(This is a merge of http://go/wvgerrit/10674 from the Widevine CDM
repository.)
Now that the CE CDM has CloseSession to handle closing sessions, we
can rename CancelKeyRequest on the CDM Engine & CDM Session to better
resemble its purpose and the name it is known by on Android.
Change-Id: I68d55b3be733579e5875ab33d8e94a62fe1f651d
* Replace an stlport static assert with a C++11 static_assert.
* Move some libraries that were being built with the NDK but
statically included into platform code off the NDK.
* Rebuild the obfuscated binaries to use the new STL.
* Remove MIPS support temporarily due to an inability to generate
obfuscated binaries for it. (To be fixed in b/19482469.)
Bug: 15193147
Change-Id: Icc166583b0c6af68550baf17ab8c33076a1179d3
This makefile will be linked to from the vendor/xts project,
and defines how to build the oemcrypto_unittest executable into
an xts compatible native test.
Bug: 18952052
Change-Id: I8158cad703b558b88070cc46dafcf109699ecc77
This is a copy of the widevine CL:
https://widevine-internal-review.googlesource.com/#/c/12742/
If a session is closed at the same time as an OnTimerEvent is
processing an event, there could be a race condition between the two
threads. This CL adds a lock that prevents a session from being
removed from the list while the timer is currently processing an
event.
If CloseSession is called while the OnTimerEvent method is active, the
session will be added to a dead list, and deleted when the timer event
has finished.
This CL does not address the main problem in bug 19252886, but
one bugreport, netflix_log_3.txt, indicates there may have been
a problem with the CDM timer.
bug: 19252886
Change-Id: I17190edaeb3eef1295d4d204232cc4262cb5fa9b
This is required because these makefiles contain a module that's
building agains the "current" SDK and will need to add an explicit
compile time dependency on the apache API.
Note that no runtime dependency is needed because the app targets
SDK version 12 (?!!).
bug: 18027885
Change-Id: I37587b91f9c52f88a8becce0449ac9b24a77fdad
Netflix reported that after pulling power while their app is active,
the app isn't able to restart. This is because the license file for
session keys isn't getting synched to disk, so the data is still in
the buffer cache when the device shuts down. Calling fflush and fsync
on the file ensures the data is persisted to disk. fclose alone
doesn't do fsync.
In testing, I also noticed that the license file was being rewritten
every second which is hard on the flash filesystem. The timer thread
was modified to avoid these frequent writes.
Merge of https://widevine-internal-review.googlesource.com/#/c/12431/
from the widevine cdm repo.
bug: 19108207
Change-Id: Ibe81e40a3c1f5d25563523da43fefdccdaa6ddcf
If a key query occurred before a license was received an UNKNOWN_ERROR was
returned. This now succeeds but returns no information (an empty container).
Also licenses that were already expired when received were not marked as such.
This did not cause violations in playback rules but caused an exception when
they were queried.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/12300
from wv git repo ]
b/18843625
Change-Id: I6990765c15e519ddf203a2fd8f0a130306f090a6
Cherry pick of the widevine change
https://widevine-internal-review.googlesource.com/#/c/12082/
If the level 1 oemcrypto library loads and initializes, but has the
wrong version or does not have a valid keybox, then the level 3
fallback is used. However, in those cases, the level 1 was not
terminated properly. This caused a resource leak on some platforms.
