Merge from widevine of go://wvgerrit/14173
This CL updates the android makefiles to use the libcrypto_static.
Change-Id: I74567ff880ebdce366766a9ab44c92cc9540b8db
Implements the optional setMediaDrmSession() method. To enble this,
support was added to the core to report if a session ID is valid.
As a consequence of this, in the tests for the CryptoPlugin,
construction of the plugin must be deferred until all gMock
expectations are set, as construction now calls into the CDM core.
This is a merge of two changes from the Widevine CDM repo:
http://go/wvgerrit/14083
Allow Setting of Session ID
http://go/wvgerrit/14085
Check If Session ID Is Valid When Changing CryptoPlugin IDs
Bug: 19570317
Change-Id: I7dbd777ce6efebd71fdb5e602663a0e35a48a9c4
This change:
1) Switches the Makefiles over to using LOCAL_STATIC_LIBRARIES, which I
understand is the new hotness, rather than setting a -I flag directly.
2) Switches to the non-deprecated _ex versions for EVP_EncryptFinal.
3) Uses the EVP_PKEY interface for checking PSS signatures. This is the
only supported interface in OpenSSL: the PSS padding check functions are
only exported in upstream OpenSSL because it's a library from the 90s
and they don't have a concept of "unexported". Also, by using the EVP
functions, OpenSSL/BoringSSL can do a better job of being constant-time.
Since there aren't any obvious tests for checking that the signtaure
verification still works, I tested with the code in the referenced
paste, which includes both the old and new verification functions and
checks that they both work on a sample signature. (And I also checked
that they both fail when a bit in the signature is changed.)
https://paste.googleplex.com/5747976139964416
Change-Id: Iae7409c53eeea9c3892a32c180d7181d72467dcb
* Replace an stlport static assert with a C++11 static_assert.
* Move some libraries that were being built with the NDK but
statically included into platform code off the NDK.
* Rebuild the obfuscated binaries to use the new STL.
* Remove MIPS support temporarily due to an inability to generate
obfuscated binaries for it. (To be fixed in b/19482469.)
Bug: 15193147
Change-Id: Icc166583b0c6af68550baf17ab8c33076a1179d3
This project is still using stlport (without telling the build system
about it), which was causing (broken) stlport headers to override
libc++ headers, leading to a broken copy of std::enable_if, which in
turn caused <atomic> to fail to compile. Since this project has
prebuilts that will need to be updated before this project can
actually move away from stlport, tell the build system that it is
still using stlport for now.
Bug: 18433002
Change-Id: I38b356428977ed2184eb28a07bd5e7424a4ace8d
(This is a port of http://go/wvgerrit/11556 from the Widevine CDM
repo.)
This wires up the new method on the crypto interface with the core
code that handles the max-res decode.
Bug: 16034599
Change-Id: Id2ea5635bf732eabf1fd33712ff8bab6cf1a1745
This change updates gMock to the new release, 1.7.0. This is
necessary for Android, as Android Master has updated their gTest to
1.7.0, and we must always use the matching version of gMock.
This should not break any existing tests, as 1.7.0 is
backwards-compatible with 1.6.0 code in nearly all cases. There are
a few bugfixes around being too generous with type coercion in
EXPECT_THAT() and ASSERT_THAT() that could break code that was
accepted by the compiler before but was never technically safe.
For a full list of changes, including all the awesome new matchers
you can now use in your tests, see CHANGES, which is included from
gMock unchanged.
For a full list of modifications made to allow this to work on
Android Master, see the updated README.android.
No changes to the GYP files were necessary as part of this upgrade.
Change-Id: Ib1445044e78c9fe0cf16031d544577d65ebbf6df
During session sharing, when a sample contains both clear and encrypted
subsamples, subsample flags would on occasion be set incorrectly. Clear
subsamples would be sent to the current session, while encrypted ones
would incur a key id to session lookup and be sent to the appropriate session.
The sessions would then receive decrypt calls with subsample flags
incorrectly set.
In order for this to work correctly all subsamples within a sample need to be
sent to the same session. This requires that key ids be specified and
checked if at least one of the subsamples is encrypted. If however none of
the subsamples are encrypted then a valid key id may not have been provided
to MediaCrypto, and the subsamples may be sent to any session.
In order to support this, the CDM decrypt will now allow the caller to
specify whether to validate the key Id.
Then a check is added to wvcrypto determine whether to ask the CDM to
validate the key ID based on the clear/encrypted states of the subsamples.
The list of subsamples is already being preprocessed, so this
additional check just determines if any subsamples are encrypted, and sets
the validation flag appropriately.
b/11967440
Merge of https://widevine-internal-review.googlesource.com/#/c/8510/3 and
https://widevine-internal-review.googlesource.com/#/c/8520/2 from the
widevine cdm repo.
