Merge from widevine repo of http://go/wvgerrit/14125
This copies code from http://go/wvgerrit/13847 to the oemcrypto unit
tests. It puts the test name in the log file.
I also commented out some unused function parameters to avoid compiler
warnings.
Change-Id: I3ba259de2f408ec60e90db7f0ea1524d5aa8f8a4
This is a merge from the Widevine repository of
http://go/wvgerrit/14024
Add Level 3 Oemcrypto Unit Tests To Run All Tests Script
This CL adds the ability to restrict the oemcrypto unit tests to only
use the fall back level 3. This restriction is per-process, and is
only used while running the unit tests. This allows us to automate
running the unit tests on an android device as both level 1 and level
3 without modifying files in /system/lib. To turn on the restriction,
set the environment variable: FORCE_LEVEL3_OEMCRYPTO=yes.
New level 3 library versions are:
level3/arm/libwvlevel3.a Level3 Library Apr 8 2015 13:09:05
level3/x86/libwvlevel3.a Level3 Library Apr 8 2015 13:15:42
http://go/wvgerrit/14055
Remove Redundant Tests
This CL modifies the UsageTableTests in oemcrypto_test.cpp so that
they are not all parameterized by new_mac_keys_. This parameter is
used when testing signatures. In particular, we do not need to verify
timing twice.
Also, I modified the run_all_unit_tests.sh script so that the
environment variable GTEST_FILTER is passed down to the android
process. This allows us to use the script to run a limited list of
tests while debugging.
http://go/wvgerrit/14054
Filter Out API Version 10 Tests
This CL updates the OEMCrypto tests so that all but one test will pass
for a device that implements the version 9 API.
Android LMP devices should pass tests with
GTEST_FILTER="*-*MNC*:*CanLoadTestKeys*"
http://go/wvgerrit/13886
Update Documentation about Optional Features
The intergration guide has been updated to include reference to
OEMCrypto_LoadTestRSAKey. It also now discusses optional features.
The Delta 10 document now mentions OEMCrypto_LoadTestRSAKey.
The android supplement warns that most optional features are required.
This also adds clarification about which functions should save the
usage table, in answer to:
b/16799904 OEMCrypto v9 ambiguous about saving usage table information
Change-Id: Ifb517d58952c9b332b2958ca99af64bc293b985f
This is a merge from the widevine repository of
http://go/wvgerrit/13923 Switch openssl to use the EVP interface for aes-ctr-128
http://go/wvgerrit/13979 Add Test Certificate to OEMCrypto Mock
http://go/wvgerrit/13978 Add Test Keybox to Level 3 OEMCrypto
http://go/wvgerrit/13873 Enable OEMCrypto Unit Tests
This CL adds a main program to oemcrypto_test.cpp, which filters out
tests that are not supported on the specified platform. It also adds
LoadTestKeybox to the mock. This allows oemcrypto unit tests to be run
on devices that have production keybox. It also allows the same set
of unit tests to work on Android and on non-Android platforms.
b/18962381 Use test certificate (partial fix)
b/19867990 Separate cast receiver tests
Change-Id: If89c31530103ed85aa37d7379bd5b4dc2a927f38
Merge from Widevine: http://go/wvgerrit/14022
This test will be called by GTS test to verify secure stops
are reporting the correct time during online playback.
bug: 18625670
Change-Id: Ieb2b9ad860d796eea3c63c4fb349f4e3c6ac8f34
This change:
1) Switches the Makefiles over to using LOCAL_STATIC_LIBRARIES, which I
understand is the new hotness, rather than setting a -I flag directly.
2) Switches to the non-deprecated _ex versions for EVP_EncryptFinal.
3) Uses the EVP_PKEY interface for checking PSS signatures. This is the
only supported interface in OpenSSL: the PSS padding check functions are
only exported in upstream OpenSSL because it's a library from the 90s
and they don't have a concept of "unexported". Also, by using the EVP
functions, OpenSSL/BoringSSL can do a better job of being constant-time.
