android

Author	SHA1	Message	Date
Rahul Frias	aac1439dea	Merges to android Pi release (part 12) These are a set of CLs merged from the wv cdm repo to the android repo. * Correct error logging Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/40000 ] In tests, we set the cipher list to avoid using insecure ciphers when connecting to the provisioning/license service. The result of setting the cipher list was being incorrectly validated. Bug: 64847919 * Move mips cache headers to clear_cache_function.h Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39700 ] Since the clear_cache function has been moved away from the dynamic adapter, we need these conditional includes to be migrated as well for MIPS. * Comment out Level 3 debug call until merge Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39761 ] This call was introduced in go/wvgerrit/34260/. Since the haystack tool in google3 still needs this merge, this should be commented out so the tool can still build until the merge has finished. * Add logging for MAC keys to mock Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39740 ] Bug: 70637842 * Move external interfaces into level3.h + refactor Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39673 ] As part of b/70523618, this CL moves interfaces that partners are responsible for in Level 3 to level3.h so they can be visible as part of the CDM release process. It also cleans up some of the names of the files and adds documentation. * Corrected close session logging level Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/39676 ] Bug: 69460963 * Remove Security Level Path Backward Compatibility Support Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/39505 ] From the android K release onwards certificates were stored in security level specific directories. If upgrading from previous releases persistent information needed to be moved to those directories. Since no device is likely to upgrade from J to Pi, comptibility support can be removed. Bug: 70160032 * Rename privacy_crypto_openssl To privacy_crypto_boringssl Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37122 ] Now that we no longer support OpenSSL in the Shared Source CDM, the name of this file can be updated. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Remove Conditional Compilation from OpenSSL/BoringSSL Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/39460 ] This change removes the usages of conditional compilation to support both BoringSSL and OpenSSL, as well as to support multiple versions of the OpenSSL API. All code is now compiled against one of the two versions of BoringSSL in third_party/. Note that in some cases, the kit/ and legacy_kit/ versions of BoringSSL had different APIs, so when removing the OpenSSL version compatibility conditional compilation, sometimes the older branch was kept and sometimes the newer branch was kept. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Build CE & Jenkins CDMs With BoringSSL from third_party/ Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37120 ] Up until now, integrators have been responsible for providing a compatible crypto library for use by the CE CDM. (either OpenSSL or BoringSSL) After this change, this decision will no longer be in their hands. The CE CDM build will always use the copy of BoringSSL in third_party/, which will be statically linked with our library with hidden visibility. This allows us to better control what crypto library we use and will prevent continuing problems with trying to support both OpenSSL and BoringSSL. Unfortunately, BoringSSL began using C++11 in mid-2017, and we can't support C++11 right now. Until we can, we need to use a C++11-free version of BoringSSL for libssl. The CDM itself will continue to use a recent BoringSSL, as it only needs libcrypto. But the unit tests that need libssl have to use the legacy version. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Modified RNG for Level3 to use more entropy Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39220 ] Bug: 65165076 Modified seed generation to use an xor of clock_gettime and client-implemented code to supply random seeds to the RNG. Modified the RNG as well to use xoroshiro128+ instead of xorshift, since it uses more than one seed/state (which are 64-bit) and has higher "statistical quality". The default implementations for the seed generation use /dev/urandom. * Configure base path for Level3FileSystem Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39506 ] This is in response to b/70354006. This change makes the Android Level3FileSystem use the existing properties method GetDevicesFilesBasePath for binderization. The same is done for the Linux implementation. * Add legacy_kit/ to BoringSSL