c3bce4d845108fd6c5bbb486954dde4633bc4369
14 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Rahul Frias
|
aac1439dea |
Merges to android Pi release (part 12)
These are a set of CLs merged from the wv cdm repo to the android repo. * Correct error logging Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/40000 ] In tests, we set the cipher list to avoid using insecure ciphers when connecting to the provisioning/license service. The result of setting the cipher list was being incorrectly validated. Bug: 64847919 * Move mips cache headers to clear_cache_function.h Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39700 ] Since the clear_cache function has been moved away from the dynamic adapter, we need these conditional includes to be migrated as well for MIPS. * Comment out Level 3 debug call until merge Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39761 ] This call was introduced in go/wvgerrit/34260/. Since the haystack tool in google3 still needs this merge, this should be commented out so the tool can still build until the merge has finished. * Add logging for MAC keys to mock Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39740 ] Bug: 70637842 * Move external interfaces into level3.h + refactor Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39673 ] As part of b/70523618, this CL moves interfaces that partners are responsible for in Level 3 to level3.h so they can be visible as part of the CDM release process. It also cleans up some of the names of the files and adds documentation. * Corrected close session logging level Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/39676 ] Bug: 69460963 * Remove Security Level Path Backward Compatibility Support Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/39505 ] From the android K release onwards certificates were stored in security level specific directories. If upgrading from previous releases persistent information needed to be moved to those directories. Since no device is likely to upgrade from J to Pi, comptibility support can be removed. Bug: 70160032 * Rename privacy_crypto_openssl To privacy_crypto_boringssl Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37122 ] Now that we no longer support OpenSSL in the Shared Source CDM, the name of this file can be updated. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Remove Conditional Compilation from OpenSSL/BoringSSL Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/39460 ] This change removes the usages of conditional compilation to support both BoringSSL and OpenSSL, as well as to support multiple versions of the OpenSSL API. All code is now compiled against one of the two versions of BoringSSL in third_party/. Note that in some cases, the kit/ and legacy_kit/ versions of BoringSSL had different APIs, so when removing the OpenSSL version compatibility conditional compilation, sometimes the older branch was kept and sometimes the newer branch was kept. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Build CE & Jenkins CDMs With BoringSSL from third_party/ Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37120 ] Up until now, integrators have been responsible for providing a compatible crypto library for use by the CE CDM. (either OpenSSL or BoringSSL) After this change, this decision will no longer be in their hands. The CE CDM build will always use the copy of BoringSSL in third_party/, which will be statically linked with our library with hidden visibility. This allows us to better control what crypto library we use and will prevent continuing problems with trying to support both OpenSSL and BoringSSL. Unfortunately, BoringSSL began using C++11 in mid-2017, and we can't support C++11 right now. Until we can, we need to use a C++11-free version of BoringSSL for libssl. The CDM itself will continue to use a recent BoringSSL, as it only needs libcrypto. But the unit tests that need libssl have to use the legacy version. Bug: 67907873 Test: build.py x86-64 Test: wv_ce_cdm_unittest Test: jenkins/linux_unit_tests * Modified RNG for Level3 to use more entropy Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39220 ] Bug: 65165076 Modified seed generation to use an xor of clock_gettime and client-implemented code to supply random seeds to the RNG. Modified the RNG as well to use xoroshiro128+ instead of xorshift, since it uses more than one seed/state (which are 64-bit) and has higher "statistical quality". The default implementations for the seed generation use /dev/urandom. * Configure base path for Level3FileSystem Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/39506 ] This is in response to b/70354006. This change makes the Android Level3FileSystem use the existing properties method GetDevicesFilesBasePath for binderization. The same is done for the Linux implementation. * Add legacy_kit/ to BoringSSL Directory Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/38861 ] This adds a second copy of BoringSSL to the third_party/boringssl/ directory. This second copy is pinned to the last revision of BoringSSL not to require C++11 and is not updated by the UPDATE_BORINGSSL.sh script. This second copy will be used to provide libssl to the tests on devices that do not support C++11. Once we support C++11 in the