[ Merge of http://go/wvgerrit/70203 ]
The earlier property_get() method had a limitation on property length.
Properties of some new devices exceed that length. An error message
is returned rather than a truncated string. Replace its use with
android::base::GetProperty() which does not have a length limitation.
Bug: 115358798
Test: WV unit/integration tests
Change-Id: I46ce9a7e77bcd031225d0082f83c57d484fe5405
Bug: b/119881112
Merge of http://go/wvgerrit/68983
Test: Android + Linux tests for ref and L3
This CL removes tests from OEMCrypto that test shared license
functionality and code in the ref and L3 that handle shared licenses.
Change-Id: Ia11510d8db3fa6e471a4ebbdb371fd76b0812984
Merge of http://go/wvgerrit/68986
Bug: b/120797208
Test: Android + Linux unit tests
OEMCrypto v15.1 introduced changes to full decrypt path testing.
This CL reflects those changes for the Level 3 code, including
removing InitializeDecryptHash and changes to error reporting.
Change-Id: I09cec6743524d326cb1a6c3ba4dd1764dbefff5f
Bug: b/70299597
Merge of http://go/wvgerrit/67304
Test: Android, CE CDM, and Linux tests
There's a few different things that can go wrong in the L3
initialization, with seeding and device key failures among others. They
should be recorded in metrics to track. Along the same lines, since
multiple errors can happen in conjunction, metrics needs to change to
add more fields for errors. This CL also adds the
hidl_metrics_adapter_unittest to the Android test scripts.
Change-Id: Ie5bcf81bbe294a1136c58410f90087a13b3d911d
Bug: b/117558570
Test: Android, CE CDM, and Linux tests
Merge of http://go/wvgerrit/67566
This CL adds changes to support the Level 3 upgrade to v15 with both the
dynamic and static adapters. It also rearranges the wvcrc.cpp files so
that the tests have their own copy and Level 3 can just use the one in
ref/src.
Change-Id: Ieee2859601881aa1800622454e6ce0345eb94aa7
Merge from master branch of Widevine repo of http://go/wvgerrit/66081
Merge from oemcrypto-v15 branch of Widevine repo of http://go/wvgerrit/65962
This CL changes function names in the v14 level 3 libraries to work with
the dynamic adapter. I also excluded several OEMCrypto unit tests from
running with a v14 oemcrypto because they require error code changes
introduced in v15.
Bug: 117888897 Fix backwards compatibility
Bug: 119313532 Integration test failing
Test: unit tests on taimen. Play Movies, ExoPlayer, Netflix play on taimen.
Some unit tests do not pass because Taimen uses a v13 oemcrypto. Most pass.
Change-Id: Ib8eb8a89591fdba3055064c4bdf90523b01309a8
b/111246860
Merge of http://go/wvgerrit/60040
The libraries were built with the following optimization flags:
arm: -02
arm64: -02
x86: -01
x86_64: -01 (-02 was giving segfaults)
mips: -01
mips64: -01
linux: -02
AES tables are currently obfuscated as part of Haystack, and
deobfuscated everytime they're being used as part of decryption. This
adds a considerable performance hit in constantly loading and unloading
these buffers. Since they're open source code (see:
https://github.com/openssl/openssl/blob/master/crypto/aes/aes_core.c),
obfuscating them doesn't provide much benefit.
Merge from Widevine repo of http://go/wvgerrit/46204
Refactor utility code - split the mock, step 1
Merge from Widevine repo of http://go/wvgerrit/46205
Move some OEMCrypto types to common header - split the mock, step 2
Merge from Widevine repo of http://go/wvgerrit/46206
Split mock into two -- step 3
Merge from Widevine repo of http://go/wvgerrit/47460
Split the mock into two -- step 3.5
The CL moves several files used by oemcrypto and cdm into a common
subdirectory, so that it may more easily be shared with partners.
The CORE_DISALLOW_COPY_AND_ASSIGN macro was moved to its own header in
the util/include directory.
