This is based on a patch submitted by Amlogic.
When we're doing decrypt fallback, either in the CDM or the OEMCrypto
tests, we sometimes fall back to a point where we're synthesizing new
samples and/or subsamples for the content being decrypted. When this
happens and the output buffer is clear, we should limit the size of the
output buffer to only the space needed to hold the output.
Previously, we've been passing the entire output buffer to every call.
This can create a problem if the reason for the fallback is a lack of
enough memory to communicate the buffers to the TA, since the output
buffer will remain the same size as the total output. Restricting the
buffer passed to each call to only the space needed by that call will
reduce the memory requirement.
Bug: 354834629
Test: x86-64
Merged from https://widevine-internal-review.googlesource.com/204810
Merged from https://widevine-internal-review.googlesource.com/204953
Change-Id: I412f43d8f88c72072ef1dd5293436bdb58e500b3
[ Merge of http://go/wvgerrit/201577 ]
[ Cherry-pick of http://ag/28133919 ]
VIC specific: No DRM reprovisioning support
The SystemIdExtractor did not properly define behavior when working
with opened/closed CryptoSessions. Due to the CryptoSession's class
dual role of being both a session and a general handle into the
crypto engine, small bugs relying on undefined behavior which happened
to return expected output allowed tests to pass.
This CL makes the following changes:
1) Have SystemIdExtractor verify caller expectations when session is
open.
2) Improved SystemIdExtractor to operate when CryptoSession is opened
or closed.
3) Updates several SystemIdExtractorTest cases to better test defined
behavior without relying on undefined behavior.
4) Better code comments; hopefully some which will help prevent future
misuse of the internal APIs.
Test: system_id_extractor_unittest on Oriole
Test: WVTS on oriole
Bug: 329713288
Change-Id: I65518fe62f43e8060ea752852eb08a3d7132e2a0
The original clear lead integration tests weren't following the flow of
the original bug because there was only one sample, so
DecryptMultipleSamples wasn't being called in the same way. This should
fix this.
Bug: 320785945
Merged from https://widevine-internal-review.googlesource.com/198137
(cherry picked from commit 4141e271d44c32da88dc0f02a0173fae0b45ead9)
Change-Id: Ia70e3fd78381d8d34261b95931fdb303f77f73fd
[ Merge of http://go/wvgerrit/197972 ]
The test only needs to verify that the license has a renewal
server url. It does not need to fetch a renewal from that url.
bug: 338103523
Change-Id: I1513f8692089c3f51a53ffd6ecb62348702b8fb8
The test server for UAT and for the SDKs now accept the same
url format for renewals.
Bug: 328763985
Change-Id: I1a58412047735efa26da7986bf19fa9a7fbaf374
Also added a unit test to verify that decryption without a license fails
with the correct error code. Also changed comment types for policy
integration tests and core integration tests to be picked up by Doxygen.
Bug: 320785945
Merged from https://widevine-internal-review.googlesource.com/194910
Change-Id: Ibdb70683003bb430dde9b4a1bd9fc9839bace342
* changes:
Unit tests for forbidden RSA key usage
Add DRM reprovisioning request generation
Correct copyright header
Fix bcc length for printing
Update ODK version to 18.4
Adjust skipping tests when provisioning skipped
Change test storage to use protobuf
Remove WvCdmEnginePreProvTestStaging
Rename and clarify Drm Reprovisioning token types
The SetUp for child classes do not automatically quit when
the parent SetUp is skipped.
Bug: 305093063
Change-Id: I606a949ef0e94fa87a97268856b7f2d8b9135ebe
[ Merge of http://go/wvgerrit/194310 ]
Resize bcc to the correct length to eliminate the trailing zeros.
Bug: 330645490
Test: core unit tests
Change-Id: I56b6d30120735a4d7a0f39f29a9f255bd2d2d18c
[ Merge of http://go/wvgerrit/194254 ]
For some platforms, we cannot provision. In this case, any
test that needs provisioning is skipped. However, when a
test is skipped in a subroutine, the rest of SetUp is still
run. Any failures in SetUp will cause the test to be marked
as a failure.