CDM again, this weight should be removed and all targets should use the copy of BoringSSL in the kit/ directory. Bug: 67907873 * Use Shared Libraries for Unit Tests Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/38860 ] Some unit tests were using a statically-linked CDM instead of a dynamically-linked one. (Or, in one case, trying to link both ways into the same binary.) For now, we need to only link dynamically, so that the unit tests and the CDM can use different versions of BoringSSL. Long-term, we would like to test both kinds of linkage. (See b/69548115 for that.) Some unit tests were also using a dynamicaly-linked CDM that was named such that it appeared to be statically-linked. This patch renames some targets to make the linkage clearer. Bug: 67907873 * Change CDM_Backwards_Compatiblity_Tests to dedicated brances Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/39003 ] The build scripts used by CDM_Backwards_Compatiblity_Tests now pull old versions of oemcrypto from the dedicated branches oemcrypto-v*, which [will eventually] contain old oemcrypto versions, that build with the current build system with a current boringssl version. bug: 67907873 * Fix spacing on level3 header Author: Srujan Gaddam <srujzs@google.com> [ Merge of http://go/wvgerrit/38760 ] * Correct Query status calls Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38640 ] Bug: 70160032 * Refactoring to allow encryption of client ID Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/37460 ] The code has been restructured to allow encryption of client identification in provisioning requests. This will be enabled when server side changes have been made (b/69427217). * Additional information is included in the Client Identification portion of the provisioning request. * Client identification will be encrypted with a service certificate provided by the app/client. Platform changes to enable passing this to core are needed. If a service certificate is not provided, a default one associated with the production Keysmith will be used. * Switched APIs in CdmEngine to take a service certificate for provisioning rather than licensing. Service certificates for licensing are session based and passed as properties from platform code. Bug: 30737060 * Allow some CDM errors to be reported from multiple locations Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/38360 ] This creates some CdmResponseType errors which may be reused PARAMETER_NULL, NOT_INITIALIZED_ERROR, REINIT_ERROR. I have made changes to a few classes to report these errors. Will work on additional classes in a separate CL. Bug: 69864404 BUG: 71650075 Test: WV Unit/integration tests Change-Id: Icc048770d424ac537d11ff327cda2cb142da802d |
||
|
Rahul Frias
|
81d607c008 |
Merges to android Pi release (part 9)
These are a set of CLs merged from the wv cdm repo to the android repo. * Make Android NDK Builds Work With Latest BoringSSL Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37000 ] The latest updates to BoringSSL require C99 or later. Our NDK-based builds (OEMCrypto Variants & Fastball) were not specifying a C standard. This patch adds compiler flags so that C files are compiled as C11 now. Note that this is about the *C* standard in use, not the *C++* standard, which this patch leaves untouched. BUG: 67907873 Test: build_android_mock.sh * Update BoringSSL to f7412cb072cc6b1847140e0c4f8b3ceeccd0e708 Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36761 ] This is the result of running UPDATE_BORINGSSL.sh. Future runs of this script should produce much smaller sets of changed files, but because the BoringSSL revision already in this directory was so old and contained many extraneous files from the Android operating system, the set of changed files is extensive this time. BUG: 67907873 * Refactoring the build files. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/37041 ] Move all common build dependencies to .gypi so that all fuzz test binary targets can be added to .gyp file without repeating code. * Introduce service certificate request property Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36941 ] Platforms differ on whether they allows service certificates to be requested if privacy mode is enabled and a certificate is not present. This property allows behavior to be configurable. Generating the service certificate request will be introduced in a follow on CL. BUG: 68328352 * Deprecate using keyboxes as identification Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36740 ] Previously some platforms supported using keyboxes rather than certificates as the identification tokens in the license request message. All platforms that share core CDM code of the master branch now either provision using a keybox and use a DRM certificate or an OEM certificate as identification. No future usage of keyboxes as identifying tokens is planned. Since the platform property use_certificates_as_identification is always set to true, the negative code paths are never taken and can be removed. * OEMCrypto_GenerateSignature API Fuzz Test. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36863 ] - The first automated API fuzz test. - Also sumitting the corpus for the API fuzzed. * Add Script to Update BoringSSL from Source Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36760 ] Adds a script to third_party/boringssl/ that, when run, deletes all the auto-generated files in the generated/ directory and regenerates them from scratch, starting from the latest public HEAD of BoringSSL. Bug: 67907873 * Fix Fastball / OEMCrypto Variant BoringSSL Makefiles Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36926 ] Previously, when moving the BoringSSL source within the tree, I was not able to verify that I had not broken the NDK-compatible makefiles used by Fastball because that build is broken on master. I had to make a best-guess as to how they should be updated and hope. Now, however, I have been informed that the OEMCrypto Variants also use these makefiles, and I have been able to use that build to find where I broke them and get them fully working. Bug: 67386164 Test: build_android_mock.sh * Add kit/ to BoringSSL Include Path for Fastball & OEMCrypto Variants Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36925 ] When I moved the BoringSSL source in the tree, I updated the Android.mk files that pointed to it in order to build it. I did not realize that some makefiles outside that directory also contained hardcoded pointers into that directory. These references broke after the move. This patch fixes those paths to point to the new BoringSSL location. Bug: 67386164 Test: build_android_mock.sh * OEMCrypto Unit Test Refactor. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36562 ] Refactoring OEMCrypto Tests so the Session Utility test code can be reused in fuzz tests. * Reorder license server config table to match ids Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36743 ] * Separate Hand-Written BoringSSL Files from Downloaded/Generated Ones Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36561 ] I want to make updating BoringSSL as simple as possible for us going forward. A future commit will add a script that automatically downloads and sets up the latest version of BoringSSL. To facilitate this script, a clear distinction needs to be made between the files that can be downloaded with / regenerated from the BoringSSL source and the files that are maintained by us by hand. The version of BoringSSL in this change is exactly the same as the one already in this directory. It has just been moved one folder deeper. Bug: 67907873 * Remove BoringSSL Symlinks, They Are Confusing Gerrit Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36560 ] There are some symlinks in the current copy of BoringSSL that are causing headaches when I try to upload future changes to Gerrit. These were inherited from the Android OS and are not used by our build anywhere. They would be wiped out when I update BoringSSL anyway, but wiping them out in a separate change before I upload any other changes avoids confusing Gerrit. Bug: 67907873 * Add group master key id to support sublicense master key rotation, and content identification. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36180 ] * OEMCrypto Fuzzer test framework Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36280 ] - Adding a sample fuzz test. - Adding build scripts for building the new Fuzz Tests to come. Design doc: go/oemcrypt_ref_impl_fuzz * Build Mod Mock with C++ 11 Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/36328 ] This should fix the android oemcrypto mock build: http://go/wvbuild/job/Android_OEMCrypto_Variants BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: Ic4d5be3118ef97e3f7d386149a2b5d9be8f0a87e |
||
|
Rahul Frias
|
169d0b6cb6 |
Merges to android Pi release (part 4)
These are a set of CLs merged from the wv cdm repo to the android repo. * Correct RELEASE_ALL_USAGE_INFO_ERRORs Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/28742 ] RELEASE_ALL_USAGE_INFO_ERROR_4 and 5 were introduced and made use of in http://go/wvgerrit/24022 (branch: oc-dev). The error code definitions were merged over in http://go/wvgerrit/24602. When http://go/wvgerrit/24622 from cdm_partners_3.2 was merged to master (http://go/wvgerrit/27723) there was conflict in error codes. The error codes were adjusted to RELEASE_ALL_USAGE_INFO_ERROR_3 and 4 and were made use of. To avoid renaming the errors between oc-dev and master, new errors RELEASE_ALL_USAGE_INFO_ERROR_6 and 7 have been added to handle the scenarios noted in the merge from cdm_partner_3.2. The other errors have been reverted back to RELEASE_ALL_USAGE_INFO_ERROR_4 and 5. They will be used when http://go/wvgerrit/24602 is merged. * Address compilation issues Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/28740 ] These changes enable compilation of most of the cdm code on android expect for OEMCrypto unit tests (b/62739406) on wv master. * Add property for binary/base64 provisioning msgs. Author: Gene Morgan <gmorgan@google.com> [ Merge of http://go/wvgerrit/28074 ] Property is "provisioning_messages_are_binary". Its default setting is false in the CE CDM, but it can be overridden by integrators. Added section to integration guide that discusses Provisioning Server message formats and the new property. Link: https://docs.google.com/document/d/1cBVbhgrajLpDe2W3_vzLzUqzpdDt73chvm4_sZlZlS8/edit#heading=h.hgxw53ddw7jo BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: I9168193819974d1ff65d9a94dbd762e45ecc43ca |
