[ Merge of http://go/wvgerrit/23380 ]
The service certificate was setup correctly if specified in mediadrm
properties. If instead the service certificate was later fetched from
the license service, it would not be marked as valid. This led to an
infinite loop of service certificate fetches and processing. This
prevented the license from being fetched and playback failures.
b/34638410
Test: Verified by new service certificate unittests + Hulu playback
using fugu.
Change-Id: I2a4f8754614fccdad3c80d3e13fba0b44d177d61
[ Merge of http://go/wvgerrit/23167 ]
This allows CryptoSession to support the new functionality added to
OEMCrypto to support big usage tables. No changes in behavior yet.
Code that calls these methods will be in a subsequent CL.
b/34327459
* Minor changes to cdm/Android.mk and cdm/test/unit-test.mk to remove
profiler changes that were missed in previous releases.
Test: All unittests other than some oemcrypto, request_license_test
passed. Those tests failed with or without this CL.
Change-Id: I9becd97c5a8ddf74d30fabd1251e796b534c010f
(This is a merge of go/wvgerrit/23182)
This patch adds the framework for Stable Per-Origin Identifiers to the
CDM. Calculating SPOIDs will be done on the client-side, and they are
sent as part of the provisioning request. SPOIDs are also available to
the app as the Device Unique ID, replacing the previous method of
returning the actual Device Unique ID from the keybox / OEM certificate.
Different SPOIDs must use separate storage, just as different origins
already do. Support for this has been added to the Android adapter to the
CDM Core. However, the code in the Android glue layer that would drive
this behavior will be checked in in a separate change. As such, all
Android devices will continue using the legacy behavior even after this
patch goes in, until the glue layer code can be updated.
Bug: 27101531
Test: CE CDM Unit Tests
Test: Linux Jenkins Unit Tests
Test: Android Unit Tests (with and without SPOIDs forced on)
Test: Android GTS Tests
Change-Id: Ia0caf890381cbcb97504d08b19aeab8b29bd07ae
Merge from Widevine repo of http://go/wvgerrit/23044
On some platforms, the compiler will not pack structures. This CL
replaces the OECrypto_PST_Report packed structure with a simple buffer
of uint8_t. This changes the signature of OEMCrypto_ReportUsage as
part of OEMCrypto v13.
There is also a new wrapper class that test code, the mock, and debug
code can use to access data in the report.
The old packed structure definition is moved to the level 3, where we
use a compiler that packs sructs when asked nicely.
arm/libwvlevel3.a Level3 Library 4445 Jan 20 2017 11:29:15
x86/libwvlevel3.a Level3 Library 4464 Jan 20 2017 11:10:49
mips/libwvlevel3.a Level3 Library 4465 Jan 20 2017 10:56:08
b/32180083
Change-Id: Ie138f034cb12780a2f8636888cebf022c52169e5
Merge from Widevine repo of http://go/wvgerrit/22963
This change kInactive to kInactiveUsed and adds kInactiveUnused to the
possible values for the status field in the Usage Report. This CL
updates the header, the unit tests, and haystack and reference code.
b/32714323
Change-Id: If8d8e32ea1e3dc18da34e5fae35f578b027de9c7
* CDM license protocol updates
[ Merge of http://go/wvgerrit/22789 ]
No functional changes (yet) - all tests in widevine_ce_cdm_unittest
run successfully.
* Address android test build failures
[ Merge of http://go/wvgerrit/22983 ]
Updates to the license_protocol.proto in go/wvgerrit/22789
did not include the integration tests for android.
b/34202048
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: Ib9041d397187859b8fcbc1b1f7d275f8c4ef6aba
This is a merge of go/wvgerrit/22806
This change removed the oemcrypto profiler to allow
the new metrics system free-reign over how to collect
and store measurements.
Bug: 33745339
Bug: 26027857
Change-Id: I6b9051faa6835f13860258c94f8bcfd3a59f1be6
(This is a merge of go/wvgerrit/23080)
Updates the Widevine version number and canary for the Android O
release. Widevine is now at v5.0.0 on Android.
