These are a set of CLs merged from the wv cdm repo to the android repo.
* Enable Cast for Android Things build.
Author: Thoren Paulson <thoren@google.com>
[ Merge of http://go/wvgerrit/29941 ]
Added a path to make_cast_libwvlevel3 for Android Things. Added the new
system id to the preprocessor guards in android_keybox.cpp. Guarded the
references to stderr in page_allocator.cpp because for some reason they
don't get resolved when we link against the resulting library.
BUG: 63443584
* Resolve memory leaks in use of OpenSSL.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32700 ]
Use of EVP_CIPHER_CTX requires a call to EVP_CIPHER_CTX_cleanup().
* Memory leak in OpenSSL RSA key handling.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32621 ]
This fixes a range of tests. --gtest_filter="CdmDecrypt*" runs
five tests and still loses 5 objects totalling 1320 bytes (down
from 6200 bytes).
* Unit test and mock OEMCrypto memory leaks.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32640 ]
More memory leak cleanup. All remaining leaks are due
to calls to CRYPTO_malloc() without the matching free
(i.e., calls into openssl).
* Clean up memory leaks in tests.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32600 ]
This is the first pass at cleaning up memory leaks. These leaks
were affecting a lot of tests, making it hard to identify more
serious leaks.
Switch to unique_ptr<> pointers for CdmEngine in
generic_crypto_unittest tests for FileSystem object in
mock OEMCrypto's CryptoEngine object.
* Fix broken tests - linux-only & address sanitizer failures.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32460 ]
Fix broken test:
WvCdmEnginePreProvTestStaging.ServiceCertificateInitialNoneTest
Fix failures found by address sanitizer:
DeviceFilesUsageInfoTest.RetrieveByProviderSessionToken
DeviceFilesUsageInfoTest.UpdateUsageInfo
NOTE: address sanitizer cannot handle EXPECT_CALL macros containing
a call with a Contains matcher as an argument, e.g.:
EXPECT_CALL(file,
Write(Contains(certificate, wrapped_private_key, 0),
Gt(certificate.size() + wrapped_private_key.size())))
The address sanitizer reports a crash, issues a report, and stops. A
temporary fix is to replace the "Contains()" argument with "_".
* Usage license handling corrections
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28540 ]
Validate that offline licenses that do not contain a provider session
token are not handled by the TEE.
BUG: 38490468
Test: WV Unit/integration tests, GtsMediaTestCases,
WvCdmRequestLicenseTest.ReleaseRetryL3OfflineKeySessionUsageDisabledTest
* UsageTableEntry::CopyOldUsageEntry memcpy read out of range.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32220 ]
The function copies the pst from a variable length input vector
into a 256 byte character array. But the length argument was a
fixed value - MAC_KEY_SIZE. Depending on the actual PST length this
can lead to memcpy reading out of bounds or the PST getting truncated.
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I81a4593d7d04d0ef6069ce48d0601b6fbdd85de9
These are a set of CLs merged from the wv cdm repo to the android repo.
* Change build options for make protobuf host tools
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/30381 ]
Also revert local change to protobuf/extension_set.cc
This builds after adding -Wno-return-type and -Wno-unused flags.
* OEMCrypto v13 stub
Author: Rintaro Kuroiwa <rkuroiwa@google.com>
[ Merge of http://go/wvgerrit/30004 ]
* Remove merge conflict tags
Author: Edwin Wong <edwinwong@google.com>
[ Merge of http://go/wvgerrit/30120 ]
Remove merge conflict tags for http://go/wvgerrit/29880
* Added Android Things ARM provisioning key to L3
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/29701 ]
BUG: 63443584
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: Ifd867b491dfda5d67d2e225695535b5af9e18260
These are a set of CLs merged from the wv cdm repo to the android repo.
* Update service certificate.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28065 ]
The updated service certificate fixes a number of failing tests.
There are still some that fail, apparently due to mismatches
with key set IDs and usage tables.
