This CL is created as a best effort to migrate test targets
to the new android ownership model. If you find incorrect or unnecessary
attribution in this CL, please create a separate CL to fix that.
For more details please refer to the link below,
<add g3 doc link>
Bug: 304529413
Test: N/A
Change-Id: I204c137da43a021bcebe316759d1aadaec99fe2a
The `time_of_renewal_request` field in the clock_values struct was not being initialized. With this CL, we use a value of 0 to indicate a renewal has not been requested yet.
We also modify the check in `ODK_ParseRenewal` to use a value of 0 for the `time_of_renewal_request` to skip the check for a stale renewal. This is done because now that a "renew on license load" license starts the playback clock immediately, we need a different way to decide if a renewal from a previous session can be loaded.
PiperOrigin-RevId: 546129556
Merged from https://widevine-internal-review.googlesource.com/177998
Change-Id: I17282cf918d0cdb4d9b5108a41914ecd7d87cc8f
It seems ODK_InitializeSessionValues is only used in initializing the session in OEMCrypto, so we can remove this check.
PiperOrigin-RevId: 545729842
Merged from https://widevine-internal-review.googlesource.com/169914
Change-Id: Idcc58166f64116214540591dc71a774f3ce3f3d1
This change brings the odk/Android.bp in sync with the Android repo. Change was originally made in ag/22120778
PiperOrigin-RevId: 540398693
Merged from https://widevine-internal-review.googlesource.com/177000
Change-Id: Id3bf7193da8de3b9942da052c32065f031102d9b
This data was generated using the code in CLs go/wvgerrit/163726 (for v16),
go/wvgerrit/171730 (for v17), and go/wvgerrit/171750 (for v18).
PiperOrigin-RevId: 535679470
Change-Id: Ib644bbed7e7329dfea30ce25d325fd0556fdb7a7
Merged from http://go/wvgerrit/175855
This includes testing overflow functions that are only used in the Widevine client repository.
This patch also includes the following fix for the previous commit:
Add type casting for ODK overflow function unit tests
Merged from http://go/wvgerrit/175893
The new ODK overflow unit tests are causing some unit test failures in oemcrypto-v18 due to mismatched type comparisons.
PiperOrigin-RevId: 535308670
PiperOrigin-RevId: 534890798
Change-Id: I8bb67e47193a92191a91c83bf8a0de61e1b87793
The core message had been throttled to only generate v17 messages because we wanted to stabilize the format before making the code live.
PiperOrigin-RevId: 524309559
Merged from https://widevine-internal-review.googlesource.com/170311
Change-Id: I2d09c9f6c73f844fd509531e86285ad71d22690f
- Replace assert with odk_static_assert for checks that can be handled
at compile time.
- Use explicit bool conversion with memcmp.
Merged from https://widevine-internal-review.googlesource.com/170414
PiperOrigin-RevId: 524277743
Change-Id: I8b32e886e780e80406afceea562be2033d75d340
The previous code fixed a backwards compatibility error for v18 provisioning requests being parsed by a v17 or older server. This bumped the minor version number to v18.1. v17 servers are still expected to fail when trying to parse v18.0 provisioning requests, and v18.1 requests will pass.
However, it did not correctly account for existing v18.0 requests on v18.1+ servers. v18.0 messages were naively detected by a failure to parse, and the parse function was not run again. This left the resulting nonce and session_id values uninitialized.
This CL fixes that by explicitly handling the v18.0 and v18.1+ cases, ensuring that the parse function succeeds and all relevant information is copied over. Furthermore, the unit test that was meant to catch this edge case has been improved to validate the resulting parsed message.
All code changes affect the server. This does not affect the client code eg OEMCrypto
PiperOrigin-RevId: 523714529
Merged from https://widevine-internal-review.googlesource.com/170110
Change-Id: I21911c4bb4304de2d93f092f356402bbd4240874
also remove `use_vndk_as_stable: true` to remove dependency to VNDK
libs.
Bug: 251299786
Test: build WV APEX with V and install it on U device
Change-Id: Ie7f7f9b699119478d4b33f95ab9e6ba7f459346c
No-Typo-Check: From a third party header file
Bug: 260918793
Test: unit tests
Test: atp v2/widevine-eng/drm_compliance
Change-Id: I36effd6a10a99bdb2399ab1f4a0fad026d607c70
In CreateCoreLicenseResponse(), there seems to be an out of bounds
potential error due to a missing check that the index used for
license_response.parsed_license->key_array is valid. Adding a check
for this here.
Bug: 217677571
Test: fuzz tests
Change-Id: I37f7228f87992ba5284c553d7b07ef97d6a66ab3
(cherry picked from commit eb711ea0ec)
[ Merge of http://go/wvgerrit/151597 ]
* missing #include <string> for 'std::string' For more info see go/clang_tidy/checks/google3-build-missing-std-includes (25 times)
* missing #include <utility> for 'std::move' For more info see go/clang_tidy/checks/google3-build-missing-std-includes (3 times)
* missing #include <algorithm> for 'std::find_if' For more info see go/clang_tidy/checks/google3-build-missing-std-includes (2 times)
* missing #include <algorithm> for 'std::sort' For more info see go/clang_tidy/checks/google3-build-missing-std-includes
This CL looks good? Just LGTM and Approve it!
