[ Merge of http://go/wvgerrit/209871 ]
The filestore unit tests have not been updated in a while, and
contained several test statements which could crash the test
when failed (accessing elements in a vector or characters in a
string without proper size checks). Other parts of the tests
had non-obvious purposes without detailed knowledge of how the
file system works on the different platforms.
Significant parts of the tests have been refactored to include
better checking and to add error messages to explain the
expectations. Several of the tests have been documented, and the
FileSystem header has been updated to explain what the API does.
Bug: 376533901
Test: file_store_unittest on Oriole
Change-Id: I5af9fd2a2ed01aa6186026761c9e0814604ec610
(cherry picked from commit bc4382b075)
[ Merge of http://go/wvgerrit/209611 ]
[Reset crypto session pointers on RemoveKeys](http://go/wvgerrit/189590)
changed the plugin behavior. When RemoveKeys are called the
Provider Session Token present in the license is cleared when
CdmLicense object is reset. This causes a test expectation to
fail. Since SecureStop are slated for removal, we will introduce
a workaround to avoid this expectation check. The work around is to
not expect usage information.
Bug: 339917270
Test: request_license_test (WvCdmRequestLicenseTest.SecureStop_RecoveryTest)
Flag: Test only code
Change-Id: Ib6922372faf0a38b7bf131f699c4626cb2b533d0
[ Merge of http://go/wvgerrit/208470 ]
The MediaDrm plugin API removeOfflineLicense() would check both
L1 and L3 for the offline license. While this is generally acceptable,
apps might force set L3 via the setStringProperty(), which should
cause the DRM plugin to behave as if it is L3 only.
This change will cause the WVDrmPlugin only remove L3 key set IDs while
in L3 mode. L1 key set IDs in this case will be treated as non-existing.
Bug: 357863269
Bug: 372105842
Test: DRM Compliance ATP via ABTD
Test: libwvdrmdrmplugin_hal_test on Oriole
Change-Id: I81dddbacaee28da6c0a94527b0e390e86f55f81f
(cherry picked from commit 0aa6aad1af)
[ Merge of http://go/wvgerrit/208430 ]
The MediaDrm plugin API getOfflineLicenseKeySetIds() was listing
both L1 and L3 offline licenses. While this is generally acceptable,
apps might force set L3 via the setStringProperty(), which should
cause the DRM plugin to behave as if it is L3 only.
This change will cause the WVDrmPlugin list L3 only if the app had
set the security level to L3.
Bug: 357863269
Bug: 372105842
Test: DRM Compliance ATP via ABTD
Test: libwvdrmdrmplugin_hal_test on Oriole
Change-Id: I1a6e10b7eb880eef4ba36ed31b12ebfe8617f002
(cherry picked from commit 26b888b094)
[ Merge of http://go/wvgerrit/207457 ]
When parsing Widevine's HLS key data, the key details are contained
in a data URI in the HLS X-KEY URI field. The data of the URI is a
base64 encoded JSON object, containing the information required to
generate the license request. The "content_id" field of the JSON
object is expected to be a base64 encoded; however, the HLS parser
did not verify that the decoding was successful. In the event that
was not successful, the decoder would return an empty string, which
the parser would attempt to access the first element by reference
which may be a null reference.
In C++, creating a reference from a null point (without actually
accessing the value) is undefined; however most C++ implemenations
will not cause a segment fault; but it is not guarenteed by the
standard.
This change checks if the decoding was successful before attempting
to store the decoded "content_id" value.
A unit test is added to ensure that a parser fails gracefully.
Bug: 356210640
Test: HlsParseTest.BadHlsData_InvalidContentId
Change-Id: Ie2ad42d69953258659178dd1464d830b2723c6c7
This allows Widevine RKP HAL to query BCC signature via DRM interface
during BCC extraction for remote provisioning phase 3. The query returns
the "additional_signature" field from
OEMCrypto_GetBootCertificateChain().