Also updated QA server URL to point to QA proxy (although neither
can be used by this client).
Also fixed segfault in CdmTest.ListUsageRecords.
* Add CDM APIs for Handling Service Certificates.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28064 ]
The responsibility for managing Service Certificates has been moved
out of the CDM. Instead, provide CDM and CdmEngine methods to generate
a service certificate request message, and handle a service certificate
response. The API client can use these calls if it needs to get the
service certificate from the License Server.
These functions assume the request and response are base64 (web-safe)
encoded (see b/37481392). Not all servers are operating this way yet.
Any adaptations for non-compliant servers is handled outside the CDM.
See test WvCdmEnginePreProvTest::ServiceCertificateRequestResponse in
cdm_engine_test.cpp for an example of this.
These changes also eliminate the stored init_data and deferred
license type which were used to perform a service certificate request
during a license request.
* Fix and rename ClosesSessionWithoutReturningError test.
Author: Edwin Wong <edwinwong@google.com>
[ Merge of http://go/wvgerrit/27880 ]
ClosesSessionWithoutReturningError should not check for
Status::OK since it is expecting an error code back.
The test is renamed to ClosesSessionWithError.
Test: libwvdrmdrmplugin_hidl_test
BUG: 62205215
* Get rid of default service certificate.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27981 ]
Instead, we need at least two service certs - one for the QA/Test
servers, and one for UAT (and prod?)
There are still some issues around the signature verififcation
of the service cert, and in license_unittest.cpp, the use
of the default service cert has been commented out. I don't know
why this test needs a service cert. If it really does, then the
same mechanism that is used elsewhere for selecting a specific
server type will be needed here.
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: Ieab815fb202c809ad5714cd0364c4bdfa068f77d
Below are a set of CLs being merged from the wv cdm repo to the android repo.
* Fix handling of OEM Cert public key.
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/27921 ]
This is a potential fix for b/36656190. Set aside public
key on first call to get the public key, and use it afterwards.
This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(),
which has side-effect of staging the OEM private key.
This also fixes a problem where the public cert string was
not being trimmed to match the size returned by
OEMCrypto_GetOEMPublicCertificate().
* Complete provisioning request/response for Provisioning 3.0
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Fix bug on provisioning request path where GenerateDerivedKeys()
was being called when preparing to generate the signature.
Add message signature verification, and call correct OEMCrypto
routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30).
* Implement Cdm::deleteAllUsageRecords()
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Delete all usage records for current origin. Removes usage
records from file system and retains the PSTs. The deletes
any usage entries matching those PSTs held by OEMCrypto.
BUG: 35319024
* Remove stringencoders library from third_party.
Author: Jacob Trimble <modmaker@google.com>
[ Merge of http://go/wvgerrit/27585 ]
We have a fork of the stringencoders library that we use for base64
encoding. This reimplements base64 encoding to remove the extra
dependency and to reduce the amount of code.
* Add Cdm::deleteUsageRecord() based on key_set_id.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27605 ]
Delete specified usage record from file system usage info and
from OEMCrypto.
BUG: 35319024
* Modifiable OEMCrypto
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/24729 ]
This CL adds a new variant of the OEMCrypto mock code that adjusts its
behavior based on a configuration file. This is intended for
testing.
For example, a tester can set current_hdcp to 2 in the options.txt
file, push it to the device, and verify that a license is granted for
HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and
push the file to the device. Playback should stop because the license
is no longer valid.
This variant uses a real level 1 liboemcrypto.so to push data to a
secure buffer. That means we can test playback for a license that
requires secure buffers on an Android device with real secure buffers.
