[ Merge of http://go/wvgerrit/143370 ]
[ Cherry-pick off http://ag/16624952 ]
Devices without a keybox may not have access to a device ID if the OEM
uses the device ID from the keybox as its source of truth. For
devices which have lost their keybox, OEMCrypto_GetDeviceID() was
assumed to return ERROR_KEYBOX_INVALID if that was the case; however,
Qualcomm's implementation was returning ERROR_NO_DEVICEID. Given that
both error codes are appropriate, the CDM has been updated to accept
both as an indication that the device ID cannot be retrieved, and that
the null device ID should be returned.
Bug: 190504842
Bug: 214113125
Test: Manual test
Change-Id: I8fb8a1bddfe895062b707b51fcadffd983adb40e
Merge from Widevine repo of http://go/wvgerrit/142349
If a provisioning request is sent, but no response is loaded, we
should fall back to L3. This covers the case where the OTA request is
malformed and the provisioning server ignores it.
This might happen if the device has a bad KM key.
Test: manual testing
Bug: 210823889
Bug: 210807585
Change-Id: I951241539ace97b668868d5abf8a9811d874fb28
Merge from Widevine repo of http://go/wvgerrit/142150 (part 2)
For an EVT device, without a keybox or with a test keybox, we want it
to fall back to L3. However, when running the unit or integration
tests it should continue running tests with test keybox. This will
allow us to test L1 oemcrypto on an EVT device, while still using an
EVT device for dogfooding video content at the L3 level.
Bug: 210807585
Bug: 210823889
Change-Id: I30c35134239db35bb39f11f75220063181987763
[ Merge of http://go/wvgerrit/142249 and http://go/ag/16307264 ]
This adds concurrency protection to a session when policy
timers are reset to from v15 to v16. The v15 policy timer may still be
in use by the decryption thread.
Bug: 204282907
Bug: 207304220
Test: Unit/Integration tests, GtsMediaTestCases
Change-Id: I4967b3927e47733fb23a1a12b6094d1cd2072918
[ Merge of http://go/wvgerrit/142229 and http://go/ag/16147655 ]
This adds concurrency protection to a session when keys or a
license is removed from a session.
Bug: 195625322
Test: GtsMediaTestCases, unit/integration tests, YT EME conformance test
Change-Id: I38601a58dc593ce053cb5457b9d42d2c35f3f041
Merge from Widevine repo of http://go/wvgerrit/142149
This CL updates the TestCryptoSession so that it will recover from
initializing without a keybox. This allows unit and integration tests
to be run using a test keybox on a device that does not have any
keybox.
Bug: 210807585
Bug: 161925952
Change-Id: I8639bd733a50ae5af3a7c786347b5a06a9d783ce
[ Merge of http://go/wvgerrit/142089 ]
[ Cherry-pick of http://ag/16496425 ]
Qualcomm's implementation of GenerateOTARequest requires an open
session before attempting to generate an OTA keybox request. When
checking for OTA keybox support, the dynamic layer was not opening
a session, getting a different error than expected. Coincidentally,
this would trick the dynamic layer to thinking it was supported, but
hides useful error information.
Bug: 210823889
Test: Android manual testing
Change-Id: I60662d2d9d411c0f999b619d6088aabdba55e2c3
[ Merge of http://go/wvgerrit/141949 ]
[ Cherry-pick of http://ag/16496424 ]
If the debug count for ignoring an L1 keybox is still non-zero after
successfully processing an OTA keybox request, the dynamic layer MUST
return a failure to the CDM to keep the CDM and dynamic layer in
agreement that the L1 keybox should continue be treated as invalid.
This will trigger a fallback; but the fallback can be canceled via
the debugging app.
Bug: 210823889
Test: Android manual testing
Change-Id: I75f50ba605d17872c0e8abffc1eee13ff539f01c
Merge from Widevine repo of http://go/wvgerrit/139372
Revert workaround for falling back to L3
(Partially merged previously)
Merge from Widevine repo of http://go/wvgerrit/139498
Guard against double initialize
(Partially merged previously)
Merge from Widevine repo of http://go/wvgerrit/139343
Use a placeholder ID for devices missing a system ID
Merge from Widevine repo of http://go/wvgerrit/140934
Check security-level during OpenSession.
