(This is a merge of go/wvgerrit/23182)
This patch adds the framework for Stable Per-Origin Identifiers to the
CDM. Calculating SPOIDs will be done on the client-side, and they are
sent as part of the provisioning request. SPOIDs are also available to
the app as the Device Unique ID, replacing the previous method of
returning the actual Device Unique ID from the keybox / OEM certificate.
Different SPOIDs must use separate storage, just as different origins
already do. Support for this has been added to the Android adapter to the
CDM Core. However, the code in the Android glue layer that would drive
this behavior will be checked in in a separate change. As such, all
Android devices will continue using the legacy behavior even after this
patch goes in, until the glue layer code can be updated.
Bug: 27101531
Test: CE CDM Unit Tests
Test: Linux Jenkins Unit Tests
Test: Android Unit Tests (with and without SPOIDs forced on)
Test: Android GTS Tests
Change-Id: Ia0caf890381cbcb97504d08b19aeab8b29bd07ae
(This is a merge of go/wvgerrit/23154)
This patch updates the ClientCapabilities protobuf to match the latest
on the server side and adds plumbing to the provisioning request
process so that devices can report whether they like big certs.
Their capacity to lie remains untested.
Bug: 34076937
Test: license_unittest
Change-Id: I3bcc9f1741146953d8bc0ff3d7d2305e7ac2c118
[ Merge of http://go/wvgerrit/23161 ]
The usage table redesign will require storing usage table headers
and usage entries in non-secure persistent store. This information
will be signed by the TEE to prevent against modification. New
Storage and retrieval methods have been added for usage table headers,
while usage entries will be stored alongside (offline) licenses and
(secure stops/)usage info.
b/34327459
Test: All unittests, including newly introduced ones other than some
oemcrypto, request_license_test passed. Those tests failed with or without
this CL.
Change-Id: I9b8d6210e33774b0803f8af1711b2d593d467aec
[ Merge of http://go/wvgerrit/23061 ]
b/34131127
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I27a3cde8e5c86dc8f9b26f9d4e7793f86c016743
[ Merge of http://go/wvgerrit/22980 ]
System Renewability Messages (SRM) contains a list of Key Selection
Vectors, which are HDCP Identifiers that have been revoked.
During HDCP negotiations a transmitter may authenticate a receiver
and verify that its unique identier is not present in the SRM.
This CL enables reporting of the current SRM version and whether SRM
updates are supported. It also loads SRM updates in the license
and specifies SRM version requirements when keys are loaded.
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
b/28955520
Change-Id: Id840078ea2deb01d9619c1cd8d367b50452f76cc
* changes:
Remove missing tests from build_all_test script
Replace PST Report with buffer
Add InactiveUnused to Usage Report status
OEMCrypto v13 Header and Stubs
Log HTTP errors in unit tests
Rename oemcrypto's CryptoEngine configuration functions.
Move keybox and root certificate handling into new class.
Test OEMCrypto with backwards compatible verification
Merge from Widevine repo of http://go/wvgerrit/23180
The previous CL removed entry_writer_test and
circular_buffer_test. This CL updates the android build and run alll
unit test scripts.
Change-Id: Ib41046d0f224899f4d1d2742f07c030f7ce6b084
Merge from Widevine repo of http://go/wvgerrit/23044
On some platforms, the compiler will not pack structures. This CL
replaces the OECrypto_PST_Report packed structure with a simple buffer
of uint8_t. This changes the signature of OEMCrypto_ReportUsage as
part of OEMCrypto v13.
There is also a new wrapper class that test code, the mock, and debug
code can use to access data in the report.
The old packed structure definition is moved to the level 3, where we
use a compiler that packs sructs when asked nicely.
arm/libwvlevel3.a Level3 Library 4445 Jan 20 2017 11:29:15
x86/libwvlevel3.a Level3 Library 4464 Jan 20 2017 11:10:49
mips/libwvlevel3.a Level3 Library 4465 Jan 20 2017 10:56:08
b/32180083
Change-Id: Ie138f034cb12780a2f8636888cebf022c52169e5
Merge from Widevine repo of http://go/wvgerrit/22963
This change kInactive to kInactiveUsed and adds kInactiveUnused to the
possible values for the status field in the Usage Report. This CL
updates the header, the unit tests, and haystack and reference code.
b/32714323
Change-Id: If8d8e32ea1e3dc18da34e5fae35f578b027de9c7
Merge from Widevine repo of http://go/wvgerrit/22899
This is most of the header changes for OEMCrypto v13. This updates
just enough of the code that existing unit tests build and pass.
The documentation will be reviewed in http://go/wvgerrit/22887. When
that CL has been approved, comments in the code will be updated to
match.
Real code will be broken into several other CLs.
bug:31458046
arm/libwvlevel3.a Level3 Library 4445 Jan 17 2017 20:01:26
x86/libwvlevel3.a Level3 Library 4464 Jan 17 2017 19:00:37
mips/libwvlevel3.a Level3 Library 4465 Jan 17 2017 19:24:35
Change-Id: I0318c53235c0b33afb623cba933365e09dec4e61
Merge from Widevine repo of http://go/wvgerrit/23028
This logs the full response when the status code causes a gtest to
fail. I hope we can figure out why the buildbot has flakey tests.