BUG: 35141278
BUG: 37353534
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I58443c510919e992bb455192e70373490a00e2b6
[ Merge of http://go/wvgerrit/23822 ]
This merges back to master, code review related changes when
"Implement Cdm::listStoredLicenses()" was merged from master
(http://go/wvgerrit/23189) to oc-dev (http://go/wvgerrit/23600)
Bug: 34628115
Test: WV unit/integration tests
Change-Id: Idf3acb0ff668d1cc3fe2e6fd400daa183bdb340b
[ Merge of http://go/wvgerrit/23360 ]
Service Certificates are used in two places, provisioning and
licensing. The service certificate code depended on a session_id
to get and set the service certificate properties, but the session_id
was not available in the provisioning path.
This patch pulls out the property lookup by session_id dependency,
and passes the CdmImpl's property_set into the provisioning code, so
the service certificate can be read and written there.
Bug: 62972441
Test: WV unit/integration tests. This introduces three test failures
* WvCdmRequestLicenseTest.PrivacyModeWithServiceCertificateTest
* Cdm/WvCdmStreamingLicenseRenewalTest.WithClientId/4
* Cdm/WvCdmOfflineLicenseReleaseTest.WithClientId/3
Change-Id: I6e9d4e23a9e7e81a63a994db8ec0b443893449a6
MetricsGroup split into 3 groups, session, engine, and crypto.
MetricsFrontEnd and Report removed.
This is a merge from wvgerrit/28420
Bug: 36217927
Test: Added unit tests to cover modified code.
Change-Id: I2f39f99ce88cc2229d6d1aa9459c67c5b86ccef4
[ Merge of http://go/wvgerrit/25643 ]
The MediaDrm#provideKeyResponse API states that an empty byte array is
returned when the license type is streaming or release but a non-empty
value was being returned in some cases.
The KeySetId is now returned when the license type is offline or when
the license is streaming and has a secure stop associated with it.
Test: Verified by request_license_test integration tests. Tests have been
modified to validate the returned Key Set Id values.
b/36093612
Change-Id: I82dba537c77ddd1d1876cbce58729f3db901ee51
[ Merge of http://go/wvgerrit/23600 ]
This adds a new entry to IStorage:: -
bool list(std::vector<std::string> file_names)
It returns the name of each file in the (origin-specific) file system.
b/34628115
Uses the current file system (origin-specific) bound to the CDM. Returns
the list of stored licenses (key_set_ids) in vector output parameter.
Test: verified by unittests on angler.
Change-Id: I988556b27c2a4b75f52b59bcd78cfeaddd649acd
This change is the complete Widevine metrics system. It will
measure and record runtime information about what is happening
in the CDM - such as errors and throughput.
Bug: 33745339
Bug: 26027857
Change-Id: Ic9a82074f1e2b72c72d751b235f8ae361232787d
(This is a merge of go/wvgerrit/23182)
This patch adds the framework for Stable Per-Origin Identifiers to the
CDM. Calculating SPOIDs will be done on the client-side, and they are
sent as part of the provisioning request. SPOIDs are also available to
the app as the Device Unique ID, replacing the previous method of
returning the actual Device Unique ID from the keybox / OEM certificate.
Different SPOIDs must use separate storage, just as different origins
already do. Support for this has been added to the Android adapter to the
CDM Core. However, the code in the Android glue layer that would drive
this behavior will be checked in in a separate change. As such, all
Android devices will continue using the legacy behavior even after this
patch goes in, until the glue layer code can be updated.
Bug: 27101531
Test: CE CDM Unit Tests
Test: Linux Jenkins Unit Tests
Test: Android Unit Tests (with and without SPOIDs forced on)
Test: Android GTS Tests
Change-Id: Ia0caf890381cbcb97504d08b19aeab8b29bd07ae
[ Merge of http://go/wvgerrit/22744 ]
Pass resolution information into policy engine for constraint
checking.
b/33380824
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: I405099b1f66a47fa0c2579e2ae248dd78fa4e98a
[ Merge of http://go/wvgerrit/21960 ]
When an offline release message is generated, a session is created
internally to generate the release and handle the release response.
If the response is never provided (network, server errors),
or there is an error when the response is being processed, the
session may not be closed. This change introduces a time to live for
release sessions of 60 seconds and will be reclaimed after this period.