Merge from Widevine repo of https://go/wvgerrit/141469
Make OTAKeyboxSupported handle the short buffer return
code
Bug: 187646550
Bug: 206670307
Bug: 206570220
Bug: 205896558
Bug: 205041153
Test: Manual test on flame
Change-Id: I71f5faf6b611337b82d8b6179251f6b0224780e6
[ Cherry-pick of http://ag/15245767 ]
[ Merge of http://go/wvgerrit/128624 ]
The CDM session was incorrectly recording the "license SDK version" as
the "license service version" in the session metrics. This
discrepancy reduces the quality of devices' metrics and limits
debugging capabilities for the Widevine metric monitoring services.
Bug: 193177333
Test: Linux unit tests
Change-Id: Ic58cf7bc4fde777bb590c05777b76f5ff5c2f1ea
(cherry picked from commit 78278c3eb4)
(This is a merge of http://go/wvgerrit/139632.)
While fixing a compiler error about shadowed variables in CdmSession, I
noticed that this function had two result variables with different names
as well. This patch consolidates down to one result variable.
Bug: 207684988
Test: x86-64
Change-Id: Iaf6d742ef3409d85a1c364b486909d2497093112
(This is a merge of http://go/wvgerrit/139630.)
This patch fixes a few places that were using NULL or 0 instead of
nullptr.
Bug: 207702482
Test: x86-64 build
Change-Id: I10e19febebd093fe4445208a082216002d9a4482
Merge from Widevine repo of http://go/wvgerrit/139498
If L1 OEMCrypto fails to initialize, we won't try again.
Bug: 206670307
Change-Id: I89084476ae01d9c98291392c2ce703ebc6326322
Merge from Widevine repo of http://go/wvgerrit/139336
When pretending we have no keybox, we should also have no system id or
device id. This should reproduce our problem with the test app.
Bug: 206570220
Test: reproduced problem using TestOPK app
Change-Id: I893336ce8e1fd2272f5b511676e1da28654639a7
Merge from Widevine repo of http://go/wvgerrit/139333
This is a workaround for devices that don't have a
keybox installed.
Bug: 206570220
Bug: 205896558
Bug: 205041153
Test: verified device falls back to L3 using TestOKP app
Change-Id: Id929b48ddaa7114a81765095aac536705f69e68c
(This is a merge of http://go/wvgerrit/138969.)
Provisioning 4.0 on CE CDM requires not only the make & model but the
model year in order to relate a device back to its system ID. This patch
adds model year to the list of properties that partners must provide as
client identification.
As no equivalent field exists for Android, this property is not
provided on Android platforms.
Bug: 206453352
Test: x86-64
Change-Id: I0764d67fec54fa9a0c65074e68f3ee02de1e7820
[ Cherry-pick of http://ag/16087795 ]
[ Merge of http://go/wvgerrit/136432 ]
Once OTA keybox succeeds, the |needs_keybox_provisioning_| flag is
cleared. Access to the system fallback policy is allowed after
provisioning to check status.
Bug: 203177668
Test: ExoPlayer test
Change-Id: I2d28c896c554cfbc9b008340bb415d4c7fac62f2
(cherry picked from commit cac2dcaa6c)
[ Cherry-pick of http://ag/16064434 ]
[ Merge of http://go/wvgerrit/136330 ]
This changes adds a custom debug property for changing the fallback
policy used for the system. Depending on the value set, the device
will either use a "fast" fallback (30 seconds) or "default" fallback
(~1 day with exponential backoff). Setting this property to either
"fast" or "default" will end the current fallback if it has been
triggered.
Bug: 187646550
Test: Android unit tests
Change-Id: I5271f96139c1e468242f7fa742668cc791ffcf91
[ Cherry-pick of http://ag/16064433 ]
[ Merge of http://go/wvgerrit/136329 ]
CDM core has been updated to support very short fallback durations in
the case of failures during OTA keybox provisioning. This is intended
to be used during testing via specialized developer apps or GTS tests.
Bug: 187646550
Test: Android unit tests
Change-Id: I8a75d2e1c404d6caed535b087e8dd29da5c21b83
Merge from Widevine repo of http://go/wvgerrit/135984
If the MediaDrm property string debugIgnoreKeyboxCount is set to 1,
then the keybox will be ignored on the next initialization. This will
force an OTA keybox reprovisioning.
Equivalently, a 1 may be written to the file
L1/debug_ignore_keybox_count.txt.
In order to test a failed reprovisioning step, a value of 2 may be
used.