This CL duplicates the check for skipping the test in SetUp
and in TearDown.
Bug: 329467151
Test: WV and unit/integration tests
Change-Id: I0087b12a3f26b52ecf62bf7b0e7bcf4fa2c6c763
[ Merge of http://go/wvgerrit/193190 ]
This changes the persistent test storage to use protobufs instead of
manual parsing. This simplifies the code but makes the files less
"human readable". Files can be read using 'gqui' if needed.
Bug: 312529037
Test: unit/integration tests
Change-Id: I1b025eac96458c0061e0883e1e4fd05484842ff2
[ Merge of http://go/wvgerrit/194370 ]
This test explicitly provisions against the staging server,
which we do not require from partners.
Bug: 329293570
Test: WV unit/integration tests
Change-Id: Id88840f188ec99b386837d83f69844b0990594a9
[ Merge of http://go/wvgerrit/194374 ]
Renames and adds clarifying comments to Drm Reprovisioning token types.
All provisioning methods can be forced to reprovision by apps which can
cause reprovisioning to be an overloaded term. Renaming token types
used by the Drm Reprovisioning method to more clearly state they are
used for Drm Certificate Reprovisioning should help to avoid confusion.
This change also adds comments to help clarify when and where Drm
Reprovisioning is used as a provisioning type.
Bug: b/305093063
Test: WVTS
* Added dependency to dynamic perf tests to fix missing header build
error.
Change-Id: I158eb5672ad9e655a60bc68e0f4f2f7a0d464b4e
[ Merge of http://go/wvgerrit/192010 ]
Updates the CDM to add support for DRM reprovisioning request creation.
- Load the baked-in certificate for use as the client token.
- Add functions to build and sign a drm reprovisioning request.
- Update the Rikers L3 OEMCrypto implementation to support signing
provisioning requests and getting embedded certificate.
- Update client id token to handle DRM reprovisioning.
- Add OEMCrypto function to load the baked-in device certificate in
Rikers CDMs and stubs for non-Rikers CDMs.
- Add dynamic adapter support for getting embedded device certificate
only on L3.
Bug: 305093063
Test: WVTS
Change-Id: I9a0ecf95e27213b046f03baa0781fb164179323b
[ Merge of http://go/wvgerrit/189590 ]
[ Cherry-pick of http://ag/26541307 ]
The CDM session shares its CryptoSession instance with a few additional
member objects (CdmLicense and PolicyEngine). When the CDM session's
crypto session is reset, it must also reset the CdmLicense and
PolicyEngine otherwise, a potential stale pointer reference may occur.
Test: request_license_test on Oriole
Test: run_x86_64_tests
Bug: 311239278
Change-Id: Ie175513ae652dcd96e12e5e1def574a8a56d5863
[ Merge of http://go/wvgerrit/194050 ]
OEMCrypto v17 introduced higher granularity in the device's HDCP V1
levels. Previously, all HDCP v1.x were group together. The change
was aimed towards server policy enforcement, not device enforcement.
Core code was updated, and could then be reflected in license
requests; however, reporting the new v1.x subversions was never
exposed to the higher app layers.
It is likely that devices which attempted to use specific 1.x versions
encountered test failures (for both CE CDM and Android CDM) as neither
implementations could handle such versions when communicating with
the app.
This change updates both CE CDM and Android CDM:
1) The CE CDM now uses the same subversion version comparisons as
performed by the core code.
2) The Android CDM will now recognize new HDCP levels, and not return
unexpected values.
Bug: 329155501
Test: run_x86_64_tests
Test: request_license_test on Oriole
Change-Id: I61fc0f11808f594456bd00210fd9b2bb5ed16c0e
functions
In CL https://widevine-internal-review.git.corp.google.com/c/cdm/+/183531
KDF was merged into new OEMCrypto_LoadLicense() and
OEMCrypto_LoadProvisioning().
