* changes:
Unit tests for forbidden RSA key usage
Add DRM reprovisioning request generation
Correct copyright header
Fix bcc length for printing
Update ODK version to 18.4
Adjust skipping tests when provisioning skipped
Change test storage to use protobuf
Remove WvCdmEnginePreProvTestStaging
Rename and clarify Drm Reprovisioning token types
The SetUp for child classes do not automatically quit when
the parent SetUp is skipped.
Bug: 305093063
Change-Id: I606a949ef0e94fa87a97268856b7f2d8b9135ebe
Extract BCC and build info from oemcrypto, construct BCC uploading
record and dumps it out a JSON file.
The BCC uploader will pick up the output file later.
Bug: 312787974
Change-Id: Ie8ef6a75408e8ef8355b1c0de14532de0ae83732
[ Partial merge of http://go/wvgerrit/188279 ]
This CL adds unit tests to verify that the following
forbidden uses of an RSA private key do not work:
- ForbidPrepAndSign -- A cast cert key cannot sign a license
request.
- ForbidUseAsDRMCert -- A cast cert cannot be used with the
DRM cert's padding scheme and it cannot be used to derive
keys from a session key.
- *ForbidRSASignatureForDRMKey* -- A DRM cert key cannot be
used with GenerateRSASignature.
- *OEMCertForbidGenerateRSASignature* -- An OEM cert key
cannot be used with GenerateRSASignature.
Bug: 251875110
Test: WVTS
Change-Id: I55b1eb04465023352edea55ba4ef532d1cd07231
[ Merge of http://go/wvgerrit/192010 ]
Adding files not merged in ag/26501922
Updates the CDM to add support for DRM reprovisioning request creation.
- Load the baked-in certificate for use as the client token.
- Add functions to build and sign a drm reprovisioning request.
- Update the Rikers L3 OEMCrypto implementation to support signing
provisioning requests and getting embedded certificate.
- Update client id token to handle DRM reprovisioning.
- Add OEMCrypto function to load the baked-in device certificate in
Rikers CDMs and stubs for non-Rikers CDMs.
- Add dynamic adapter support for getting embedded device certificate
only on L3.
Bug: 305093063
Test: WVTS
Change-Id: I839db69a48c1add196f9b56e6ee3812f549f814d
[ Merge of http://go/wvgerrit/186825 ]
Remove the words ` All rights reserved.` from Widevine's
existing copyright headers.
For context, see cl/578224540
Bug: 330655176
Test: WVTS
PiperOrigin-RevId: 580020267
Change-Id: I43e845b83f438e4ef7f0f542c2f4e427a188ab06
[ Merge of http://go/wvgerrit/194310 ]
Resize bcc to the correct length to eliminate the trailing zeros.
Bug: 330645490
Test: core unit tests
Change-Id: I56b6d30120735a4d7a0f39f29a9f255bd2d2d18c
[ Merge of http://go/wvgerrit/194254 ]
For some platforms, we cannot provision. In this case, any
test that needs provisioning is skipped. However, when a
test is skipped in a subroutine, the rest of SetUp is still
run. Any failures in SetUp will cause the test to be marked
as a failure.
This CL duplicates the check for skipping the test in SetUp
and in TearDown.
Bug: 329467151
Test: WV and unit/integration tests
Change-Id: I0087b12a3f26b52ecf62bf7b0e7bcf4fa2c6c763
[ Merge of http://go/wvgerrit/193190 ]
This changes the persistent test storage to use protobufs instead of
manual parsing. This simplifies the code but makes the files less
"human readable". Files can be read using 'gqui' if needed.
Bug: 312529037
Test: unit/integration tests
Change-Id: I1b025eac96458c0061e0883e1e4fd05484842ff2
[ Merge of http://go/wvgerrit/194370 ]
This test explicitly provisions against the staging server,
which we do not require from partners.
Bug: 329293570
Test: WV unit/integration tests
Change-Id: Id88840f188ec99b386837d83f69844b0990594a9
[ Merge of http://go/wvgerrit/194374 ]
Renames and adds clarifying comments to Drm Reprovisioning token types.
All provisioning methods can be forced to reprovision by apps which can
cause reprovisioning to be an overloaded term. Renaming token types
used by the Drm Reprovisioning method to more clearly state they are
used for Drm Certificate Reprovisioning should help to avoid confusion.
This change also adds comments to help clarify when and where Drm
Reprovisioning is used as a provisioning type.
Bug: b/305093063
Test: WVTS
* Added dependency to dynamic perf tests to fix missing header build
error.