Bug: 187646550
Merged-In: Ie7d34a8b355398855f4ec43dd95dd73c5907bdeb
Change-Id: Ie7d34a8b355398855f4ec43dd95dd73c5907bdeb
[ Merge of http://go/wvgerrit/133943 and http://go/wvgerrit/134043 ]
Certain OEMCrypto implementations will not report their provisioning
method if the keybox is invalid. If the OEMCrypto implementation
supports OTA keybox provisioning and does not report its provisioning
method, then keybox provisioning is assumed.
Bug: 187646550
Test: unit/integration/GtsMediaTestCases
Merged-In: Ie7753546e53fc73fd59803958e88edf416ee5336
Change-Id: Ie7753546e53fc73fd59803958e88edf416ee5336
Adjust OTA code to account for some design changes and
add integration tests.
Merge from Widevine repo of http://go/wvgerrit/133775
Change use_test_key to uint32_t type
Merge from Widevine repo of http://go/wvgerrit/133774
Cleanup CDM OKP info before tests.
Merge from Widevine repo of http://go/wvgerrit/133773
Change context for derivation in OTA keybox solution
Merge from Widevine repo of http://go/wvgerrit/133772
Updated OTA keybox key derivation.
Merge from Widevine repo of http://go/wvgerrit/133771
Use double provisioning step in integration tests
Merge from Widevine repo of http://go/wvgerrit/133770
Erase keybox on initialization for OEMCrypto testbed
Merge from Widevine repo of http://go/wvgerrit/133769
Add session id to OEMCrypto OTA functions
Merge from Widevine repo of http://go/wvgerrit/133768
Integration test for OTA Keybox reprovisioning
Merge from Widevine repo of http://go/wvgerrit/133767
Add test x509 cert for testing
Merge from Widevine repo of http://go/wvgerrit/133766
OTA Keybox basic functionality in testbed
Merge from Widevine repo of http://go/wvgerrit/133765
Update OTA test script to use newer build scripts
Merge from Widevine repo of http://go/wvgerrit/133764
Adjust comment stype for doxygen
Test: Test: unit/integration/GtsMediaTestCases
Bug: 190505461
Bug: 190505461
Bug: 190505461
bug: 187646550
Bug: 187646550
Bug: 187646550
Bug: 187646550
Bug: 190505461
Bug: 187646550
Bug: 188228998
Bug: 190505461
Bug: 187646550
Merged-In: I41ff819a1fd8aca2e20adb25127fa0d9c4879b01
Change-Id: I41ff819a1fd8aca2e20adb25127fa0d9c4879b01
[ Merge of http://go/wvgerrit/133744 ]
This changes adds several small classes which contain and manage
system and engine information related to OTA keybox provisioning.
These classes closely map to the OKP device file messages.
Bug: 189232882
Test: Linux unit tests
Change-Id: Ia9334c38f9d7ea89b30d9ad05f0595570bb38658
Storing and loading OKP info.
[ Merge of http://go/wvgerrit/133763 and http://go/ag/15645333 ]
This change extends the DeviceFiles module to be able to store and
load OKP info. Mild data validation is performed when storing and
loading the information.
Bug: 189232882
Test: Android unit tests
Change-Id: I077de3234157252f2255a4389bf82a8d5344a355
System OKP fallback policy.
[ Merge of http://go/wvgerrit/133783 and http://go/ag/15645334 ]
SystemFallbackPolicy provides a thread-safe interface for accessing
and modifying OKP info.
Bug: 189232882
Test: Android unit tests
Change-Id: I4e43e3bc047ed5fb6cb517b53e4094e812b70e1e
Engine OKP provisioner.
[ Merge of http://go/wvgerrit/133803 and http://go/ag/15645335 ]
The OtaKeyboxProvisioner provides a CdmEngine-specific context for
performing OTA keybox provisioning. Utilizes the system-wide
SystemFallbackPolicy to relay provisioning status between engines.
The provisioner will handle message wrapping and unwrapping of the
raw OTA keybox request / response into the SignedProvisioningMessage
which is sent to/received from the provisioning server.
[ Partial merge of http://go/wvgerrit/125844 ]
Note: Includes partial CryptoSession changes from various CLs.
CryptoSession functionality has been stripped to reduce impact of
this CL.
