[ Merge of http://go/wvgerrit/23522 ]
A helper method has been added to CryptoSession to determine whether the
TEE supports usage tables, usage table headers+entries or does not
provide any support for persistent licenses.
In addition
* CryptoSession now supports deletion of multiple
usage entries rather than a single one.
* Typedefs have been added for usage table headers and entries
b/34327459
Test: Verified by unit/integration tests on angler.
Change-Id: I634d3b7b81ce94d1deccd2a7aaf26b9efde414a8
[ Merge of http://go/wvgerrit/23600 ]
This adds a new entry to IStorage:: -
bool list(std::vector<std::string> file_names)
It returns the name of each file in the (origin-specific) file system.
b/34628115
Uses the current file system (origin-specific) bound to the CDM. Returns
the list of stored licenses (key_set_ids) in vector output parameter.
Test: verified by unittests on angler.
Change-Id: I988556b27c2a4b75f52b59bcd78cfeaddd649acd
Merge from widevine of http://go/wvgerrit/23283
This CL adds the backwards compatiblity functions to the new usage
tables in the oemcrypto mock reference code.
b/31458046
b/32554171
Change-Id: I04901d95aceb8910406f7c514c26c29c2c575322
As a large number of provisioning errors can come from failures
initializing OEMCrypto we need to collect these messages.
Errors and warnings were only printed to the log. This
change takes those messages and puts them into the oemcrypto
intialization mode metric.
"Mode" was chosen as most messages were about how oemcrypto
was initialized (e.g. into L3 because no L1 library was found).
Test: Ran all GTS Media Tests
Bug: 34782934
Change-Id: I1fcdd74c99011d53bdffe9609d2f4c46c222e2f6
There were warnings about unused parameters and unnecessary "const"
that were hiding other warnings. This change resolves those
warnings and resolves some constructor list ordering warnings
that were hidden among the other warnings.
Bug: 34784667
Change-Id: Ied78b00d3565abd66f90dbd1f4cce635dae7b957
This change is the complete Widevine metrics system. It will
measure and record runtime information about what is happening
in the CDM - such as errors and throughput.
Bug: 33745339
Bug: 26027857
Change-Id: Ic9a82074f1e2b72c72d751b235f8ae361232787d
[ Merge of http://go/wvgerrit/23380 ]
The service certificate was setup correctly if specified in mediadrm
properties. If instead the service certificate was later fetched from
the license service, it would not be marked as valid. This led to an
infinite loop of service certificate fetches and processing. This
prevented the license from being fetched and playback failures.
b/34638410
Test: Verified by new service certificate unittests + Hulu playback
using fugu.
Change-Id: I2a4f8754614fccdad3c80d3e13fba0b44d177d61
[ Merge of http://go/wvgerrit/23167 ]
This allows CryptoSession to support the new functionality added to
OEMCrypto to support big usage tables. No changes in behavior yet.
Code that calls these methods will be in a subsequent CL.
b/34327459
* Minor changes to cdm/Android.mk and cdm/test/unit-test.mk to remove
profiler changes that were missed in previous releases.
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I9becd97c5a8ddf74d30fabd1251e796b534c010f
Merge from widevine repo of http://go/wvgerrit/22664
This logs an error message when oemcrypto returns an error for
GetKeyData, and it updates the level3 to return a different error code
depending on which error was returned.
We have seen some provisioning errors in the field caused by GetToken
failing, but with no more information. This should close that barn
door a little tighter.
Change-Id: Ie70980bbc3ac1353b76b668f12addf76c5e53cb8
Merge from Widevine repo of http://go/wvgerrit/23166
This changes OEMCrypto_CreateUsageTableHeader so that the new header
is passed back in a buffer to the cdm layer.
I hacked out the haystack call and just stubbed out the mock call.
This should still build and run with previous liblevel3.a builds.
I also removed from the header some function names that are no longer
part of OEMCrypto v13.
bug:31458046
Change-Id: Ie490c482fe2457076f9026369f4b4b9491a4eb81
(This is a merge of go/wvgerrit/23182)
This patch adds the framework for Stable Per-Origin Identifiers to the
CDM. Calculating SPOIDs will be done on the client-side, and they are
sent as part of the provisioning request. SPOIDs are also available to
the app as the Device Unique ID, replacing the previous method of
returning the actual Device Unique ID from the keybox / OEM certificate.
Different SPOIDs must use separate storage, just as different origins
already do. Support for this has been added to the Android adapter to the
CDM Core. However, the code in the Android glue layer that would drive
this behavior will be checked in in a separate change. As such, all
Android devices will continue using the legacy behavior even after this
patch goes in, until the glue layer code can be updated.
Bug: 27101531
Test: CE CDM Unit Tests
Test: Linux Jenkins Unit Tests
Test: Android Unit Tests (with and without SPOIDs forced on)
Test: Android GTS Tests
Change-Id: Ia0caf890381cbcb97504d08b19aeab8b29bd07ae
(This is a merge of go/wvgerrit/23154)
This patch updates the ClientCapabilities protobuf to match the latest
on the server side and adds plumbing to the provisioning request
process so that devices can report whether they like big certs.