With this CL, in OEMCrypto_Initialize, the level 1 library Terminate
is called if its Initialize was called and the level 1 library will
not be used.
bug: 18755226
Change-Id: I56e7d3349eeebd94f3fa8c4a1f4b21781cc7428b
Fix a warning in gcc-4.9:
In file included from
vendor/widevine/libwvdrmengine/cdm/core/src/max_res_engine.cpp:3:0:
vendor/widevine/libwvdrmengine/cdm/core/include/max_res_engine.h:56:9:
error: 'class wvcdm::MaxResEngine::KeyStatus' is private
class KeyStatus {
^
vendor/widevine/libwvdrmengine/cdm/core/src/max_res_engine.cpp:10:53:
error: within this context
typedef std::map<wvcdm::KeyId,
wvcdm::MaxResEngine::KeyStatus*>::const_iterator
(cherry picked from commit 944d085a79)
Change-Id: I4984bd52c52c36e59c4d09db5e4f4d581e577b07
This CL is a merge of the widevine change
https://widevine-internal-review.googlesource.com/#/c/11881
The function rand() was not available on the mips build used to
generate the level 3 oemcrypto fallback library. This function has
been replaced by the openssl RAND_bytes(), so that compilation may
complete.
New version of library:
libwvdrmengine/level3/mips/libwvlevel3.a NONOB Level3 Library Dec 3 2014 17:11:00
bug: 17288466
Change-Id: Ibe2ae3add4f5830ddc1cce501d76aeb4be5ce926
This is a merge of the Widevine change:
https://widevine-internal-review.googlesource.com/#/c/11871
The level 3 oemcrypto fall back now compiles cleanly on a Fugu, and
passes all unit tests.
New version of library:
libwvdrmengine/level3/x86/libwvlevel3.a Level3 Library Dec 3 2014 13:06:03
bug: 17289103
Change-Id: I677888536dd2ca12e27b5985737e080b69d81477
This project is still using stlport (without telling the build system
about it), which was causing (broken) stlport headers to override
libc++ headers, leading to a broken copy of std::enable_if, which in
turn caused <atomic> to fail to compile. Since this project has
prebuilts that will need to be updated before this project can
actually move away from stlport, tell the build system that it is
still using stlport for now.
Bug: 18433002
Change-Id: I38b356428977ed2184eb28a07bd5e7424a4ace8d
(cherry picked from commit de4bc34719)
OEMCrypto may report an HDCP status of "No HDCP device attached/using
local display with secure path". This is not propagated upto
the server as an appropriate HDCP value did not exist in the
license protocol. This has now been added. Netflix has requested that
this be reported.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11806/
from Widevine cdm repo ]
b/18377309
Change-Id: I3db88c7ab5e79a3c12dbc8a398c4770e14e5ee5c
This is a merge of the widevine change:
https://widevine-internal-review.googlesource.com/#/c/11781
The OEMCrypto did not save the usage table correctly after a key was
loaded and not used.
Also, oemcrypto uses the keybox to verify and sign the usage table.
On library initialization, the usage table was being loaded before the
keybox, so the signature was not verified correctly.
Both these problems have been corrected.
Current Library Version:
arm: Level3 Library Nov 19 2014 16:53:43
bug: 17328418 Can't play pinned content
Change-Id: Ia753e2f47b36433931fbe8dba78939581e647222
Our recommendation to OEMs is that they support a table of at least 50
usage entries in OEMCrypto. If more usage entries are stored, the PSTs get
added to the CDM but are LRU'ed out of the OEMCrypto usage table. When the
CDM queries those usage entries, OEMCrypto will return a
OEMCrypto_ERROR_INVALID_CONTEXT. Rather than return an error and have
MediaDrm throw an exception, CDM should delete this PST and return the
next usage entry, when queried.
[ Merge of https://widevine-internal-review.googlesource.com/#/c/11457/
from Widevine cdm repo ]
b/17994711
Change-Id: I00e3f93000096fb434d94333e22958de795a4bb5
Merge of the widevine change:
https://widevine-internal-review.googlesource.com/#/c/11632
Several unit tests in cdm_engine_test.cpp and request_license_test.cpp
were failing regularly. These were caused by either:
1) The device was not provisioned.
This has been fixed by adding a certificate provisioning step in the
test setup for the cdm engine tests and changing the existing
provision steop in the request license tests to provision for both
security levels.
2) The device was hitting a flaky server.