Change-Id: If65c36a31e56b69f514f0cc547a0becf0c54c40a
Merge of https://widevine-internal-review.googlesource.com/#/c/8263
from the Widevine repo.
Changes the behavior of requiresSecureDecoderComponent() to query the
session for whether a lowered security level has been requested
before querying the system to see what its default security level is.
As part of this, we added a new QuerySessionStatus() method to the
CDM that gets status info on a session-specific level, such as the
effective security level of a session.
Bug: 11428937
Change-Id: I5549a2fdd400cc87f567d27fcf74c473451093d6
1. add missing checks to set the overall result when some tests fail
(to verify b/10528466)
2. Fix test result on L1 devices where we can't hash the decrypt result
due to inaccessible memory buffers.
3. Configure the codec with a surface to avoid codec errors on L1 devices
b/10528466
Merge of https://widevine-internal-review.googlesource.com/#/c/7510/
from the widevine CDM repo
Change-Id: I5c7ef5ce802cc4ff63f62524ef2120fb671920f4
This merges the following changes from the Widevine CDM repository:
564f4cc Add CdmClientPropertySet to CDM
Adds an interface to the CDM that allows it to query its client for
certain properties. In this case, this includes the ability to
specify what security level is desired, as well as support for
service ceritifcate privacy mode.
9cfbd3e Force Level 3 fallback
Adds support for voluntarily invoking L3 crypto to the OEMCrypto
wrapper.
95d12c1 Add pointer to CdmClientPropertySet class to OpenSession.
Adds support for storing the property set on a session-by-session
basis and choosing the appropriate crypto level.
17de442 Add Settable Properties for Clank to Android
Adds support for setting the aforementioned properties to the
DrmEngine
bbe704d Fixes to force fallback to level three security
Corrections to invoke provisioning, OEMCrypto API with configured
security level rather than the default. Unit tests were also revised.
Note that some parts of this are also support for the ability to use
a service certificate-based privacy mode. The remaining code for
supporting this mode is still forthcoming.
Bug: 10109249
Change-Id: I2755e4dea1de3e8a56cff237360298f7b7f1bddc
This merges change 43c7fda (Do Not Obscure wvcdm::NEED_KEY) from the
Widevine repository. After this change, decrypt calls will return
ERROR_DRM_NO_LICENSE if the CDM returns NEED_KEY.
Bug: 10157154
Change-Id: I97b3a3990abeebb620ee4925fabf5c4261d968c4
This merges the following changes from the Widevine CDM repository:
bef58bc Add new error codes
Adds new error codes to OEMCryptoCENC.h and rearranges it to more
closely match the documentation.
5fcfbca Handle OEMCrypto_ERROR_INSUFFICIENT_RESOURCES on Decrypt
Changes the CDM to support the new errors from the previous change.
d59c09d Report Insufficient Crypto Resources
Changes the DrmEngine to support the new errors from the previous
change.
1085a21 Respond to Too Many Keys or Sessions Errors
Allows errors around having too many keys or sessions to result in
a unique error in the CDM.
Bug: 9695816
Change-Id: I826bc655109fa57e4f75de7158d7f392053666b1
This merges the following changes from the Widevine CDM repository:
1a72a7e Combine utility code into single library on Android
Combines several previously-separate files into a static library,
libcdm_utils, so that it can easily be used by both CDM and
OEMCrypto.
8c4d04d Install Keybox
If the keybox has not been installed, install it from
/factory/wv.keys.
Bug: 9972451
Change-Id: I8688ecd0adcf321e0c7d0faf55dd10f3910c12ec
bug: 8621521
This fixes a problem where insecure audio buffers were being
passed incorrectly as secure buffers to the trusted
environment's OEMCrypto_DecryptCTR.
This is a merge of the following changes from the widevine
git repository to android git repository:
https://widevine-internal-review.googlesource.com/#/c/5163/2
Allow selection of secure/non-secure buffers
https://widevine-internal-review.googlesource.com/#/c/5164/
Pass Secure Buffer Request to CDM
Change-Id: Iec1192a216305c6cf92c359b15b148eccc6ce6ce
Upgrade to version 2.1 of license protocol in OEMCrypto.
related-to-bug: 8621521
Merge of https://widevine-internal-review.googlesource.com/#/c/4952/
from Widevine CDM repository to android repository.
Change-Id: I0d85dae1981b7525ab17aec5f21cf668d078bf47
WVCryptoPlugin was not properly implementing part of its responsibilities to
AES-CTR in ISO-CENC. Specifically, it was not incrementing the IV after each
block.
Also, I have greatly expanded the unit tests for decrypt() to catch more edge
cases.
This change fixes the two failing test vectors in the Java integration tests.