Change-Id: I158eb5672ad9e655a60bc68e0f4f2f7a0d464b4e
First, version.txt will be stamped by Android CI with a release
candidate name like "ZV1A.240307.001".
Next, a genrule will read version.txt and embed the release candidate
name inside the Widevine CDM binary.
See also:
- go/wv-trunk "Versioning"
- cl/616721723
Bug: 327241925
Test: Coastguard
Change-Id: I892ee957c058ac5f624912a38a048781af5f3487
[ Merge of http://go/wvgerrit/192010 ]
Updates the CDM to add support for DRM reprovisioning request creation.
- Load the baked-in certificate for use as the client token.
- Add functions to build and sign a drm reprovisioning request.
- Update the Rikers L3 OEMCrypto implementation to support signing
provisioning requests and getting embedded certificate.
- Update client id token to handle DRM reprovisioning.
- Add OEMCrypto function to load the baked-in device certificate in
Rikers CDMs and stubs for non-Rikers CDMs.
- Add dynamic adapter support for getting embedded device certificate
only on L3.
Bug: 305093063
Test: WVTS
Change-Id: I9a0ecf95e27213b046f03baa0781fb164179323b
[ Merge of http://go/wvgerrit/189590 ]
[ Cherry-pick of http://ag/26541307 ]
The CDM session shares its CryptoSession instance with a few additional
member objects (CdmLicense and PolicyEngine). When the CDM session's
crypto session is reset, it must also reset the CdmLicense and
PolicyEngine otherwise, a potential stale pointer reference may occur.
Test: request_license_test on Oriole
Test: run_x86_64_tests
Bug: 311239278
Change-Id: Ie175513ae652dcd96e12e5e1def574a8a56d5863
[ Merge of http://go/wvgerrit/194050 ]
OEMCrypto v17 introduced higher granularity in the device's HDCP V1
levels. Previously, all HDCP v1.x were group together. The change
was aimed towards server policy enforcement, not device enforcement.
Core code was updated, and could then be reflected in license
requests; however, reporting the new v1.x subversions was never
exposed to the higher app layers.
It is likely that devices which attempted to use specific 1.x versions
encountered test failures (for both CE CDM and Android CDM) as neither
implementations could handle such versions when communicating with
the app.
This change updates both CE CDM and Android CDM:
1) The CE CDM now uses the same subversion version comparisons as
performed by the core code.
2) The Android CDM will now recognize new HDCP levels, and not return
unexpected values.
Bug: 329155501
Test: run_x86_64_tests
Test: request_license_test on Oriole
Change-Id: I61fc0f11808f594456bd00210fd9b2bb5ed16c0e
[ Merge of http://go/wvgerrit/192271 ]
Test: L3 unit tests and GTS on pixel 7
Bug: 324147162
Test: WVTS
Change-Id: I5d94b0c9b3f681774e32623463b0d689f5bacc8c
[ Merge of http://go/wvgerrit/192930 ]
The script to run unit/integration tests aborts if an adb remount
command indicates that verity needs to be run. This just checks
for presence of the string "verity" in the output. Some devices
output "Verity is already disabled". The test script should not
abort the run in this scenario.
Bug: 327421750
Test: ./build_and_run_all_tests.sh
Change-Id: Ic953f25aba31be0ca527bc000f433d8c9076effa
[ Merge of http://go/wvgerrit/192851 ]
When running widevine unit/integration tests the script sets
the LD_LIBRARY_PATH to include /vendor/lib[64] and
/system/lib[64]/vndk-R so that shared libraries can be found.
/system/lib[64] also needs to be included so that
libbinder.so and libbinder_ndk.so are also picked up.
Bug: 325595891
Test: ./build_and_run_all_tests
Change-Id: I411bb98474eb7e65bf9070c029869a9d4d220673
It is used by prov4 only. So L3 will just return
OEMCrypto_ERROR_NOT_IMPLEMENTED.
Test: build L3
Bug: 307969500
Change-Id: Iff6c79a3fb0220a6c995186f5923ce5ad6bc256f
Regenerate L3 after fixes and add new source to .bp files.
Test: Build Widevine apex in Android main
Change-Id: I93fd5cf22437a2c8e6d2b60d9994dbf97f4ba213
OEMCrypto_PrepAndSignReleaseRequest() and OEMCrypto_LoadRelease()
declarations are needed for L3 static adapter to build.
Test: run_level3_static_tests
Bug: 323957284
Change-Id: I9ccb4e51fd404b6a49e865545e9a5b4f22169cf7
