Widevine internal BCC extraction tool to extract CSR v3 for testing
purpose. The difference it has from the factory tool is it doesn't rely
on Widevine IRPC HAL.
It just extracts BCC/CSR in the specified format from cli.
Test: Extract CSR v3 on Pixel 7 and upload
Bug: 268246995
Change-Id: I52abe09f991c89c6e7601bcef4d980f24c020c9f
Implement IRPC HAL v3 interfaces for extracting device registration CSR.
The new interface calls OEMCrypto_GetDeviceInformation() and
OEMCrypto_GetSignedCsrPayload() and then constructs the CSR.
Also added all mandatory fields of device info in the request.
Test: Run extraction tool on Pixel 7 and upload CSR
Test: Verified Widevine remote provisioning
Bug: 268246995
Change-Id: I24097ba32c7a105266071c1341c938b5874b38d8
(Merged from http://go/wvgerrit/165859.)
Since renewal requests are signed with the MAC keys and not an
asymmetric key, it does not make sense to query OEMCrypto for the
asymmetric key hash algorithm nor to include the result in the renewal
request.
Bug: 262427121
Test: opk_ta
Change-Id: Ib309b63b79e553f4754c013718df242247ab9488
Added legacy_proprietary to:
libwvdrmengine/apex/prebuilt/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Change-Id: I95cd31dc2d2cea5b266a22b6f6c87db1cfec4f68
Merged from https://widevine-internal-review.googlesource.com/165861
We want debug headers to help diagnose b/186031735. I also
saw that we were only logging the domain name for some
errors instead of the full URL.
Bug: 186031735
Test: GtsMediaTestCases
Change-Id: I4d469a73e54f86d4d3b5d50bd0030fdb2a36df50
Merged from https://widevine-internal-review.googlesource.com/164468
We need to add integration tests in the form of duration license tests
in order to test that this feature works with licenses from a real
server.
Bug: 253513745
Test: WV unit/integration tests
Change-Id: I926d8309ed24183ae117e3f66fb92fec2d95c310
[ Merge of http://go/wvgerrit/161877 ]
This change introduces some logging to shed some light on
why some L1 devices fallback to L3.
* Additional logging has been added to indicate whether a lookup of
the symbols for OEMCrypto_Initialize, OEMCrypto_APIVersion
or OEMCrypto_Terminate failed.
* OEMCrypto_Initialize error code is saved and reported later.
Bug: 245887116
Test: GtsMediaTestCases
Change-Id: Ice4d966d2fee458de2fae28a1355f292f879c38b
[ Merge of go/wvgerrit/c/cdm/+/165138 ]
Enabled the Widevine DRM service on Android to return the raw boot
certificate chain via the CDM status query capabilities. This
property key is not available for app-level queries.
The BCC is dumped by the WVDrmFactory when requested to print all
CDM properties via dumpsys.
Bug: 234095402
Test: request_license_test
Test: adb shell dumpsys android.hardware.drm.IDrmFactory/widevine -p
Change-Id: I34695b0655b4c609979577e9986974bc0fbda898
[ Merge of http://go/wvgerrit/165617 ]
Similar to the issue with updating secure stops by PST (see
http://go/wvgerrit/165597), when deleting different secure stops with
the same PST results in unintended behavior. This CL changes how the
CDM identifies which secure stop to delete from storaged based on the
key set ID rather than the PST.
Bug: 263316107
Test: device_files_unittest
Test: GTS MediaDrmParameterizedTests and MediaDrmStressTest
Change-Id: Ic3843a1435f252f052c7189423c211c28ed74eaa
Merged from http://go/wvgerrit/165059
poc: http://go/ag/20978761
Fix race that corrupts mCryptoSessions std::map,
and race that occurs when CryptoSessions are used after free.
Test: poc
Test: atest MediaDrmParameterizedTests
Test: atest GtsMediaTestCases
Bug: 258189255
Change-Id: I298d3e0770ace9cd590dfaacaa4c52a0732c2fe3
Merged-In: I298d3e0770ace9cd590dfaacaa4c52a0732c2fe3
Merged from http://go/wvgerrit/165498
poc: http://go/ag/20978761
Fix race that corrupts mCryptoSessions std::map,
and race that occurs when CryptoSessions are used after free.