Bug: 189232882
Test: Android unit tests
Change-Id: I282bf7d1887daefb2250af1bd595c4dc3dfcfb29
Integrated OKP into CDM Engine
[ Merge of http://go/wvgerrit/133804 and http://go/ag/15646376 ]
Extended the functionality of the CdmEngine to check if the device
requires OKP and to initialize OKP resources if required. The
functionality of OpenSession() and GetProvisioningRequest() have been
the most affected. If OKP is required, these methods will signal to
the app that provisioning is required and will return an OKP request.
Once a device is provisioned, the OKP data is cleared away and the
CdmEngine will resume normal operation. Engines created after a
device is provisioned will immediately enter normal operations.
The exception is for CdmEngines which failed to perform OKP for some
reason and are still running. Those apps will need to restart before
gaining access to L1 operations.
Bug: 187646550
Test: Android integration tests
Merged-In: Ia572a66a7b73479355758aa3d0c682691eaca0fc
Change-Id: Ia572a66a7b73479355758aa3d0c682691eaca0fc
[ Merge of http://go/wvgerrit/133729 ]
The OtaKeyboxProvisioner is a system-wide provisioner for sharing the
provisioning workflow between CDM engines.
Bug: 189232882
Test: GtsMediaTestCases
Change-Id: I873af3087cc05e1831bdd1d2c14fb002b73e6902
Added keybox provisioning proto fields.
[ Merge of http://go/wvgerrit/133730 and http://go/ag/15113032 ]
This CL copies over the required license_protocol.proto changes that
are required for OTA keybox provisioning. These fields are defined in
the server-side certificate_provisioning.proto, defined in
http://cl/377533774.
Note, changes are slightly different from server proto due to the RVC
version of license_protocol.proto being out of date with SC and newer
changes.
Bug: 189232882
Test: run_x86_64_tests
Change-Id: I55fcf6a7ac2ba4b6026b9acc63e822ff33c431d9
Added OTA keybox provisioning device files.
[ Merge of http://go/wvgerrit/133743 and http://go/ag/15421141 ]
This change adds a new set of proto messages/fields the CDM's device
files for recording device and engine information around OTA keybox
provisioning (OKP).
To make cleanup and thread protection possible, there is a single file
which will contain all the information for the device as a whole and
each CDM engine tied to an app/origin.
Bug: 189232882
Test: Linux unit tests
Change-Id: Iaf80cd6342f32657e04416750d9b278d935821a5
Client ID for OKP requests.
[ Merge of http://go/wvgerrit/133744 and http://go/ag/15645331 ]
Extended the CDM ClientIdentification class to support a subset of
client info used for OKP requests.
Bug: 189232882
Test: Android unit tests
Merged-In: I6aafb4f2164efe69bc733ece0a912f0e91893b91
Change-Id: I6aafb4f2164efe69bc733ece0a912f0e91893b91
Merge from Widevine repo of http://go/wvgerrit/133703 and
http://ag/14707867
In order to use a local provisioning server, we need to use a
different test keybox system id that is in the dev device database
instead of the production database. We also need to use a local
license server that uses the dev license server.
Bug: 187646550
Test: GtsMediaTestCases
Change-Id: Ice89143dd26de22757375a770c6bac716fcbc057
Add Keybox OTA Provisioning functions to OEMCrypto header
Merge from Widevine repo of http://go/wvgerrit/133704 and
http://go/ag/14707868
Bug: 188228998
Change-Id: Iff54bc2870e87bf7239e179e1d02fbcc8df6198f
Stub build changes to support OTA Keybox
Merge from Widevine repo of http://go/wvgerrit/133725 and
http://go/ag/14781459
This CL adds a new unit test file for testing OTA keybox
reprovisioning functionality. This new test is built when running the
dynamic adapter in the linux build, and in the Android build.
Bug: 187646550
Change-Id: I625513840188f95e74831ef2ea399e827e837439
Add OTA Keybox functions to dynamic adapter
Merge from Widevine repo of http://go/wvgerrit/125843
and http://go/ag/14781460
Bug: 187646550
Change-Id: Ief78ed10599c091690e0d7dc488ea71674c763b5
Refactor dynamic adapter keybox verification
Merge from Widevine repo of http://go/wvgerrit/133727http://go/ag/14812524
The keybox validation needs to be done separately from initializing
the library so that we can support Keybox OTA Reprovisioning.
If L1 loads, but the keybox is missing, the initialization should
succeed. When the keybox is validated, the adapter should try to look
for a keybox on the filesystem. if none is found, it should either
return NEEDS PROVISIONING or an error.