||
|
Fred Gylys-Colwell
|
6d5be4fddf |
Enable OEMCrypto Unit Tests
This is a merge from the widevine repository of http://go/wvgerrit/13923 Switch openssl to use the EVP interface for aes-ctr-128 http://go/wvgerrit/13979 Add Test Certificate to OEMCrypto Mock http://go/wvgerrit/13978 Add Test Keybox to Level 3 OEMCrypto http://go/wvgerrit/13873 Enable OEMCrypto Unit Tests This CL adds a main program to oemcrypto_test.cpp, which filters out tests that are not supported on the specified platform. It also adds LoadTestKeybox to the mock. This allows oemcrypto unit tests to be run on devices that have production keybox. It also allows the same set of unit tests to work on Android and on non-Android platforms. b/18962381 Use test certificate (partial fix) b/19867990 Separate cast receiver tests Change-Id: If89c31530103ed85aa37d7379bd5b4dc2a927f38 |
||
|
Fred Gylys-Colwell
|
b5e8b87fed |
Merge Changes from CDM repository
This CL merges the following changes from the Widevine repository: Avoid CdmSession reinitialization https://widevine-internal-review.googlesource.com/#/c/10530/ Fix timer-related unit tests. https://widevine-internal-review.googlesource.com/#/c/10510/ Correct return statement bug: 15590802 https://widevine-internal-review.googlesource.com/#/c/10553/ Usage reporting fixes bug/15388863 https://widevine-internal-review.googlesource.com/#/c/10460/ Make public methods virtual https://widevine-internal-review.googlesource.com/#/c/10500/ Fix the SetTimer contract in the CDM. https://widevine-internal-review.googlesource.com/#/c/10493/ Move inline CDM methods, add OVERRIDE. https://widevine-internal-review.googlesource.com/#/c/10475/ Simplify storage APIs related cleanup. https://widevine-internal-review.googlesource.com/#/c/10473/ Duration values are not correctly reported when queried b/15592374 https://widevine-internal-review.googlesource.com/#/c/10437/ Propagate IsKeyValid() through ContentDecryptionModule. https://widevine-internal-review.googlesource.com/#/c/10483/ Minor clean up in config_test_env. https://widevine-internal-review.googlesource.com/#/c/10440/ General clean up. https://widevine-internal-review.googlesource.com/#/c/10441/ Refactor HttpSocket and simplify UrlRequest interface. https://widevine-internal-review.googlesource.com/#/c/10410/ Install good keybox at end of unit tests b/15385981 https://widevine-internal-review.googlesource.com/#/c/10374/ Privacy crypto fixes b/15475012 https://widevine-internal-review.googlesource.com/#/c/10383/ Incorporate header files to resolve build issued based on customers feedback. https://widevine-internal-review.googlesource.com/#/c/10420/ Support unprovisioning b/12247651 https://widevine-internal-review.googlesource.com/#/c/10356/ Correct usage of Host::Allocate and Cdm::Decrypt. https://widevine-internal-review.googlesource.com/#/c/10378/ Fix logging bug, arguments in wrong order. https://widevine-internal-review.googlesource.com/#/c/10380/ Rename types that look like constants. https://widevine-internal-review.googlesource.com/#/c/10379/ Fix offline test failures b/13909635 https://widevine-internal-review.googlesource.com/#/c/10348/ Add -DUNIT_TEST to the unit test makefile for Android https://widevine-internal-review.googlesource.com/#/c/10375/ Refactor privacy-crypto and add dummy version. https://widevine-internal-review.googlesource.com/#/c/10353/ Remove References to Apiary https://widevine-internal-review.googlesource.com/#/c/9924/ Delete oldest entry in usage table when full bug: 15184824 https://widevine-internal-review.googlesource.com/#/c/10295/ Port DeviceFiles to iOS. https://widevine-internal-review.googlesource.com/#/c/10355/ Make testing functions in DeviceFiles private. https://widevine-internal-review.googlesource.com/#/c/10354/ Add RSA encryption to haystack https://widevine-internal-review.googlesource.com/#/c/10280/ Add string and vector includes to CDM header. https://widevine-internal-review.googlesource.com/#/c/10352/ First version of oemcrypto logging https://widevine-internal-review.googlesource.com/#/c/10252/ Update Names of Secure Stop Methods bug: 11987015 https://widevine-internal-review.googlesource.com/#/c/10152/ Adjust timing on the Usage Table unit test https://widevine-internal-review.googlesource.com/#/c/10307/ Fix all compiler warnings in CDM source release. https://widevine-internal-review.googlesource.com/#/c/10293/ Fix memset bug: args in wrong order https://widevine-internal-review.googlesource.com/#/c/10292/ Partial revert of 'Remove refs to test prov server, Level3 support...' https://widevine-internal-review.googlesource.com/#/c/10281/ Pack structure OEMCrypto_PST_Report https://widevine-internal-review.googlesource.com/#/c/10243/ Remove refs to test prov server, Level3 support; remove dead code https://widevine-internal-review.googlesource.com/#/c/10220/ Partial revert of 'Document data strings; clean up license server parameters.' https://widevine-internal-review.googlesource.com/#/c/10188/ Document data strings; clean up license server parameters. https://widevine-internal-review.googlesource.com/#/c/10120/ Fix broken build after partner branch merge. https://widevine-internal-review.googlesource.com/#/c/10181/ TODO Cleanup - core/src, core/include https://widevine-internal-review.googlesource.com/#/c/9965/ TODO Cleanup - cdm, chromium, core/test. https://widevine-internal-review.googlesource.com/#/c/9419/ Remove unneeded properties. https://widevine-internal-review.googlesource.com/#/c/10162/ Change-Id: If2bb9d743a562a3875bebb91933c0aaadea286b2 |
