Creates parameterized certificate provisioning tests to prepare for DRM
reprovisioning implementation.
- Create parameterized certificate provisioning test suite.
- Change RETURN_IF_NOT_OPEN macro to call IsOpen instead of checking
the |open_| variable to make mocking of CryptoSession methods easier.
Bug: b/305093063
Merged from https://widevine-internal-review.googlesource.com/188051
Change-Id: Ic1c344af64073a8ff5626530a0864bfeea90fc6e
Creates new token types for the DRM reprovisioning scheme that will be
used by L3 CDMs with baked-in certificates to allow for use of unique
serial numbers.
- Create new `CdmClientTokenType` for DRM reprovisioning in the CDM
core.
- Create a new `ProvisioningType` for DRM reprovisioning in the
provisioning message proto.
- Create new enum value for `DEVICE_EMBEDDED` in DrmCertificate type.
- Update uses of the above to include the new token types.
Bug: b/305093063
Merged from https://widevine-internal-review.googlesource.com/186934
Change-Id: I7e6cc8744b80cbbb624d31e5be1eab1be8a9680f
The output_descriptor parameter of OEMCrypto_FreeSecureBuffer should be
marked as [in,out].
Bug: 321346771
Change-Id: I4ba1a7f0b0f12a068d655a0d0b8b43a0818980dc
An attempt to add feature flags to the widevine service
(b/311951236) caused a memory regression (b/324438957).
Using the static library for feature flags results
in SIGSEGV due to possible clobbering of static libraries
(b/311951236 comment18).
An alternate option is to make libcutils and libc++ shared
Bug: 325483378
Test: WVTS
Change-Id: Id37f80bf8990554fcdd16c1a6401e877231390cb
[ Merge of http://go/wvgerrit/191139 ]
Adding an initial flag that include identifiable differences when
the feature is enabled or disabled.
This is the same commit as ag/25837302. It was reverted due to
memory size issues. A follow on CL will address that issue to
ease review.
Bug: 311951236
Test: WVTS tests
Change-Id: I995fb8f4158b3529c2d19a2ee5fd8beec0019f7c
This CL is created as a best effort to migrate test targets
to the new android ownership model. If you find incorrect or unnecessary
attribution in this CL, please create a separate CL to fix that.
For more details please refer to the link below,
<add g3 doc link>
Bug: 304529413
Test: N/A
Change-Id: I204c137da43a021bcebe316759d1aadaec99fe2a
This reverts commit 10f6252e4d.
Reason for revert: Increase in memory size for android.hardware.drm-service.widevine
Bug: 324438957
Change-Id: I39c9ca1ebc1da6b9997f63082530fc258974c5ec
[ Merge of http://go/wvgerrit/191113 ]
Rikers will replace haystack for L3 protection. Haystack will still
be present to support offline licenses that were downloaded using
haystack in prior releases.
Bug: 262635528
Test: WVTS and unit tests
Change-Id: Idffa0002b2c7694df595fa9cac694806673377b8
[ Merge of http://go/wvgerrit/191139 ]
Adding an initial flag that include identifiable differences when
the feature is enabled or disabled.
Bug: 311951236
Test: WVTS tests
Change-Id: I57a8e05d3b7c0cb6b43cbef022b436330985fe11
[ Partial cherry-pick of http://go/wvgerrit/186230 ]
The removeOfflineLicense() API in the Media DRM plug would attempt
to remove the specified license from L1, then retry L3 if L1 failed
for any reason. This causes error emitted by L1 to be masked by
errors emitted from L3. In particular, if an internal error occurs
on L1 when removing the license, because the plugin would then
try L3 which does not contain the license, the app will receive either
a "does not exist" or "needs provisioning" error from L3.
This CL changes the plugin to first determines which security level
the license exists for. Then only attempts removal on that security
level.
Bug: 301910628
Bug: 291181955
Bug: 296300842
Bug: 302612540
Test: MediaDrmParameterizedTests GTS on bluejay
Merged from https://widevine-internal-review.googlesource.com/187611
Merged from https://widevine-internal-review.googlesource.com/187832
Change-Id: I3d3975f945d2e97cfa9d866baf6ca5cf901f8af5
[ Partial cherry-pick of http://go/wvgerrit/185854 ]
Certain GTS tests do not fully consider restrictions on ATSC devices.
In particular, GTS assumes if there are any key set IDs returned to
the app via the MediaDrm API, then the device must already be
provisioned. ATSC license are special in that they may be available,
but the CDM is not provisioned while outside of ATCS mode.
To work around this assumption made by GTS, we filter out ATSC licenses
returned by getOfflineLicenseKeySetIds() when the device is not in
ATSC mode, and filter out non-ATSC license when it is in ATSC mode.
This is only a soft enforcement mechanism as calling the API with a
valid ATSC license while outside ATSC mode (or a non-TSC license in
ATSC mode) will continue to result in the failures experienced by
certain OEMs.