This CL removes some references to the mock from other code, and puts
some constants and types, such as the definition of the keybox, into a
header in oemcrypto.
Test: tested as part of http://go/ag/4674759
bug: 76393338
Change-Id: I75b4bde7062ed8ee572c97ebc2f4da018f4be0c9
Merge from http://go/wvgerrit/47640
Test: unit/integration tests
Bug: b/62058202
The usage table keeps track of license duration by using the current
system time. However, if a user were to rollback the time, they can
effectively continue offline playback indefinitely. This changes the way
we compute time by computing offsets by which the user rollbacked the
time and adding it to the current time. This change also includes a test
to verify protection against rollback for usage entries that is only run
when the user is root.
Change-Id: I97c430e1443747b0f9759ae5390b8f5d06bdebf1
Merge of http://go/wvgerrit/45521/
Bug: b/73818548
Test: request_license_tests and GTS tests on sailfish and taimen
This change loads the mac keys into the session to be used in
GenerateSignature from the last call to one of: DeriveKeysFromSessionKey,
GenerateDerivedKeys, LoadKeys, and LoadUsageEntry. OEMCrypto tests are
changed to reflect this as well (specifically the order in which we call
the above methods).
Merge from Widevine repo of http://go/wvgerrit/43420
Remove or mark unused variables. Fix unsigned/signed comparisons.
bug: 73390805
test: unit tests
Change-Id: Ic523400a5decf82fae733042b260e0c39a087cd3
Merge from Widevine repo of http://go/wvgerrit/41680
These changes change the signature of LoadKeys to LoadKeys_V13 for the
Level 3. This change will be reverted once we update Level 3 to v14.
level3/x86/libl3oemcrypto.cpp Level3 Library 4464 Jan 23 2018 13:22:20
level3/arm/libl3oemcrypto.cpp Level3 Library 4445 Jan 23 2018 12:12:32
level3/mips64/libl3oemcrypto.cpp Level3 Library 7285 Jan 23 2018 15:48:51
level3/arm64/libl3oemcrypto.cpp Level3 Library 7283 Jan 23 2018 12:47:26
level3/mips/libl3oemcrypto.cpp Level3 Library 4465 Jan 23 2018 15:13:13
level3/x86_64/libl3oemcrypto.cpp Level3 Library 7284 Jan 23 2018 13:50:10
test: Play Movies plays on sailfish.
Change-Id: Ia492463cd15178b12908faa24af7fbbcfef22e77
This adds an include path to system core properties.h to
OEMCrypto L3 makefiles.
Bug: 72004865
Test: Verified by unit/integration tests on taimen.
Verified playback using Play Movies (streaming/offline)
and Netflix.
Change-Id: I73c21f2751b34b6b58d92ed5177951a6397b5bf7
These are a set of CLs merged from the wv cdm repo to the android repo.
* Correct error logging
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/40000 ]
In tests, we set the cipher list to avoid using insecure
ciphers when connecting to the provisioning/license service.
The result of setting the cipher list was being incorrectly
validated.
Bug: 64847919
* Move mips cache headers to clear_cache_function.h
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39700 ]
Since the clear_cache function has been moved away from the dynamic
adapter, we need these conditional includes to be migrated as well for
MIPS.
* Comment out Level 3 debug call until merge
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39761 ]
This call was introduced in go/wvgerrit/34260/. Since the haystack tool
in google3 still needs this merge, this should be commented out so the
tool can still build until the merge has finished.
* Add logging for MAC keys to mock
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39740 ]
Bug: 70637842
* Move external interfaces into level3.h + refactor
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39673 ]
As part of b/70523618, this CL moves interfaces that partners are
responsible for in Level 3 to level3.h so they can be visible as
part of the CDM release process. It also cleans up some of the
names of the files and adds documentation.
* Corrected close session logging level
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/39676 ]
Bug: 69460963
* Remove Security Level Path Backward Compatibility Support
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/39505 ]
From the android K release onwards certificates were stored in
security level specific directories. If upgrading from
previous releases persistent information needed to be moved
to those directories.