Test: Manual BCC extraction on Pixel 9
Bug: 355160637
Change-Id: I1a310a80c0cfef82ee3697f06c1293d5c1c3896a
[ Merge of http://go/wvgerrit/207790 ]
SPOID is only expected to be stable for L1
Bug: 339917270
Test: CoreIntegrationTest.ProvisioningStableSpoidTest
Change-Id: I34aab2b5f873b643e2cfb3c7ad8c996f2134a48b
[ Merge of http://go/wvgerrit/207720 ]
CertificateProvisioningTests were failing because the expected
filename "cert.bin" was not met. The file path being passed in
on android was "/data/vendor/mediadrm/IDM0/L[1|3]/cert.bin"
Bug: 339917270
Test: CertificateProvisioningTests/CertificateProvisioningTests.ProvisioningResponseSuccess/Keybox
Test: CertificateProvisioningTests/CertificateProvisioningTests.ProvisioningResponseSuccess/OemCert
Test: CertificateProvisioningTests/CertificateProvisioningTests.ProvisioningResponseSuccess/DrmCertificateReprovisioning
Change-Id: I0874b9652d54848d58c202fe197af0da0616e8cd
Merge of https://widevine-internal-review.git.corp.google.com/c/cdm/+/206431
Message to be signed by CAST funciton is supposed to be in a certain
format: "constant prefix + SHA1(message)".
Some of our current CAST tests uses random message which break this
specification. This fixes the input message.
Test: Cast tests with run_fake_l1_tests
Bug: 359893908
Change-Id: I6b318d749971d837f13daa7b147313e8e0b1d3d0
Since the CDM engine handles license releases for CE CDM and Android
differently, this changes the license release test to accomodate for
that.
Bug: 348712053
Change-Id: Ibc768e5d5c31ef8c2226b63dc622ffabfc0591fe
A new set of license data was created on UAT so that we
could have keys that match those in the license returned by
a License SDK and by those generated by UAT.
It should be more clear now which data is just made up, and
which data has to match some golden values based on the made
up data.
Bug: 338323091
Test: WVTS
Change-Id: Ic112b4594afb99c6f43e011f59ee7592d4809189
We are receiving reports from partners in the field that they are
failing the OEMCrypto tests only because the tests assume the BCC will
fit into 5k of memory but their BCC is nearly 8k in size.
This patch increases the buffer to 10k.
Bug: 354834629
Test: x86-64
Merged from https://widevine-internal-review.googlesource.com/204773
Change-Id: I360196518b7651139c003505253d1aed6a0c3907
This is based on a patch submitted by Amlogic.
When we're doing decrypt fallback, either in the CDM or the OEMCrypto
tests, we sometimes fall back to a point where we're synthesizing new
samples and/or subsamples for the content being decrypted. When this
happens and the output buffer is clear, we should limit the size of the
output buffer to only the space needed to hold the output.
Previously, we've been passing the entire output buffer to every call.
This can create a problem if the reason for the fallback is a lack of
enough memory to communicate the buffers to the TA, since the output
buffer will remain the same size as the total output. Restricting the
buffer passed to each call to only the space needed by that call will
reduce the memory requirement.
Bug: 354834629
Test: x86-64
Merged from https://widevine-internal-review.googlesource.com/204810
Merged from https://widevine-internal-review.googlesource.com/204953
Change-Id: I412f43d8f88c72072ef1dd5293436bdb58e500b3
The docs on OEMCrypto_DecryptCENC() weren't updated correctly when we
allowed the (0,0) pattern in v17. This patch brings the header docs
in-line with the handwritten part of the devsite documentation.
Merged from http://go/wvgerrit/204630
Bug: 336330529
Change-Id: Ic6c81d8f04904b83c34fbc0235ebbae8705a4182
[ Merge of http://go/wvgerrit/201577 ]
[ Cherry-pick of http://ag/28133919 ]
VIC specific: No DRM reprovisioning support
The SystemIdExtractor did not properly define behavior when working
with opened/closed CryptoSessions. Due to the CryptoSession's class
dual role of being both a session and a general handle into the
crypto engine, small bugs relying on undefined behavior which happened
to return expected output allowed tests to pass.
This CL makes the following changes:
1) Have SystemIdExtractor verify caller expectations when session is
open.
2) Improved SystemIdExtractor to operate when CryptoSession is opened
or closed.
3) Updates several SystemIdExtractorTest cases to better test defined
behavior without relying on undefined behavior.
4) Better code comments; hopefully some which will help prevent future
misuse of the internal APIs.
Test: system_id_extractor_unittest on Oriole
Test: WVTS on oriole
Bug: 329713288
Change-Id: I65518fe62f43e8060ea752852eb08a3d7132e2a0