Since there aren't any obvious tests for checking that the signtaure
verification still works, I tested with the code in the referenced
paste, which includes both the old and new verification functions and
checks that they both work on a sample signature. (And I also checked
that they both fail when a bit in the signature is changed.)
https://paste.googleplex.com/5747976139964416
Change-Id: Iae7409c53eeea9c3892a32c180d7181d72467dcb
Merge from Widevine repo of http://go/wvgerrit/10308
There was a memory leak in the oemcrypto RSA code.
Also, when saving the usage table, some session variables were
allocated twice. This results in session data being lost.
There were also some leaks and uninitialized values in oemcrypto_test.
I added some checks and profiling to the debug runtime for the
haystack. It will warn if a variable is left unencrypted or is
unencrypted twice. I also added the profile code.
Versions of L3 library:
android/level3/arm/libwvlevel3.a Level3 Library Apr 1 2015 11:40:06
android/level3/x86/libwvlevel3.a Level3 Library Apr 1 2015 12:44:32
b/19950814
Change-Id: Ic752e36c09fce121dcaf92f9209591e74f3eb070
Copy from Widevine repository of http://go/wvgerrit/13841
This CL adds a nonblocking CopyBuffer to OEMCrypto, its unit tests,
and plumbs it up to the cdm CryptoSession and CdmEngine.
b/19543782
Change-Id: I4c88bd2f8d7f67ecccb549c1934b7c0da15a8429
Merge from Widevine repo http://go/wvgerrit/13818
This CL adds the ability to query OEMCrypto about the key control
block and duration of a key that has been loaded. There are unit
tests and implementation in the level 3 and reference implementation.
b/18503541
Change-Id: I8e40d90a3c64c1ce030af6fef9e98c8eac0df1a5
Merge from Widevine repo if http://go/wvgerrit/13781
This CL adds several unit tests that are specifically designed to test
features that are required for Android CDM but not other platforms.
Once this CL has been merged, future CLs will modify the main
oemcrypto test file so that some tests are skipped if their features
are not implemented.
Change-Id: I55b8cbb9c13d2db88bd4f56bba31a4aab3306067
(This is a merge of http://go/wvgerrit/13761 from the Widevine
repository.)
This cleans up our includes to be in Google Style Guide order and in
alphabetic order, for the parts of the code that are expected to
follow Google Style.
This also converts places in our code that were including C headers
in the C++ style (i.e. <cstring> instead of <string.h>) to use C style
instead. This is because, although it was not causing problems for us
yet, on Android these actually include different headers. (<cstring>
is provided by libcxx, while <string.h> is provided by Bionic)
Lastly, this change puts all headers that do not come from within our
project in <brackets> instead of "quotes," which was not being done
consistently.
This change is explicitly NOT trying to standardize the spacing of our
header includes. I have tried to respect, in each file, the spacing
style already present.
Change-Id: If3dc06532ab9b68010285d64518ef21dce3d6354
This is a merge of http://go/wvgerrit/13701 and http://go/wvgerrit/13780.
I added a new set of engine properties for the mock oemcrypto. This
set pretends to be level 1. This allows the widevine build bot to test
the dual security level path: a level 1 liboemcrypto.so and a fall
back to L3.
I also adjusted the failing test in oemcrypto_test.cpp. A correct fix
requires us to rewrite some of the oemcrypto mock code so that it
returns real error codes instead of just 'false' on error.
Change-Id: I9cdbfc23c87ad2fb6068eac1394ce4c5b6a32dae
This is a merge of http://go/wvgerrit/13693 in the Widevine
repository.
This adds level 3 and mock implementation and unit tests for the
OEMCrypto function OEMCrypto_ForceDeleteUsageEntry. It also plumbs
this function up into CdmEngine, CdmSession, and CryptoSession so that
deleting all usage information for a given app id will now delete the
entries in OEMCrypto, too.
b/18194071
Change-Id: Iaea4034a507b323878657215784edfe95876386a
This is a merge of http://go/wvgerrit/13391 from the Widevine repository.