Bug: 301910628
Bug: 291181955
Bug: 296300842
Bug: 302612540
Test: MediaDrmParameterizedTests GTS on oriole
Merged from https://widevine-internal-review.googlesource.com/187610
Merged from https://widevine-internal-review.googlesource.com/187831
Change-Id: Id1508571ebb5c466f43bca99a2d79dc402a2134f
String obfuscation hides string literals from static analysis but
requires string literals be used inside protected functions.
- Enable string obfuscation for all function groups.
- Change some global `std::string` to `const char[]` to ensure that
the `std::string` is constructed inside a protected function so
that string obfuscation correctly applies to the string literal.
Bug: 270566889
Merged from https://widevine-internal-review.googlesource.com/168485
Merge conflicts were caused by formating changes. Resolved by taking
the newer version.
Merged from https://widevine-internal-review.googlesource.com/169511
Change-Id: Ie7f3e94f89671a34e4792efa174f96a17d713f9e
membarrier_function() for clearing cache in L3 is optional and good to
have. Currently we log it as error if it is not available, which caused
some confusion for CE CDM L3 partners building their own L3.
Also corrected a typo in the function name.
Test: build L3 and run dynamic level3 tests
Change-Id: If20bcb1fe2bace33c43aa178af699f3b190a1fd2
Plugin to provide getPropertyByteArray("deviceSignedCsrPayload")
which returns the signed CSR payload for device registration. It
queries both BCC and device info to be set in plugin before calling this
getPropertyByteArray("deviceSignedCsrPayload") method. The returned csr
payload will be used by assemble the device CSR by the caller for device
registration.
Bug: 286556950
Test: build WV DRM plugin
Merged from https://widevine-internal-review.googlesource.com/178891
Merged from https://widevine-internal-review.googlesource.com/179731
Change-Id: I65d89ed998dd292fc656af2f91f4472c1b5ec33c
This patch adds a new interface that partners must provide to
Cdm::initialize(), ILogger. ILogger replaces stderr as the sink to which
logging messages are sent. For partners that still want to log to
stderr, a reference implementation that logs to stderr is provided.
As a side-effect of this, many test-related source files had to be
updated to thread the new parameter to Cdm::initialize() through them.
This also necessitated adding a new variant of FormatString() that can
be called with a va_list directly so it can be called from other
functions that take varargs.
Bug: 201446862
Merged from https://widevine-internal-review.googlesource.com/177270
Change-Id: Ie31a10162773883b337f3a6144cf180a2b100139
- Initialize allowed_schemes_ since it is used by CreateDefaultResponse.
- Issue was detected by Coverity.
Change-Id: I368c4773f6316b65196aaa39e23e70717299c570
OEMCrypto_ERROR_INVALID_RSA_KEY is deprecated in v17. But
v16 oemcrypto can still return it. Unit test should allow
this error for now.
Test: run_dynamic_oemcrypto_v16.4, run_dynamic_oemcrypto_v16.3
Bug: 307668988
Change-Id: I950b62c8b3e02ea09d4795839a3d69573ab718aa
This CL adds unit tests to verify that the following
forbidden uses of an RSA private key do not work:
- ForbidPrepAndSign -- A cast cert key cannot sign a license
request.
- ForbidUseAsDRMCert -- A cast cert cannot be used with the
DRM cert's padding scheme and it cannot be used to derive
keys from a session key.
- *ForbidRSASignatureForDRMKey* -- A DRM cert key cannot be
used with GenerateRSASignature.
- *OEMCertForbidGenerateRSASignature* -- An OEM cert key
cannot be used with GenerateRSASignature.
Bug: 251875110
Change-Id: Ic2b23e3fd279e878c190a8294078a8d092126a29
This tool will soon be used in LUCI tests. It seemed necessary to
clean it up to make the build cop's job easier if there is a problem.
The following was completed:
* Removed stub for install XML based keyboxes
* This is handled externally
* Improved error checking
* Replace C-style prints with C++ styled prints
* Keybox information is still printed to stdout
* Major erros are printed to stderr
* Updated to follow Google style guide
* Fixed header includes
* Removed unused headers
* Added headers that are used, but were included indirectly
* Ensures OEMCrypto_Terminate() is called
* Particularly if there is an error encountered.
Bug: 299108238
Test: Tested in later CL
Change-Id: Ie6dafc44d050d0c6ae288f88cd5d6f3737d4a88c
The unit test helper function LoadWithAllowedSchemes should
only be used to load a Cast Certificate. So it has been
renamed to make that clear.
The only unit test that used the old function with the
non-cast padding scheme has been removed. A replacement will
be added in the next CL of the chain.
Change-Id: Id4aa2f420435baff664324ee4b3dcb74ab9ffe8a
There was some confusion about which tests loaded a cert and
which ones just used a cert. This distinction is important
when testing devices with a baked-in-cert.
Merged from https://widevine-internal-review.googlesource.com/183333
Change-Id: I3c2b119c3355b3a9190799637ff0860b6153b35b
