Merge from Widevine repo of http://go/wvgerrit/41784
To avoid a seg fault, WithClientId will quit as soon as we find
usage_info is empty.
test: run unit tests (with no wifi to force failure)
bug: 72457799
Change-Id: I250538e750e14ed5780572a69360c8ec304e2554
These are a set of CLs merged from the wv cdm repo to the android repo.
* Make Android NDK Builds Work With Latest BoringSSL
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37000 ]
The latest updates to BoringSSL require C99 or later. Our NDK-based
builds (OEMCrypto Variants & Fastball) were not specifying a C standard.
This patch adds compiler flags so that C files are compiled as C11 now.
Note that this is about the *C* standard in use, not the *C++* standard,
which this patch leaves untouched.
BUG: 67907873
Test: build_android_mock.sh
* Update BoringSSL to f7412cb072cc6b1847140e0c4f8b3ceeccd0e708
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/36761 ]
This is the result of running UPDATE_BORINGSSL.sh. Future runs of this
script should produce much smaller sets of changed files, but because
the BoringSSL revision already in this directory was so old and
contained many extraneous files from the Android operating system, the
set of changed files is extensive this time.
BUG: 67907873
* Refactoring the build files.
Author: Vasantha Rao Polipelli <vasanthap@google.com>
[ Merge of http://go/wvgerrit/37041 ]
Move all common build dependencies to .gypi so that all fuzz test
binary targets can be added to .gyp file without repeating code.
* Introduce service certificate request property
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36941 ]
Platforms differ on whether they allows service certificates to be
requested if privacy mode is enabled and a certificate is not present.
This property allows behavior to be configurable.
Generating the service certificate request will be introduced
in a follow on CL.
BUG: 68328352
* Deprecate using keyboxes as identification
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36740 ]
Previously some platforms supported using keyboxes rather than
certificates as the identification tokens in the license request
message. All platforms that share core CDM code of the master branch now
either provision using a keybox and use a DRM certificate or an
OEM certificate as identification. No future usage of keyboxes
as identifying tokens is planned.
Since the platform property use_certificates_as_identification
is always set to true, the negative code paths are never taken and
can be removed.
* OEMCrypto_GenerateSignature API Fuzz Test.
Author: Vasantha Rao Polipelli <vasanthap@google.com>
[ Merge of http://go/wvgerrit/36863 ]
- The first automated API fuzz test.
- Also sumitting the corpus for the API fuzzed.
* Add Script to Update BoringSSL from Source
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/36760 ]
Adds a script to third_party/boringssl/ that, when run, deletes all the
auto-generated files in the generated/ directory and regenerates them
from scratch, starting from the latest public HEAD of BoringSSL.
Bug: 67907873
* Fix Fastball / OEMCrypto Variant BoringSSL Makefiles
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/36926 ]
Previously, when moving the BoringSSL source within the tree, I was not
able to verify that I had not broken the NDK-compatible makefiles used
by Fastball because that build is broken on master. I had to make a
best-guess as to how they should be updated and hope.
Now, however, I have been informed that the OEMCrypto Variants also use
these makefiles, and I have been able to use that build to find where I
broke them and get them fully working.
Bug: 67386164
Test: build_android_mock.sh
* Add kit/ to BoringSSL Include Path for Fastball & OEMCrypto Variants
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/36925 ]
When I moved the BoringSSL source in the tree, I updated the Android.mk
files that pointed to it in order to build it. I did not realize that
some makefiles outside that directory also contained hardcoded pointers
into that directory. These references broke after the move. This patch
fixes those paths to point to the new BoringSSL location.
Bug: 67386164
Test: build_android_mock.sh
* OEMCrypto Unit Test Refactor.
Author: Vasantha Rao Polipelli <vasanthap@google.com>
[ Merge of http://go/wvgerrit/36562 ]
Refactoring OEMCrypto Tests so the Session Utility test code can be reused in fuzz tests.