Their capacity to lie remains untested.
Bug: 34076937
Test: license_unittest
Change-Id: I3bcc9f1741146953d8bc0ff3d7d2305e7ac2c118
[ Merge of http://go/wvgerrit/23161 ]
The usage table redesign will require storing usage table headers
and usage entries in non-secure persistent store. This information
will be signed by the TEE to prevent against modification. New
Storage and retrieval methods have been added for usage table headers,
while usage entries will be stored alongside (offline) licenses and
(secure stops/)usage info.
b/34327459
Test: All unittests, including newly introduced ones other than some
oemcrypto, request_license_test passed. Those tests failed with or without
this CL.
Change-Id: I9b8d6210e33774b0803f8af1711b2d593d467aec
[ Merge of http://go/wvgerrit/23061 ]
b/34131127
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I27a3cde8e5c86dc8f9b26f9d4e7793f86c016743
[ Merge of http://go/wvgerrit/22980 ]
System Renewability Messages (SRM) contains a list of Key Selection
Vectors, which are HDCP Identifiers that have been revoked.
During HDCP negotiations a transmitter may authenticate a receiver
and verify that its unique identier is not present in the SRM.
This CL enables reporting of the current SRM version and whether SRM
updates are supported. It also loads SRM updates in the license
and specifies SRM version requirements when keys are loaded.
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
b/28955520
Change-Id: Id840078ea2deb01d9619c1cd8d367b50452f76cc
* changes:
Remove missing tests from build_all_test script
Replace PST Report with buffer
Add InactiveUnused to Usage Report status
OEMCrypto v13 Header and Stubs
Log HTTP errors in unit tests
Rename oemcrypto's CryptoEngine configuration functions.
Move keybox and root certificate handling into new class.
Test OEMCrypto with backwards compatible verification
Merge from Widevine repo of http://go/wvgerrit/23044
On some platforms, the compiler will not pack structures. This CL
replaces the OECrypto_PST_Report packed structure with a simple buffer
of uint8_t. This changes the signature of OEMCrypto_ReportUsage as
part of OEMCrypto v13.
There is also a new wrapper class that test code, the mock, and debug
code can use to access data in the report.
The old packed structure definition is moved to the level 3, where we
use a compiler that packs sructs when asked nicely.
arm/libwvlevel3.a Level3 Library 4445 Jan 20 2017 11:29:15
x86/libwvlevel3.a Level3 Library 4464 Jan 20 2017 11:10:49
mips/libwvlevel3.a Level3 Library 4465 Jan 20 2017 10:56:08
b/32180083
Change-Id: Ie138f034cb12780a2f8636888cebf022c52169e5
Merge from Widevine repo of http://go/wvgerrit/22963
This change kInactive to kInactiveUsed and adds kInactiveUnused to the
possible values for the status field in the Usage Report. This CL
updates the header, the unit tests, and haystack and reference code.
b/32714323
Change-Id: If8d8e32ea1e3dc18da34e5fae35f578b027de9c7
Merge from Widevine repo of http://go/wvgerrit/22899
This is most of the header changes for OEMCrypto v13. This updates
just enough of the code that existing unit tests build and pass.
The documentation will be reviewed in http://go/wvgerrit/22887. When
that CL has been approved, comments in the code will be updated to
match.
Real code will be broken into several other CLs.
bug:31458046
arm/libwvlevel3.a Level3 Library 4445 Jan 17 2017 20:01:26
x86/libwvlevel3.a Level3 Library 4464 Jan 17 2017 19:00:37
mips/libwvlevel3.a Level3 Library 4465 Jan 17 2017 19:24:35
Change-Id: I0318c53235c0b33afb623cba933365e09dec4e61
Merge from Widevine repo of http://go/wvgerrit/23028
This logs the full response when the status code causes a gtest to
fail. I hope we can figure out why the buildbot has flakey tests.
Change-Id: I498e633ad65fde4473e01ea227ffe75755fb4fd9
[ Merge of http://go/wvgerrit/22900 ]
Add GetClientToken(), GetProvisioningToken(), GetPreProvisionTokenType()
to CryptoSession. They return the correct token bytes and token type
for preparing the ClientIdentification message for provisioning and
license server transactions.
Also refactor service certificate handling.
OEM certs are introduced in Provisioning 3.0
b/30811184
* Address build breaks
[ Merge of http://go/wvgerrit/23162 ]
This addresses issues introduced by http://go/wvgerrit/22900
b/30811184
* When http://go/wvgerrit/18012 was merged (ag/1446934) some changes
were not merged for mapErrors-inl.h. These changes are included in this CL.
* When ag/1678104 was reverse merged to http//go/wvgerrit/21981/ a variable
was renamed and some comments were added to add clarity in cdm_engine.cpp.
These changes are included in this CL.