Copied from https://widevine-internal-review.googlesource.com/#/c/5123/2
Bug: 8656421
Change-Id: If935edbf01068f5b0d5254b4e657057ef57d8fcf
Removes the status query from WVCryptoPlugin's decrypt method. It was not
providing any additional security since it was not cryptographically secure,
and querying status is an expensive operation on some devices. It should not
be done on a frequent basis, such as in every decrypt call.
Bug: 8667365
Merge of https://widevine-internal-review.googlesource.com/#/c/5121/
from widevine CDM repository to android repository.
Change-Id: Id9a877c5655cb8dbee7e97f983d43ec2ab6acc6e
Reworks the error message reporting that was just added to WVCryptoPlugin so
that it reports detailed error messages to the app (because the error codes
cannot be relied upon to reach the app intact) and so that it always reports
custom errors so that the detailed error message is passed to the app.
Bug: 8621516
Merge of https://widevine-internal-review.googlesource.com/#/c/5031/ from
widevine git to android git.
Change-Id: Id7a517fb6e4e772ffea4c779a8ee52b357345a08
Adds more meaningful error reporting where possible to the DrmEngine. Adds
translation of CDM and OEMCrypto errors to Android errors.
Bug: 8621516
Change-Id: Ibab8a8711c3929ed72870ec7e138cd42358d9fb3
bug: 8601053
This import syncs to the widevine git repository change
commit 6a99ad1b59ad39495f62954b3065ddc22b78da49
It includes the following changes from the widevine git
repository, which complete the jb-mr2 features
Fix Unit Test Makefile
Adds support for device certificate provisioning.
Support application parameters
Certificate based licensing
Proto for client files
Implement Property Query API
Add Device Query For Unique ID
Implement Generic Crypto in DrmEngine
Do not validate Key IDs on clear playback
Allow OEMCrypto_DecryptCTR with clear content and no key
Add a case to the MediaDrm API test to repro b/8594163
Implement requiresSecureDecoderComponent
Implement Eventing API
Add end-to-end decryption test with vectors
Refactoring of properties class
Refactor OEMCrypto unittest.
Fix for b/8567853: License renewal doesn't renew license.
Add KEY_ERROR callback to WvContentDecryptionModule() ctor.
Merged certificate_provisioning.proto and
client_identification.proto to license_protocol.proto.
Fix nonce check failure after a malformed key in OEC Mock.
asynchronize decryption
Allow querying of control information
make debugging AddKey & Decrypt statuses easier
Revert "Revert "Send KEY_ERROR event to app on license
expiration or failure""
Revert "Send KEY_ERROR event to app on license expiration
or failure"
Send KEY_ERROR event to app on license expiration or failure
remove extra session id copy
use KeyError constants directly
replace variable-length arrays with std::vector and fixed-sized array
pass session ids as const references
refactor key extraction and update keys on renewal
Updates to enable renewals and signaling license expiration.
fix error constant in OEMCrypto_DecryptCTR
Change-Id: I5f7236c7bdff1d5ece6115fd2893f8a1e1e07c50
This change incorporates the following CLs from the Widevine
cdm repository:
Update the java request/response test app to match Drm API changes
Don't build the mock liboemcrypto.so by default
Do not build CDM tests by default
Fix Build Break in DrmEngine Unit Tests
Fix Build Break in WVDrmPlugin
Initial version of roadmap for CDM projects.
Implement License Query
Implement Generic DRM in OEMCrypto Reference Implementation
Add key_data_length field when calling OEMCrypto_LoadKeys
Policy engine unittests
Generalized DRM API for OEMCrypto
Fixes proto buf libraries build.
Add Version Number to OEMCrypto API
Test key control block duration field in OEMCrypto
Add fix for missing crypto offset.
Fixed android/media*/test builds and added proto files for Cert. provisioning
Refactor and clean up callback code in CDM.
Add "device_id" name-value pair to LicenseRequest::ClientIdentification
Separate unit and end-to-end tests from the top level makefie.
Includes changes for 'fall back to l3 oemcrypto lib' in top level makefile.
Fall Back to Level 3 if Level 1 Fails
Fix compilation error in wvcdm_unittest.
Fix Android build break due to Decrypt() signature change in cdm_engine.h.
Wire up callbacks and errors in the Steel proxy.
Fix lock assert if there is no keybox on the device.
RSA Certificate Unit Test
Change Generic_Verify signature to constant.
Change-Id: I2e42db9d0b4f8d4e833675ae81d0714509bbfd2c
Builds libwvmdrmengine.so, which is loaded by the new
MediaDrm APIs to support playback of Widevine/CENC
protected content.
Change-Id: I6f57dd37083dfd96c402cb9dd137c7d74edc8f1c
