android

Author	SHA1	Message	Date
Rahul Frias	81d607c008	Merges to android Pi release (part 9) These are a set of CLs merged from the wv cdm repo to the android repo. * Make Android NDK Builds Work With Latest BoringSSL Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37000 ] The latest updates to BoringSSL require C99 or later. Our NDK-based builds (OEMCrypto Variants & Fastball) were not specifying a C standard. This patch adds compiler flags so that C files are compiled as C11 now. Note that this is about the C standard in use, not the C++ standard, which this patch leaves untouched. BUG: 67907873 Test: build_android_mock.sh * Update BoringSSL to f7412cb072cc6b1847140e0c4f8b3ceeccd0e708 Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36761 ] This is the result of running UPDATE_BORINGSSL.sh. Future runs of this script should produce much smaller sets of changed files, but because the BoringSSL revision already in this directory was so old and contained many extraneous files from the Android operating system, the set of changed files is extensive this time. BUG: 67907873 * Refactoring the build files. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/37041 ] Move all common build dependencies to .gypi so that all fuzz test binary targets can be added to .gyp file without repeating code. * Introduce service certificate request property Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36941 ] Platforms differ on whether they allows service certificates to be requested if privacy mode is enabled and a certificate is not present. This property allows behavior to be configurable. Generating the service certificate request will be introduced in a follow on CL. BUG: 68328352 * Deprecate using keyboxes as identification Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36740 ] Previously some platforms supported using keyboxes rather than certificates as the identification tokens in the license request message. All platforms that share core CDM code of the master branch now either provision using a keybox and use a DRM certificate or an OEM certificate as identification. No future usage of keyboxes as identifying tokens is planned. Since the platform property use_certificates_as_identification is always set to true, the negative code paths are never taken and can be removed. * OEMCrypto_GenerateSignature API Fuzz Test. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36863 ] - The first automated API fuzz test. - Also sumitting the corpus for the API fuzzed. * Add Script to Update BoringSSL from Source Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36760 ] Adds a script to third_party/boringssl/ that, when run, deletes all the auto-generated files in the generated/ directory and regenerates them from scratch, starting from the latest public HEAD of BoringSSL. Bug: 67907873 * Fix Fastball / OEMCrypto Variant BoringSSL Makefiles Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36926 ] Previously, when moving the BoringSSL source within the tree, I was not able to verify that I had not broken the NDK-compatible makefiles used by Fastball because that build is broken on master. I had to make a best-guess as to how they should be updated and hope. Now, however, I have been informed that the OEMCrypto Variants also use these makefiles, and I have been able to use that build to find where I broke them and get them fully working. Bug: 67386164 Test: build_android_mock.sh * Add kit/ to BoringSSL Include Path for Fastball & OEMCrypto Variants Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36925 ] When I moved the BoringSSL source in the tree, I updated the Android.mk files that pointed to it in order to build it. I did not realize that some makefiles outside that directory also contained hardcoded pointers into that directory. These references broke after the move. This patch fixes those paths to point to the new BoringSSL location. Bug: 67386164 Test: build_android_mock.sh * OEMCrypto Unit Test Refactor. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36562 ] Refactoring OEMCrypto Tests so the Session Utility test code can be reused in fuzz tests. * Reorder license server config table to match ids Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36743 ] * Separate Hand-Written BoringSSL Files from Downloaded/Generated Ones Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36561 ] I want to make updating BoringSSL as simple as possible for us going forward. A future commit will add a script that automatically downloads and sets up the latest version of BoringSSL. To facilitate this script, a clear distinction needs to be made between the files that can be downloaded with / regenerated from the BoringSSL source and the files that are maintained by us by hand. The version of BoringSSL in this change is exactly the same as the one already in this directory. It has just been moved one folder deeper. Bug: 67907873 * Remove BoringSSL Symlinks, They Are Confusing Gerrit Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36560 ] There are some symlinks in the current copy of BoringSSL that are causing headaches when I try to upload future changes to Gerrit. These were inherited from the Android OS and are not used by our build anywhere. They would be wiped out when I update BoringSSL anyway, but wiping them out in a separate change before I upload any other changes avoids confusing Gerrit. Bug: 67907873 * Add group master key id to support sublicense master key rotation, and content identification. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36180 ] * OEMCrypto Fuzzer test framework Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36280 ] - Adding a sample fuzz test. - Adding build scripts for building the new Fuzz Tests to come. Design doc: go/oemcrypt_ref_impl_fuzz * Build Mod Mock with C++ 11 Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/36328 ] This should fix the android oemcrypto mock build: http://go/wvbuild/job/Android_OEMCrypto_Variants BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: Ic4d5be3118ef97e3f7d386149a2b5d9be8f0a87e	2018-01-16 19:31:28 -08:00