* Reorder license server config table to match ids
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36743 ]
* Separate Hand-Written BoringSSL Files from Downloaded/Generated Ones
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/36561 ]
I want to make updating BoringSSL as simple as possible for us going
forward. A future commit will add a script that automatically downloads
and sets up the latest version of BoringSSL. To facilitate this script,
a clear distinction needs to be made between the files that can be
downloaded with / regenerated from the BoringSSL source and the files
that are maintained by us by hand.
The version of BoringSSL in this change is exactly the same as the one
already in this directory. It has just been moved one folder deeper.
Bug: 67907873
* Remove BoringSSL Symlinks, They Are Confusing Gerrit
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/36560 ]
There are some symlinks in the current copy of BoringSSL that are
causing headaches when I try to upload future changes to Gerrit. These
were inherited from the Android OS and are not used by our build
anywhere. They would be wiped out when I update BoringSSL anyway, but
wiping them out in a separate change before I upload any other changes
avoids confusing Gerrit.
Bug: 67907873
* Add group master key id to support sublicense master
key rotation, and content identification.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36180 ]
* OEMCrypto Fuzzer test framework
Author: Vasantha Rao Polipelli <vasanthap@google.com>
[ Merge of http://go/wvgerrit/36280 ]
- Adding a sample fuzz test.
- Adding build scripts for building the new Fuzz Tests to come.
Design doc: go/oemcrypt_ref_impl_fuzz
* Build Mod Mock with C++ 11
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/36328 ]
This should fix the android oemcrypto mock build:
http://go/wvbuild/job/Android_OEMCrypto_Variants
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: Ic4d5be3118ef97e3f7d386149a2b5d9be8f0a87e
These are a set of CLs merged from the wv cdm repo to the android
repo.
* Android build fixes
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36322 ]
* Address android compilation errors and warnings
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36300 ]
* Gyp cleanup and OpenSSL v10.1 support.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/36001 ]
OpenSSL 10.1 has a small number of incompatible changes.
A desktop system upgrade exposed some issue in the build scripts.
Specifically, the linux build was using both third_party/protobufs (2.6.1)
and the version installed on the system (3.0 in this case). The linux
cdm.gyp depended on cdm/cdm.gyp which caused that plus some
additional issues.
These changes are necessary to support g++ version:
g++ (Debian 6.3.0-18) 6.3.0 20170516
Also did some cosmetic rework on run_current_tests to make it easier
to figure out what is going on when something fails.
Also tweaked some of the compiler settings for g++ support (revisit
this later).
* Refactored Service Certificate encryption to allow encryption of arbitrary data.
Author: Thomas Inskip <tinskip@google.com>
[ Merge of http://go/wvgerrit/36141 ]
* Send cdm test requests to UAT.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36221 ]
This change resolves the all of the
CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer
tests.
The license servers will return different keys and keyids.
Sending the request to staging returned key ids and keys that were
not matching what was expected in the unit tests.
* Fix for building L3 OEMCrypto with clang and libc++
Author: yucliu <yucliu@google.com>
[ Merge of http://go/wvgerrit/35740 ]
1. Include <time.h> for time(time_t*).
2. Create endian check union on stack. Clang may create const union
somewhere else, which may cause crash.
* Remove error result when a sublicense session does
not exist. This is not considered an error.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36080 ]
* Set default mock handler for GetSupportedCertificateTypes
for all unit tests and removed the use of StrictMock from
MockCryptoSession.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35922 ]
The handler for this was only set for one test and resulted
in a number of failures.
* Set default handler for GetHdcpCapabilities. For
now the default action is to call the real
GetHdcpCapabilities of crypto_session.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36140 ]
I also changed the mock to a NiceMock to silence
responses to unexpected calls to GetHdcpCapabilities.
The default handler can be overridden as needed in
the individual tests.
This resolves the policy engine test failures.
* Finalize merge of cdm_partner_3.4 to master.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35360 ]
This is the final set of updates to merge all v3.4.1
changes into master.
* Embedded license: Sublicense rotation.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35360 ]
Handle sublicense rotation event.