Directory Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/38861 ] This adds a second copy of BoringSSL to the third_party/boringssl/ directory. This second copy is pinned to the last revision of BoringSSL not to require C++11 and is not updated by the UPDATE_BORINGSSL.sh script. This second copy will be used to provide libssl to the tests on devices that do not support C++11. Once we support C++11 in the CDM again, this weight should be removed and all targets should use the copy of BoringSSL in the kit/ directory. Bug: 67907873 * Use Shared Libraries for Unit Tests Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/38860 ] Some unit tests were using a statically-linked CDM instead of a dynamically-linked one. (Or, in one case, trying to link both ways into the same binary.) For now, we need to only link dynamically, so that the unit tests and the CDM can use different versions of BoringSSL. Long-term, we would like to test both kinds of linkage. (See b/69548115 for that.) Some unit tests were also using a dynamicaly-linked CDM that was named such that it appeared to be statically-linked. This patch renames some targets to make the linkage clearer. Bug: 67907873 * Change CDM_Backwards_Compatiblity_Tests to dedicated brances Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/39003 ] The build scripts used by CDM_Backwards_Compatiblity_Tests now pull old versions of oemcrypto from the dedicated branches oemcrypto-v, which [will eventually] contain old oemcrypto versions, that build with the current build system with a current boringssl version. bug: 67907873 Fix spacing on level3 header Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/38760 ] * Correct Query status calls Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38640 ] Bug: 70160032 * Refactoring to allow encryption of client ID Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/37460 ] The code has been restructured to allow encryption of client identification in provisioning requests. This will be enabled when server side changes have been made (b/69427217). * Additional information is included in the Client Identification portion of the provisioning request. * Client identification will be encrypted with a service certificate provided by the app/client. Platform changes to enable passing this to core are needed. If a service certificate is not provided, a default one associated with the production Keysmith will be used. * Switched APIs in CdmEngine to take a service certificate for provisioning rather than licensing. Service certificates for licensing are session based and passed as properties from platform code. Bug: 30737060 * Allow some CDM errors to be reported from multiple locations Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38360 ] This creates some CdmResponseType errors which may be reused PARAMETER_NULL, NOT_INITIALIZED_ERROR, REINIT_ERROR. I have made changes to a few classes to report these errors. Will work on additional classes in a separate CL. Bug: 69864404 BUG: 71650075 Test: WV Unit/integration tests Change-Id: Icc048770d424ac537d11ff327cda2cb142da802d	2018-01-16 19:34:30 -08:00
Rahul Frias	1884cf738e	Merges to android Pi release (part 8) These are a set of CLs merged from the wv cdm repo to the android repo. * Android build fixes Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36322 ] * Address android compilation errors and warnings Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36300 ] * Gyp cleanup and OpenSSL v10.1 support. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/36001 ] OpenSSL 10.1 has a small number of incompatible changes. A desktop system upgrade exposed some issue in the build scripts. Specifically, the linux build was using both third_party/protobufs (2.6.1) and the version installed on the system (3.0 in this case). The linux cdm.gyp depended on cdm/cdm.gyp which caused that plus some additional issues. These changes are necessary to support g++ version: g++ (Debian 6.3.0-18) 6.3.0 20170516 Also did some cosmetic rework on run_current_tests to make it easier to figure out what is going on when something fails. Also tweaked some of the compiler settings for g++ support (revisit this later). * Refactored Service Certificate encryption to allow encryption of arbitrary data. Author: Thomas Inskip <tinskip@google.com> [ Merge of http://go/wvgerrit/36141 ] * Send cdm test requests to UAT. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36221 ] This change resolves the all of the CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer tests. The license servers will return different keys and keyids. Sending the request to staging returned key ids and keys that were not matching what was expected in the unit tests. * Fix for building L3 OEMCrypto with clang and libc++ Author: yucliu <yucliu@google.com> [ Merge of http://go/wvgerrit/35740 ] 1. Include <time.h> for time(time_t). 