Since no device is likely to upgrade from J to Pi, comptibility
support can be removed.
Bug: 70160032
* Rename privacy_crypto_openssl To privacy_crypto_boringssl
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37122 ]
Now that we no longer support OpenSSL in the Shared Source CDM, the name
of this file can be updated.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Remove Conditional Compilation from OpenSSL/BoringSSL
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/39460 ]
This change removes the usages of conditional compilation to support
both BoringSSL and OpenSSL, as well as to support multiple versions of
the OpenSSL API. All code is now compiled against one of the two
versions of BoringSSL in third_party/.
Note that in some cases, the kit/ and legacy_kit/ versions of BoringSSL
had different APIs, so when removing the OpenSSL version compatibility
conditional compilation, sometimes the older branch was kept and
sometimes the newer branch was kept.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Build CE & Jenkins CDMs With BoringSSL from third_party/
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37120 ]
Up until now, integrators have been responsible for providing a
compatible crypto library for use by the CE CDM. (either OpenSSL or
BoringSSL) After this change, this decision will no longer be in their
hands. The CE CDM build will always use the copy of BoringSSL in
third_party/, which will be statically linked with our library with
hidden visibility. This allows us to better control what crypto library
we use and will prevent continuing problems with trying to support both
OpenSSL and BoringSSL.
Unfortunately, BoringSSL began using C++11 in mid-2017, and we can't
support C++11 right now. Until we can, we need to use a C++11-free
version of BoringSSL for libssl. The CDM itself will continue to use a
recent BoringSSL, as it only needs libcrypto. But the unit tests that
need libssl have to use the legacy version.
Bug: 67907873
Test: build.py x86-64
Test: wv_ce_cdm_unittest
Test: jenkins/linux_unit_tests
* Modified RNG for Level3 to use more entropy
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39220 ]
Bug: 65165076
Modified seed generation to use an xor of clock_gettime and
client-implemented code to supply random seeds to the RNG. Modified the RNG
as well to use xoroshiro128+ instead of xorshift, since it uses more
than one seed/state (which are 64-bit) and has higher "statistical quality".
The default implementations for the seed generation use /dev/urandom.
* Configure base path for Level3FileSystem
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/39506 ]
This is in response to b/70354006. This change makes the
Android Level3FileSystem use the existing properties method
GetDevicesFilesBasePath for binderization. The same is done for the
Linux implementation.
* Add legacy_kit/ to BoringSSL Directory
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/38861 ]
This adds a second copy of BoringSSL to the third_party/boringssl/
directory. This second copy is pinned to the last revision of BoringSSL
not to require C++11 and is not updated by the UPDATE_BORINGSSL.sh
script. This second copy will be used to provide libssl to the tests on
devices that do not support C++11.
Once we support C++11 in the CDM again, this weight should be removed
and all targets should use the copy of BoringSSL in the kit/ directory.
Bug: 67907873
* Use Shared Libraries for Unit Tests
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/38860 ]
Some unit tests were using a statically-linked CDM instead of a
dynamically-linked one. (Or, in one case, trying to link both ways into
the same binary.) For now, we need to only link dynamically, so that the
unit tests and the CDM can use different versions of BoringSSL.
Long-term, we would like to test both kinds of linkage. (See b/69548115
for that.)
Some unit tests were also using a dynamicaly-linked CDM that was named
such that it appeared to be statically-linked. This patch renames some
targets to make the linkage clearer.
Bug: 67907873
* Change CDM_Backwards_Compatiblity_Tests to dedicated brances
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/39003 ]
The build scripts used by CDM_Backwards_Compatiblity_Tests now pull
old versions of oemcrypto from the dedicated branches oemcrypto-v*,
which [will eventually] contain old oemcrypto versions, that build
with the current build system with a current boringssl version.
bug: 67907873
* Fix spacing on level3 header
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/38760 ]
* Correct Query status calls
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/38640 ]
Bug: 70160032
* Refactoring to allow encryption of client ID
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/37460 ]
The code has been restructured to allow encryption of client
identification in provisioning requests. This will be enabled
when server side changes have been made (b/69427217).
