(This is a merge from http://go/wvgerrit/46447)
The Production Provisioning Service is moving to the "widevine.com"
certificate from the "license.widevine.com" certificate it was using.
This replaces the two places this certificate appears in the source
code. This is expected to be the last such update.
Also, the Staging Provisioning Service was already using this
certificate, but our code had it listed as using the old certificate. It
has also been updated.
Bug: 77244492
Test: CE CDM Unit Tests
Test: Android Unit Tests
Change-Id: I2ce14ea8e672c453ce0f74fbd3345f7e40f2f297
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: I7e041b6cdf3e272d067da49d25a297b4a4663f1f
[ Merge of http://go/wvgerrit/46623 ]
If corruption of the usage information file is detected while saving a
streaming license with a PST, usage information file is deleted, so that
a subsequent load keys may succeed.
Also when calling the MediaDrm API releaseAllSecureStops(), an error would
be returned if usage info file was corrupted. Since this file is
deleted successfully, errors have been replaced with warnings.
Bug: 73447733
Test: wv unit/integration tests
Change-Id: Ie4a63ac202fd6009609105f38ffa8a3b23ed334e
[ Merge of http://go/wvgerrit/46622 ]
Secure stop API related changes introduced in b/69674645 caused
segfaults on taimen/walleye but not other devices due to a difference
in OEMCrypto version.
Bug: 77294890
Test: WV unit/integration tests on sailfish and walleye
Change-Id: I8523ef283334d7d32d180e902072fe1dd6e665c1
Previously, we did not have a license request latency metric. This is a
notable limitation in our metrics. This adds a metric that captures the
timing between a GenerateKeyRequest and an AddKey operation.
Bug: 72994956
Test: New unit tests. Google Play
Change-Id: If99c187399c02f9b5d4c355732af7588bbbefb11
A few metrics were missing or not properly collected in the CDM metrics.
This CL addresses them.
Bug: 64570194
Bug: 72866232
Test: Unit tests and Google Play manual test.
Change-Id: I3a3aa4fb3eb8422c9c8c398016f02409307beb33
Merge of http://go/wvgerrit/45520/
Bug: b/70650789
Test: request_license_tests and GTS tests on sailfish and taimen
This is related to b/70650789. An extra call to DeriveKeysFromSessionKey
in the case where there is a provider session token results in the
OEMCrypto mock incorrectly using the derived mac keys to sign the release
message, since a future call to LoadKeys is never called.
(This is a merge of http://go/wvgerrit/46203)
Previously, IsProvisioned() only confirmed the existence of a
certificate file, not whether the contents of that file were actually
valid. This patch changes its behavior so that it actually validates the
loadability of the file before returning.
This is sufficient to resolve Netflix's use case in b/65835227, but it
is only part of the solution for Android's use case in b/72353451. A
second patch will be required to cover cases where the certificate can
be loaded but cannot be used with the current OEMCrypto or with the
server.
Bug: 65835227
Bug: 72353451
Test: Android and CE CDM unit tests
Change-Id: Id3987a6f3c4097d7d356dfa631b023287354439a
Changes to a much more efficient and more reusable protobuf format for
metrics.
Test: Widevine tests, Google Play and MediaDrm CTS test.
Bug: 73724218
Change-Id: I3299051d7a16bcd7758c8f272415ca40e10c1313
[ Merge of http://go/wvgerrit/45661 ]
This test was written to verify that the last 50 entries were maintained
by the usage table (OEMCrypto v9-11). With OEMCrypto v13+, that limit has
been removed and this is no longer an appropriate test. I have
disabled the test for now and will replace/rewrite with one
appropriate for big usage tables.
Bug: 30022298
Test: Ran cdm_extended_duration_tests
Change-Id: I23d54bb57c92b391f80817945626898fd590078f
(This is a cherry-pick of http://go/ag/3684977 that got left behind when
pi-dev was branched.)
The various Shared Source CDM groups have agreed on a more unified
version numbering scheme. Henceforth, the pattern for the version number
will be:
<max-oemcrypto-version-supported>.<minor-version>.<patch-version>
Where "minor-version" and "patch-version" are incremented independently
at the discretion of each CDM product.
This patch updates the version number for the Android CDM to match the
new scheme and updates the relevant tests.
Bug: 73090259
Test: request_license_test --gtest_filter=VersionNumberTest.*
Merged-In: Idcead5d92565dd549aa35565da632f01abb9e513
Change-Id: Idcead5d92565dd549aa35565da632f01abb9e513
[ Merge of http://go/wvgerrit/44921 ]
* Added the ability to remove a single usage information record.
* Added a method to retrieve all secure stop Ids.
Bug: 69674645
Test: WV unit, integration tests
Change-Id: I04ac8224b4bdda69541e61ff1103af3836138228
CdmEngine::QueryStatus was mapping all error codes
returned from crypto_session.Open to INVALID_QUERY_STATUS
which caused important failure information to be lost.
