If a key query occurred before a license was received an UNKNOWN_ERROR was
returned. This now succeeds but returns no information (an empty container).
Also licenses that were already expired when received were not marked as such.
This did not cause violations in playback rules but caused an exception when
they were queried.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/12300
from wv git repo ]
b/18843625
Change-Id: I6990765c15e519ddf203a2fd8f0a130306f090a6
Cherry pick of the widevine change
https://widevine-internal-review.googlesource.com/#/c/12082/
If the level 1 oemcrypto library loads and initializes, but has the
wrong version or does not have a valid keybox, then the level 3
fallback is used. However, in those cases, the level 1 was not
terminated properly. This caused a resource leak on some platforms.
With this CL, in OEMCrypto_Initialize, the level 1 library Terminate
is called if its Initialize was called and the level 1 library will
not be used.
bug: 18755226
Change-Id: I56e7d3349eeebd94f3fa8c4a1f4b21781cc7428b
Fix a warning in gcc-4.9:
In file included from
vendor/widevine/libwvdrmengine/cdm/core/src/max_res_engine.cpp:3:0:
vendor/widevine/libwvdrmengine/cdm/core/include/max_res_engine.h:56:9:
error: 'class wvcdm::MaxResEngine::KeyStatus' is private
class KeyStatus {
^
vendor/widevine/libwvdrmengine/cdm/core/src/max_res_engine.cpp:10:53:
error: within this context
typedef std::map<wvcdm::KeyId,
wvcdm::MaxResEngine::KeyStatus*>::const_iterator
(cherry picked from commit 944d085a79)
Change-Id: I4984bd52c52c36e59c4d09db5e4f4d581e577b07
OEMCrypto may report an HDCP status of "No HDCP device attached/using
local display with secure path". This is not propagated upto
the server as an appropriate HDCP value did not exist in the
license protocol. This has now been added. Netflix has requested that
this be reported.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11806/
from Widevine cdm repo ]
b/18377309
Change-Id: I3db88c7ab5e79a3c12dbc8a398c4770e14e5ee5c
Our recommendation to OEMs is that they support a table of at least 50
usage entries in OEMCrypto. If more usage entries are stored, the PSTs get
added to the CDM but are LRU'ed out of the OEMCrypto usage table. When the
CDM queries those usage entries, OEMCrypto will return a
OEMCrypto_ERROR_INVALID_CONTEXT. Rather than return an error and have
MediaDrm throw an exception, CDM should delete this PST and return the
next usage entry, when queried.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11457/
from Widevine cdm repo ]
b/17994711
Change-Id: I00e3f93000096fb434d94333e22958de795a4bb5
Merge of the widevine change:
https://widevine-internal-review.googlesource.com/#/c/11632
Several unit tests in cdm_engine_test.cpp and request_license_test.cpp
were failing regularly. These were caused by either:
1) The device was not provisioned.
This has been fixed by adding a certificate provisioning step in the
test setup for the cdm engine tests and changing the existing
provision steop in the request license tests to provision for both
security levels.
2) The device was hitting a flaky server.
This has been fixed by switching from the GooglePlayServer to the
Widevine server.
3) A null pointer introduced when testing secure stops with an app
id. This has been fixed by directly injecting the app id in the unit
tests.
4) Flaky network connections. The unit tests were requesting data
from the server and were timing out after 3 seconds. I changed that
to 12 seconds.
5) The tests were searching for an end-of-line marker to find the GLS
header in the license response message. The end-of-line marker was
present in a valid DRM message for almost 1% of the test cases. This
code has been replaced by searching for the string "GLS/1" at the
begining of the HTML body.
I also added test_printers.cpp that defines functions used by GTest to
print error codes by name instead of numeric value.
This CL changes unit tests only. It does not change any production
code.
bug: 18316036
Change-Id: I3398580059a03114e782ac7ac59e6b0944012df4
(This is a merge of http://go/wvgerrit/11613 from the Widevine CDM
repo.)
Adds a property for the OS version, implements it on Android, and
adds it to the license request property bag so that Netflix may
use it to discern the supported capabilities of the CDM.
Bug: 18230738
Change-Id: If5174a108093855314f3e0102b83691e20bb247b
(This is a port of http://go/wvgerrit/11614 from the
Widevine repo.)
CDM does not recover if a license file has invalid size
or the hash is incorrect. Remove the corrupted license
file in such cases.
bug: 18002606
Change-Id: I46dec853ce6b2e7c7430297d50df5d30488cde3b
(This is a port of http://go/wvgerrit/11556 from the Widevine CDM
repo.)
