Merge from widevine of http://go/wvgerrit/17178
These are the OEMCrypto Level 3 libraries, built using a stable
version of GCC and build tools on nyc-dev. Code changes are just
merged from master. Aside from build tool updates, the CL contains a
fix for b/26567162.
Current version (as printed by oemcrypto/level3/print-version-strings):
level3/arm/libwvlevel3.a Level3 Library 4445 Mar 17 2016 14:11:16
level3/x86/libwvlevel3.a Level3 Library 4464 Mar 17 2016 13:14:40
level3/mips/libwvlevel3.a Level3 Library 4465 Mar 17 2016 11:34:50
bug: 26917438
bug: 26567162
Change-Id: I07d526f28e61c5a9b66fa59b78041a93a99dc8e6
This CL is a merge from the widevine repo of
http://go/wvgerrit/16553 Prebuilt Level 3 OEMCrypto for Android
http://go/wvgerrit/16238 Require OEMCrypto v11 for Android N Unit Tests
http://go/wvgerrit/16484 Shared License Tests (OEMCrypto v11)
http://go/wvgerrit/16448 Pattern Decrypt Unit Tests and Reference Implementation
http://go/wvgerrit/16489 Enforce UNUSED Variables
http://go/wvgerrit/16479 Pattern Decrypt for Level 3 OEMCrypto
http://go/wvgerrit/16280 Correctly handle bad RSA key
http://go/wvgerrit/16315 Security Patch Level - haystack version
http://go/wvgerrit/16282 Correctly handle null pointer in GetKeyData
http://go/wvgerrit/16294 Initialize data for generation number
It contains the Level 3 implementation, as well.
mips/libwvlevel3.a Level3 Library Jan 22 2016 14:30:27
arm/libwvlevel3.a Level3 Library Jan 22 2016 15:03:55
x86/libwvlevel3.a Level3 Library Jan 22 2016 13:52:29
b/26692954 [DRM] OEMCrypto v11 needed for Nexus devices
Change-Id: Ibb1384959620f63a1be1e82ce2952ec9f48f0d3e
This CL contains the level 3 oemcrypto library built for android. I
used the toolchain from the mnc-emu-release branch because I'm having
problems with the toolchain on master.
This includes the security patch API, and several bug fixes to the library.
Current versions:
mips/libwvlevel3.a Level3 Library Dec 17 2015 21:26:57
arm/libwvlevel3.a Level3 Library Dec 17 2015 21:09:47
x86/libwvlevel3.a Level3 Library Dec 17 2015 21:19:15
http://go/wvgerrit/16371 Level 3 OEMCrypto library
http://go/wvgerrit/16315 Security Patch Level - haystack version
http://go/wvgerrit/16282 Correctly handle null pointer in GetKeyData
http://go/wvgerrit/16294 Initialize data for generation number
http://go/wvgerrit/16280 Correctly handle bad RSA key
bug: 26089773
bug: 26092100
bug: 26086944
Change-Id: I3ea1b5d219dae0c88deafa742f61d67e97297902
Merge from widevine of http://go/wvgerrit/15778
This CL rebuilds the level 3 libraries with the android emulator
sdk_phone_*. This seems to avoid problems with the x86 build using
incorrect compiler flags.
Versions:
level3/mips/libwvlevel3.a Level3 Library Sep 28 2015 13:25:25
level3/arm/libwvlevel3.a Level3 Library Sep 28 2015 13:18:25
level3/x86/libwvlevel3.a Level3 Library Sep 28 2015 13:08:28
bug: 21766765
Change-Id: I0470d3ea55bf9fc18ff7c69f6f39d532c9865404
Merge from Widevine of http://go/wvgerrit/15507
This change recompiles the oemcrypto libraries on the emulators
because those should have the "least common denomintor" of compiler
options.
New Versions:
android/level3/mips/libwvlevel3.a Level3 Library Aug 27 2015 11:53:29
android/level3/arm/libwvlevel3.a Level3 Library Aug 27 2015 11:43:45
android/level3/x86/libwvlevel3.a Level3 Library Aug 27 2015 11:48:16
bug: 21766765
Change-Id: Ic69bacd71af835df940af1c21166b0ade57abf04
Merge from widevine repo of http://go/wvgerrit/14668
This CL modifies the multiplication routine to avoid memory cache
misses. This shows a 10-20% speed improvment in license requests on
an x86.
