pass on bullhead, fugu, and all
six emulators. A bullhead was crippled to use L3 only, and
Play Movies worked OK. ExoPlayer tests were also run on the
bullhead. L1 was re-installed on the bullhead, and Play Movies and
ExoPlayer tests were repeated with no problems.
Bug: 18949752
Bug: 31458046
Change-Id: I8668fde1ce8a045c71bf33c566f3ff86e11821c5
Merge from Widevine repo of http://go/wvgerrit/23482
Now that the documentation has been approved, it's time to
copy text from http://go/oemcrypto to OEMCryptoCENC.h
This also has all the little tweaks to the documents that have been
requested over the past couple of weeks.
b/31458046
Change-Id: I5b865031eb7945005c06bf1b00ecfaaedcad15f4
Merge from Widevine repo of http://go/wvgerrit/23166
This changes OEMCrypto_CreateUsageTableHeader so that the new header
is passed back in a buffer to the cdm layer.
I hacked out the haystack call and just stubbed out the mock call.
This should still build and run with previous liblevel3.a builds.
I also removed from the header some function names that are no longer
part of OEMCrypto v13.
bug:31458046
Change-Id: Ie490c482fe2457076f9026369f4b4b9491a4eb81
Merge from Widevine repo of http://go/wvgerrit/23044
On some platforms, the compiler will not pack structures. This CL
replaces the OECrypto_PST_Report packed structure with a simple buffer
of uint8_t. This changes the signature of OEMCrypto_ReportUsage as
part of OEMCrypto v13.
There is also a new wrapper class that test code, the mock, and debug
code can use to access data in the report.
The old packed structure definition is moved to the level 3, where we
use a compiler that packs sructs when asked nicely.
arm/libwvlevel3.a Level3 Library 4445 Jan 20 2017 11:29:15
x86/libwvlevel3.a Level3 Library 4464 Jan 20 2017 11:10:49
mips/libwvlevel3.a Level3 Library 4465 Jan 20 2017 10:56:08
b/32180083
Change-Id: Ie138f034cb12780a2f8636888cebf022c52169e5
Merge from Widevine repo of http://go/wvgerrit/22963
This change kInactive to kInactiveUsed and adds kInactiveUnused to the
possible values for the status field in the Usage Report. This CL
updates the header, the unit tests, and haystack and reference code.
b/32714323
Change-Id: If8d8e32ea1e3dc18da34e5fae35f578b027de9c7
Merge from Widevine repo of http://go/wvgerrit/22899
This is most of the header changes for OEMCrypto v13. This updates
just enough of the code that existing unit tests build and pass.
The documentation will be reviewed in http://go/wvgerrit/22887. When
that CL has been approved, comments in the code will be updated to
match.
Real code will be broken into several other CLs.
bug:31458046
arm/libwvlevel3.a Level3 Library 4445 Jan 17 2017 20:01:26
x86/libwvlevel3.a Level3 Library 4464 Jan 17 2017 19:00:37
mips/libwvlevel3.a Level3 Library 4465 Jan 17 2017 19:24:35
Change-Id: I0318c53235c0b33afb623cba933365e09dec4e61
Merge of several CLs from the widevine repo.
Merge from widevine repo of http://go/wvgerrit/22440
Build OEMCrypto v12 Haystacks with cache flush
level3/mips/libwvlevel3.a Level3 Library 4465 Nov 29 2016 13:34:45
level3/arm/libwvlevel3.a Level3 Library 4445 Nov 29 2016 14:02:08
level3/x86/libwvlevel3.a Level3 Library 4464 Nov 29 2016 14:22:21
Merge from widevine repo of http://go/wvgerrit/22403
Pull cache flush out of Haystack
Merge from widevine repo of http://go/wvgerrit/21145
OEMCrypto v12 stubs -- just the header file changes.
Merge from widevine repo of http://go/wvgerrit/21146
Add OEMCrypto v12 functions to profiler
This CL adds the new oemcrypto v12 functions for provision 3.0 to the
list of profiler functions.
Merge from widevine repo of http://go/wvgerrit/21143
OEMCrypto v12 adapter
This CL updates the oemcrypto dynamic and static adpaters to include
oemcrypto v12 funtionality. It adds the three new Provisioning 3.0
functions.