Rahul Frias	1884cf738e	Merges to android Pi release (part 8) These are a set of CLs merged from the wv cdm repo to the android repo. * Android build fixes Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36322 ] * Address android compilation errors and warnings Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36300 ] * Gyp cleanup and OpenSSL v10.1 support. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/36001 ] OpenSSL 10.1 has a small number of incompatible changes. A desktop system upgrade exposed some issue in the build scripts. Specifically, the linux build was using both third_party/protobufs (2.6.1) and the version installed on the system (3.0 in this case). The linux cdm.gyp depended on cdm/cdm.gyp which caused that plus some additional issues. These changes are necessary to support g++ version: g++ (Debian 6.3.0-18) 6.3.0 20170516 Also did some cosmetic rework on run_current_tests to make it easier to figure out what is going on when something fails. Also tweaked some of the compiler settings for g++ support (revisit this later). * Refactored Service Certificate encryption to allow encryption of arbitrary data. Author: Thomas Inskip <tinskip@google.com> [ Merge of http://go/wvgerrit/36141 ] * Send cdm test requests to UAT. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36221 ] This change resolves the all of the CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer tests. The license servers will return different keys and keyids. Sending the request to staging returned key ids and keys that were not matching what was expected in the unit tests. * Fix for building L3 OEMCrypto with clang and libc++ Author: yucliu <yucliu@google.com> [ Merge of http://go/wvgerrit/35740 ] 1. Include <time.h> for time(time_t). 2. Create endian check union on stack. Clang may create const union somewhere else, which may cause crash. Remove error result when a sublicense session does not exist. This is not considered an error. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36080 ] * Set default mock handler for GetSupportedCertificateTypes for all unit tests and removed the use of StrictMock from MockCryptoSession. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35922 ] The handler for this was only set for one test and resulted in a number of failures. * Set default handler for GetHdcpCapabilities. For now the default action is to call the real GetHdcpCapabilities of crypto_session. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36140 ] I also changed the mock to a NiceMock to silence responses to unexpected calls to GetHdcpCapabilities. The default handler can be overridden as needed in the individual tests. This resolves the policy engine test failures. * Finalize merge of cdm_partner_3.4 to master. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35360 ] This is the final set of updates to merge all v3.4.1 changes into master. * Embedded license: Sublicense rotation. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35360 ] Handle sublicense rotation event. * Embedded license: Initial license phase. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/34280 ] Initial license phase - key loading subsession. * Embedded license: generate session data. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33722 ] Generate session data and add it to the license request for any embedded license material. * Resolve missing symbol when building cd-cdm Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35840 ] * C++11: Replace OVERRIDE def with override keyword Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35400 ] BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c	2018-01-16 19:29:39 -08:00
Rahul Frias	387147dffe	Merges to android Pi release (part 2) These are a set of CLs merged from the wv cdm repo to the android repo. * Update service certificate. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28065 ] The updated service certificate fixes a number of failing tests. There are still some that fail, apparently due to mismatches with key set IDs and usage tables. Also updated QA server URL to point to QA proxy (although neither can be used by this client). Also fixed segfault in CdmTest.ListUsageRecords. * Add CDM APIs for Handling Service Certificates. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28064 ] The responsibility for managing Service Certificates has been moved out of the CDM. Instead, provide CDM and CdmEngine methods to generate a service certificate request message, and handle a service certificate response. The API client can use these calls if it needs to get the service certificate from the License Server. These functions assume the request and response are base64 (web-safe) encoded (see b/37481392). Not all servers are operating this way yet. Any adaptations for non-compliant servers is handled outside the CDM. See test WvCdmEnginePreProvTest::ServiceCertificateRequestResponse in cdm_engine_test.cpp for an example of this. These changes also eliminate the stored init_data and deferred license type which were used to perform a service certificate request during a license request. * Fix and rename ClosesSessionWithoutReturningError test. Author: Edwin Wong <edwinwong@google.com> [ Merge of http://go/wvgerrit/27880 ] ClosesSessionWithoutReturningError should not check for Status::OK since it is expecting an error code back. The test is renamed to ClosesSessionWithError. Test: libwvdrmdrmplugin_hidl_test BUG: 62205215 * Get rid of default service certificate. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27981 ] Instead, we need at least two service certs - one for the QA/Test servers, and one for UAT (and prod?) There are still some issues around the signature verififcation of the service cert, and in license_unittest.cpp, the use of the default service cert has been commented out. I don't know why this test needs a service cert. If it really does, then the same mechanism that is used elsewhere for selecting a specific server type will be needed here. BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: Ieab815fb202c809ad5714cd0364c4bdfa068f77d	2018-01-16 19:22:48 -08:00
Rahul Frias	0419b55222	Merges to android Pi release (part: 1) Below are a set of CLs being merged from the wv cdm repo to the android repo. * Fix handling of OEM Cert public key. Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/27921 ] This is a potential fix for b/36656190. Set aside public key on first call to get the public key, and use it afterwards. This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(), which has side-effect of staging the OEM private key. This also fixes a problem where the public cert string was not being trimmed to match the size returned by OEMCrypto_GetOEMPublicCertificate(). * Complete provisioning request/response for Provisioning 3.0 Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27780 ] Fix bug on provisioning request path where GenerateDerivedKeys() was being called when preparing to generate the signature. Add message signature verification, and call correct OEMCrypto routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30). * Implement Cdm::deleteAllUsageRecords() Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27780 ] Delete all usage records for current origin. Removes usage records from file system and retains the PSTs. The deletes any usage entries matching those PSTs held by OEMCrypto. BUG: 35319024 * Remove stringencoders library from third_party. Author: Jacob Trimble <modmaker@google.com> [ Merge of http://go/wvgerrit/27585 ] We have a fork of the stringencoders library that we use for base64 encoding. This reimplements base64 encoding to remove the extra dependency and to reduce the amount of code. * Add Cdm::deleteUsageRecord() based on key_set_id. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/27605 ] Delete specified usage record from file system usage info and from OEMCrypto. BUG: 35319024 * Modifiable OEMCrypto Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/24729 ] This CL adds a new variant of the OEMCrypto mock code that adjusts its behavior based on a configuration file. This is intended for testing. For example, a tester can set current_hdcp to 2 in the options.txt file, push it to the device, and verify that a license is granted for HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and push the file to the device. Playback should stop because the license is no longer valid. This variant uses a real level 1 liboemcrypto.so to push data to a secure buffer. That means we can test playback for a license that requires secure buffers on an Android device with real secure buffers. BUG: 35141278 BUG: 37353534 BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I58443c510919e992bb455192e70373490a00e2b6	2018-01-16 19:21:54 -08:00
Adam Stone	1b9c6ea789	Fix support for app package name. The app package name was not being reported to the media stats. This change adds the package name as part of the report to media stats. This is one of two parts to this change. The other part is in frameworks/av. Bug: 64584568 Test: Unit tests, GTS tests, tried with Google Play Movies. Change-Id: I1ca09db3a59d9a0950f424d977f8774dffd09c2b	2017-09-06 22:25:13 -07:00
Adam Stone	4d6cfd414c	Fixes reporting of dynamic adapter metrics. The metrics from the dynamic adapter were not previously being reported. This change allows them to be reported when all other DRM metrics are reported. Bug: 64566432 Test: Unit tests, GTS tests, and Play movies. Change-Id: I916fb028146fdd04b4cf5bbb5c10ecdaffae6c95	2017-09-05 11:11:49 -07:00
Adam Stone	5d2693536c	Apply recommended type and name changes to metrics. Bug: 36220619 BUG: 64071905 Test: Re-ran existing unit tests. Ran GTS tests. Tested with Google Play. Change-Id: I79ddc8ed3290e6d74364cf96305054e55243c5ff	2017-08-29 17:12:44 -07:00
Adam Stone	457aceb859	Fixes metrics collection during CdmEngine close. This fixes a problem where a CdmEngine instance (and its sessions) could be closed before its metrics could be collected. The change allows the wv_content_decryption_module to extract metrics from instances about to be closed. These are held until reported to the caller. Test: Manually verified that collection is now occurring correctly. Also added unit test: wv_cdm_metric_test. This is a merge from wvgerrit/29069 Change-Id: If82bfd5cae3b72b9d14ab4741424a7ae7cc0a3a6	2017-07-12 13:07:15 -07:00

8 Commits