Merge from Widevine repo of http://go/wvgerrit/95463
In the unit tests ReloadUsageTableWithSkew, we load a header that has
a generation number off by 1. This is allowed. However, we then try to
load the current entry, which is newer than the header. Instead, we
should try to load the entry that went with the header.
Bug: 139828114
Test: Ran unit tests
Change-Id: I87261501d8ee2b91a07c2b5dff17fc0ea950244d
Merge from Widevine repo of http://go/wvgerrit/95403
This updates the test code CreateDefaultResponse to make sure that
license releases do not have a core message, and that the key control
block is correctly set for renewals.
Also, the unit test OEMCryptoUsageTableTest.TimingTest is changed to
only a license release when the license is inactive. If the license is
still active, then the license is loaded before generating a usage
report.
Test: Ran full unit tests
Bug: 151092673
Change-Id: I7c01fd17f9b66e88ab3c57aa0f3d40740f13507c
Merge from Widevine repo of http://go/wvgerrit/95283
If an entry is loaded in a second session, the error should be
OEMCrypto_ERROR_INVALID_SESSION.
Bug: 150647218
Test: ran unit tests
Change-Id: I4e666ce6626303a36b16997f0a012d57a7039697
Change-Id: Id0e73dec5879ec9ec4e8ab8ebe1590c568e7f0af
Merge from Widevine repo of http://go/wvgerrit/95263
Some OEMCrypto unit tests are not expected to pass on a v15 device, so
they are being filtered out.
Bug: 149861744
Test: unit tests on taimen
Change-Id: Iadff592f4a0005ab7e5613b315a714e737d7e5e0
Merge from Widevine repo of http://go/wvgerrit/95087
The ODK library is used in OEMCrypto, and in test code, but it is not
needed in the CDM layer. As such, it can be removed from the
Android.mk for cdm libraries.
Bug: 150809634
Test: unit tests
Change-Id: If29458e7d3d940f9a383d77e5082e7388e19c32f
Merge from Widevine repo of two CLs.
Merge from Widevine repo of http://go/wvgerrit/94743
A license release should not have a core message. This CL adjusts the
existing unit tests to verify this. There is also a new unit test called
SecureStop that explicitly tests sending a secure stop in a new
session without first loading the license.
Merge from Widevine repo of http://go/wvgerrit/94865
This CL has the following changes copied from google3:
http://cr/298871728 Remove odk_static_assert for Message size temporarily
http://cr/298755935 Fix a compiling error during macro expansion
http://cr/298481745 Add missing header for android
http://cr/298448142 Fix odk_test gyp file
http://cr/298419641 Remove header from Android.bp
http://cr/298402053 Separate sizeOf(args) bytes in fuzz tests
http://cr/297730316 No core messages for license release
http://cr/297714346 Add copybara_test and piper_sot_to_gerrit
http://cr/297636713 Adding some comments around boolean conversion code
http://cr/297420679 Autofuzzer when ran with address sanitizer ...
http://cr/296513584 Minor fix with fuzzing odk clock values
http://cr/296322024 Fixing errors in code with how request ...
http://cr/296313159 Fuzzing ODK clock values by setting aside ...
http://cr/295763207 Add more odk tests and move helper functions to test helper
http://cr/294524098 Adding a Build Rule for ODK_KDO_Fuzzer and updating
http://cr/294492213 Address a few review comments of ODK
http://cr/293674368 odk_fuzz: add TODOs & comments
http://cr/293492806 Fix spelling
Bug: 150243585
Bug: 150020278
Bug: 150095506
Bug: 147297226
Bug: 148290294
Bug: 148907684
Bug: 150608451
Test: unit tests
Change-Id: I25fd406f29f4eba40f5cb27e9a1317dce4ffc2f5
(This is a merge of http://go/wvgerrit/95003.)
To reduce the number of OEMCrypto calls on the decrypt path, the maximum
subsample size will now be cached after the first call to retrieve it.
Bug: 150018606
Test: Android Unit Tests
Test: CE CDM Unit Tests
Test: ExoPlayer high-bitrate playback on OEC v15
Change-Id: I0b5d38d8a082c0a127d2a47f112b76c64085bddb
(This is a merge of http://go/wvgerrit/94928.)
In OEMCrypto v16, we dropped support for 'cens' and 'cbc1'. However, we
did not redefine the pattern (0,0) to be a valid pattern for 'cbcs', even
though it was no longer being used to signal 'cbc1'. Instead, we made
the CDM reject CTR with a pattern ('cens') and CBC with a (0,0) pattern
('cbc1') to mirror the behavior of OEMCrypto v16.
However, some apps have been using 'cbc1' mode to decrypt audio in
'cbcs' content. This is normally not possible but is possible for a
subset of content. Furthermore, it is easy to do by accident because of
the way most packagers package 'cbcs' audio and the special significance
Widevine has historically given the (0,0) pattern.