Level 3 library version:
level3/arm/libwvlevel3.a Level3 Library Jun 15 2015 14:09:24
level3/x86/libwvlevel3.a Level3 Library Jun 15 2015 14:09:10
bug: 18252910
Change-Id: I4429324374de46d1d710d5fcac80f7ed363c696c
Merge from widevine repo of http://go/wvgerrit/14502
If any OEMCrypto session call is made after Terminate is called, then
there was a null pointer access. This is protected by the oemcrypto
adapter, but could still be a problem in unit tests which by-pass the
adapter.
bug: 21642892
Level 3 versions:
level3/arm/libwvlevel3.a Level3 Library May 29 2015 14:03:11
level3/x86/libwvlevel3.a Level3 Library May 29 2015 14:03:12
Change-Id: I84fd098c2faea71a79bc21658485593e22a8e994
This is a merge from the widevine repo of http://go/wvgerrit/14262
This CL replaces AES with a psuedorandom number generator to encrypt
the needles in the oemcyrpto level 3 haystack. This speeds up the
overhead significantly, and reduces decrypt times by as much as 75%
for small buffers (1-3 kb). This makes the obfuscation slightly less
secure but is worth the overall performance boost.
Level 3 library versions:
level3/arm/libwvlevel3.a Level3 Library May 1 2015 15:45:12
level3/x86/libwvlevel3.a Level3 Library May 1 2015 15:45:55
b/19582757 L3 Widevine extremely choppy on Nexus 6 (480p)
Change-Id: I3077c04047a7f2da6f64869d7a9af5ddcc62671f
This is a merge from the Widevine repository of
http://go/wvgerrit/14024
Add Level 3 Oemcrypto Unit Tests To Run All Tests Script
This CL adds the ability to restrict the oemcrypto unit tests to only
use the fall back level 3. This restriction is per-process, and is
only used while running the unit tests. This allows us to automate
running the unit tests on an android device as both level 1 and level
3 without modifying files in /system/lib. To turn on the restriction,
set the environment variable: FORCE_LEVEL3_OEMCRYPTO=yes.
New level 3 library versions are:
level3/arm/libwvlevel3.a Level3 Library Apr 8 2015 13:09:05
level3/x86/libwvlevel3.a Level3 Library Apr 8 2015 13:15:42
http://go/wvgerrit/14055
Remove Redundant Tests
This CL modifies the UsageTableTests in oemcrypto_test.cpp so that
they are not all parameterized by new_mac_keys_. This parameter is
used when testing signatures. In particular, we do not need to verify
timing twice.
Also, I modified the run_all_unit_tests.sh script so that the
environment variable GTEST_FILTER is passed down to the android
process. This allows us to use the script to run a limited list of
tests while debugging.
http://go/wvgerrit/14054
Filter Out API Version 10 Tests
This CL updates the OEMCrypto tests so that all but one test will pass
for a device that implements the version 9 API.
Android LMP devices should pass tests with
GTEST_FILTER="*-*MNC*:*CanLoadTestKeys*"
http://go/wvgerrit/13886
Update Documentation about Optional Features
The intergration guide has been updated to include reference to
OEMCrypto_LoadTestRSAKey. It also now discusses optional features.
The Delta 10 document now mentions OEMCrypto_LoadTestRSAKey.
The android supplement warns that most optional features are required.
This also adds clarification about which functions should save the
usage table, in answer to:
b/16799904 OEMCrypto v9 ambiguous about saving usage table information
Change-Id: Ifb517d58952c9b332b2958ca99af64bc293b985f
Merge from Widevine repo of http://go/wvgerrit/10308
There was a memory leak in the oemcrypto RSA code.
Also, when saving the usage table, some session variables were
allocated twice. This results in session data being lost.
There were also some leaks and uninitialized values in oemcrypto_test.
I added some checks and profiling to the debug runtime for the
haystack. It will warn if a variable is left unencrypted or is
unencrypted twice. I also added the profile code.
Versions of L3 library:
android/level3/arm/libwvlevel3.a Level3 Library Apr 1 2015 11:40:06
android/level3/x86/libwvlevel3.a Level3 Library Apr 1 2015 12:44:32
b/19950814
Change-Id: Ic752e36c09fce121dcaf92f9209591e74f3eb070
This is a merge of http://go/wvgerrit/13710
The oemcrypto adapter loads a version 8, 9 or 10 library and adds
backwards compatibility for version 8 or 9.
The only function whose signature has changed from v9 to v10 is
OEMCrypto_GetHDCPCability. This CL adds backwards compatibility for
that function.