* Embedded license: Initial license phase.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/34280 ]
Initial license phase - key loading subsession.
* Embedded license: generate session data.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/33722 ]
Generate session data and add it to the license request for
any embedded license material.
* Resolve missing symbol when building cd-cdm
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35840 ]
* C++11: Replace OVERRIDE def with override keyword
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35400 ]
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c
These are a set of CLs merged from the wv cdm repo to the android repo.
* Correct RELEASE_ALL_USAGE_INFO_ERRORs
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28742 ]
RELEASE_ALL_USAGE_INFO_ERROR_4 and 5 were introduced and made use of in
http://go/wvgerrit/24022 (branch: oc-dev). The error code definitions
were merged over in http://go/wvgerrit/24602.
When http://go/wvgerrit/24622 from cdm_partners_3.2 was merged to master
(http://go/wvgerrit/27723) there was conflict in error codes. The error
codes were adjusted to RELEASE_ALL_USAGE_INFO_ERROR_3 and 4
and were made use of.
To avoid renaming the errors between oc-dev and master, new errors
RELEASE_ALL_USAGE_INFO_ERROR_6 and 7 have been added to handle the
scenarios noted in the merge from cdm_partner_3.2. The other
errors have been reverted back to RELEASE_ALL_USAGE_INFO_ERROR_4 and 5.
They will be used when http://go/wvgerrit/24602 is merged.
* Address compilation issues
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28740 ]
These changes enable compilation of most of the cdm code on android
expect for OEMCrypto unit tests (b/62739406) on wv master.
* Add property for binary/base64 provisioning msgs.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28074 ]
Property is "provisioning_messages_are_binary". Its default setting is
false in the CE CDM, but it can be overridden by integrators.
Added section to integration guide that discusses Provisioning Server
message formats and the new property.
Link: https://docs.google.com/document/d/1cBVbhgrajLpDe2W3_vzLzUqzpdDt73chvm4_sZlZlS8/edit#heading=h.hgxw53ddw7jo
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I9168193819974d1ff65d9a94dbd762e45ecc43ca
Below are a set of CLs being merged from the wv cdm repo to the android repo.
* Fix handling of OEM Cert public key.
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/27921 ]
This is a potential fix for b/36656190. Set aside public
key on first call to get the public key, and use it afterwards.
This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(),
which has side-effect of staging the OEM private key.
This also fixes a problem where the public cert string was
not being trimmed to match the size returned by
OEMCrypto_GetOEMPublicCertificate().
* Complete provisioning request/response for Provisioning 3.0
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Fix bug on provisioning request path where GenerateDerivedKeys()
was being called when preparing to generate the signature.
Add message signature verification, and call correct OEMCrypto
routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30).
* Implement Cdm::deleteAllUsageRecords()
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Delete all usage records for current origin. Removes usage
records from file system and retains the PSTs. The deletes
any usage entries matching those PSTs held by OEMCrypto.
BUG: 35319024
* Remove stringencoders library from third_party.
Author: Jacob Trimble <modmaker@google.com>
[ Merge of http://go/wvgerrit/27585 ]
We have a fork of the stringencoders library that we use for base64
encoding. This reimplements base64 encoding to remove the extra
dependency and to reduce the amount of code.
* Add Cdm::deleteUsageRecord() based on key_set_id.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27605 ]
Delete specified usage record from file system usage info and
from OEMCrypto.
BUG: 35319024
* Modifiable OEMCrypto
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/24729 ]
This CL adds a new variant of the OEMCrypto mock code that adjusts its
behavior based on a configuration file. This is intended for
testing.
For example, a tester can set current_hdcp to 2 in the options.txt
file, push it to the device, and verify that a license is granted for
HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and
push the file to the device. Playback should stop because the license
is no longer valid.
This variant uses a real level 1 liboemcrypto.so to push data to a
secure buffer. That means we can test playback for a license that
requires secure buffers on an Android device with real secure buffers.