Bug: 187646550
Change-Id: I34a8c365a5a5ca35c379bea827c85c749964744c
Update crypto session to use new OTA keybox functionality
Merge from Widevine repo of http://go/wvgerrit/133728 and
http://go/ag/14812525
This CL stubs out two new CryptoSession functions that call the new
OEMCrypto functions for OTA Keybox Provisioning. It builds! Yay!
It also adds a boolean needs_keybox_provisioning that is set to true
when OEMCrypto reports that it needs a keybox. This should only happen
if there is no keybox installed and oemcrypto supports provisioning.
Bug: 187646550
Merged-In: Ide9533943125aa13b8899b652b118a0b410c882c
Change-Id: Ide9533943125aa13b8899b652b118a0b410c882c
(This is a merge of http://go/wvgerrit/134312.)
This patch fixes code that would trigger -Wshorten-64-to-32 by
implicitly narrowing a variable from 64 to 32 bits. Most of the time, it
does this by making the implicit conversion explicit. There are a lot of
these places in the usage table code because we always use uint32_t as
the type of a usage entry index, but much of the code that interacts
with the usage table system naturally wants to use size_t.
Bug: 194971260
Test: OEMCrypto unit tests
Test: x86-64 platform tests
Change-Id: I3923af40715efe367955a194a9e33be3e9cb014c
Merge from Widevine repo of http://go/wvgerrit/135984
If the MediaDrm property string debugIgnoreKeyboxCount is set to 1,
then the keybox will be ignored on the next initialization. This will
force an OTA keybox reprovisioning.
Equivalently, a 1 may be written to the file
L1/debug_ignore_keybox_count.txt.
In order to test a failed reprovisioning step, a value of 2 may be
used.
Bug: 187646550
Change-Id: Ie7d34a8b355398855f4ec43dd95dd73c5907bdeb
[ Merge of http://go/wvgerrit/128023 ]
Several of the messages in license_protocol.proto have fallen out of
sync with their source-of-truth in Google3. This change updates most
of the proto messages used by the CDM. None of these changes
immediately affect the CDM.
Bug: 192286204
Test: Build service and unit tests
Change-Id: I83414167d51f2443fe39f02ab160341918e409c9
[ Cherry pick of http://ag/15854889 ]
[ Merge of http://go/wvgerrit/133943 and http://go/wvgerrit/134043 ]
Certain OEMCrypto implementations will not report their provisioning
method if the keybox is invalid. If the OEMCrypto implementation
supports OTA keybox provisioning and does not report its provisioning
method, then keybox provisioning is assumed.
Bug: 187646550
Test: unit/integration/GtsMediaTestCases
Change-Id: Ie7753546e53fc73fd59803958e88edf416ee5336
[ Cherry pick of http://ag/15847758 ]
Adjust OTA code to account for some design changes and
add integration tests.
Merge from Widevine repo of http://go/wvgerrit/133775
Change use_test_key to uint32_t type
Merge from Widevine repo of http://go/wvgerrit/133774
Cleanup CDM OKP info before tests.
Merge from Widevine repo of http://go/wvgerrit/133773
Change context for derivation in OTA keybox solution
Merge from Widevine repo of http://go/wvgerrit/133772
Updated OTA keybox key derivation.
Merge from Widevine repo of http://go/wvgerrit/133771
Use double provisioning step in integration tests
Merge from Widevine repo of http://go/wvgerrit/133770
Erase keybox on initialization for OEMCrypto testbed
Merge from Widevine repo of http://go/wvgerrit/133769
Add session id to OEMCrypto OTA functions
Merge from Widevine repo of http://go/wvgerrit/133768
Integration test for OTA Keybox reprovisioning
Merge from Widevine repo of http://go/wvgerrit/133767
Add test x509 cert for testing
Merge from Widevine repo of http://go/wvgerrit/133766
OTA Keybox basic functionality in testbed
Merge from Widevine repo of http://go/wvgerrit/133765
Update OTA test script to use newer build scripts
Merge from Widevine repo of http://go/wvgerrit/133764
Adjust comment stype for doxygen
Test: MediaDrmTest and Android unittests
Bug: 190505461
Bug: 190505461
Bug: 190505461
bug: 187646550
Bug: 187646550
Bug: 187646550
Bug: 187646550
Bug: 190505461
Bug: 187646550
Bug: 188228998
Bug: 190505461
Bug: 187646550
Change-Id: I41ff819a1fd8aca2e20adb25127fa0d9c4879b01