This wires up the new method on the crypto interface with the core
code that handles the max-res decode.
Bug: 16034599
Change-Id: Id2ea5635bf732eabf1fd33712ff8bab6cf1a1745
When falling back to L3, release requests were failing. Information
requesting falling back to L3 is passed along when the session is opened.
Licenses however are released using the key set ID and information
requesting fallback to L3(CdmClientPropertySet) at that point is
unavailable. The release was actually attempting to release a license
at the default security level which is incorrect.
In addition, the mac keys were not being setup correctly and the release
message was signed with keys derived from the license request and not the
response. Both these issues have been addressed and unit tests added
to track release of offline licenses and usage reporting scenarios.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11062
from wv cdm repo ]
b/17073910
Change-Id: I5cd95a7dfe58ebae7ae27ece6c92e67755c1d665
* The Usage APIs return usage reports from either L1 or L3 (if available).
* Correction to when usage reports are saved. In addition to other events
they are now saved when keys are loaded, usage reports are released and soon
after first decryption and periodically (60 seconds) after that,
if decryption takes place.
* Usage reports now get deleted on an unprovision request.
* Policy timer is now started when offline licenses are restored.
* Usage session is now released, when a usage response is received.
* Usage tests ahev been enabled.
* Added CDM extended duration (integration) tests to test usage reporting
and querying. These need to be run manually as they take a while (currently
half an hour).
b/15592374
[ Merge of https://widevine-internal-review.googlesource.com/#/c/10800
from the Widevine CDM repo ]
Change-Id: Ia817e03ebbe880e08ba7b4a235ecb82b3ff35fbf
A bug prevented regenerating license release requests. This has
been corrected. A crash due to a formatting error has been addressed.
Clean up of logging and additional logging for open session failures
have been included.
b/16197822
Merge of https://widevine-internal-review.googlesource.com/#/c/10806
from the widevine cdm repo.
Change-Id: I854ead388f311d00b1cd700dfa1b2f58322c2dd4
[ Merge of https://widevine-internal-review.googlesource.com/#/c/10659/
from the widevine cdm repo. ]
CdmEngine::CancelKeyRequest would earlier release keys by closing and
reopening a crypto session. Behavior has been changed to just close
the session.
b/15984869
Change-Id: I92a1f82fd4a97b5510596d4bc69bf07406cee606
Merge of CDM change:
https://widevine-internal-review.googlesource.com/#/c/10691/
This prevents the provisioning session from being created unless the
device needs provisioning. And then, after provisioning, it closes
the session it had previously opened.
b/15782159 CertificateProvisioning object keeps unused CryptoSession
Change-Id: Ic52ed864fa47c7ba50b7ca4d9fea1e74930228e9
(This is a merge of
https://widevine-internal-review.googlesource.com/#/c/10630/
from the Widevine CDM Repo.)
We get a fair bit of noise from bug-filers who are concerned about
several non-critical errors that show up when using our CDM without
property sets. This CL removes these logs since it falls within the range
of expected behavior.
Bug: 15136575
Change-Id: Iad4eb638b03db0104b202b59b367d344c05ead5a
We are getting a lot of noise from Android bug-filers who are
concerned about several non-critical errors that show up when using
Widevine CDM on some devices or in some use cases. To mitigate this,
we are downgrading these errors to warnings.
Some of these errors pertained to our legacy support. To make sure
an error IS logged if problems with legacy support become critical,
a new error has been added to that code path.
Bug: 15136575
Change-Id: Id28bcf507f277a5d2f35a14da71bba2b118a54fe
Merge of https://widevine-internal-review.googlesource.com/#/c/10614/
from the widevine cdm repo.
* b/15467844 - GenerateRSASignature returns OEMCrypto_ERROR_INVALID_CONTEXT
when called with a non-NULL signature pointer and signature length of
0 (rather than OEMCrypto_ERROR_SHORT_BUFFER)
* b/15989260 - OEMCrypto_DecryptCTR does not return OEMCrypto_ERROR_KEY_EXPIRED
after keys have expired
Also addresses
* integration test updated to reflect that loading certificate errors are
returned on OpenSession rather than GenerateKeyRequest
* compiler warning on type casting
b/15989261
Change-Id: Ib68b972651479e99b9d05de4493aac55a96c4f39
GPlay offline tests were failing due to additional query parameters that were
introduced with b12789275. Additional changes caused offline failures,
as the content pointed to by the test vectors was HD only and did not
allow for offline playback.
This addresses the problem by switching request license tests to point to UAT.
UAT is now the default license server destination for request license tests.