BUG: 35141278
BUG: 37353534
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I58443c510919e992bb455192e70373490a00e2b6
This is part one of a mult-part change to revise some metrics. Several
metrics are currently EventMetric type when they should be a simpler
type.
Test: Added unit tests for the new types. Also, re-ran existing tests.
Verified playback works with Google Play, and re-ran Widevine GTS tests.
Bug: 36220619
Change-Id: I2ec8fc355f66ad4834dd722aacd22541fb9c94ad
(This is a merge from http://go/wvgerrit/30220)
Previously, extracting the system ID was only supported on Keybox-based
systems. This patch adds support for extracting the system ID from the
OEM Certificate chain on Provisioning 3.0 devices. This is done by
getting the Widevine intermediate cert from the chain, finding the
Widevine System ID extension in that cert, and extracting the value.
The code that does the extraction is separate from any code that calls
OEMCrypto so that it can be unit-tested in isolation. This patch adds a
crypto_session_unittest test to do this unit-testing.
Bug: 34776194
Test: crypto_session_unittest
Change-Id: I3e273968208fb31ae6019ccc383b419625d1ae22
[ Merge of http://go/wvgerrit/29004 ]
Enable support for provisioning with OEM certificates as root of
trust.
b/62972441
Test: WV unit/intgration test, cdm_feature_test and GTSMediaTestCases
Change-Id: I30576fc0bb68a873eeaaca03f6b9c89fa6a14327
This fixes a problem where a CdmEngine instance (and its sessions) could
be closed before its metrics could be collected. The change allows the
wv_content_decryption_module to extract metrics from instances about to
be closed. These are held until reported to the caller.
Test: Manually verified that collection is now occurring correctly. Also
added unit test: wv_cdm_metric_test.
This is a merge from wvgerrit/29069
Change-Id: If82bfd5cae3b72b9d14ab4741424a7ae7cc0a3a6
Tradefed needs these tests to be in the /DATA directory.
Test: cd vendor/widevine && ./build_and_run_all_unit_tests
All tests should build and pass.
make tests
unzip android-tests.zip and verify all tests located in DATA/bin
Bug: 62055647
Change-Id: I35925e29558561c4726bb2249499bfee4e54cf45
[ Merge of http://go/wvgerrit/26421 ]
* Corrects usage_table_header lifetime management. Earlier the
UsageTableHeader class was a singleton tied to the CdmEngine lifetime.
With SPOIDs there might be multiple concurrent CdmEngine objects.
The UsageTableHeader class is now associated with OEMCrypto
lifetime. There are two UsageTableHeader objects one for each L1 and L3.
These get allocated/deallocated on OEMCrypto Initialization/Termination
respectively.
* UsageTableHeader requires OEMCrypto, file read/writes and
metric gathering to perform its required functionality. Because of the
lifetime changes, CryptoSession, DeviceFiles and MetricsGroup objects
need to passed to the methods rather than at Creation time.
* Miscellaneous fixes, when moving or deleteing entries.
* Adds usage_table_header_unittests.
* Addresses failures with request_license_test with secure stop in L3.
b/36858906
b/36855557
b/36048120
b/38341136
b/37100505
b/35946047
Test: Verified by unit and integration tests. Added new
usage_table_header_unittests
Change-Id: I20e396ab2c0afbd14372dd93b969e5b0f1ccd291
(This is a merge of wvgerrit/24922)
This contains several fixes and improvements to the
build_and_run_all_unit_tests.sh and run_all_unit_tests.sh scripts:
* All tests are now identified as vendor binaries and thus are stored in
the /vendor/bin/ directory instead of /system/bin/. Previously, some
tests had moved to /vendor/bin/ but the scripts had not been updated,
causing these tests to fail to run.
* The -j parameter can now be passed to build_and_run_all_unit_tests.sh,
for those who want to speed up their build by using multiple cores.
* The 64-bit library directories are now added to the library search
path, in anticipation of devices with 64-bit DRM Plugins.