This has been fixed by switching from the GooglePlayServer to the
Widevine server.
3) A null pointer introduced when testing secure stops with an app
id. This has been fixed by directly injecting the app id in the unit
tests.
4) Flaky network connections. The unit tests were requesting data
from the server and were timing out after 3 seconds. I changed that
to 12 seconds.
5) The tests were searching for an end-of-line marker to find the GLS
header in the license response message. The end-of-line marker was
present in a valid DRM message for almost 1% of the test cases. This
code has been replaced by searching for the string "GLS/1" at the
begining of the HTML body.
I also added test_printers.cpp that defines functions used by GTest to
print error codes by name instead of numeric value.
This CL changes unit tests only. It does not change any production
code.
bug: 18316036
Change-Id: I3398580059a03114e782ac7ac59e6b0944012df4
(This is a merge of http://go/wvgerrit/11613 from the Widevine CDM
repo.)
Adds a property for the OS version, implements it on Android, and
adds it to the license request property bag so that Netflix may
use it to discern the supported capabilities of the CDM.
Bug: 18230738
Change-Id: If5174a108093855314f3e0102b83691e20bb247b
The OEMCrypto library should prevent too many nonces from occuring in
a row. Previously, we tested that GenerateNonce generated an error if
there were too many nonce requests.
This CL makes it possible for OEMCrypto to delay the return from
GenerateNonce if there are too many requests. This is an equally
valid solution to the nonce flood attack.
This is a unit test change only. No production code is affected.
This is a merge from the widevine repository of:
https://widevine-internal-review.googlesource.com/#/c/11604/
bug: 17630253
Change-Id: Ie97f712d70230cd8e7ea7089da0aa18039673bb4
(This is a port of http://go/wvgerrit/11614 from the
Widevine repo.)
CDM does not recover if a license file has invalid size
or the hash is incorrect. Remove the corrupted license
file in such cases.
bug: 18002606
Change-Id: I46dec853ce6b2e7c7430297d50df5d30488cde3b
(This is a port of http://go/wvgerrit/11556 from the Widevine CDM
repo.)
This wires up the new method on the crypto interface with the core
code that handles the max-res decode.
Bug: 16034599
Change-Id: Id2ea5635bf732eabf1fd33712ff8bab6cf1a1745
(This is a merge of
https://widevine-internal-review.googlesource.com/#/c/11405
from the Widevine CDM Repo.)
AUPT is revealing a crash when destructing WVDrmPlugin due to
multi-threaded contention over the session map. As a fix, we are now
protecting access to the map via a mutex.
Bug: 17761616
Change-Id: Iddeca657effd3c7f3ff35ce334d7979291667cef
This is a merge of the widevine CL:
https://widevine-internal-review.googlesource.com/11254
On arm64, some devices are having random issues that probaby relate to
a stale instruction cache. This code change flushes the cache for
pages that are going to be made executable.
b/17400000
Current Library Version:
arm64: Level3 Library Sep 25 2014 17:10:03
Change-Id: I3904e96e922654c055a478079aa52c29cbde8b9f
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11110/
The level 3 oemcrypto library version of DeactivateUsageEntry now
returns OEMCrypto_ERROR_INVALID_CONTEXT if there is no entry in the
usage table.
Current Library Version:
arm: Level3 Library Sep 3 2014 18:13:47
b/17373630
Change-Id: Iaeb65b4ad4b2b9f3c6733a2c9c8d96e2be263d09
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11115/
This CL just updates the integration guide. In particular, the
following clarifiaction is made about usage tables:
The sentence:
When the session using this key is closed, the entry in the table will
be marked as inactive.
is replaced by
After the session using this key is closed, the application will
request that the entry in the table will be marked as inactive.
This should make it clear that OEMCrypto should not automaically
deactivate usage entries. This behaviour is already verified by unit
tests.
bug: 17405160
Change-Id: If836c7c76205e6759c1c194a6f31232c52c4f179