Test vectors for GPlay will be added back as a secondary option when they
are available.
b/13909635
Merge of https://widevine-internal-review.googlesource.com/#/c/10261/
from the widevine cdm repo.
Change-Id: I5e5a2b477b6d591747123e8eeb3cd00b7f762090
Certificate provisioning requests will be made to the production server
since the other URI is being deprecated.
Merge of https://widevine-internal-review.googlesource.com/#/c/10230/
from the widevine cdm repo.
b/15145406
Change-Id: If0cbcaa66fc871568507ee56656c04f8341fcdcf
[ Merge from Widevine CDM repo of
https://widevine-internal-review.googlesource.com/#/c/10171/ and
https://widevine-internal-review.googlesource.com/#/c/10172/ ]
Updated license_protocol.proto from constituent protos in google3
These changes make use of OEMCrypto v9 changes to support usage reporting.
Usage reporting may be enabled for streaming (by means of secure stops) and
offline playback by a provider session token specified in the license.
Changes include periodically updating usage information for relevant
sessions and reporting and releasing usage information as needed.
The CDM has removed all references to Secure Stops. This change
updates the Android API implementation to comply.
b/11987015
Change-Id: Ibb6f2ced4ef20ee349ca1ae6412ce686b2b5d085
This is a copy of the widevine CL.
https://widevine-internal-review.googlesource.com/#/c/10174/
This CL adds the OEMCrypto v9 functionality to the level 3 haystack
version of OEMCrypto. Mostly, this is to support usage tables.
The code is feature complete, but the timing tests are a little flakey
-- I'm not sure if the problem is in the code or if the test has too
tight a tolerance.
Also, the storage of the generation number needs to be made more
secure.
Change-Id: I73fecf8934b6a46785f1f8b6f40b40ffe39b88de
This CL removes TODOs and email addresses from comments, unifies some
namespaces and cleans a few variable names. It is a copy of multiple
CLs on the widevine side.
Change-Id: I1bb649096476a5001a56d746427399de6a88ff69
This CL changes several test URLs so that they do not reference
internal test servers.
Copied from many CLs on the widevine side.
Change-Id: Ia0e6d6faa19e1841bacaf3b90043aca3a12aaf8a
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/10050
The non-encoded base64 test vectors were modifed for the source
release, but the encoded test vectors were not updated to match. This
CL updates the encoded test vectors to match.
Change-Id: I95ed881007e80da2d464f303eacf55cda38b586d
(This is a merge of
https://widevine-internal-review.googlesource.com/9711 from the
Widevine CDM repo.)
This change updates the CDM's handling of init data types, previously
known as MIME types, to comply with the latest version of the EME
spec.
Following this change, in addition to accepting the deprecated MIME
types "video/mp4", "audio/mp4", "video/webm", and "audio/webm", the
CDM will accept the new standard: Init data types "cenc" and "webm".
Furthermore, this removes the non-PSSH-parsing path from the CDM. All
platforms have unified on the CDM being responsible for parsing the
concatenated PSSH box list, as outlined in the latest EME spec.
As Android has shipped code that expects pre-unwrapped PSSH boxes and
must maintain backwards-compatibility, code has been inserted on that
platform to detect pre-unwrapped data and re-wrap it with a PSSH
header before sending it to the CDM.
There are some small changes to unit tests because of this change:
1) The CDM Engine unit test now no longer needs to unwrap the PSSH on
any platforms when testing ISO-BMFF. It now pre-caches the
unwrapped key ID for use when testing WebM.
2) Several substantially-similar unit tests in the Android code have
been rolled into one test.
Bug: 13564917
Bug: 13570595
Bug: 9465346
Bug: 13570288
Change-Id: I7f27b16b8503f24a26746b5dce71fb61b6fd1bb2
The EME spec technically requires CDMs to treat audio/mp4 and
video/mp4 equivalently, as well as audio/webm and video/webm. We had
only been accepting video/mp4 and video/webm up until now.
This change also centralizes handling of init data types in the shared
CDM code instead of having it spread across multiple places in the
codebase.
(This is a merge of https://widevine-internal-review.googlesource.com/9532/
from the Widevine CDM repo.)
Bug: 13564917
Change-Id: Ib8bdfb2b003ffb00e8f0559561335abb3c5778b0
Privacy tests from request license were failing as the YTCP drm
server location had changed.
Also updates the MediaDrmAPI test to reference the UAT server
This affects OEMs doing Widevine integrations on KK devices.
Merge of https://widevine-internal-review.googlesource.com/#/c/9233/
from wv cdm git repository
b/13324394
Change-Id: I97152b2a79a9088303e5fc4a5c07a413e4c85e15