* Checking for Verity protection is now done in
build_and_run_all_unit_tests.sh (which is the script that actually
modifies the file system) instead of just in run_all_unit_tests.sh.
* The library search path is no longer set unnecessarily for
libwvdrmengine_hidl_test.
* The Treble-only tests and non-Treble-only tests now only run on
devices that meet their respective criteria.
Bug: 36071236
Test: Ran build_and_run_all_unit_tests.sh
Change-Id: Iea236880c4445858111c801dfa278a528bca0f6c
Merge from Widevine repo of http://go/wvgerrit/23842
This CL updates the android make files and test scripts to include the
two new unit test suites in metrics/test.
Change-Id: Ie31bdc3ae3709ab116d2a340ee5b55c7c12d1d33
[ Merge of http://go/wvgerrit/23380 ]
The service certificate was setup correctly if specified in mediadrm
properties. If instead the service certificate was later fetched from
the license service, it would not be marked as valid. This led to an
infinite loop of service certificate fetches and processing. This
prevented the license from being fetched and playback failures.
b/34638410
Test: Verified by new service certificate unittests + Hulu playback
using fugu.
Change-Id: I2a4f8754614fccdad3c80d3e13fba0b44d177d61
Merge from Widevine repo of http://go/wvgerrit/23180
The previous CL removed entry_writer_test and
circular_buffer_test. This CL updates the android build and run alll
unit test scripts.
Change-Id: Ib41046d0f224899f4d1d2742f07c030f7ce6b084
This CL merges several CLs from the widevine repo:
http://go/wvgerrit/18012 Add support for querying allowed usage for key.
http://go/wvgerrit/17971 Add per-origin storage.
http://go/wvgerrit/18152 Add OEMCrypto's generic crypto operations to CDM.
http://go/wvgerrit/17911 QueryKeyControlInfo => QueryOemCryptoSessionId
Note: numbering in wv_cdm_types.h was added in this CL and will be
back ported to wvgerrit in a future CL.
Change-Id: Idb9e9a67e94f62f25dc16c5307f75a08b3430b64
Merge of http://go/wvgerrit/17652
This CL changes the android/build_and_run_all_unit_tests.sh script to
push exectuables to /data if it can't push to /system/bin.
The script run_all_unit_tests.sh will check if test files are in /data
and run those first, if not, it runs the files in /system/bin.
This change is needed to test unit tests on devices where /system/bin
is a read only file system, even after running "adb remount".
This CL will help verify, but will not fix
b/27678092
Change-Id: Ia0fe8c2e68722f58c2626f22113abdbdc8c5e408
This aligns our test script with the functionality found in our TF
test configuration for preventing concurrency issues with DroidGuard.
Matching Widevine cl: go/wvgerrit/16791
Change-Id: Icc891de0a5f3795d8582b21e1bcf734049ddbf42
(This is a merge of http://go/wvgerrit/16496 )
run_all_unit_tests.sh now aborts and alerts the user if they have
Verity on, as opposed to its current behavior of failing later when
the tests don't copy over successfully.
Bug: 23420350
Change-Id: Ib01d32caaac462974b051f5d019888f7c47bc745
* Add Apple MD5 support in DeviceFiles
[ Merge of http://go/wvgerrit/15544 ]
Patch courtesy of Spotify.
* Changing vague BufferReader log message
[ Merge of http://go/wvgerrit/15515 ]
Amending the buffer reader log message for null parameters in the
read function to say the type of parameter to help tell the
difference between Read2, Read2s, Read4, Read4s, Read8, and
Read8s.
Bug: 23619044
* Fix HTTP socket tests
[ Merge of http://go/wvgerrit/15521 ]
This fixes the build on Jenkins. I missed these when I updated HTTP
socket because they are not part of the CE CDM test suite.
* Update HttpSocket for IPv6
[ Merge of http://go/wvgerrit/15517 ]
Previously, HttpSocket made assumptions about IPv4.
This CL updates this utility to be agnostic to IPv4 vs IPv6.