Test: poc
Test: atest MediaDrmParameterizedTests
Test: atest GtsMediaTestCases
Bug: 258189255
Change-Id: I298d3e0770ace9cd590dfaacaa4c52a0732c2fe3
Merged-In: I298d3e0770ace9cd590dfaacaa4c52a0732c2fe3
Merge of https://widevine-internal-review.googlesource.com/c/cdm/+/165219
Original commit message:
Update Android L3 v17 with new system ID after key free fix
Android Arm L3 v17 Provisioning 3.0 2023 28923
Android Aarch64 L3 v17 Provisioning 3.0 2023 28924
Android X86 L3 v17 Provisioning 3.0 2023 28925
Android X86 64 L3 v17 Provisioning 3.0 2023 28926
Fix key double free issue in L3
Cherry-pick the fix from:
https://widevine-internal-review.googlesource.com/c/cdm/+/164885/https://widevine-internal-review.googlesource.com/c/cdm/+/164958/
Then generated L3 on top of tm-widevine-release code base.
Re-used in tm-qpr-dev.
Original commit message:
During license loading if an error occurs, all the loaded keys will be
freed. Later at session termination, the previously freed keys get freed
again, which screwed up the key table.
This CL prevents the double free by checking if the key index is already
freed, and updates the freed index to be kKeyDataArrayCount.
Test: ran L3 unit tests
Test: verified GTS tests on arm32 device
Test: ran GTS media tests on Pixel4
Bug: 252434586
Bug: 267486513
Change-Id: I8ebc19260b37615efd77a533bd005f2b9485182a
[ Merge of http://go/wvgerrit/165191 ]
Previously, when updating a secure stop / usage info record, the
existing record was identified by PST. It was assumed that apps would
never use the same PST for different licenses; however, this was never
enforced. Certain GTS tests use the same PST across multiple tests to
identify different licenses. Depending on the order of operations,
the periodic updating of the usage entry might overwrite the wrong
entry.
Key set IDs are generated by the CDM, and are guaranteed to be unique
within the scope of the same file system. Given that key set IDs are
not expected to be transfered to different licenses, using the key
set ID to identify secure stop / usage info records eliminates the
possibility of overwriting the wrong entry.
Bug: 263316107
Test: device_files_unittest
Test: GTS MediaDrmParameterizedTests and MediaDrmStressTest
Change-Id: I2e2d50d188e05c8ca6b8095549796b913ea72d7a
[ Merge of http://go/wvgerrit/165139 ]
Changed the specified shell program used to execute our team's Android
scripts to bash.
Bug: 266891333
Test: ./build_all_unit_tests.sh
Change-Id: Id6fc8e4db10a71e9f17fc48a52a4883331e908d3
Merged from http://go/wvgerrit/164799
Fix race that corrupts mCryptoSessions std::map,
and race that occurs when CryptoSessions are used after free.
Test: poc
Test: atest MediaDrmParameterizedTests
Test: atest GtsMediaTestCases
Bug: 258189255
Change-Id: I298d3e0770ace9cd590dfaacaa4c52a0732c2fe3
Added legacy_by_exception_only to:
libwvdrmengine/apex/device/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Change-Id: I9eee9c7bdc6125447499996f49f88e055bd38f83
[ Merge of go/wvgerrit/164757 ]
Modify Widevine apex configuration to add add liboemcrypto.so as
required by WV APEX.
Bug: 243699259
Test: atp v2/widevine-eng/drm_compliance
Change-Id: I136dde5d77aed4fb14737e4692153c8f3b2c701b
[ Merge of http://go/wvgerrit/164477 ]
Renew on load is supported when OEMCrypto is >= v18.
A new class, policy_timer_v18 has been added to support this
functionality. In addtition,offsets of renewal from first decrypt
and license start are also included.
Bug: 256038127
Test: GtsMediaTestCases
Change-Id: Ib18af3096d1d8807af6a03fd2f84783123ab6b6d