Test: verified by unittests on angler
b/32223945
Change-Id: I3bd4637733ddf6c343956ed9f97c68d84dc7d4e4
This CL merges several CLs from the widevine repo:
http://go/wvgerrit/18012 Add support for querying allowed usage for key.
http://go/wvgerrit/17971 Add per-origin storage.
http://go/wvgerrit/18152 Add OEMCrypto's generic crypto operations to CDM.
http://go/wvgerrit/17911 QueryKeyControlInfo => QueryOemCryptoSessionId
Note: numbering in wv_cdm_types.h was added in this CL and will be
back ported to wvgerrit in a future CL.
Change-Id: Idb9e9a67e94f62f25dc16c5307f75a08b3430b64
[ Merge of http://go/wvgerrit/16625 and http://go/wvgerrit/16633 ]
Reduce the number of parameters needed by GenerateKeyRequest.
Combining all output values into a single struct.
BUG: 26162546
Change-Id: Ibeb3f4df4a8e877511f8ab2e6c543001a921f285
This is a merge of squashed CLs.
* Cdm Session and Engine interface clean up
[ Merge of http://go/wvgerrit/16387 ]
Key Set Ids have been removed from the CdmSession interface
(GenerateKeyRequest, Addkey) as they can be queried by an accessor.
The CdmEngine interface now allows one to specify or retrieve a session ID,
since both were not being used in a single call. Key set IDs are no longer
returned though GenerateKeyRequest as they was not being used.
* Generate key set ID when session is initialized
[ Merge of http://go/wvgerrit/16370 ]
Key set IDs are currently generated at different times in the
CdmSession lifecycle. Android generates key set IDs when the license
is received, while the CE CDM generates (or overrides them)
when the session is constructed.
The key set IDs are now generated when the session is initialized.
Key set generation cannot occur earlier as it has a dependency on
security level and in turn on crypto session initialization which
occurs when the session is initialized.
Depenencies on Session ID has caused other activities, construction of
PolicyEngine, CdmLicense, setting property CDM client sets to be
deferred from CdmSession constructor to Init().
Android will still retrieve the key set IDs after the offline license is
processed. For streaming requests, the key set will be
unreserved and discarded when the session is terminated.
Change-Id: Ib802d1c043742d62efa9a2c901fcd113e836c33d
[ Merge of http://go/wvgerrit/16241 and http://go/wvgerrit/16364 ]
This will allow a usage session to be loaded later by key set ID.
This is needed for EME-style secure stop in the new CE CDM API.
b/25816911
Change-Id: I916340047492fbc0556d0e90bd2eac0f3eafe597
(This is a merge of http://go/wvgerrit/16162)
Usage tables on L3 devices are stored under IDM*. They will be removed
upon factory reset. However, we need to call OEMCrypto_DeleteUsageTable
for L1 devices because the usage tables are stored in secure storage.
bug: 25597957
Change-Id: I8533dfac60fad6ce7ddfd026a283633d6875dcf3
[ Merge of http://go/wvgerrit/15780 ]
Android mediaDrm allows callers to serially query status information through a
property API. CDM however retrieves all status information in a map and
filters out all but the relevent one. This leads to delays in Netflix app
startup. Rewriting the CDM interface to return only the queried value.
b/24181894
Change-Id: Ie9ed6288524e3a7e03b83aa55ef3531dd52a0dfb
* Extend CdmLicense's stored_init_data_
[ Merge of http://go/wvgerrit/14661 ]
CdmLicense will store init data when a server cert must be
provisioned. After provisioning, the original init data can be used
to generate the originally-intended license request.
To do this before, the caller had to call CdmSession's
GenerateKeyRequest with an empty InitializationData object. However,
the init data's type still had to be set, as did the license type.
This CL allows the caller to use a truly empty InitializationData
without a type. To permit this, CdmLicense now stores a full
InitializationData object, rather than just a copy of it's data field.