Level 3 libraries are now:
level3/arm/libwvlevel3.a Level3 Library Mar 17 2015 14:33:34
level3/x86/libwvlevel3.a Level3 Library Mar 17 2015 14:30:23
b/19785099 L1 Widevine missing/broken on master (Fugu)
b/19789909 L1 Widevine missing on master (AAY75B)
Change-Id: I9bd716f5cdffaf1bfbdfcd8ed067af3f5d0ac9ba
This is a merge of http://go/wvgerrit/13391 from the Widevine repository.
This CL adds the OEMCrypto version 10 API to the header, and changes
just enough code so that code still compiles. There are no unit tests
or implementation.
The level 3 libraries are just stubs so that tests will compile.
level3/arm/libwvlevel3.a Level3 Library Mar 11 2015 13:33:21
level3/x86/libwvlevel3.a Level3 Library Mar 11 2015 15:20:27
Change-Id: I41de753a2a60da29b756c3327341ece72069d8bb
(This is a merge of http://go/wvgerrit/13420 from the Widevine
repository.)
Generates new obfuscated libraries that include @kqyang's recent
changes to add OEMCrypto_GetMaxNumberOfSessions().
libwvdrmengine/level3/arm/libwvlevel3.a Level3 Library Mar 6 2015 15:16:17
libwvdrmengine/level3/x86/libwvlevel3.a Level3 Library Mar 6 2015 15:20:30
Change-Id: Ibea299a372617f98c0f24861c673f56a97845ad8
* Replace an stlport static assert with a C++11 static_assert.
* Move some libraries that were being built with the NDK but
statically included into platform code off the NDK.
* Rebuild the obfuscated binaries to use the new STL.
* Remove MIPS support temporarily due to an inability to generate
obfuscated binaries for it. (To be fixed in b/19482469.)
Bug: 15193147
Change-Id: Icc166583b0c6af68550baf17ab8c33076a1179d3
This is a merge of the widevine change:
https://widevine-internal-review.googlesource.com/#/c/11781
The OEMCrypto did not save the usage table correctly after a key was
loaded and not used.
Also, oemcrypto uses the keybox to verify and sign the usage table.
On library initialization, the usage table was being loaded before the
keybox, so the signature was not verified correctly.
Both these problems have been corrected.
Current Library Version:
arm: Level3 Library Nov 19 2014 16:53:43
bug: 17328418 Can't play pinned content
Change-Id: Ia753e2f47b36433931fbe8dba78939581e647222
This is a merge of the widevine CL:
https://widevine-internal-review.googlesource.com/11254
On arm64, some devices are having random issues that probaby relate to
a stale instruction cache. This code change flushes the cache for
pages that are going to be made executable.
b/17400000
Current Library Version:
arm64: Level3 Library Sep 25 2014 17:10:03
Change-Id: I3904e96e922654c055a478079aa52c29cbde8b9f
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11110/
The level 3 oemcrypto library version of DeactivateUsageEntry now
returns OEMCrypto_ERROR_INVALID_CONTEXT if there is no entry in the
usage table.
Current Library Version:
arm: Level3 Library Sep 3 2014 18:13:47
b/17373630
Change-Id: Iaeb65b4ad4b2b9f3c6733a2c9c8d96e2be263d09
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11030
It is an error for the key control block to have a nonzero replay
control flag and a null pst. This CL adds unit tests to
oemcrypto_test to verify that oemcrypto checkes this. A unit test is
also added for verifying that an offline license has a valid nonce the
first time it is loaded.
It also updates the reference implementation (mock) to check that the
pst is not empty when the replay control flag is nonzero.
It also updates the level 3 implementation to check that the pst is
not empty when the replay control flag is nonzero.
This change is compiled into the arm library, but because of
compilation errors, is not included in x86 or mips.
Current Library Version:
arm: Level3 Library Aug 27 2014 18:42:40
bug: 16525204 OEMCrypto unit test for reloading offline license
bug: 16844305 Mock OEMCrypto does not catch null pst
Change-Id: Icdb090e80fc92522c187b26f30e5ba082f26363b
Because the OEMCrypto_PST_Report is sent as a signed block to the
server, it needs to be a fixed, platform independent, size. This CL
adds the packed attribute to the structure, which reduces its size
from 56 bytes to 48 bytes.