If our servers start resolving to IPv6 addresses in future,
our tests can now handle this transparently.
* Removed low level warnings from PSSH
[ Merge of http://go/wvgerrit/15489 ]
Unneeded warnings in parsing PSSH and in buffer reader
were appearing in the logs. LOGW commands were replaced
with LOGV.
Bug: 23419359
* BufferReader unit tests and hardening.
[ Merge of http://go/wvgerrit/15449 ]
Added unit tests for public-facing functions.
Added protection against null or negative parameters.
Bug: 23419008
Change-Id: Ia44100a2d1bafe68986ae9a0793214885b21e61e
Merge from widevine repo of http://go/wvgerrit/14708
This CL adds a test to verify that oemcrypto is a level 1 device. It
is part of oemcrypto_test_android.cpp, so it only applies to android
devices and to the widevine buildbot which also runs the android tests.
bug: 21814204
Change-Id: Icbcdd3496fb8a656891bd7c873c60cba23c9666a
Merge from widevine repo of http://go/wvgerrit/14218
If GTEST_FILTER was not set, it defaults to "" which matches no
tests. This CL changes it to "*" if it was "".
Also, quotes are added around the environment variable and command so
that it multiple variables can be set.
Change-Id: Icad9a1fbca2d1b436f6e37a2a080a70a384f0a1d
This is a merge from the Widevine repository of
http://go/wvgerrit/14024
Add Level 3 Oemcrypto Unit Tests To Run All Tests Script
This CL adds the ability to restrict the oemcrypto unit tests to only
use the fall back level 3. This restriction is per-process, and is
only used while running the unit tests. This allows us to automate
running the unit tests on an android device as both level 1 and level
3 without modifying files in /system/lib. To turn on the restriction,
set the environment variable: FORCE_LEVEL3_OEMCRYPTO=yes.
New level 3 library versions are:
level3/arm/libwvlevel3.a Level3 Library Apr 8 2015 13:09:05
level3/x86/libwvlevel3.a Level3 Library Apr 8 2015 13:15:42
http://go/wvgerrit/14055
Remove Redundant Tests
This CL modifies the UsageTableTests in oemcrypto_test.cpp so that
they are not all parameterized by new_mac_keys_. This parameter is
used when testing signatures. In particular, we do not need to verify
timing twice.
Also, I modified the run_all_unit_tests.sh script so that the
environment variable GTEST_FILTER is passed down to the android
process. This allows us to use the script to run a limited list of
tests while debugging.
http://go/wvgerrit/14054
Filter Out API Version 10 Tests
This CL updates the OEMCrypto tests so that all but one test will pass
for a device that implements the version 9 API.
Android LMP devices should pass tests with
GTEST_FILTER="*-*MNC*:*CanLoadTestKeys*"
http://go/wvgerrit/13886
Update Documentation about Optional Features
The intergration guide has been updated to include reference to
OEMCrypto_LoadTestRSAKey. It also now discusses optional features.
The Delta 10 document now mentions OEMCrypto_LoadTestRSAKey.
The android supplement warns that most optional features are required.
This also adds clarification about which functions should save the
usage table, in answer to:
b/16799904 OEMCrypto v9 ambiguous about saving usage table information
Change-Id: Ifb517d58952c9b332b2958ca99af64bc293b985f
(This is a merge of http://go/wvgerrit/14052)
Adds a hard return at the end of the output of run_all_unit_tests.sh
if tests failed, which was previously missing.
Change-Id: Ie888168fb965e1f116c2cd7d586b46736abc9c80
(This is a merge of http://go/wvgerrit/12700 from the Widevine CDM
repository.)
Adds unit tests which cover several cases, including five which are
fixed in this patch:
* Find a Widevine PSSH after a PSSH with non-zero flags.
(We have no control over another provider's abuse of the flags field,
so we should not give up if such a PSSH appears before ours.)
* Find a Widevine PSSH after a v1 PSSH.
(CENC now specifies a general v1 format. We don't have to support it
directly in the CDM, but we do have to skip it gracefully.)