This CL adds the OEMCrypto version 10 API to the header, and changes
just enough code so that code still compiles. There are no unit tests
or implementation.
The level 3 libraries are just stubs so that tests will compile.
level3/arm/libwvlevel3.a Level3 Library Mar 11 2015 13:33:21
level3/x86/libwvlevel3.a Level3 Library Mar 11 2015 15:20:27
Change-Id: I41de753a2a60da29b756c3327341ece72069d8bb
The OEMCrypto library should prevent too many nonces from occuring in
a row. Previously, we tested that GenerateNonce generated an error if
there were too many nonce requests.
This CL makes it possible for OEMCrypto to delay the return from
GenerateNonce if there are too many requests. This is an equally
valid solution to the nonce flood attack.
This is a unit test change only. No production code is affected.
This is a merge from the widevine repository of:
https://widevine-internal-review.googlesource.com/#/c/11604/
bug: 17630253
Change-Id: Ie97f712d70230cd8e7ea7089da0aa18039673bb4
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11110/
The level 3 oemcrypto library version of DeactivateUsageEntry now
returns OEMCrypto_ERROR_INVALID_CONTEXT if there is no entry in the
usage table.
Current Library Version:
arm: Level3 Library Sep 3 2014 18:13:47
b/17373630
Change-Id: Iaeb65b4ad4b2b9f3c6733a2c9c8d96e2be263d09
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11030
It is an error for the key control block to have a nonzero replay
control flag and a null pst. This CL adds unit tests to
oemcrypto_test to verify that oemcrypto checkes this. A unit test is
also added for verifying that an offline license has a valid nonce the
first time it is loaded.
It also updates the reference implementation (mock) to check that the
pst is not empty when the replay control flag is nonzero.
It also updates the level 3 implementation to check that the pst is
not empty when the replay control flag is nonzero.
This change is compiled into the arm library, but because of
compilation errors, is not included in x86 or mips.
Current Library Version:
arm: Level3 Library Aug 27 2014 18:42:40
bug: 16525204 OEMCrypto unit test for reloading offline license
bug: 16844305 Mock OEMCrypto does not catch null pst
Change-Id: Icdb090e80fc92522c187b26f30e5ba082f26363b
Copy of widevine change:
https://widevine-internal-review.googlesource.com/#/c/10910/
This CL adds a leading 0 to integers in the RSA test key in
oemcrypt_test.cpp. Before this CL, versions of OEMCrypto that
correctly interpret the encoding were treating some large
integers as negative.
bug: 16876126
Change-Id: I1990fdb09509c15566d12d4cfcd055e9d200e08a
Because the OEMCrypto_PST_Report is sent as a signed block to the
server, it needs to be a fixed, platform independent, size. This CL
adds the packed attribute to the structure, which reduces its size
from 56 bytes to 48 bytes.
Copy of widevine change:
https://widevine-internal-review.googlesource.com/#/c/10321/
Library Versions:
libwvdrmengine/level3/x86/libwvlevel3.a Level3 Library May 30 2014 15:40:50
libwvdrmengine/level3/arm/libwvlevel3.a Level3 Library May 30 2014 15:39:04
bug: 15184821
Change-Id: I54db2c3bbc4e20ee0c19c33d6fd56f86f432e110
This is a copy of the widevine CL.
https://widevine-internal-review.googlesource.com/#/c/10174/
This CL adds the OEMCrypto v9 functionality to the level 3 haystack
version of OEMCrypto. Mostly, this is to support usage tables.
The code is feature complete, but the timing tests are a little flakey
-- I'm not sure if the problem is in the code or if the test has too
tight a tolerance.
Also, the storage of the generation number needs to be made more
secure.