2. Create endian check union on stack. Clang may create const union somewhere else, which may cause crash. Remove error result when a sublicense session does not exist. This is not considered an error. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36080 ] * Set default mock handler for GetSupportedCertificateTypes for all unit tests and removed the use of StrictMock from MockCryptoSession. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35922 ] The handler for this was only set for one test and resulted in a number of failures. * Set default handler for GetHdcpCapabilities. For now the default action is to call the real GetHdcpCapabilities of crypto_session. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36140 ] I also changed the mock to a NiceMock to silence responses to unexpected calls to GetHdcpCapabilities. The default handler can be overridden as needed in the individual tests. This resolves the policy engine test failures. * Finalize merge of cdm_partner_3.4 to master. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35360 ] This is the final set of updates to merge all v3.4.1 changes into master. * Embedded license: Sublicense rotation. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35360 ] Handle sublicense rotation event. * Embedded license: Initial license phase. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/34280 ] Initial license phase - key loading subsession. * Embedded license: generate session data. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/33722 ] Generate session data and add it to the license request for any embedded license material. * Resolve missing symbol when building cd-cdm Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/35840 ] * C++11: Replace OVERRIDE def with override keyword Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/35400 ] BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c	2018-01-16 19:29:39 -08:00
Rahul Frias	41ba5aa745	Don't read from closed sockets [ Merge of http://go/wvgerrit/17958 ] This CL might help diagnose the build bot problem. b/34261498 Test: All unittests other than some oemcrypto, request_license_test passed. Those tests failed with or without this CL. Change-Id: I71e48284b52a1177c6e3b4c9a8bdd12b77cc9f2d	2017-01-12 17:56:59 -08:00
Rahul Frias	b552a133c2	Upgrade TLS version in integration tests [ Merge of http://go/wvgerrit/18295 ] SSL v3 is being disabled across Google infrastructure. Networking code in integration tests used SSL v3 during HTTPS protocol negotiation. Once this is disabled, it will cause integration test failures at staging and UAT license servers. With this change the client will use TLS 1.2. Insecure cipher suites (TLS_RSA_WITH_RC4_128_MD5, TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA) have been disabled as well. b/29356581 Change-Id: I98a04d345fe83c48132b9d79986a21cc84827dc8	2016-06-17 22:28:56 -07:00
Rahul Frias	072cf7e711	Add level 3 libs and address build warnings * Fix strict aliasing error in gcc [ Merge of http://go/wvgerrit/15856 ] This also ensures the alignment of 64-bit memory access in a portable way, without using compiler-specific mechanisms like attributes or platform-specific mechanisms like memalign. (The aliasing error does not show up in clang.) * Return kNotSupported for non-Widevine init data [ Merge of http://go/wvgerrit/15853 ] This also improves logging for the init data parser by including a verbose message for non-Widevine PSSHs and by using a new IsEOF() method to avoid misleading "Unable to read atom size" logs. * Cast RSA_size() to int [ Merge of http://go/wvgerrit/15880 ] It has been suggested that this may be unsigned on some versions of OpenSSL or BoringSSL. * Be strict about warnings for CE CDM [ Merge of http://go/wvgerrit/15831 ] * Enable all warnings and treat warnings as errors in the CE build. * Fix all existing warnings (mostly unused variables, consts, and functions, and one signed/unsigned comparison). * Exclude protobuf warnings rather than maintain a divergent copy. * Fix release build errors [ Merge of http://go/wvgerrit/15855 ] * Level 3 Build With Android Emulator [ Merge of http://go/wvgerrit/15778 ] This CL rebuilds the level 3 libraries with the android emulator sdk_phone_*. This seems to avoid problems with the x86 build using incorrect compiler flags. These libraries work for arm, x86, mips, arm64, and x86_64. The level 3 library is disabled for mips64. Versions: level3/mips/libwvlevel3.a Level3 Library Sep 30 2015 18:29:50 level3/arm/libwvlevel3.a Level3 Library Sep 28 2015 13:18:25 level3/x86/libwvlevel3.a Level3 Library Sep 28 2015 13:08:28 Change-Id: I1e50aa78bdc84ecb905f2e55297d4f48b140341c	2015-10-15 22:50:29 +00:00