* Find a Widevine PSSH after a non-PSSH box.
(This would be unusual input, but we can easily recover from it.)
* Parse a PSSH box with a size field of 0, which means "the rest of the
buffer."
(This would be unusual input, too, but is technically allowed for any
MP4 box.)
* Parse a v1 Widevine PSSH box, ignoring the new fields we don't need.
Bug: 19288007
Change-Id: I355df9e34ba4d53cc02e8501de965a0d193ee554
A bug prevented regenerating license release requests. This has
been corrected. A crash due to a formatting error has been addressed.
Clean up of logging and additional logging for open session failures
have been included.
b/16197822
Merge of https://widevine-internal-review.googlesource.com/#/c/10806
from the widevine cdm repo.
Change-Id: I854ead388f311d00b1cd700dfa1b2f58322c2dd4
GPlay offline tests were failing due to additional query parameters that were
introduced with b12789275. Additional changes caused offline failures,
as the content pointed to by the test vectors was HD only and did not
allow for offline playback.
This addresses the problem by switching request license tests to point to UAT.
UAT is now the default license server destination for request license tests.
Test vectors for GPlay will be added back as a secondary option when they
are available.
b/13909635
Merge of https://widevine-internal-review.googlesource.com/#/c/10261/
from the widevine cdm repo.
Change-Id: I5e5a2b477b6d591747123e8eeb3cd00b7f762090
OEMCrypto now returns OEMCrypto_ERROR_KEY_EXPIRED rather than
OEMCrypto_UNKNOWN_ERROR when the key has expired. This CL adds
a test to verify that CDM is handling this correctly.
[Merge of https://widevine-internal-review.googlesource.com/#/c/9730
from the Widevine cdm repo]
b/9205119
Change-Id: I6b13b43d71f7fa51531c309ffd3f93d3648f9b89
Make the build_and_run_all_unit_tests script push individual tests
instead of doing a full sync, makes it easier to run unit tests
against release builds.
Merge of https://widevine-internal-review.googlesource.com/#/c/8405/
from the widevine cdm repo.
Change-Id: I8efda77be9ab863f616fab88c4782b7c9edb8858
This merges the following changes from the Widevine CDM repository:
da001b6 Add Privacy mode and service certificate
This adds support to the CDM for privacy mode and service certificates.
92bf200 Add support for using Youtube Content Protection server for testing
Enables testing with Youtube Content Protection server. Google Play license
server is still the default. Select YTCP server by using the flag -icp
e.g. adb shell '/system/bin/request_license_test -icp'
85dcd60 Fixes to enable privacy mode
These includes changes to use PKCS7 padding, corrected root CA formatting
and changes to integration test. Also refactored service certificate
handling.
989971c Correction to request license test
Corrected PropertySetTest to provision when needed. Also added disabled
privacy tests to run against YTCP staging server until GooglePlay
integration is complete.
Bug: 10109249
Change-Id: If81d68c65d743d77a485406f48d1be41a74de0af
Because we do not want to accidentally install a test keybox on a
production device, most of the oemcrypto unit tests are being disabled
by default.
If you wish to run these tests, you can override this choice, by
running:
adb shell /system/bin/oemcrypto_test --gtest_also_run_disabled_tests
This change prompts for and requires positive confirmation before
running the disabled tests on a device that has a non-test keybox
already installed.
Bug: 8907626
Merge of https://widevine-internal-review.googlesource.com/#/c/5531/
from the Widevine CDM repository
Change-Id: Ib8e3605129ebf0861b4af15d04676f7a06cc5b78
The android timer class was not generating timer events correctly. This caused
renewal and expiration events not to be sent. A strong pointer to the
timer thread was not held and this caused the android util timer
thread to exit after firing once. This is now addressed.
Bug: 8736545
Merge of https://widevine-internal-review.googlesource.com/#/c/5353/
from the Widevine CDM repository.
Change-Id: I2d904e55d4d10eacc1a51f1c6b5c1a267c92c8d8