This CL doesn’t look good? This is what you can do:
* Revert this CL, by replying "REVERT: <provide reason>"
* File a bug under go/clang-tidy-bug for category ClangTidyBuild if there's an issue with the CL content.
* File a bug under go/rosie-bug if there's an issue with how the CL was managed.
* Revert this CL and not get a CL that cleans up these paths in the future by
replying "BLOCKLIST: <provide reason>". This is not reversible! We recommend to
opt out the respective paths in your CL Robot configuration instead:
go/clrobot-opt-out.
This CL was generated by CL Robot - a tool that cleans up code findings
(go/clrobot). The affected code paths have been enabled for CL Robot in //depot/google3/METADATA.
Anything wrong with the signup? File a bug at go/clrobot-bug.
Bug: 236317198
Change-Id: I28f7899b5cf0637be15833659f8ba0dd6ff3ab90
[ Merge of http://go/wvgerrit/150489 ]
* missing #include <string> for 'std::string' For more info see go/clang_tidy/checks/google3-build-missing-std-includes (2 times)
This CL looks good? Just LGTM and Approve it!
This CL doesn’t look good? This is what you can do:
* Revert this CL, by replying "REVERT: <provide reason>"
* File a bug under go/clang-tidy-bug for category ClangTidyBuild if there's an issue with the CL content.
* File a bug under go/rosie-bug if there's an issue with how the CL was managed.
* Revert this CL and not get a CL that cleans up these paths in the future by
replying "BLOCKLIST: <provide reason>". This is not reversible! We recommend to
opt out the respective paths in your CL Robot configuration instead:
go/clrobot-opt-out.
This CL was generated by CL Robot - a tool that cleans up code findings
(go/clrobot). The affected code paths have been enabled for CL Robot in //depot/google3/METADATA.
Anything wrong with the signup? File a bug at go/clrobot-bug.
Bug: 236317198
Change-Id: I9ccf0ce00ee3f6f7b3a2b6ec9dedeff578535217
[ Merge of http://go/wvgerrit/148691 ]
This is a followup to OEM_CONTENT,
a custom key container that was added to Widevine server.
Bug: 193006094
Bug: 236317198
Change-Id: I82285e4e50f981e0cedf2adac5910643f34f8e46
In CreateCoreLicenseResponse(), there seems to be an out of bounds
potential error due to a missing check that the index used for
license_response.parsed_license->key_array is valid. Adding a check
for this here.
Bug: 217677571
Test: fuzz tests
Change-Id: I37f7228f87992ba5284c553d7b07ef97d6a66ab3
[ Merge of http://go/wvgerrit/144530 ]
It's time to copy all the v17 work to our main branch.
I had to re-run clang-format to match local style.
Merge from commit b14f08374f9a48aed49850cc230daf384725b15f
Fix allow_null for key control iv in L3 v17
Bug: 161477208
Test: GtsMediaTestCases on sunfish
Change-Id: I97caa851e9e65eb0e42034d2f4a28dfb7499df0d
[ Merge of http://go/wvgerrit/145289 ]
* missing #include <string> for 'std::string' For more info see go/clang_tidy/checks/google3-build-missing-std-includes
This CL looks good? Just LGTM and Approve it!
This CL doesn’t look good? This is what you can do:
* Revert this CL, by replying "REVERT: <provide reason>"
* File a bug under go/clang-tidy-bug for category ClangTidyBuild if the change looks generally problematic.
* Revert this CL and not get a CL that cleans up these paths in the future by
replying "BLOCKLIST: <provide reason>". This is not reversible! We recommend to
opt out the respective paths in your CL Robot configuration instead:
go/clrobot-opt-out.
This CL was generated by CL Robot - a tool that cleans up code findings
(go/clrobot). The affected code paths have been enabled for CL Robot in //depot/google3/METADATA.
Anything wrong with the signup? File a bug at go/clrobot-bug.
Tested:
Local presubmit tests passed.
Bug: 224375138
Test: GtsTestCases on sunfish
PiperOrigin-RevId: 426761099
Merged from https://widevine-internal-review.googlesource.com/145250
Change-Id: I5a66b6eccc2b08ee11f92f90ce3b725f24c8d33c
[ Merge of http://go/wvgerrit/138606 ]
The new error code OEMCrypto_ERROR_INVALID_KEY is to replace the now
deprecated error code OEMCrypto_ERROR_INVALID_RSA_KEY. This error code
serves the same purpose of OEMCrypto_ERROR_INVALID_RSA_KEY, but may be
appied to RSA, ECC and Twisted-Edward ECC keys. In general, this error
code is to indicate that a key is poorly formatted / unparsable, used in
an operation without allow permissions, or used in an operation that it
cannot be association (RSA signing with an ECC key).