The GTS DrmSessionManagerTest test was failing as a
result, because session reclaiming no longer worked.
merge of http://go/wvgerrit/44800
bug:72705384
test:gts DrmSessionManagerTest
Change-Id: Id404a18b8f66cf6137b69f6b4e1bdd7004706a0c
(cherry picked from commit 6aad0f77cb)
Merge from Widevine repo of http://go/wvgerrit/44505
This CL changes the certificate provisioning code to verify the
provisioning message using a cert from license.widevine.com instead of
the staging certificate.
It also adjusts the certificates in config_test_env.cpp because the
license and provisioning servers are different and may probably have
different certs.
bug: 73031756
test: unit tests with mock oemcrypto, and read oemcrypto on sailfish
Change-Id: I4b457a369a49ef07bda9e5632ab59e5f621ec966
Merge from Widevine repo of http://go/wvgerrit/43720
This CL changes the cdm engine test's Provision method so that it
keeps OEMCrypto alive during the provisioning. This is only needed
when testing with the oemcrypto mock and the nonce flood rate has been
throttled to 1. In that case, if OEMCrypto is allowed to terminate
between each request, all nonce requests will be an error.
Keeping OEMCrypto alive does not modify the desired test results when
oemcrypto is not throttled.
This CL changes test code only.
bug: 73607610
test: unit tests
Change-Id: I71b27b1bb8200188a0a821afc977d7a9cc7fd968
Merge of http://go/wvgerrit/43541
Test: Unit/Integration tests
b/73500155
This change uses the same clear data as the kCenc30Cbc1Key33Sample to
verify decryption, since it shares the same key as opposed to the
32Sample.
Merge from Widevine repo of http://go/wvgerrit/43440
This CL changes several tests so that they abort after multiple
failures. This prevents a network error from putting one of the usage
table tests into an infinite loop.
bug: 73397596
test: unit tests
Change-Id: Iaaec9eb2b39a6a2b2cfc90ee1c28bae0486aa851
Merge from Widevine repo of http://go/wvgerrit/43420
Remove or mark unused variables. Fix unsigned/signed comparisons.
bug: 73390805
test: unit tests
Change-Id: Ic523400a5decf82fae733042b260e0c39a087cd3
Merge from Widevine repo of http://go/wvgerrit/43401
This turns off a bunch of unused typedef warning messages
test: unit tests
bug: 70894426
Change-Id: I8c0f02b98a2e89c4623c942a0981f01f3fe47da6
[ Merge of http://go/wvgerrit/43281 ]
Bug: 73164325
Test: WV unit/integration test, playback tests using Netflix and
Play Movies.
Change-Id: Ifc3dd8863da1616eb4a7df35ad010f53b6d5e3d2
[ Merge of http://go/wvgerrit/43240 ]
HDCP related changes were made in http://go/wvgerrit/42602. This
also changed the string values returned in the HDCP query command.
This CL reverts changes to the string values as were specified in
the Widevine Modular DRM Plugin vendor extensions document. Changing
them at this point will impact applications.
Bug: 70278160
Test: WV unit/integration tests, GtsMediaTestCases, playback using
Play Movies and Netflix.
Change-Id: I20171a8272aeeff5007cf90c9939b2ce1ce0fb13
[ Merged of http://go/wvgerrit/39766 ]
The security level (software/hardware, decryption/decode)
in the policy that specified how the key was to be used was
not being respected for L3. Playback would either continue or
a vendor specific error would be thrown.
If the device cannot use the key as permitted by the policy
CryptoException#ERROR_INSUFFICIENT_OUTPUT_PROTECTION will be thrown.
Bug: 31913737
Bug: 31913439
Test: WV unit/integration tests
Test: Playback using playmovies and netflix. Cast playback using
playmovies.
Change-Id: If25735ab0f789108431115623cb236687c5ef818
[ Merge of http://go/wvgerrit/42444 ]
This covers cenc, cens, cbc1 and cbcs. This also covers
HLS v2 format.
b/70684636
Test: Verified using WV unit/integration tests
Change-Id: I3e85b496d29b91c514f0bb806712cdf0cee12903
[ Merge of http://go/wvgerrit/42103 ]
* While deprecating keyboxes as identification, some code to
restore a license was mistakenly removed in http:://go/wvgerrit/36740,
http://ag/3442777
* Corrections to keep track of cipher mode, call SelectKeys when cipher
mode changes and to use the backward compatible LoadKeys call in case
OEMCrypto is v13.
Bug: 70160032
Test: Ran WV unit/integration tests. Request license test failures
have been addressed.
Change-Id: Id03c50874085af6d9985d10c19a74a02efb7a1f5
Merge from Widevine repo of http://go/wvgerrit/42102
The unit test should use the real system id if it is using a real
oemcrypto.
test: ran unit tests on sailfish.
bug: 72718962
Change-Id: Ib58a47976f85b840c6f34d379b1c020e7e85d59a
* changes:
Fix some unit tests
Add basic handling for entitlement keys in a license.
Refactor key sessions to move them out of crypto session.
Fix entitlement keys encryption and content key loading.
Merge from Widevine repo of http://go/wvgerrit/42020
This CL fixes the OEMCrypto unit tests for refresh license.
Test: ran unit tests
bug: 64851667
bug: 72497813
Change-Id: Ice1661fd832793358b725be9016d85465f6b8d14