With this CL, the caller also avoid storing the original license type.
To accomplish this, CdmSession uses the already-set is_offline_ and
is_release_ flags from the original call to reconstruct the intended
license type. The caller uses the new type kLicenseTypeDeferred.
To facilitate storing whole InitializationData objects, they are now
copyable.
This ultimately simplifies server cert code for the new CE CDM.
* Store service certs in Properties
[ Merge of http://go/wvgerrit/14664 ]
This allows CE devices to mimic the Chrome CDM's behavior of sharing
server certs between sessions.
This also affects Android behavior. Previously, provisioned service
certificates were per-session, while explicitly-set service certs
were per-DRM-plugin. Now, both are per-DRM-plugin.
A DRM plugin is associated with a mediaDrm object. Content
providers will still be able to retrieve and use different
certificates. The change here requires an app, that wishes to use
different provisioned service certificates will have to use
multiple mediaDrm objects. This is an unlikely scenario.
Change-Id: If2586932784ed046ecab72b5720ff30547e84b97
* Reject session clobbering.
[ Merge of http://go/wvgerrit/14634 ]
This fixes a bug in I17de92b3e682c9c731f755e69466bdae7f560393 in which
sessions can be clobbered by a forced session ID. This bug manifested
in subtle test failures which involved repeatedly creating sessions.
This was traced to OEMCrypto not being terminated, then upward to a
leaked CryptoSession and CdmSession, and then finally to clobbered
session IDs.
To avoid the bug in future, first, reject duplicate session IDs.
Second, change the OpenSession API to make forced IDs explicit.
* Fix unit test namespaces.
[ Merge of http://go/wvgerrit/14622 ]
This fixes some odd errors that occur when linking multiple test
suites into one executable. When two object files both contain
a definition of wvcdm::MockCryptoSession, for example, one will win
silently and cause the other's tests to misbehave and/or crash.
The solution is to put all mocks into an anonymous namespace, since
each wvcdm::(anonymous)::MockCryptoSession is separate.
In order to avoid lots of repetitions of wvcdm:: in the anonymous
namespaces, all anonymous namespaces in unit tests now live inside
or the wvcdm namespace. This has been done even for tests which
are not currently using mocks.
* Move timer and timer_unittest to Android.
[ Merge of http://go/wvgerrit/14619 ]
These are not used anywhere else.
Change-Id: I234f31e9b5c79061205728783596ebaff65e0aff
* Make CdmProvisioningResponse const.
[ Merge of http://go/wvgerrit/14618 ]
The lack of const on this reference seems to be a mistake, since the
responses is never modified. This also allows the new CE CDM to pass
responses directly through from the caller.
* Let Properties determine DeviceFiles level support
[ Merge of http://go/wvgerrit/14620 ]
Non-Android platforms do not have multiple security levels, and so do
not use the security level to construct a base path.
Instead of requiring a known "security level" to construct a file,
accept anything that platform Properties will accept as a base path.
* Drop Properties::GetSecurityLevel().
[ Merge of http://go/wvgerrit/14617 ]
This seems to be dead code.
Change-Id: I94a970279213100730d6e6c763558dbe386f936a
* Expose release and offline statuses in CdmEngine.
[ Merge of http://go/wvgerrit/14616 ]
This will allow me to make some intelligent decisions in the new CE
CDM implementation without having to duplicate all the information
known in the lower levels.
* Account for backward compat support in tests
[ Merge of http://go/wvgerrit/14621 ]
One test ensures that device path backward compatibility is working,
while another assumes it is used.
This fixes test results when
Properties::security_level_path_backward_compatibility_support()
is false.
Previously, the CE CDM did not run these tests, and so this went
unnoticed.
* Remove Lock::Try, which is not used.
[ Merge of http://go/wvgerrit/14624 ]
Change-Id: Id18cf1f5b18c7322b8b636819276361af225734f
[ Merge from go/wvgerrit/14286 ]
CDM now reports status information associated with the specified security level.