Change-Id: I73fecf8934b6a46785f1f8b6f40b40ffe39b88de
This is a copy of https://widevine-internal-review.googlesource.com/#/c/10040/
The message size was wrong on several OEMCrypto_RewrapDeviceRSAKey
unit tests. The function was supposed to fail in these tests.
However, a vendor found that they were failing with a different error
code because the buffer size was incorrect. Now the function should
fail with the correct error code, and the test should pass for the
vendor.
Change-Id: Iea27b489f9bc386241d9add4f99ccb50560dfef6
This is a copy of the Widevine CL:
https://widevine-internal-review.googlesource.com/#/c/9708/
This CL refactors some of code in oemcrypto/mock and oemcrypto/test in
preparation for adding usage table code.
Change-Id: I7e58c8ecd6d92b3e177cb915733212fcad645485
This is a copy of the Widevine CL:
https://widevine-internal-review.googlesource.com/#/c/9480/
This change is part of OEMCrypto API version 9.
This CL adds verification that a key control block which requires a
specific version of HDCP can be loaded. Also, if secure data path is
not set, it verifies that data is still decrypted.
This CL also adds test that verify DecryptCTR fails when the current
HDCP version is below that in the key control block. The expected
error is OEMCrypto_ERROR_INSUFFICIENT_HDCP. This error code is newly
introduced in this CL.
This is one attempt to clarify HDCP, as specified in b/13626021, and
is a slight modification from previous behavior for the mock and the
level 3 haystacked code.
This CL also tests the two valid verification codes "kctl"
and "kc09".
bug: 13626021
Change-Id: If380709d2306a3489470b29fb148a45b609b089d
This is a copy from the Widevine CDM repository:
https://widevine-internal-review.googlesource.com/#/c/9177/4
This CL modifies some unit tests to make sure that OEMCrypto returns
the correct error code when the key has expired. This behaviour is
required for OEMCrypto version 9.
It also updates the code for the reference implementation and the
Level 3 implementation.
This is half of b/9205119
The other half is for the CDM layer to respond to this error code.
bug: 9205119
Change-Id: I60f934886f4ecdd1ee04825dea289fda1c0a4303
From the Widevine CDM repository:
https://widevine-internal-review.googlesource.com/#/c/9182/
This CL adds a test to verify that at most 20 nonces may be created in
one second. This should prevent the replay attack that an
appplication could do by generating large quantities of nonces until
it finds a repeat.
I've also updated the Level 3 and reference implementations.
This feature is required for OEMCrypto version 9.
Change-Id: Ia86323133810fcbbd79d7bb27bd5a004d7c87314
From the Widevine CDM repository:
https://widevine-internal-review.googlesource.com/#/c/9183/
This adds unit tests for RSA signing with PKCS1 block type 1. It also
adds a reference implementation. This is part of OEMCrypto v9.
Change-Id: I2a40dbff65f6e09d75f16ae048499512f60c168d
This CL contains working versions of the haystack tools and the
OEMCrypto Level 3 library for android ARM, MIPS and x86.
The version number of the level 3 library is:
android/level3/arm/libwvlevel3.a Level3 Library Nov 4 2013 18:39:06
android/level3/mips/libwvlevel3.a Level3 Library Nov 4 2013 18:42:29
android/level3/x86/libwvlevel3.a Level3 Library Nov 4 2013 18:41:07
bug: 9374954 MediaDrm haystack based L3 code hardening implementation.
Change-Id: Ifef13900a11e83e4257723d3c6fc7107550882a8
Merge of change https://widevine-internal-review.googlesource.com/7950.
In the OEMCrypto library, it is valid to call LoadKeys with an empty
mac key. The library should not update the mac and enc keys and
should not throw an error.
Since we have seen this behavior in several implementations, a unit
test should be added that verifies the correct behavior.
bug: 11032674
Change-Id: I011ba39c8abc47547226a722143e92dac3f63dc5
In order to run all disabled OEMCrypto unit tests with one gtest
filter, one of them needs to be renamed so it matches the others.