Copy of widevine change:
https://widevine-internal-review.googlesource.com/#/c/10321/
Library Versions:
libwvdrmengine/level3/x86/libwvlevel3.a Level3 Library May 30 2014 15:40:50
libwvdrmengine/level3/arm/libwvlevel3.a Level3 Library May 30 2014 15:39:04
bug: 15184821
Change-Id: I54db2c3bbc4e20ee0c19c33d6fd56f86f432e110
This is a copy of the widevine CL.
https://widevine-internal-review.googlesource.com/#/c/10174/
This CL adds the OEMCrypto v9 functionality to the level 3 haystack
version of OEMCrypto. Mostly, this is to support usage tables.
The code is feature complete, but the timing tests are a little flakey
-- I'm not sure if the problem is in the code or if the test has too
tight a tolerance.
Also, the storage of the generation number needs to be made more
secure.
Change-Id: I73fecf8934b6a46785f1f8b6f40b40ffe39b88de
From Widevine CL:
https://widevine-internal-review.googlesource.com/#/c/9184/
This is some shim code that will load either an OEMCrypto
version 8 or version 9 library. This should allow us
to test and run stable devices until all OEM's have
updated to version 9.
Android Level 3 library versions are:
level3/mips/libwvlevel3.a Level3 Library Feb 27 2014 18:18:34
level3/x86/libwvlevel3.a Level3 Library Feb 27 2014 18:22:14
level3/arm/libwvlevel3.a Level3 Library Feb 27 2014 12:31:29
Change-Id: I82911e3b4d9056cf3c3ab2b47194fe81ac2776d9
Previously, Level 3 SelectKey returned no error when called before
any keys were loaded. After this CL, it will return
OEMCrypto_ERROR_NO_CONTENT_KEY.
Library version:
arm - Level3 Library Nov 20 2013 18:09:31
mips - Level3 Library Nov 20 2013 17:58:56
x86 - Level3 Library Nov 20 2013 18:13:01
bug: 11769839
Change-Id: I1b3f057e3ae9f2f174cae91f6849080345f02003
This CL contains working versions of the haystack tools and the
OEMCrypto Level 3 library for android ARM, MIPS and x86.
The version number of the level 3 library is:
android/level3/arm/libwvlevel3.a Level3 Library Nov 4 2013 18:39:06
android/level3/mips/libwvlevel3.a Level3 Library Nov 4 2013 18:42:29
android/level3/x86/libwvlevel3.a Level3 Library Nov 4 2013 18:41:07
bug: 9374954 MediaDrm haystack based L3 code hardening implementation.
Change-Id: Ifef13900a11e83e4257723d3c6fc7107550882a8
This merges the following changes from the Widevine CDM repository:
564f4cc Add CdmClientPropertySet to CDM
Adds an interface to the CDM that allows it to query its client for
certain properties. In this case, this includes the ability to
specify what security level is desired, as well as support for
service ceritifcate privacy mode.
9cfbd3e Force Level 3 fallback
Adds support for voluntarily invoking L3 crypto to the OEMCrypto
wrapper.
95d12c1 Add pointer to CdmClientPropertySet class to OpenSession.
Adds support for storing the property set on a session-by-session
basis and choosing the appropriate crypto level.
17de442 Add Settable Properties for Clank to Android
Adds support for setting the aforementioned properties to the
DrmEngine
bbe704d Fixes to force fallback to level three security
Corrections to invoke provisioning, OEMCrypto API with configured
security level rather than the default. Unit tests were also revised.
Note that some parts of this are also support for the ability to use
a service certificate-based privacy mode. The remaining code for
supporting this mode is still forthcoming.
Bug: 10109249
Change-Id: I2755e4dea1de3e8a56cff237360298f7b7f1bddc
This merges the following changes from the Widevine CDM repository:
1a72a7e Combine utility code into single library on Android
Combines several previously-separate files into a static library,
libcdm_utils, so that it can easily be used by both CDM and
OEMCrypto.
8c4d04d Install Keybox
If the keybox has not been installed, install it from
/factory/wv.keys.
Bug: 9972451
Change-Id: I8688ecd0adcf321e0c7d0faf55dd10f3910c12ec
The field provisioning code generates a randum number to use as the
device id, and then restricts the data to alphanumeric characters.
Previously, it could have also included a 0 byte in the data. This CL
corrects that.
bug: 9073146
Merge of https://widevine-internal-review.googlesource.com/#/c/5740/
from the Widevine CDM repository
Change-Id: Iaf3e9e733f7c66c19d4168178a8e25ee0ba7e936