Going forward, new OEMCrypto implementation should use
OEMCrypto_ERROR_INVALID_KEY in place of OEMCrypto_ERROR_INVALID_RSA_KEY.
The CDM will continue to support both error codes.
Bug: 201581141
Test: Testbed unit tests
Change-Id: I2cf1af33a9a1d8716eec4cc63bba52d2f4af4c1b
(This is a merge of http://go/wvgerrit/134404.)
There were two lines that were tripping Clang's `-Wshorten-64-to-32`
warning. This CL makes both conversions explicit to appease the warning.
There should be no change in behavior.
Bug: 194971260
Test: ODK Unit Tests
Change-Id: I6d111e9a4efc1f0e31b51e455c47c0e885d48e6b
(This is a merge of http://go/wvgerrit/134403.)
Reported as errors by UBSAN
Bug: 194971260
Test: Ran ODK unit tests
Change-Id: I2f38fb6952d259458af8498e86b3308421e93320
Merge from Widevine repo of http://go/wvgerrit/134728
This variable was written to, but the value was never read. Newer
compilers would complain about this. This patch removes the unused
variable.
Bug: 202400919
Change-Id: I87cae291d41b18db91a4c4f8a76edb537635db2c
Merge from Widevine repo of http://go/wvgerrit/125263
and http://go/wvgerrit/135749
Define a |major.minor| version in the
serialization layer and check for compatibility
between REE and TEE before accepting connections.
bug: 158857733
test: opk_all_tests
Change-Id: Iad44a1f50a27c6bca4959c6d41c9b361712dbde8
Merge from Widevine repo of http://go/wvgerrit/133703 and
http://ag/14707867
[ Cherry-pick of http://ag/15835345 ]
In order to use a local provisioning server, we need to use a
different test keybox system id that is in the dev device database
instead of the production database. We also need to use a local
license server that uses the dev license server.
Bug: 187646550
Test: GtsMediaTestCases
Change-Id: Ice89143dd26de22757375a770c6bac716fcbc057
Add Keybox OTA Provisioning functions to OEMCrypto header
Merge from Widevine repo of http://go/wvgerrit/133704 and
http://go/ag/14707868
Bug: 188228998
Change-Id: Iff54bc2870e87bf7239e179e1d02fbcc8df6198f
Stub build changes to support OTA Keybox
Merge from Widevine repo of http://go/wvgerrit/133725 and
http://go/ag/14781459
This CL adds a new unit test file for testing OTA keybox
reprovisioning functionality. This new test is built when running the
dynamic adapter in the linux build, and in the Android build.
Bug: 187646550
Change-Id: I625513840188f95e74831ef2ea399e827e837439
Add OTA Keybox functions to dynamic adapter
Merge from Widevine repo of http://go/wvgerrit/125843
and http://go/ag/14781460
Bug: 187646550
Change-Id: Ief78ed10599c091690e0d7dc488ea71674c763b5
Refactor dynamic adapter keybox verification
Merge from Widevine repo of http://go/wvgerrit/133727http://go/ag/14812524
The keybox validation needs to be done separately from initializing
the library so that we can support Keybox OTA Reprovisioning.
If L1 loads, but the keybox is missing, the initialization should
succeed. When the keybox is validated, the adapter should try to look
for a keybox on the filesystem. if none is found, it should either
return NEEDS PROVISIONING or an error.
Bug: 187646550
Change-Id: I34a8c365a5a5ca35c379bea827c85c749964744c
Update crypto session to use new OTA keybox functionality
Merge from Widevine repo of http://go/wvgerrit/133728 and
http://go/ag/14812525
This CL stubs out two new CryptoSession functions that call the new
OEMCrypto functions for OTA Keybox Provisioning. It builds! Yay!
It also adds a boolean needs_keybox_provisioning that is set to true
when OEMCrypto reports that it needs a keybox. This should only happen
if there is no keybox installed and oemcrypto supports provisioning.
Bug: 187646550
Change-Id: Ide9533943125aa13b8899b652b118a0b410c882c
Merge from Widevine repo of http://go/wvgerrit/122403
Re-merge of http://go/wvgerrit/105184 which was accidentally
undone by http://go/wvgerrit/107063.
Unused params are reported as warning when built in Android.
Test: Ran oemcrypto unit tests
Bug: 160734070
Change-Id: Id8384c58c8ace0b214464380fb961d108f1b5c3b
Merge from Widevine repo of http://go/wvgerrit/122223
This adds the ODK unit tests to the CE CDM tests so that they run as
part of the presubmit tests.
The test helper had some pointer problems converting a bool to a
uint32, so it has been updated to handle this correctly.
Some other tests failed comparing signed to unsigned, to these have
also been fixed.
test: ran odk_test
bug: 118657876
Change-Id: I744a1e89f4e4729c31d3f53e729984ffac1d96fd