Rahul Frias	9d0c8256a2	Support for IPv6 in HTTP socket and BufferReader unittests * Add Apple MD5 support in DeviceFiles [ Merge of http://go/wvgerrit/15544 ] Patch courtesy of Spotify. * Changing vague BufferReader log message [ Merge of http://go/wvgerrit/15515 ] Amending the buffer reader log message for null parameters in the read function to say the type of parameter to help tell the difference between Read2, Read2s, Read4, Read4s, Read8, and Read8s. Bug: 23619044 * Fix HTTP socket tests [ Merge of http://go/wvgerrit/15521 ] This fixes the build on Jenkins. I missed these when I updated HTTP socket because they are not part of the CE CDM test suite. * Update HttpSocket for IPv6 [ Merge of http://go/wvgerrit/15517 ] Previously, HttpSocket made assumptions about IPv4. This CL updates this utility to be agnostic to IPv4 vs IPv6. If our servers start resolving to IPv6 addresses in future, our tests can now handle this transparently. * Removed low level warnings from PSSH [ Merge of http://go/wvgerrit/15489 ] Unneeded warnings in parsing PSSH and in buffer reader were appearing in the logs. LOGW commands were replaced with LOGV. Bug: 23419359 * BufferReader unit tests and hardening. [ Merge of http://go/wvgerrit/15449 ] Added unit tests for public-facing functions. Added protection against null or negative parameters. Bug: 23419008 Change-Id: Ia44100a2d1bafe68986ae9a0793214885b21e61e	2015-10-01 14:32:11 -07:00
Rahul Frias	cdf309b9f4	Reject session clobbering and namespace fixes * Reject session clobbering. [ Merge of http://go/wvgerrit/14634 ] This fixes a bug in I17de92b3e682c9c731f755e69466bdae7f560393 in which sessions can be clobbered by a forced session ID. This bug manifested in subtle test failures which involved repeatedly creating sessions. This was traced to OEMCrypto not being terminated, then upward to a leaked CryptoSession and CdmSession, and then finally to clobbered session IDs. To avoid the bug in future, first, reject duplicate session IDs. Second, change the OpenSession API to make forced IDs explicit. * Fix unit test namespaces. [ Merge of http://go/wvgerrit/14622 ] This fixes some odd errors that occur when linking multiple test suites into one executable. When two object files both contain a definition of wvcdm::MockCryptoSession, for example, one will win silently and cause the other's tests to misbehave and/or crash. The solution is to put all mocks into an anonymous namespace, since each wvcdm::(anonymous)::MockCryptoSession is separate. In order to avoid lots of repetitions of wvcdm:: in the anonymous namespaces, all anonymous namespaces in unit tests now live inside or the wvcdm namespace. This has been done even for tests which are not currently using mocks. * Move timer and timer_unittest to Android. [ Merge of http://go/wvgerrit/14619 ] These are not used anywhere else. Change-Id: I234f31e9b5c79061205728783596ebaff65e0aff	2015-09-28 15:54:22 -07:00
John "Juce" Bruce	a3b0d83d19	Run clang-format on Core This copies over formatting changes from the Widevine CDM repository that resulted from running clang-format with Google style on the shared core/ directory. It also copies over some rewordings of log messages that were made at the same time. Aside from the changed log messages, this should not affect behavior or functionality. Change-Id: I69c57c188f7a79f30fa3517afeed17365929b6b6	2015-03-05 16:46:01 -08:00
Fred Gylys-Colwell	b5e8b87fed	Merge Changes from CDM repository This CL merges the following changes from the Widevine repository: Avoid CdmSession reinitialization https://widevine-internal-review.googlesource.com/#/c/10530/ Fix timer-related unit tests. https://widevine-internal-review.googlesource.com/#/c/10510/ Correct return statement bug: 15590802 https://widevine-internal-review.googlesource.com/#/c/10553/ Usage reporting fixes bug/15388863 https://widevine-internal-review.googlesource.com/#/c/10460/ Make public methods virtual https://widevine-internal-review.googlesource.com/#/c/10500/ Fix the SetTimer contract in the CDM. https://widevine-internal-review.googlesource.com/#/c/10493/ Move inline CDM methods, add OVERRIDE. https://widevine-internal-review.googlesource.com/#/c/10475/ Simplify storage APIs related cleanup. https://widevine-internal-review.googlesource.com/#/c/10473/ Duration values are not correctly reported when queried b/15592374 https://widevine-internal-review.googlesource.com/#/c/10437/ Propagate IsKeyValid() through ContentDecryptionModule. https://widevine-internal-review.googlesource.com/#/c/10483/ Minor clean up in config_test_env. https://widevine-internal-review.googlesource.com/#/c/10440/ General clean up. https://widevine-internal-review.googlesource.com/#/c/10441/ Refactor HttpSocket and