||
|
Fred Gylys-Colwell
|
1cd8195d88 |
OEMCrypto Usage Tables
This CL adds usage tables to the OEMCrypto reference implementation (mock) and unit tests. There is also a new parameter called oem_crypto_require_usage_tables that determines if the usage tables are required or not. This is set to true for Android and false for all other platforms. This CL is most of OEMCrypto version 9 updates. This CL is a copy of https://widevine-internal-review.googlesource.com/#/c/9720 https://widevine-internal-review.googlesource.com/#/c/9874 https://widevine-internal-review.googlesource.com/#/c/9873 Change-Id: I78c4f7651306f9f79ba2260c3e04fb1eca7e20e3 |
||
|
John "Juce" Bruce
|
951f08c2da |
Support Latest Version of EME Spec Init Data Specification
(This is a merge of https://widevine-internal-review.googlesource.com/9711 from the Widevine CDM repo.) This change updates the CDM's handling of init data types, previously known as MIME types, to comply with the latest version of the EME spec. Following this change, in addition to accepting the deprecated MIME types "video/mp4", "audio/mp4", "video/webm", and "audio/webm", the CDM will accept the new standard: Init data types "cenc" and "webm". Furthermore, this removes the non-PSSH-parsing path from the CDM. All platforms have unified on the CDM being responsible for parsing the concatenated PSSH box list, as outlined in the latest EME spec. As Android has shipped code that expects pre-unwrapped PSSH boxes and must maintain backwards-compatibility, code has been inserted on that platform to detect pre-unwrapped data and re-wrap it with a PSSH header before sending it to the CDM. There are some small changes to unit tests because of this change: 1) The CDM Engine unit test now no longer needs to unwrap the PSSH on any platforms when testing ISO-BMFF. It now pre-caches the unwrapped key ID for use when testing WebM. 2) Several substantially-similar unit tests in the Android code have been rolled into one test. Bug: 13564917 Bug: 13570595 Bug: 9465346 Bug: 13570288 Change-Id: I7f27b16b8503f24a26746b5dce71fb61b6fd1bb2 |
||
|
Jeff Tinker
|
db41502f86 |
Backward compatibility for licenses and certificates
Certificates and offline licenses are stored in security level specific directories in klp. When devices transition from jb-mr2, their persistent information has to be ported to these directories. bug:10366036 Merge of https://widevine-internal-review.googlesource.com/#/c/7310/ from the widevine CDM repo Change-Id: I70b4a79dc5b69bda7fc3a4b92fdcde7ef8b41836 |
||
|
Rahul Frias
|
f6c2a60485 |
Allow Apps to Voluntarily Downgrade to L3 Crypto
This merges the following changes from the Widevine CDM repository: 564f4cc Add CdmClientPropertySet to CDM Adds an interface to the CDM that allows it to query its client for certain properties. In this case, this includes the ability to specify what security level is desired, as well as support for service ceritifcate privacy mode. 9cfbd3e Force Level 3 fallback Adds support for voluntarily invoking L3 crypto to the OEMCrypto wrapper. 95d12c1 Add pointer to CdmClientPropertySet class to OpenSession. Adds support for storing the property set on a session-by-session basis and choosing the appropriate crypto level. 17de442 Add Settable Properties for Clank to Android Adds support for setting the aforementioned properties to the DrmEngine bbe704d Fixes to force fallback to level three security Corrections to invoke provisioning, OEMCrypto API with configured security level rather than the default. Unit tests were also revised. Note that some parts of this are also support for the ability to use a service certificate-based privacy mode. The remaining code for supporting this mode is still forthcoming. Bug: 10109249 Change-Id: I2755e4dea1de3e8a56cff237360298f7b7f1bddc |
||
|
Jeff Tinker
|
0190f99fb3 |
Migration from jb-mr2 to master for Widevine CDM
Android development of the widevine CDM has been done on the jb-mr2 branch of the cdm code base. This CL contains a merge of that jb-mr2 work to CDM master, and also reflects the evolution of the common Modular DRM code base since jb-mr2 branched. Change-Id: I1d7e1a12d092c00044a4298261146cb97808d4ef |
||
|
Jeff Tinker
|
b7debfe2a1 |
Enable certificate based licensing
Includes fixes for provisioning and license renewal signature generation. bug: 8620943 Merge of: https://widevine-internal-review.googlesource.com/#/c/5231/ https://widevine-internal-review.googlesource.com/#/c/5200/ from the Widevine CDM repository. Change-Id: I2928c9d59ad5337ca34b4ef7ed58272d34755d2d |
||
|
Jeff Tinker
|
e6b1fedc4c |
Widevine CENC drm engine update
bug: 8601053
This import syncs to the widevine git repository change
commit 6a99ad1b59ad39495f62954b3065ddc22b78da49
It includes the following changes from the widevine git
repository, which complete the jb-mr2 features
Fix Unit Test Makefile
Adds support for device certificate provisioning.