Earlier information would be reported from the default security level.
b/18709693
Change-Id: I7a01e8ea9773b56951c207437ce85e567fd32b09
Implements the optional setMediaDrmSession() method. To enble this,
support was added to the core to report if a session ID is valid.
As a consequence of this, in the tests for the CryptoPlugin,
construction of the plugin must be deferred until all gMock
expectations are set, as construction now calls into the CDM core.
This is a merge of two changes from the Widevine CDM repo:
http://go/wvgerrit/14083
Allow Setting of Session ID
http://go/wvgerrit/14085
Check If Session ID Is Valid When Changing CryptoPlugin IDs
Bug: 19570317
Change-Id: I7dbd777ce6efebd71fdb5e602663a0e35a48a9c4
This is a merge of several Widevine-side commits that, cumulatively,
allow callers to specify an origin to be used to isolate data storage
as specified in the W3C Encrypted Media Extension specification.
Separate origins have separate certificates, and consequently cannot
share device identifiers with each other.
The changes included in this are:
Add Ability to Check for Existing Certificates
http://go/wvgerrit/13974
Add Ability to Remove the Certificate
http://go/wvgerrit/13975
Make CDM Origin-Aware
http://go/wvgerrit/13977
Add Per-Origin Storage to Widevine CDM on Android
http://go/wvgerrit/14026
Remove Automatic Origin Generation
http://go/wvgerrit/14031
Bug: 19771858
Change-Id: I6a01c705d9b6b4887a9c7e6ff4399a125f781569
This is a merge of http://go/wvgerrit/13751 from the widevine
repository.
The CryptoSession had an enumeration for HDCP levels that was copied
from OEMCryptoCENC.h by hand. Since that header is included, there is
no need to have two enumerations.
b/16303994
Change-Id: Ief16ba62163776f9ca80375f3638ef4c7770e742
This merges several small changes that were made in response to
comments that arose when LMP changes were merged into the Widevine
repository's master branch.
Change-Id: Ifec968af54dbc3288f24654ec0c6ca9b5962e1aa
This copies over formatting changes from the Widevine CDM repository
that resulted from running clang-format with Google style on the
shared core/ directory. It also copies over some rewordings of log
messages that were made at the same time.
Aside from the changed log messages, this should not affect behavior
or functionality.
Change-Id: I69c57c188f7a79f30fa3517afeed17365929b6b6
(This is a merge of http://go/wvgerrit/11285 from the Widevine CDM
repository.)
The key set ID is now available earlier, in order to support the CE
CDM 4.5 interface, which needs it at key request generation time, not
later at key response receipt time. It is still possible to receive
the key set ID at key response time, for Android's purposes. Either
API may now be passed a pointer to store the ID in, which may also be
left NULL if this is not needed.
Change-Id: I47e80ea4005c80282e36cfae92cb91142208f624
This is a combined merge of several small changes to the core in the
Widevine CDM repository:
http://go/wvgerrit/10941
Rename privacy_crypto to allow more variants.
http://go/wvgerrit/11530
Add Missing Header to properties.h
http://go/wvgerrit/11531
More Loosely Couple CdmEngine and CdmSession
Change-Id: I5b3f738ae495ab267da1440421dd7aa6f7860194
(This is a merge of http://go/wvgerrit/10674 from the Widevine CDM
repository.)
Now that the CE CDM has CloseSession to handle closing sessions, we
can rename CancelKeyRequest on the CDM Engine & CDM Session to better
resemble its purpose and the name it is known by on Android.
Change-Id: I68d55b3be733579e5875ab33d8e94a62fe1f651d
This is a copy of the widevine CL:
https://widevine-internal-review.googlesource.com/#/c/12742/
If a session is closed at the same time as an OnTimerEvent is
processing an event, there could be a race condition between the two
threads. This CL adds a lock that prevents a session from being
removed from the list while the timer is currently processing an
event.