This patch updates the CDM to not reject CBC with a (0,0) pattern but
instead treat it as 'cbcs' content. To decrypt it correctly, the pattern
is treated specially inside the CDM core and converted to the
recommended equivalent pattern — (10,0) — before passing the content to
OEMCrypto.
For more specifics, please see the design doc: http://go/vclfg
Bug: 150219982
Test: ExoPlayer Demo App 'cbcs' Content
Test: GTS 'cbcs' Content
Change-Id: I334ff15db5f7b7d62040a036ba6d17515c3caee4
[ Merge of http://go/wvgerrit/94483 ]
With OEMCrypto V16 comes a new potential error code from calls to
DecryptCENC(). WARNING_MIXED_OUTPUT_PROTECTION may be returned by
supporting devices if one of the output devices does not meet the
required HDCP level for the decryption key/license; however the output
is instead restricted (by OEMCrypto) to devices that are secure. This
warning is informative to the CDM; but no action can/should be taken
by the CDM.
In addition, if DecryptCENC() returns an error/warning, it is likely
that the same status code will be returned on subsequent calls to
decrypt within the same crypto session. To reduce the number of logs
the CDM produces within the same crypto session only changes in error
codes are logged.
Bug: 140825538
Change-Id: Iaf9da3f0c88889525f73f3153a5977c8416286bb
(cherry picked from commit d9c703ef9e)
Merged-In: Iaf9da3f0c88889525f73f3153a5977c8416286bb
[ Merge of http://go/wvgerrit/94903 ]
Prefixes are no longer needed now that file and line number are
being logged.
Bug: 149829271
Test: wv unit/integration tests
Change-Id: I0ba701fc262cdb59056dca139c38ed76035bcbb8
Merge from Widevine repo of http://go/wvgerrit/94523
For OEMCrypto v16, a renewal does not get a new nonce.
Bug: 149856581
Test: WvCdmRequestLicenseTest.StreamingLicenseRenewal
Change-Id: I258f0bcb9c9a417310785f130d32d66fa7430185
[ Merge of http://go/wvgerrit/94507 ]
./build_and_run_all_tests.sh runs all WV unit/integration tests.
It searches for unit/integration tests in $OUT/data/nativetest/ .
ODK tests are in $OUT/data/nativetest/vendor/odk_test. Adding this
path to the list of directories that the script searches through.
Bug: 150158890
Test: Run ./build_and_run_all_tests.sh
Change-Id: Ib3b7d247a5cb86f9972157c13ad60b7f3cbbb7dc
Merge from Widevine repo of http://go/wvgerrit/94505
Some tests use an EXPECT when checking an array size or to verify a
pointer is not null. Then they access the pointer or array. When they
use an EXPECT, this access results in a segfault.
I also removed a compiler warning about unused parameters.
Bug: 149856581
Test: request_license_test (now lists failed tests)
Change-Id: I08ac11250921245c89ed5c0c43cc5f4321e0a9cc
[ Merge of http://go/wvgerrit/94323 ]
Content providers wish to know the application package name that is
requesting a license from the content server. The app package name that
is provided to the CDM during initialization is provided to the client
identification message as a key-value pair during license request
generation. App packages names are keyed under 'application_name'.
This feature was tested manually by scraping the content of the license
request for YouTube TV.
Bug: 148689078
Test: manual
Change-Id: I6b65f2ab9845dbea37aaaab76ecea25c228bde5b
Merge from Widevine repo of http://go/wvgerrit/94243
When generating a second provisioning request, a new session should be
opened because a session can only have one nonce for v16.
For Provisioning 3.0 devices, the OEM Cert's private key must be
loaded in the new session.
Test: WvCdmRequestLicenseTest.ProvisioningInterposedRetryTest
Bug: 135288420 Nonce reuse
Bug: 141655126 Cert reload
Change-Id: I8a96566142c4d4380e2bdd571e8d363a7a1f74d4
(This is a merge of http://go/wvgerrit/93829,
http://go/wvgerrit/93830, http://go/wvgerrit/93832,
http://go/wvgerrit/93833, and http://go/wvgerrit/93834 from the
Widevine repo.)
This implements the CDM code changes necessary to take advantage of
Combined Decrypt Calls on OEMCrypto v16. The result of this is that
WVCryptoPlugin is much lighter now because it can pass the full sample
down to the core in one call, but CryptoSession is heavier, as it now
has to handle more complex fallback logic when devices can't handle
multiple subsamples at once.
This patch also removes support for the 'cens' and 'cbc1' schema, which
are being dropped in OEMCrypto v16. This fixes an overflow in the code
for handling those schemas by removing it entirely.
This patch also fixes the "in chunks" legacy decrypt path to use larger
chunk sizes on devices with higher resource rating tiers.
Bug: 135285640
Bug: 123435824
Bug: 138584971
Bug: 139257871
Bug: 78289910
Bug: 149361893
Test: no new CE CDM Unit Test failures
Test: Google Play plays
Test: Netflix plays
Test: no new GTS failures
Change-Id: Ic4952c9fa3bc7fd5ed08698e88254380a7a18514