Bug: 34114979
Test: request-license-test
Change-Id: I19558d6b297263f816522176a5649be70b471073
[ Merge of http://go/wvgerrit/20205/ ]
This is separate from the server certificate used for license
requests.
b/34211823
Test: Reran unittests. All tests other than some oemcrypto,
request_license_test passed. Those tests failed with or without this CL.
Change-Id: I23abdf276f8d3db9222f014175d0bb5094010a04
(This is a merge of go/wvgerrit/22897)
Bumps the Widevine version to 4.2.0 for NYC-MR2 and also updates the
test to expect the NYC-MR2 OS version number.
Bug: 32955300
Test: request_license_test
Change-Id: I2f186928f20e0848cbeef5fef2182045ad27140a
[ Merge of http://go/wvgerrit/21960 ]
When an offline release message is generated, a session is created
internally to generate the release and handle the release response.
If the response is never provided (network, server errors),
or there is an error when the response is being processed, the
session may not be closed. This change introduces a time to live for
release sessions of 60 seconds and will be reclaimed after this period.
Test: verified by unittests on angler
b/32223945
Change-Id: I3bd4637733ddf6c343956ed9f97c68d84dc7d4e4
[ Merge of http://go/wvgerrit/21960 ]
When an offline release message is generated, a session is created
internally to generate the release and handle the release response.
If the response is never provided (network, server errors),
or there is an error when the response is being processed, the
session may not be closed. This change introduces a time to live for
release sessions of 60 seconds and will be reclaimed after this period.
b/32223945
Change-Id: I3bd4637733ddf6c343956ed9f97c68d84dc7d4e4
(This is a merge of go/wvgerrit/21580)
The version number for N-MR1 has been increased to 7.1.1, which
triggered our version number canary. Since this is still N-MR1, no
Widevine version number update is necessary as we already updated it for
N-MR1, but the canary needs to be updated.
Bug: 32018966
Change-Id: Ia1d673f837d9c6a5935f26beec7372b25ea3a6b9
This CL merges several CLs from the widevine repo:
http://go/wvgerrit/18012 Add support for querying allowed usage for key.
http://go/wvgerrit/17971 Add per-origin storage.
http://go/wvgerrit/18152 Add OEMCrypto's generic crypto operations to CDM.
http://go/wvgerrit/17911 QueryKeyControlInfo => QueryOemCryptoSessionId
Note: numbering in wv_cdm_types.h was added in this CL and will be
back ported to wvgerrit in a future CL.
Change-Id: Idb9e9a67e94f62f25dc16c5307f75a08b3430b64
(This is a merge of go/wvgerrit/20402)
This updates the version number to v4.1.0 for the NYC-MR1 release. It
also updates the canary to pass on the nyc-mr1-dev branch.
Bug: 30813903
Change-Id: I05de038ff52e9f7633efff7011052b48b59d90fa
[ Merge of http://go/wvgerrit/19960 ]
Protections schemes are specified using a 4CC code {"cbc1", "cbcs",
"cenc", "cens"}. A host to network conversion was performed when the
PSSH was created and inserted into the license request. A reverse
conversion was performed when the code was extracted from the
license response.
These conversions are problematic if the PSSH is created externally and
passed into mediaDrm. To address this, the conversions have been removed
and allow protobuf to handle byte ordering. For backward compatibility
we allow codes in either ordering.
b/30713238
Change-Id: I25f01ecc621549fd3c13b443e4c8b89168463249
In the unit tests, the test case name and test name
are logged, but currently the test case and name are
reversed. This CL orders them correctly, so instead
of, e.g. CheckHDCPCapability.OEMCryptoClientTest, we
get OEMCryptoClientTest.CheckHDCPCapability as intended.
Merge of go/wvgerrit/18045 from widevine repo
Change-Id: I20bb2d47de0c84b3a1f00bb46af5ed0a45d7fc56
[ Merge of http://go/wvgerrit/17501 ]
Widevine request_license_tests were written with the expectation that
devices would by default be enabled for security level 1 and fallback
to level 3 if needed. Some devices such as seed are L3 only and results
in failures in the QueryStatusL3 test. This CL corrects the test's
expectation.
b/26902214
Change-Id: Ie84554337cd3716d120f67e592888af0cde719c7
[ merge of http://go/wvgerrit/17454 ]
When processing a license or renewal, calls to Set/UpdateLicense
update the policy information. A side effect was introduced whereby
updating the policy may cause (expiration, session key state)
notifications to be sent to the listener. Due to the ordering,
the notifications would be sent before the keys were loaded/refreshed,
which caused issues when the notifications were immediately acted upon.