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: Ie0215509f2f985f2a610f5a4c865db47edec8662
[ Merge of http://go/wvgerrit/22565 ]
When using the grace period, the CDM will need to override the values
given to use by the TEE (through OEMCrypto). Normally the first (and
last) decrypt times are stored securely by the TEE. To avoid extra
complexity in OEMCrypto, we will simply ignore the values given to us
by the TEE when using this feature.
However, the TEE will still enforce the (hard) license duration. So
only the rental/playback durations will be affected by malicious
editing of files.
b/34211676
Test: Reran unittests including newly added tests. All tests other than
some oemcrypto, request_license_test passed. Those tests failed with
or without this CL.
Change-Id: I6d7b5bfb669fd8603b474b68c2f7175b0c30901d
* CDM license protocol updates
[ Merge of http://go/wvgerrit/22789 ]
No functional changes (yet) - all tests in widevine_ce_cdm_unittest
run successfully.
* Address android test build failures
[ Merge of http://go/wvgerrit/22983 ]
Updates to the license_protocol.proto in go/wvgerrit/22789
did not include the integration tests for android.
b/34202048
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: Ib9041d397187859b8fcbc1b1f7d275f8c4ef6aba
[ Merge of http://go/wvgerrit/18290 ]
Now uses the "individualization-request" message type to provision
the device, instead of using global provisioning. This also allows
per-origin provisioning and storage in CE.
b/27170580
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I6fc39d7ccc3952e7269426d6d95767f53b787d54
This is a merge of go/wvgerrit/22806
This change removed the oemcrypto profiler to allow
the new metrics system free-reign over how to collect
and store measurements.
Bug: 33745339
Bug: 26027857
Change-Id: I6b9051faa6835f13860258c94f8bcfd3a59f1be6
(This is a merge of go/wvgerrit/22949)
Starting with OEMCrypto v12, we are guaranteeing to integration partners
that the buffers passed to OEMCrypto_DecryptCENC and
OEMCrypto_CopyBuffer will not be more than 100KiB (102400 bytes) in
size. For requests larger than this, we will first try to send the
buffer to OEMCrypto anyway. (in case the integration supports buffers
larger than the minimum) In the event that the buffer is rejected, we
will break it up into 100KiB chunks and send them down individually for
decryption.
Breaking a subsample into smaller subsamples necessitates knowledge of
how to update other decryption parameters (like the offsets and the IV)
that previously the CDM Core has not needed to know about. Until now,
this knowledge lived in the glue layer on the Android CDM and nowhere
on the CE CDM. Now, the CryptoSession has a subset of this knowledge, in
order to break up buffers successfully.
For testing purposes, the Mock OEMCrypto has been modified to only
support the smallest buffer size. In order to make sure the chunking
code was being exercised by them, the CE CDM tests had to have the
amount of data they decrypt increased by several orders of magnitude. To
contain this growth, I have moved the test data to its own file.
Bug: 31381719
Test: Ran the updated CE CDM integration tests
Test: Modified the OEMCrypto dynamic adapter to pretend both L3 and L1
only support 100KiB buffers on a Marlin and a Ryu. Confirmed that the
GTS H.264 tests (which have subsamples over 100KiB) passed still. A
similar test was attempted on Fugu but Fugu cannot pass these tests even
without this change present.
Change-Id: Iabe7db3d87554cd1352f10a7524cd55352818397
(This is a merge of go/wvgerrit/23080)
Updates the Widevine version number and canary for the Android O
release. Widevine is now at v5.0.0 on Android.
Bug: 34114979
Test: request-license-test
Change-Id: I19558d6b297263f816522176a5649be70b471073
[ Merge of http://go/wvgerrit/22564 ]
b/34211676
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I20474339aa1777da2db3677c10f186726505ecc8
[ Merge of http://go/wvgerrit/20205/ ]
This is separate from the server certificate used for license
requests.
b/34211823
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: I23abdf276f8d3db9222f014175d0bb5094010a04
[ Merge of http://go/wvgerrit/17958 ]
This CL might help diagnose the build bot problem.
b/34261498
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I71e48284b52a1177c6e3b4c9a8bdd12b77cc9f2d
[ Merge of http://go/wvgerrit/22517 ]
b/34211676
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I86a2ff041aae57ac46e9f9f7bac38ec4599a0fa7
[ Merge of http://go/wvgerrit/22516 ]
b/34211676
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: Ie973f468f9efd05bdafcf90164dae185a6ce11dc
[ Merge of http://go/wvgerrit/22237 ]
This only changes the existing fields of the policy.
License::Policy::license_duration_seconds represents the end time
(relative to the license start time) that the license can be used.
This overriding other times if this is earlier.
License::Policy::rental_duration_seconds represents the end time
(relative to the license start time) that the license can be used
before playback starts. Once playback starts, this no longer applies.
License::Policy::playback_duration_seconds represents the end time
(relative to the playback start time) that the license can be used after
playback has started.
b/34211676
Test: Ran new unittests and reran old tests. All tests other than some
oemcrypto, request_license_test passed. Those tests failed with or
without this CL.
Change-Id: I34e7e39a7ab864300806c557b480f093aec8e545