Change-Id: I498e633ad65fde4473e01ea227ffe75755fb4fd9
Merge from Widevine repo of http://go/wvgerrit/22797
CryptoEngine has a number of functions that return constants that
control the configuration of mock OEMCrypto. Give all the functions
a common prefix (config_) so their intent is more clear.
Change-Id: Idf9d3e9e8941fa0e793b0eb17a3f89bf634d9ed5
Merge from Widevine repo of http://go/wvgerrit/22804
Create a class, AuthenticationRoot, to encapsulate the objects and
logic for managing either keyboxes or certificates as the device's
root of trust.
Currently the class provides the existing keybox-related functions
needed by oemcrypto's CryptoEngine. It will be extended to provide
both keybox and certificate related functions, and the logic to
determine whether keybox or certificate based authentication should
be performed.
Change-Id: I792d1bfc8e9a81bbfd2baec20e3b3d182f0392f7
[ Merge of http://go/wvgerrit/22900 ]
Add GetClientToken(), GetProvisioningToken(), GetPreProvisionTokenType()
to CryptoSession. They return the correct token bytes and token type
for preparing the ClientIdentification message for provisioning and
license server transactions.
Also refactor service certificate handling.
OEM certs are introduced in Provisioning 3.0
b/30811184
* Address build breaks
[ Merge of http://go/wvgerrit/23162 ]
This addresses issues introduced by http://go/wvgerrit/22900
b/30811184
* When http://go/wvgerrit/18012 was merged (ag/1446934) some changes
were not merged for mapErrors-inl.h. These changes are included in this CL.
* When ag/1678104 was reverse merged to http//go/wvgerrit/21981/ a variable
was renamed and some comments were added to add clarity in cdm_engine.cpp.
These changes are included in this CL.
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: Ie0215509f2f985f2a610f5a4c865db47edec8662
Merge from Widevine repo of http://go/wvgerrit/22571
This adds unit tests to verify that OEMCrypto accepts all key control
block verification strings kctl, kc09, kc10, .... This is needed now
that the unit tests use the current API for all other unit tests.
b/33253872
Change-Id: Ie6b556fc91cd6cb6e07141bd50da3dbfa1681fec
[ Merge of http://go/wvgerrit/22565 ]
When using the grace period, the CDM will need to override the values
given to use by the TEE (through OEMCrypto). Normally the first (and
last) decrypt times are stored securely by the TEE. To avoid extra
complexity in OEMCrypto, we will simply ignore the values given to us
by the TEE when using this feature.
However, the TEE will still enforce the (hard) license duration. So
only the rental/playback durations will be affected by malicious
editing of files.
b/34211676
Test: Reran unittests including newly added tests. All tests other than
some oemcrypto, request_license_test passed. Those tests failed with
or without this CL.
Change-Id: I6d7b5bfb669fd8603b474b68c2f7175b0c30901d
* CDM license protocol updates
[ Merge of http://go/wvgerrit/22789 ]
No functional changes (yet) - all tests in widevine_ce_cdm_unittest
run successfully.
* Address android test build failures
[ Merge of http://go/wvgerrit/22983 ]
Updates to the license_protocol.proto in go/wvgerrit/22789
did not include the integration tests for android.
b/34202048
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: Ib9041d397187859b8fcbc1b1f7d275f8c4ef6aba
[ Merge of http://go/wvgerrit/18290 ]
Now uses the "individualization-request" message type to provision
the device, instead of using global provisioning. This also allows
per-origin provisioning and storage in CE.
b/27170580
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I6fc39d7ccc3952e7269426d6d95767f53b787d54
(This is a merge of go/wvgerrit/22898)
This change moves some code - that was nearly identical between the
clear subsample and encrypted subsample paths - into a common helper
method.
Bug: 31381719
Test: libwvdrmmediacrypto_test
Change-Id: I64d3e03b3953cddd1cc0d370ba66fc634dfb1dd8
This is a merge of go/wvgerrit/22806
This change removed the oemcrypto profiler to allow
the new metrics system free-reign over how to collect
and store measurements.
Bug: 33745339
Bug: 26027857
Change-Id: I6b9051faa6835f13860258c94f8bcfd3a59f1be6
(This is a merge of go/wvgerrit/22949)
Starting with OEMCrypto v12, we are guaranteeing to integration partners
that the buffers passed to OEMCrypto_DecryptCENC and
OEMCrypto_CopyBuffer will not be more than 100KiB (102400 bytes) in
size. For requests larger than this, we will first try to send the
buffer to OEMCrypto anyway. (in case the integration supports buffers
larger than the minimum) In the event that the buffer is rejected, we
will break it up into 100KiB chunks and send them down individually for
decryption.