simplify UrlRequest interface. https://widevine-internal-review.googlesource.com/#/c/10410/ Install good keybox at end of unit tests b/15385981 https://widevine-internal-review.googlesource.com/#/c/10374/ Privacy crypto fixes b/15475012 https://widevine-internal-review.googlesource.com/#/c/10383/ Incorporate header files to resolve build issued based on customers feedback. https://widevine-internal-review.googlesource.com/#/c/10420/ Support unprovisioning b/12247651 https://widevine-internal-review.googlesource.com/#/c/10356/ Correct usage of Host::Allocate and Cdm::Decrypt. https://widevine-internal-review.googlesource.com/#/c/10378/ Fix logging bug, arguments in wrong order. https://widevine-internal-review.googlesource.com/#/c/10380/ Rename types that look like constants. https://widevine-internal-review.googlesource.com/#/c/10379/ Fix offline test failures b/13909635 https://widevine-internal-review.googlesource.com/#/c/10348/ Add -DUNIT_TEST to the unit test makefile for Android https://widevine-internal-review.googlesource.com/#/c/10375/ Refactor privacy-crypto and add dummy version. https://widevine-internal-review.googlesource.com/#/c/10353/ Remove References to Apiary https://widevine-internal-review.googlesource.com/#/c/9924/ Delete oldest entry in usage table when full bug: 15184824 https://widevine-internal-review.googlesource.com/#/c/10295/ Port DeviceFiles to iOS. https://widevine-internal-review.googlesource.com/#/c/10355/ Make testing functions in DeviceFiles private. https://widevine-internal-review.googlesource.com/#/c/10354/ Add RSA encryption to haystack https://widevine-internal-review.googlesource.com/#/c/10280/ Add string and vector includes to CDM header. https://widevine-internal-review.googlesource.com/#/c/10352/ First version of oemcrypto logging https://widevine-internal-review.googlesource.com/#/c/10252/ Update Names of Secure Stop Methods bug: 11987015 https://widevine-internal-review.googlesource.com/#/c/10152/ Adjust timing on the Usage Table unit test https://widevine-internal-review.googlesource.com/#/c/10307/ Fix all compiler warnings in CDM source release. https://widevine-internal-review.googlesource.com/#/c/10293/ Fix memset bug: args in wrong order https://widevine-internal-review.googlesource.com/#/c/10292/ Partial revert of 'Remove refs to test prov server, Level3 support...' https://widevine-internal-review.googlesource.com/#/c/10281/ Pack structure OEMCrypto_PST_Report https://widevine-internal-review.googlesource.com/#/c/10243/ Remove refs to test prov server, Level3 support; remove dead code https://widevine-internal-review.googlesource.com/#/c/10220/ Partial revert of 'Document data strings; clean up license server parameters.' https://widevine-internal-review.googlesource.com/#/c/10188/ Document data strings; clean up license server parameters. https://widevine-internal-review.googlesource.com/#/c/10120/ Fix broken build after partner branch merge. https://widevine-internal-review.googlesource.com/#/c/10181/ TODO Cleanup - core/src, core/include https://widevine-internal-review.googlesource.com/#/c/9965/ TODO Cleanup - cdm, chromium, core/test. https://widevine-internal-review.googlesource.com/#/c/9419/ Remove unneeded properties. https://widevine-internal-review.googlesource.com/#/c/10162/ Change-Id: If2bb9d743a562a3875bebb91933c0aaadea286b2	2014-06-27 18:59:56 +00:00
Jeff Tinker	0190f99fb3	Migration from jb-mr2 to master for Widevine CDM Android development of the widevine CDM has been done on the jb-mr2 branch of the cdm code base. This CL contains a merge of that jb-mr2 work to CDM master, and also reflects the evolution of the common Modular DRM code base since jb-mr2 branched. Change-Id: I1d7e1a12d092c00044a4298261146cb97808d4ef	2013-07-29 17:29:07 -07:00
Jeff Tinker	4cf8594a87	Replaces staging provisioning server url with production server url The default provisioning server url now points to the production server. Also switches to the real field provisioning system ID that works only on the production servers, and updates the unit tests to work properly with the prod servers. Bug: 8724358 Merge of: https://widevine-internal-review.googlesource.com/#/c/5270/ https://widevine-internal-review.googlesource.com/#/c/5550/ https://widevine-internal-review.googlesource.com/#/c/5321/ https://widevine-internal-review.googlesource.com/#/c/5501/ from the Widevine CDM repository Change-Id: Iff1d7349c6a84bf30c6cdd534933ae747d5cff55	2013-05-09 15:54:33 -07:00
Jeff Tinker	1a8aa0dd05	Initial import of Widevine Common Encryption DRM engine Builds libwvmdrmengine.so, which is loaded by the new MediaDrm APIs to support playback of Widevine/CENC protected content. Change-Id: I6f57dd37083dfd96c402cb9dd137c7d74edc8f1c	2013-03-22 11:14:17 -07:00

12 Commits