[ Merge of http://go/wvgerrit/194930 ]
[ Cherry-pick of http://ag/26577931 ]
OEMCrypto v17 introduced higher granularity in the device's HDCP V1
levels. Previously, all HDCP v1.x were group together. The change
was aimed towards server policy enforcement, not device enforcement.
Core code was updated, and could then be reflected in license
requests; however, reporting the new v1.x subversions was never
exposed to the higher app layers.
It is likely that devices which attempted to use specific 1.x versions
encountered test failures (for both CE CDM and Android CDM) as neither
implementations could handle such versions when communicating with
the app.
This change updates both CE CDM and Android CDM:
1) The CE CDM now uses the same subversion version comparisons as
performed by the core code.
2) The Android CDM will now recognize new HDCP levels, and not return
unexpected values.
Bug: 329155501
Test: run_x86_64_tests
Test: request_license_test on Oriole
Change-Id: I61fc0f11808f594456bd00210fd9b2bb5ed16c0e
[ Merge of http://go/wvgerrit/189650 ]
The CDM session shares its CryptoSession instance with a few additional
member objects (CdmLicense and PolicyEngine). When the CDM session's
crypto session is reset, it must also reset the CdmLicense and
PolicyEngine otherwise, a potential stale pointer reference may occur.
Test: request_license_test on Oriole
Test: WVTS on Oriole
Bug: 311239278
Change-Id: Ie175513ae652dcd96e12e5e1def574a8a56d5863
Merge of
https://widevine-internal-review.git.corp.google.com/c/cdm/+/193670
Default to OEMCrypto_CipherMode_CBC instead of OEMCrypto_CipherMode_CENC
which is not used by CAS.
Test: CAS unit tests
Bug: 325639114
Bug: 322928572
Change-Id: I8876d5262643015fb6a322eae6444ef4001d146d
Get the udc-widevine-dev Android branch and oemcrypto-v18 cdm branch in
sync. The commit ID for 18.4 on oemcrypto-v18 is
a2f23a2281e5e06dc2867585bdc516fa132b6396.
Merged from go/wvgerrit/190151
Bug: 290252845
Test: WVTS tests are running and passing
Change-Id: I457332e7ca70a5b5169345e1279b3eb9f18413b6
[ Merge of http://go/wvgerrit/148949 ]
For ATSC licenses use ATSC certificates/private keys rather than
any cert/private key specified in the license.
Bug: 216420542
Test: WV unit/integration tests
Change-Id: I12541577e672c67cc4c6eb3365e48bf2034fd9a4
[ Merge of http://go/wvgerrit/187610 ]
[ Partial cherry-pick of http://ag/25096962 ]
The removeOfflineLicense() API in the Media DRM plug would attempt
to remove the specified license from L1, then retry L3 if L1 failed
for any reason. This causes error emitted by L1 to be masked by
errors emitted from L3. In particular, if an internal error occurs
on L1 when removing the license, because the plugin would then
try L3 which does not contain the license, the app will receive either
a "does not exist" or "needs provisioning" error from L3.
This CL changes the plugin to first determines which security level
the license exists for. Then only attempts removal on that security
level.
Bug: 301910628
Bug: 291181955
Bug: 296300842
Bug: 302612540
Test: MediaDrmParameterizedTests GTS on oriole
Change-Id: I5fbb6805e598650f9b384a3b0e8d67f1c2a0f78d
[ Merge of http://go/wvgerrit/187610 ]
[ Partial cherry-pick of http://ag/25096961 ]
Certain GTS tests do not fully consider restrictions on ATSC devices.
In particular, GTS assumes if there are any key set IDs returned to
the app via the MediaDrm API, then the device must already be
provisioned. ATSC license are special in that they may be available,
but the CDM is not provisioned while outside of ATCS mode.
To work around this assumption made by GTS, we filter out ATSC licenses
returned by getOfflineLicenseKeySetIds() when the device is not in
ATSC mode, and filter out non-ATSC license when it is in ATSC mode.
This is only a soft enforcement mechanism as calling the API with a
valid ATSC license while outside ATSC mode (or a non-TSC license in
ATSC mode) will continue to result in the failures experienced by
certain OEMs.
Bug: 301910628
Bug: 291181955
Bug: 296300842
Bug: 302612540
Test: MediaDrmParameterizedTests GTS on oriole
Change-Id: Idb1853a7b7c93c7f22bc4db530ec26f20402dbb7
[ Merged of go/wvgerrit/186370 ]
CDM by default allows test keybox from device side.
Bug: 299987160
Bug: 301669353
Change-Id: I06f1936ccd068eb71364a5a8931970954233b686
[ Merge of http://go/wvgerrit/183472 and http://go/ag/24537206 ]
For provisioning 4.0 devices, the DRM certificate serial number
was changing on a reprovisioning attempt or factory reset. The
app parameters sent up in the client identification name-value
pair field were being filtered out in provisioning requests.