Breaking a subsample into smaller subsamples necessitates knowledge of
how to update other decryption parameters (like the offsets and the IV)
that previously the CDM Core has not needed to know about. Until now,
this knowledge lived in the glue layer on the Android CDM and nowhere
on the CE CDM. Now, the CryptoSession has a subset of this knowledge, in
order to break up buffers successfully.
For testing purposes, the Mock OEMCrypto has been modified to only
support the smallest buffer size. In order to make sure the chunking
code was being exercised by them, the CE CDM tests had to have the
amount of data they decrypt increased by several orders of magnitude. To
contain this growth, I have moved the test data to its own file.
Bug: 31381719
Test: Ran the updated CE CDM integration tests
Test: Modified the OEMCrypto dynamic adapter to pretend both L3 and L1
only support 100KiB buffers on a Marlin and a Ryu. Confirmed that the
GTS H.264 tests (which have subsamples over 100KiB) passed still. A
similar test was attempted on Fugu but Fugu cannot pass these tests even
without this change present.
Change-Id: Iabe7db3d87554cd1352f10a7524cd55352818397
(This is a merge of go/wvgerrit/23080)
Updates the Widevine version number and canary for the Android O
release. Widevine is now at v5.0.0 on Android.
Bug: 34114979
Test: request-license-test
Change-Id: I19558d6b297263f816522176a5649be70b471073
[ Merge of http://go/wvgerrit/22564 ]
b/34211676
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I20474339aa1777da2db3677c10f186726505ecc8
[ Merge of http://go/wvgerrit/20205/ ]
This is separate from the server certificate used for license
requests.
b/34211823
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: I23abdf276f8d3db9222f014175d0bb5094010a04
[ Merge of http://go/wvgerrit/17958 ]
This CL might help diagnose the build bot problem.
b/34261498
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I71e48284b52a1177c6e3b4c9a8bdd12b77cc9f2d
[ Merge of http://go/wvgerrit/22517 ]
b/34211676
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I86a2ff041aae57ac46e9f9f7bac38ec4599a0fa7
[ Merge of http://go/wvgerrit/22516 ]
b/34211676
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: Ie973f468f9efd05bdafcf90164dae185a6ce11dc
[ Merge of http://go/wvgerrit/22237 ]
This only changes the existing fields of the policy.
License::Policy::license_duration_seconds represents the end time
(relative to the license start time) that the license can be used.
This overriding other times if this is earlier.
License::Policy::rental_duration_seconds represents the end time
(relative to the license start time) that the license can be used
before playback starts. Once playback starts, this no longer applies.
License::Policy::playback_duration_seconds represents the end time
(relative to the playback start time) that the license can be used after
playback has started.
b/34211676
Test: Ran new unittests and reran old tests. All tests other than some
oemcrypto, request_license_test passed. Those tests failed with or
without this CL.
Change-Id: I34e7e39a7ab864300806c557b480f093aec8e545
[ Merge of http://go/wvgerrit/22744 ]
Pass resolution information into policy engine for constraint
checking.
b/33380824
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: I405099b1f66a47fa0c2579e2ae248dd78fa4e98a
[ Merge of http://go/wvgerrit/18560 ]
This adds support for offline playback. If the content contains
mutiple playlists which contain differing EXT-X-KEY attribute lists,
each of those keys will need to be saved and restored into separate
sessions.
b/30041089
Test: Added unit tests to cover new functionality. Some oem_crypto,
request_license_test failures but the same as without this CL.
Change-Id: Ia1b877e12a67e8a720d29897ac7e2da236090123
vendor/widevine implementation.
This prevents a hang on contention for the lock if the datasource
read blocks during sniffing.
bug:28888414
Change-Id: I3568a36b9de10b7e977b19f2f6c66106ff784d01
[ Merge from go/wvgerrit/22920 ]
Automated tests reveal a race condition between closing
a session and the periodic policy timer event. If a close
session was in progress (WVDrmPlugin::closeSession) and
CdmEngine::CloseSession caused the CdmEngine::session_list_lock_
to be held, a call into CdmEngine::OnTimerEvent would pend on the
release of the lock.
The close session would continue to deallocate the session
and disable (stop) the policy timer leaving the CdmEngine::OnTimerEvent
call in an undefined state. This would result in an ANR.
This subtle race-condition was introduced when changes were made
to add in per-origin storage [ http://go/wvgerrit/17971 ]. This seems
to happen at a low frequency (~ < 0.5%).
To address a lock has been introduced to protect the map
WvContentDecryptionModule::cdms_.
Test: Unit tests + 200 aupt test iterations
b/33343891
Change-Id: I9788db8a7d1df84f0df82cdbadb9d0f0fbe21e4e
(This is a merge of go/wvgerrit/22897)
Bumps the Widevine version to 4.2.0 for NYC-MR2 and also updates the
test to expect the NYC-MR2 OS version number.
Bug: 32955300
Test: request_license_test
Change-Id: I2f186928f20e0848cbeef5fef2182045ad27140a