If CloseSession is called while the OnTimerEvent method is active, the
session will be added to a dead list, and deleted when the timer event
has finished.
This CL does not address the main problem in bug 19252886, but
one bugreport, netflix_log_3.txt, indicates there may have been
a problem with the CDM timer.
bug: 19252886
Change-Id: I17190edaeb3eef1295d4d204232cc4262cb5fa9b
(This is a port of http://go/wvgerrit/11556 from the Widevine CDM
repo.)
This wires up the new method on the crypto interface with the core
code that handles the max-res decode.
Bug: 16034599
Change-Id: Id2ea5635bf732eabf1fd33712ff8bab6cf1a1745
When falling back to L3, release requests were failing. Information
requesting falling back to L3 is passed along when the session is opened.
Licenses however are released using the key set ID and information
requesting fallback to L3(CdmClientPropertySet) at that point is
unavailable. The release was actually attempting to release a license
at the default security level which is incorrect.
In addition, the mac keys were not being setup correctly and the release
message was signed with keys derived from the license request and not the
response. Both these issues have been addressed and unit tests added
to track release of offline licenses and usage reporting scenarios.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11062
from wv cdm repo ]
b/17073910
Change-Id: I5cd95a7dfe58ebae7ae27ece6c92e67755c1d665
* The Usage APIs return usage reports from either L1 or L3 (if available).
* Correction to when usage reports are saved. In addition to other events
they are now saved when keys are loaded, usage reports are released and soon
after first decryption and periodically (60 seconds) after that,
if decryption takes place.
* Usage reports now get deleted on an unprovision request.
* Policy timer is now started when offline licenses are restored.
* Usage session is now released, when a usage response is received.
* Usage tests ahev been enabled.
* Added CDM extended duration (integration) tests to test usage reporting
and querying. These need to be run manually as they take a while (currently
half an hour).
b/15592374
[ Merge of https://widevine-internal-review.googlesource.com/#/c/10800
from the Widevine CDM repo ]
Change-Id: Ia817e03ebbe880e08ba7b4a235ecb82b3ff35fbf
Merge of CDM change:
https://widevine-internal-review.googlesource.com/#/c/10691/
This prevents the provisioning session from being created unless the
device needs provisioning. And then, after provisioning, it closes
the session it had previously opened.
b/15782159 CertificateProvisioning object keeps unused CryptoSession
Change-Id: Ic52ed864fa47c7ba50b7ca4d9fea1e74930228e9
[ Merge from Widevine CDM repo of
https://widevine-internal-review.googlesource.com/#/c/10171/ and
https://widevine-internal-review.googlesource.com/#/c/10172/ ]
Updated license_protocol.proto from constituent protos in google3
These changes make use of OEMCrypto v9 changes to support usage reporting.
Usage reporting may be enabled for streaming (by means of secure stops) and
offline playback by a provider session token specified in the license.
Changes include periodically updating usage information for relevant
sessions and reporting and releasing usage information as needed.
The CDM has removed all references to Secure Stops. This change
updates the Android API implementation to comply.
b/11987015
Change-Id: Ibb6f2ced4ef20ee349ca1ae6412ce686b2b5d085
This CL removes TODOs and email addresses from comments, unifies some
namespaces and cleans a few variable names. It is a copy of multiple
CLs on the widevine side.
Change-Id: I1bb649096476a5001a56d746427399de6a88ff69
The EME spec technically requires CDMs to treat audio/mp4 and
video/mp4 equivalently, as well as audio/webm and video/webm. We had
only been accepting video/mp4 and video/webm up until now.
This change also centralizes handling of init data types in the shared
CDM code instead of having it spread across multiple places in the
codebase.
(This is a merge of https://widevine-internal-review.googlesource.com/9532/
from the Widevine CDM repo.)
Bug: 13564917
Change-Id: Ib8bdfb2b003ffb00e8f0559561335abb3c5778b0
