Bugs: b/112824791, b/120287622 (partially)
Merge of http://go/wvgerrit/70772
Tests: GTS tests, Android + Linux unit/integration tests
The Level 3 added functionality to reuse mmap'd pages, and as part of
it, the signature for TerminateRuntime changed so the relocs object can
be used to free all the pages at OEMCrypto_Terminate.
Change-Id: If3253926d948dcf69c178b9843cdf40aa7856d50
Bug: b/119881112
Merge of http://go/wvgerrit/68983
Test: Android + Linux tests for ref and L3
This CL removes tests from OEMCrypto that test shared license
functionality and code in the ref and L3 that handle shared licenses.
Change-Id: Ia11510d8db3fa6e471a4ebbdb371fd76b0812984
Merge of http://go/wvgerrit/68986
Bug: b/120797208
Test: Android + Linux unit tests
OEMCrypto v15.1 introduced changes to full decrypt path testing.
This CL reflects those changes for the Level 3 code, including
removing InitializeDecryptHash and changes to error reporting.
Change-Id: I09cec6743524d326cb1a6c3ba4dd1764dbefff5f
Bug: b/70299597
Merge of http://go/wvgerrit/67304
Test: Android, CE CDM, and Linux tests
There's a few different things that can go wrong in the L3
initialization, with seeding and device key failures among others. They
should be recorded in metrics to track. Along the same lines, since
multiple errors can happen in conjunction, metrics needs to change to
add more fields for errors. This CL also adds the
hidl_metrics_adapter_unittest to the Android test scripts.
Change-Id: Ie5bcf81bbe294a1136c58410f90087a13b3d911d
Bug: b/117558570
Test: Android, CE CDM, and Linux tests
Merge of http://go/wvgerrit/67566
This CL adds changes to support the Level 3 upgrade to v15 with both the
dynamic and static adapters. It also rearranges the wvcrc.cpp files so
that the tests have their own copy and Level 3 can just use the one in
ref/src.
Change-Id: Ieee2859601881aa1800622454e6ce0345eb94aa7
Merge from master branch of Widevine repo of http://go/wvgerrit/66081
Merge from oemcrypto-v15 branch of Widevine repo of http://go/wvgerrit/65962
This CL changes function names in the v14 level 3 libraries to work with
the dynamic adapter. I also excluded several OEMCrypto unit tests from
running with a v14 oemcrypto because they require error code changes
introduced in v15.
Bug: 117888897 Fix backwards compatibility
Bug: 119313532 Integration test failing
Test: unit tests on taimen. Play Movies, ExoPlayer, Netflix play on taimen.
Some unit tests do not pass because Taimen uses a v13 oemcrypto. Most pass.
Change-Id: Ib8eb8a89591fdba3055064c4bdf90523b01309a8
b/111246860
Merge of http://go/wvgerrit/60040
The libraries were built with the following optimization flags:
arm: -02
arm64: -02
x86: -01
x86_64: -01 (-02 was giving segfaults)
mips: -01
mips64: -01
linux: -02
AES tables are currently obfuscated as part of Haystack, and
deobfuscated everytime they're being used as part of decryption. This
adds a considerable performance hit in constantly loading and unloading
these buffers. Since they're open source code (see:
https://github.com/openssl/openssl/blob/master/crypto/aes/aes_core.c),
obfuscating them doesn't provide much benefit.
Merge from http://go/wvgerrit/47640
Test: unit/integration tests
Bug: b/62058202
The usage table keeps track of license duration by using the current
system time. However, if a user were to rollback the time, they can
effectively continue offline playback indefinitely. This changes the way
we compute time by computing offsets by which the user rollbacked the
time and adding it to the current time. This change also includes a test
to verify protection against rollback for usage entries that is only run
when the user is root.
Change-Id: I97c430e1443747b0f9759ae5390b8f5d06bdebf1
Merge of http://go/wvgerrit/45521/
Bug: b/73818548
Test: request_license_tests and GTS tests on sailfish and taimen
This change loads the mac keys into the session to be used in
GenerateSignature from the last call to one of: DeriveKeysFromSessionKey,
GenerateDerivedKeys, LoadKeys, and LoadUsageEntry. OEMCrypto tests are
changed to reflect this as well (specifically the order in which we call
the above methods).
Merge from Widevine repo of http://go/wvgerrit/41680
These changes change the signature of LoadKeys to LoadKeys_V13 for the
Level 3. This change will be reverted once we update Level 3 to v14.
level3/x86/libl3oemcrypto.cpp Level3 Library 4464 Jan 23 2018 13:22:20
level3/arm/libl3oemcrypto.cpp Level3 Library 4445 Jan 23 2018 12:12:32
level3/mips64/libl3oemcrypto.cpp Level3 Library 7285 Jan 23 2018 15:48:51
level3/arm64/libl3oemcrypto.cpp Level3 Library 7283 Jan 23 2018 12:47:26
level3/mips/libl3oemcrypto.cpp Level3 Library 4465 Jan 23 2018 15:13:13
level3/x86_64/libl3oemcrypto.cpp Level3 Library 7284 Jan 23 2018 13:50:10
test: Play Movies plays on sailfish.
Change-Id: Ia492463cd15178b12908faa24af7fbbcfef22e77
These are a set of CLs merged from the wv cdm repo to the android repo.
* Correct error logging
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/40000 ]
In tests, we set the cipher list to avoid using insecure
ciphers when connecting to the provisioning/license service.
The result of setting the cipher list was being incorrectly
validated.
Bug: 64847919
* Move mips cache headers to clear_cache_function.h
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39700 ]
Since the clear_cache function has been moved away from the dynamic
adapter, we need these conditional includes to be migrated as well for
MIPS.