Support application parameters
Certificate based licensing
Proto for client files
Implement Property Query API
Add Device Query For Unique ID
Implement Generic Crypto in DrmEngine
Do not validate Key IDs on clear playback
Allow OEMCrypto_DecryptCTR with clear content and no key
Add a case to the MediaDrm API test to repro b/8594163
Implement requiresSecureDecoderComponent
Implement Eventing API
Add end-to-end decryption test with vectors
Refactoring of properties class
Refactor OEMCrypto unittest.
Fix for b/8567853: License renewal doesn't renew license.
Add KEY_ERROR callback to WvContentDecryptionModule() ctor.
Merged certificate_provisioning.proto and
client_identification.proto to license_protocol.proto.
Fix nonce check failure after a malformed key in OEC Mock.
asynchronize decryption
Allow querying of control information
make debugging AddKey & Decrypt statuses easier
Revert "Revert "Send KEY_ERROR event to app on license
expiration or failure""
Revert "Send KEY_ERROR event to app on license expiration
or failure"
Send KEY_ERROR event to app on license expiration or failure
remove extra session id copy
use KeyError constants directly
replace variable-length arrays with std::vector and fixed-sized array
pass session ids as const references
refactor key extraction and update keys on renewal
Updates to enable renewals and signaling license expiration.
fix error constant in OEMCrypto_DecryptCTR
Change-Id: I5f7236c7bdff1d5ece6115fd2893f8a1e1e07c50
|
||
|
Jeff Tinker
|
826576315c |
Widevine CENC drm engine update: enable decryption
This import syncs to the widevine git repostiory change commit ab3e1e43642cf36900f55169597a33f222709fdb Change-Id: I3a6f1e2969e5fe7ed1ca12f90b0eb0a3b7899835 |
||
|
Jeff Tinker
|
f3ec8c19d6 |
Import updates to the Widevine CENC DRM Plugin
This change incorporates the following CLs from the Widevine
cdm repository:
Update the java request/response test app to match Drm API changes
Don't build the mock liboemcrypto.so by default
Do not build CDM tests by default
Fix Build Break in DrmEngine Unit Tests
Fix Build Break in WVDrmPlugin
Initial version of roadmap for CDM projects.
Implement License Query
Implement Generic DRM in OEMCrypto Reference Implementation
Add key_data_length field when calling OEMCrypto_LoadKeys
Policy engine unittests
Generalized DRM API for OEMCrypto
Fixes proto buf libraries build.
Add Version Number to OEMCrypto API
Test key control block duration field in OEMCrypto
Add fix for missing crypto offset.
Fixed android/media*/test builds and added proto files for Cert. provisioning
Refactor and clean up callback code in CDM.
Add "device_id" name-value pair to LicenseRequest::ClientIdentification
Separate unit and end-to-end tests from the top level makefie.
Includes changes for 'fall back to l3 oemcrypto lib' in top level makefile.
Fall Back to Level 3 if Level 1 Fails
Fix compilation error in wvcdm_unittest.
Fix Android build break due to Decrypt() signature change in cdm_engine.h.
Wire up callbacks and errors in the Steel proxy.
Fix lock assert if there is no keybox on the device.
RSA Certificate Unit Test
Change Generic_Verify signature to constant.
Change-Id: I2e42db9d0b4f8d4e833675ae81d0714509bbfd2c
|