These tests are disabled by default because they install a test
keybox, which would be dangerous on a production device.
Merged from CDM change
https://widevine-internal-review.googlesource.com/7440
bug: 10508973
Change-Id: I9508b133c6500ec28ce8890a4af89f016344b842
Android development of the widevine CDM has been done
on the jb-mr2 branch of the cdm code base. This CL
contains a merge of that jb-mr2 work to CDM master, and
also reflects the evolution of the common Modular DRM
code base since jb-mr2 branched.
Change-Id: I1d7e1a12d092c00044a4298261146cb97808d4ef
Because we do not want to accidentally install a test keybox on a
production device, most of the oemcrypto unit tests are being disabled
by default.
If you wish to run these tests, you can override this choice, by
running:
adb shell /system/bin/oemcrypto_test --gtest_also_run_disabled_tests
This change prompts for and requires positive confirmation before
running the disabled tests on a device that has a non-test keybox
already installed.
Bug: 8907626
Merge of https://widevine-internal-review.googlesource.com/#/c/5531/
from the Widevine CDM repository
Change-Id: Ib8e3605129ebf0861b4af15d04676f7a06cc5b78
The test for refresh keys with a stale nonce was not performed
correctly. It was supposed to test that RefreshKeys fails when the
nonce is stale. However, the nonce in the test was not stale. The reference
implementation did fail, but it failed because the control bits were
in network byte order instead of host byte order. Both of these
problems are fixed in this CL.
This CL changes test code only. The change has already been
communicated with Qualcomm.
bug: 8621521
Merge of https://widevine-internal-review.googlesource.com/#/c/5263/
from Widevine CDM repo.
Change-Id: I0821eff914d1680481006b9b68d49e8f2c5b9cd8
Upgrade to version 2.1 of license protocol in OEMCrypto.
related-to-bug: 8621521
Merge of https://widevine-internal-review.googlesource.com/#/c/4952/
from Widevine CDM repository to android repository.
Change-Id: I0d85dae1981b7525ab17aec5f21cf668d078bf47
bug: 8601053
This import syncs to the widevine git repository change
commit 6a99ad1b59ad39495f62954b3065ddc22b78da49
It includes the following changes from the widevine git
repository, which complete the jb-mr2 features
Fix Unit Test Makefile
Adds support for device certificate provisioning.
Support application parameters
Certificate based licensing
Proto for client files
Implement Property Query API
Add Device Query For Unique ID
Implement Generic Crypto in DrmEngine
Do not validate Key IDs on clear playback
Allow OEMCrypto_DecryptCTR with clear content and no key
Add a case to the MediaDrm API test to repro b/8594163
Implement requiresSecureDecoderComponent
Implement Eventing API
Add end-to-end decryption test with vectors
Refactoring of properties class
Refactor OEMCrypto unittest.
Fix for b/8567853: License renewal doesn't renew license.
Add KEY_ERROR callback to WvContentDecryptionModule() ctor.
Merged certificate_provisioning.proto and
client_identification.proto to license_protocol.proto.
Fix nonce check failure after a malformed key in OEC Mock.
asynchronize decryption
Allow querying of control information
make debugging AddKey & Decrypt statuses easier
Revert "Revert "Send KEY_ERROR event to app on license
expiration or failure""
Revert "Send KEY_ERROR event to app on license expiration
or failure"
Send KEY_ERROR event to app on license expiration or failure
remove extra session id copy
use KeyError constants directly
replace variable-length arrays with std::vector and fixed-sized array
pass session ids as const references
refactor key extraction and update keys on renewal
Updates to enable renewals and signaling license expiration.
fix error constant in OEMCrypto_DecryptCTR
Change-Id: I5f7236c7bdff1d5ece6115fd2893f8a1e1e07c50