This change renames L3 existing old functions with suffix _V18, and adds
the two new functions.
Note: jenkins/run_dynamic_level3 and jenkis/run_level3_static_tests
can't be enabled util https://b.corp.google.com/issues/320525541 is
resolved.
Test: the generated L3 from this CL can pass static and dynamic adapter
tests with commit ID 567069f2fb800c4ec4e844e03273d1924ae6673b. More
updates may be need to L3 source for it to work with the latest
oemcrypto-v19 branch.
Bug: 299333403
Change-Id: If6dec630c00b65468d4194196f3ff6f308c6dbe8
Since the L3 functions are meant to alias the OEMCrypto functions,
they shouldn't appear in a namespace.
Change-Id: I8d11279ff86c5b5c9eab0598d134f6904f0021ad
BCC supports two types of format: CBOR and X509. The latter will be
used by Chrome OS. In case of Prov4, BCC type will be queried by
OEMCrypto_GetBCCType() and the returned value is populated in the
provisioning request.
This CL adds X509 type to protobuf, a call from CDM to query BCC type
and OEMCrypto adapter changes for this call.
Test: run_fake_l1_tests, opk_ta_p40
Bug: 307969500
Change-Id: I88acc36da6cb413d537a9ea9dfd2a150d4557595
The deprecated GenerateDerivedKeys_V18() should only be called by
OEMCrypto_PrepAndSignProvisioningRequest() in case of prov2.
Test: run_dynamic_oemcrypto_v18_p40
Bug: 317900423
Change-Id: Iff75c26a3ea107fb01e636c53528e845e24193bd
Also removed L3 function pointers to the function headers added in
go/wvgerrit/186010 because they weren't stubbed out and was causing the
new script to fail.
Bug: 293359147
Change-Id: I15606bb636a8bd2637bcf48c421a85d82044762b
Add new OEMCrypto_GetBCCType() function in v19.
Re-generate serialization and test files.
Test: opk_ta, opk_linux_ipc_ta, run_fake_l1_tests
Bug: 297918188
Change-Id: Id5f422776cd50c71ab483c06bbe3ac399461fb31
This updates the code and tests to allow for using license protocol 2.2
when using OEMCrypto v19.
Issue: 80428549
Issue: 121031064
Issue: 232464183
Change-Id: Ib6bb61f86dd310b566227462658530bca5940b88
Since we want to migrate to using GTEST_SKIP to skip unit tests instead
of GTEST_FILTER, we can remove the RestrictFilter() function which
filters the tests out using GTEST_FILTER. To do this, the RSAPerformance
test needs to be removed, which is acceptable since no one uses this
test anymore. However, b/299135804 is being used to track a new way to
either execute/track permance.
Bug: 251240681, 299135804
Change-Id: Ife59c468ee127f4c39d3be91707ca38a061b7895
Since KDF functions are only used right before specific functions, this
merges them to simplify internal state within OEMCrypto.
Fixes: 299527712
Change-Id: I426cfcdc102bd73cf65cd809b213da2474f44b34
In v19, SetDecryptHash() was updated to only work with CRC-32.
While updating OEMCrypto, L1 (opk, intertrust, etc.) and L3, the
V18 version was not added to the dynamic adapter. This change
adds the backwards compatible call for L1s running V18 and earlier.
Bug: 296918528
Test: run_dynamic_oemcrypto_v18
Change-Id: I8f3efc1ffac4fa7a87e029166ee866567829897d
The current implementation of OEMCrypto_SetDecryptHash gives developers
flexibility to use different types of hashes. However, all the
implementations we have seen thus far use crc32. Because of this, crc32
should be sufficient and we can refactor OEMCrypto_SetDecryptHash to
only use the crc32 hash.
Bug: 287706586
Change-Id: I4aaa253b2656dfd9c984f77dfb08fe160b23b47c