It also adds code in the initialization routine to null out all of
the function pointers if any of them fail to load. It is better to
fall back to level 3 than to use an inconsistent level 1.
b/31528025
Change-Id: I3579dc93e00ad7e7c743beecdd8291eac557d4e4
Merge from widevine repo of http://go/wvgerrit/21710
This is the header changes for OEMCrypto v12. This includes
Provisioning 3.0 changes.
This CL was split off from http://go/wvgerrit//18603 because that
review is now concentrating on clarification and wording issues.
This CL is just for the header, and API changes.
Change-Id: I7cc423726433dcac9fb907246b6b6dd64f5c3367
This CL merges several CLs from the widevine repo:
http://go/wvgerrit/18012 Add support for querying allowed usage for key.
http://go/wvgerrit/17971 Add per-origin storage.
http://go/wvgerrit/18152 Add OEMCrypto's generic crypto operations to CDM.
http://go/wvgerrit/17911 QueryKeyControlInfo => QueryOemCryptoSessionId
Note: numbering in wv_cdm_types.h was added in this CL and will be
back ported to wvgerrit in a future CL.
Change-Id: Idb9e9a67e94f62f25dc16c5307f75a08b3430b64
Merge of widevine change http://go/wvgerrit/16249
This CL adds unit tests and reference code for the security patch
level, which is a new feature in OEMCrypto v11. This CL also adjusts
the dynamic and static adapters to still run with devices that have a
v10 OEMCrypto.
The level 3 haystack code will be updated in a future CL.
bug: 26188985
Change-Id: I518ef46b4098cf3718fe0c0390bfb6825db4fb6b
Merge from widevine repo of http://go/wvgerrit/16186
These are the OEMCrypto v11 documents and header files. I have updated
just enough code so that existing unit tests pass. New unit tests,
the reference implementation, and the level 3 implementation are in
future CLs.
Change-Id: I9bbf1909e047f63a5877320a2d06740a3c4a3e32
This is a merge from the widevine repository of
http://go/wvgerrit/13923 Switch openssl to use the EVP interface for aes-ctr-128
http://go/wvgerrit/13979 Add Test Certificate to OEMCrypto Mock
http://go/wvgerrit/13978 Add Test Keybox to Level 3 OEMCrypto
http://go/wvgerrit/13873 Enable OEMCrypto Unit Tests
This CL adds a main program to oemcrypto_test.cpp, which filters out
tests that are not supported on the specified platform. It also adds
LoadTestKeybox to the mock. This allows oemcrypto unit tests to be run
on devices that have production keybox. It also allows the same set
of unit tests to work on Android and on non-Android platforms.
b/18962381 Use test certificate (partial fix)
b/19867990 Separate cast receiver tests
Change-Id: If89c31530103ed85aa37d7379bd5b4dc2a927f38
This is a merge of http://go/wvgerrit/13391 from the Widevine repository.
This CL adds the OEMCrypto version 10 API to the header, and changes
just enough code so that code still compiles. There are no unit tests
or implementation.
The level 3 libraries are just stubs so that tests will compile.
level3/arm/libwvlevel3.a Level3 Library Mar 11 2015 13:33:21
level3/x86/libwvlevel3.a Level3 Library Mar 11 2015 15:20:27
Change-Id: I41de753a2a60da29b756c3327341ece72069d8bb
Because the OEMCrypto_PST_Report is sent as a signed block to the
server, it needs to be a fixed, platform independent, size. This CL
adds the packed attribute to the structure, which reduces its size
from 56 bytes to 48 bytes.
Copy of widevine change:
https://widevine-internal-review.googlesource.com/#/c/10321/
Library Versions:
libwvdrmengine/level3/x86/libwvlevel3.a Level3 Library May 30 2014 15:40:50
libwvdrmengine/level3/arm/libwvlevel3.a Level3 Library May 30 2014 15:39:04
bug: 15184821
Change-Id: I54db2c3bbc4e20ee0c19c33d6fd56f86f432e110
This change is copied from the widevine CL:
https://widevine-internal-review.googlesource.com/#/c/10163/
Because the OEMCrypto_PST_Report is sent as a signed block to the
server, it needs to be a fixed, platform independent, size. This CL
adds the packed attribute to the structure, which reduces its size
from 56 bytes to 47 bytes.