This has been corrected for provisioning 4.0 stage 2
(DRM certificate request). There is no need to include them for
stage 1 (OEM certificate request).
The test case WvCdmRequestLicenseTest.ProvisioningSpoidTest
was created earlier to ensure that SPOIDs and DRM certificates are
stable. Unfortunately due to another bug b/250099615, the RKP service
was holding a connection to the Widevine TA for provisioning 4.0
devices. When native tests ran as their own process, L1 would fail
to load due to a connection failure and the test would run as L3.
The tests passed for provisioning 4.0 devices Pixel 7 and 8 when
they should have failed. This gave us a false sense of confidence
that the SPOIDs were stable.
For now a workaround is to run a shell command to kill the widevine
TA before running native tests.
$ adb shell pkill -f -9 widevine
New tests have been introduced to provide integration coverage
WVPluginTest at the WV plugin level and CoreIntegrationTest
for core. GTS tests are also being written in b/295538002.
Bug: 294451432
Bug: 293950895
Test: WVPluginTest.ProvisioningStableSpoidTestL1, WVTS tests
Change-Id: Ib9ace4387866ea38bb1840feb69cea78d2d2c09c
[ Merge of http://go/wvgerrit/183472 ]
For provisioning 4.0 devices, the DRM certificate serial number
was changing on a reprovisioning attempt or factory reset. The
app parameters sent up in the client identification name-value
pair field were being filtered out in provisioning requests.
This has been corrected for provisioning 4.0 stage 2
(DRM certificate request). There is no need to include them for
stage 1 (OEM certificate request).
The test case WvCdmRequestLicenseTest.ProvisioningSpoidTest
was created earlier to ensure that SPOIDs and DRM certificates are
stable. Unfortunately due to another bug b/250099615, the RKP service
was holding a connection to the Widevine TA for provisioning 4.0
devices. When native tests ran as their own process, L1 would fail
to load due to a connection failure and the test would run as L3.
The tests passed for provisioning 4.0 devices Pixel 7 and 8 when
they should have failed. This gave us a false sense of confidence
that the SPOIDs were stable.
For now a workaround is to run a shell command to kill the widevine
TA before running native tests.
$ adb shell pkill -f -9 widevine
New tests have been introduced to provide integration coverage
WVPluginTest at the WV plugin level and CoreIntegrationTest
for core. GTS tests are also being written in b/295538002.
Bug: 294451432
Bug: 293950895
Test: WVPluginTest.ProvisioningStableSpoidTestL1, WVTS tests
Change-Id: Ib9ace4387866ea38bb1840feb69cea78d2d2c09c
The following files have been updated as part of this change:
libwvdrmengine/prebuilt/v17/android.hardware.drm-service.widevine
Built here: ab/P61807725
The change is generated with prebuilt drop tool.
Bug: 297297678
Test: com.google.android.wvts
Change-Id: I1d91131c16a044aa4f3aad0afc2857fb74182851
The following files have been updated as part of this change:
libwvdrmengine/prebuilt/v17/android.hardware.drm-service.widevine
Built here: ab/P61073747
The change is generated with prebuilt drop tool.
Bug: 291139517
Test: com.google.android.wvts.MediaDrmParameterizedTests#testValidateMetrics[L1] and 3
Change-Id: I66e2c03ba226c6404ee0c92ab84e07f187a20b32
[ Merge of http://go/wvgerrit/181151 ]
[ Cherry-pick of http://ag/24103737 ]
For devices with a large number of usage entries, when restoring the
usage table a capacity check is performed. This checks that a new
entry can be created. This test was originally added as some devices
might enter a "stuck" state the table cannot be initialized.
To perform this test, a temporary crypto session is created and an
entry is created for that session. After successfully creating that
entry, the entry is deleted. However, because the session was left
open, the entry could not be deleted.
This change closes the capacity-check-session before deleting the
entry, as well as includes additional logs for helping future debugs.
Bug: 286176947
Bug: 291351287
Test: usage_table_header_unittest
Test: Android GTS R11 on oriole
Change-Id: I6923de00175f70b2392bfe581ca5f9ae60c4af25
(cherry picked from commit 8b4bbeeb6f440c48a3250b961f7a7dab2472d7e9)
(cherry picked from commit bb925c46e5)
[ Merge of http://go/wvgerrit/181152 ]
[ Cherry-pick of http://ag/24137228 ]
Partners have requested that we log HDCP information during certain
operation:
1) Current and max HDCP capability when calls to decrypt or select
key failure due to insufficient or mixed HDCP levels.
2) Current, desired and default HDCP level when video contraints
are not met.
To avoid spamming the logs, decrypt failures are only logged on their
first occurrence, and unmet video constrains when one of the
requirements change.
Bug: 276686656
Bug: 292005982
Test: license_keys_unittest
Test: Android WVTS on oriole
Change-Id: I98b18e66d7ce1c474a018ae83af4f1c0b03308df
(cherry picked from commit c84b9afd38)