This has now been corrected.
b/27842970
Change-Id: Id81a71ff48edfa9ca0baafc43267995d5a3e80a6
(In addition to being a merge of http://go/wvgerrit/17394, this commit
updates tests/Android.mk to no longer try to build the private gMock.)
Previously, we maintained our own version of gMock (named libwvgmock
to avoid naming conflicts) and depended on it for our unit tests. Now
that Android has gMock in the externals/ directory and vaage@ has
eliminated the need for us to customize gMock's arity, we can stop
depending on or maintaining our own copy.
Bug: 26907374
Change-Id: Ia01d6c02e2f28a642480d7ef178b9bc3dde6d306
[ Merge of http://go/wvgerrit/17204 ]
Sleep was being employed, to introduce a delay so that one license expired
but the other was still active. The duration was long enough that
occasionally the second license would also expire, causing the test to fail.
Reduce the sleep duration to correct this behaviour.
b/27673513
Change-Id: Ieef9100c98783c16fc5ab8fe345fa1dd26604f18
[ Merge of https://go/wvgerrit/16940 ]
An alternate scenario to renewing keys is to load the same keys in
a separate session and make use of them by using the session sharing
feature.
Session sharing involves iterating through a map of sessions and
returning the first session that contains the Key ID. In certain cases
(license about to expire) we might prefer an alternate session
be chosen.
Licenses may expire in two ways. Policy engine, driven by a 1 second
timer may detect expiry and send an asynchronous event. OEMCrypto may
also detect expiry based on information in the key control block
and return an error during decryption. It is possible that these
may differ by upto a second. This can lead to issues where decryption
fails but EVENT_KEY_EXPIRED is not generated till later.
It is possible to address this by using information from both timers
to notify the app about expiry. To implement this correctly will
add complexity and require synchronization between threads. To avoid
this an alternate solution is, if session sharing is used, to pick
the session that has a license with the longest remaining validity.
b/27041140
Change-Id: I398cc4c10ee3a2f192d4a0befe7c8a469dd5bf86
[ Merge of http://go/wvgerrit/16625 and http://go/wvgerrit/16633 ]
Reduce the number of parameters needed by GenerateKeyRequest.
Combining all output values into a single struct.
BUG: 26162546
Change-Id: Ibeb3f4df4a8e877511f8ab2e6c543001a921f285
This silences the canary test to match the Android version string
change from NYC to N. properties_android.cpp has already previously
been updated for N, so no need to bump the Widevine Android version
number at this time (see: go/ag/800077)
Matching Widevine cl: go/wvgerrit/16664
Bug: 26901110
Change-Id: Ib8f47f77bbb4dd2c7c302102fe43007059af2d50
[ Merge of http://go/wvgerrit/16628 ]
Jsmn will replace a local method that parsed json init data.
Added a fix to include all key Ids in the WidevineCencHeader rather than
just the first. Also modified the content_id to reflect that it is a
base64 encoded value.
b/20630275
Change-Id: I7080c8cea21be4dea09a4905a96b4cc03e584c1d
[ Merge from http://go/wvgerrit/16406 ]
This was detected by static analysis tool cppcheck.
b/26348775
Change-Id: Icc6a55b9b4a1ffe882488ac069e3c3df2e796e91
(This is a merge of http://go/wvgerrit/15992)
This also updates the canary so that it will be silent on master.
Bug: 25153516
Change-Id: I11163c98230c5a521609b5556b139f4508996858
[ Merge of http://go/wvgerrit/15780 ]
Android mediaDrm allows callers to serially query status information through a
property API. CDM however retrieves all status information in a map and
filters out all but the relevent one. This leads to delays in Netflix app
startup. Rewriting the CDM interface to return only the queried value.
b/24181894
Change-Id: Ie9ed6288524e3a7e03b83aa55ef3531dd52a0dfb