Change-Id: I2bae058b7eb0ac54ba9fad355f3d85ddc2cd4a58
This is a copy of the Widevine CL:
https://widevine-internal-review.googlesource.com/#/c/9480/
This change is part of OEMCrypto API version 9.
This CL adds verification that a key control block which requires a
specific version of HDCP can be loaded. Also, if secure data path is
not set, it verifies that data is still decrypted.
This CL also adds test that verify DecryptCTR fails when the current
HDCP version is below that in the key control block. The expected
error is OEMCrypto_ERROR_INSUFFICIENT_HDCP. This error code is newly
introduced in this CL.
This is one attempt to clarify HDCP, as specified in b/13626021, and
is a slight modification from previous behavior for the mock and the
level 3 haystacked code.
This CL also tests the two valid verification codes "kctl"
and "kc09".
bug: 13626021
Change-Id: If380709d2306a3489470b29fb148a45b609b089d
This is a copy of the Widevine CDM change:
https://widevine-internal-review.googlesource.com/#/c/9337/
This CL provides some shim code that allows the Eureka
version 8 oemcrypto library to be linked and run with CDM.
As part of this change, obfuscated names in OEMCryptoCENC.h have been
changed.
Change-Id: I18a1f91f0dfde0006591f800f8f8a034f32d9004
This merges the following changes from the Widevine CDM repository:
bef58bc Add new error codes
Adds new error codes to OEMCryptoCENC.h and rearranges it to more
closely match the documentation.
5fcfbca Handle OEMCrypto_ERROR_INSUFFICIENT_RESOURCES on Decrypt
Changes the CDM to support the new errors from the previous change.
d59c09d Report Insufficient Crypto Resources
Changes the DrmEngine to support the new errors from the previous
change.
1085a21 Respond to Too Many Keys or Sessions Errors
Allows errors around having too many keys or sessions to result in
a unique error in the CDM.
Bug: 9695816
Change-Id: I826bc655109fa57e4f75de7158d7f392053666b1
Upgrade to version 2.1 of license protocol in OEMCrypto.
related-to-bug: 8621521
Merge of https://widevine-internal-review.googlesource.com/#/c/4952/
from Widevine CDM repository to android repository.
Change-Id: I0d85dae1981b7525ab17aec5f21cf668d078bf47
This change incorporates the following CLs from the Widevine
cdm repository:
Update the java request/response test app to match Drm API changes
Don't build the mock liboemcrypto.so by default
Do not build CDM tests by default
Fix Build Break in DrmEngine Unit Tests
Fix Build Break in WVDrmPlugin
Initial version of roadmap for CDM projects.
Implement License Query
Implement Generic DRM in OEMCrypto Reference Implementation
Add key_data_length field when calling OEMCrypto_LoadKeys
Policy engine unittests
Generalized DRM API for OEMCrypto
Fixes proto buf libraries build.
Add Version Number to OEMCrypto API
Test key control block duration field in OEMCrypto
Add fix for missing crypto offset.
Fixed android/media*/test builds and added proto files for Cert. provisioning
Refactor and clean up callback code in CDM.
Add "device_id" name-value pair to LicenseRequest::ClientIdentification
Separate unit and end-to-end tests from the top level makefie.
Includes changes for 'fall back to l3 oemcrypto lib' in top level makefile.
Fall Back to Level 3 if Level 1 Fails
Fix compilation error in wvcdm_unittest.
Fix Android build break due to Decrypt() signature change in cdm_engine.h.
Wire up callbacks and errors in the Steel proxy.
Fix lock assert if there is no keybox on the device.
RSA Certificate Unit Test
Change Generic_Verify signature to constant.
Change-Id: I2e42db9d0b4f8d4e833675ae81d0714509bbfd2c
Builds libwvmdrmengine.so, which is loaded by the new
MediaDrm APIs to support playback of Widevine/CENC
protected content.
Change-Id: I6f57dd37083dfd96c402cb9dd137c7d74edc8f1c