* Comment out Level 3 debug call until merge
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39761 ]
This call was introduced in go/wvgerrit/34260/. Since the haystack tool
in google3 still needs this merge, this should be commented out so the
tool can still build until the merge has finished.
* Add logging for MAC keys to mock
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39740 ]
Bug: 70637842
* Move external interfaces into level3.h + refactor
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39673 ]
As part of b/70523618, this CL moves interfaces that partners are
responsible for in Level 3 to level3.h so they can be visible as
part of the CDM release process. It also cleans up some of the
names of the files and adds documentation.
* Corrected close session logging level
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/39676 ]
Bug: 69460963
* Remove Security Level Path Backward Compatibility Support
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/39505 ]
From the android K release onwards certificates were stored in
security level specific directories. If upgrading from
previous releases persistent information needed to be moved
to those directories.
Since no device is likely to upgrade from J to Pi, comptibility
support can be removed.
Bug: 70160032
* Rename privacy_crypto_openssl To privacy_crypto_boringssl
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37122 ]
Now that we no longer support OpenSSL in the Shared Source CDM, the name
of this file can be updated.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Remove Conditional Compilation from OpenSSL/BoringSSL
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/39460 ]
This change removes the usages of conditional compilation to support
both BoringSSL and OpenSSL, as well as to support multiple versions of
the OpenSSL API. All code is now compiled against one of the two
versions of BoringSSL in third_party/.
Note that in some cases, the kit/ and legacy_kit/ versions of BoringSSL
had different APIs, so when removing the OpenSSL version compatibility
conditional compilation, sometimes the older branch was kept and
sometimes the newer branch was kept.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Build CE & Jenkins CDMs With BoringSSL from third_party/
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37120 ]
Up until now, integrators have been responsible for providing a
compatible crypto library for use by the CE CDM. (either OpenSSL or
BoringSSL) After this change, this decision will no longer be in their
hands. The CE CDM build will always use the copy of BoringSSL in
third_party/, which will be statically linked with our library with
hidden visibility. This allows us to better control what crypto library
we use and will prevent continuing problems with trying to support both
OpenSSL and BoringSSL.
Unfortunately, BoringSSL began using C++11 in mid-2017, and we can't
support C++11 right now. Until we can, we need to use a C++11-free
version of BoringSSL for libssl. The CDM itself will continue to use a
recent BoringSSL, as it only needs libcrypto. But the unit tests that
need libssl have to use the legacy version.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Modified RNG for Level3 to use more entropy
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39220 ]
Bug: 65165076
Modified seed generation to use an xor of clock_gettime and
client-implemented code to supply random seeds to the RNG. Modified the RNG
as well to use xoroshiro128+ instead of xorshift, since it uses more
than one seed/state (which are 64-bit) and has higher "statistical quality".
The default implementations for the seed generation use /dev/urandom.
* Configure base path for Level3FileSystem
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39506 ]
This is in response to b/70354006. This change makes the
Android Level3FileSystem use the existing properties method
GetDevicesFilesBasePath for binderization. The same is done for the
Linux implementation.
* Add legacy_kit/ to BoringSSL Directory
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/38861 ]
This adds a second copy of BoringSSL to the third_party/boringssl/
directory. This second copy is pinned to the last revision of BoringSSL
not to require C++11 and is not updated by the UPDATE_BORINGSSL.sh
script. This second copy will be used to provide libssl to the tests on
devices that do not support C++11.
Once we support C++11 in the CDM again, this weight should be removed
and all targets should use the copy of BoringSSL in the kit/ directory.
Bug: 67907873
* Use Shared Libraries for Unit Tests
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/38860 ]
Some unit tests were using a statically-linked CDM instead of a
dynamically-linked one. (Or, in one case, trying to link both ways into
the same binary.) For now, we need to only link dynamically, so that the
unit tests and the CDM can use different versions of BoringSSL.
Long-term, we would like to test both kinds of linkage. (See b/69548115
for that.)
Some unit tests were also using a dynamicaly-linked CDM that was named
such that it appeared to be statically-linked. This patch renames some
targets to make the linkage clearer.
Bug: 67907873
* Change CDM_Backwards_Compatiblity_Tests to dedicated brances
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/39003 ]
The build scripts used by CDM_Backwards_Compatiblity_Tests now pull
old versions of oemcrypto from the dedicated branches oemcrypto-v*,
which [will eventually] contain old oemcrypto versions, that build
with the current build system with a current boringssl version.
bug: 67907873
* Fix spacing on level3 header
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/38760 ]
* Correct Query status calls
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/38640 ]
Bug: 70160032
* Refactoring to allow encryption of client ID
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/37460 ]
The code has been restructured to allow encryption of client
identification in provisioning requests. This will be enabled
when server side changes have been made (b/69427217).
* Additional information is included in the Client Identification
portion of the provisioning request.
* Client identification will be encrypted with a service
certificate provided by the app/client. Platform changes
to enable passing this to core are needed. If a service certificate
is not provided, a default one associated with the production Keysmith
will be used.
* Switched APIs in CdmEngine to take a service certificate for
provisioning rather than licensing. Service certificates for
licensing are session based and passed as properties from platform
code.
Bug: 30737060
* Allow some CDM errors to be reported from multiple locations
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/38360 ]
This creates some CdmResponseType errors which may be reused
PARAMETER_NULL, NOT_INITIALIZED_ERROR, REINIT_ERROR.
I have made changes to a few classes to report these errors.
Will work on additional classes in a separate CL.
Bug: 69864404
BUG: 71650075
Test: WV Unit/integration tests
Change-Id: Icc048770d424ac537d11ff327cda2cb142da802d