* Additional information is included in the Client Identification
portion of the provisioning request.
* Client identification will be encrypted with a service
certificate provided by the app/client. Platform changes
to enable passing this to core are needed. If a service certificate
is not provided, a default one associated with the production Keysmith
will be used.
* Switched APIs in CdmEngine to take a service certificate for
provisioning rather than licensing. Service certificates for
licensing are session based and passed as properties from platform
code.
Bug: 30737060
* Allow some CDM errors to be reported from multiple locations
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/38360 ]
This creates some CdmResponseType errors which may be reused
PARAMETER_NULL, NOT_INITIALIZED_ERROR, REINIT_ERROR.
I have made changes to a few classes to report these errors.
Will work on additional classes in a separate CL.
Bug: 69864404
BUG: 71650075
Test: WV Unit/integration tests
Change-Id: Icc048770d424ac537d11ff327cda2cb142da802d
These are a set of CLs merged from the wv cdm repo to the android repo.
* Get System ID From OEM Cert
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37940 ]
(This is a merge of http://go/wvgerrit/30220 . However, it has been
significantly modified in the merge due to needing to support both
OpenSSL and BoringSSL.)
Previously, extracting the system ID was only supported on Keybox-based
systems. This patch adds support for extracting the system ID from the
OEM Certificate chain on Provisioning 3.0 devices. This is done by
getting the Widevine intermediate cert from the chain, finding the
Widevine System ID extension in that cert, and extracting the value.
The code that does the extraction is separate from any code that calls
OEMCrypto so that it can be unit-tested in isolation. This patch adds a
crypto_session_unittest test to do this unit-testing.
Bug: 34776194
Test: crypto_session_unittest
Test: widevine_ce_cdm_unittest
* Remove unique_ptr from oemcrypto mod mock
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/38500 ]
Because we can't have C++11.
Bug: 69935608
* Update CHANGELOG.md
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/38460 ]
- Add items about adapter support.
- Add mention of SRM support.
Merged from cdm_partner_3.5
(Change-Id: I6d891e157edc3afb2797bf281ef3f06bdb8fe474)
* Add Adapter for OEMCrypto v13 to v12.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/38440 ]
Also fix OEMCrypto_LoadKeys() definition broken by wvcl/38160
(srm_requirement param).
* Allow certain warnings in protobuf build.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/38424 ]
maybe-uninitialized is triggered in release build. Allow it.
* Enable -fPIC for jsmc.c build.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/38423 ]
-fPIC was removed for common c/c++ build rules. Add it back.
* Missing OEMCrypto_LoadKeys param in static adapter.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/38422 ]
srm_requirement param was omitted in v11 static adapter.
* Remove OEMCrypto v12 specification.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/38421 ]
* Update documentation for v3.5.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/38420 ]
* Added padded preprov key for 7880
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/36924 ]
Bug: 68765915
* Change overrides in CE L3FileSystem
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/38380 ]
The 'override's are changed to the macro defined in override.h to
be gnu++98 compliant.
* Use source android level3 + add cache_flush call
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/37900 ]
I put both changes in this CL since I have to generate Level3 libraries
for both anyways. The first change involves shifting from using a
prebuilt static library to using an obfuscated source library output
from the Haystack tool on google3. The second change is from here:
https://critique.corp.google.com/#review/176536782, and addresses
b/69387416. Since the cache_flush function wasn't being used, the
execution on Angler gave inconsistent segfaults, which this CL fixes.
Verified on Angler, Sailfish, and Linux.
11/27/17: Added mips and mips64 libraries.
* Make CDM result codes constexprs
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/38280 ]
The values in the enumeration list of CdmResponseType error codes
were earlier implicit. Comments were added to denote the actual
values. This changes to make it fixed values, which makes it slightly
more error prone, but cleaner when errors are retired.
* Change watchdog timer to 2 minutes
[ Merge of http://go/wvgerrit/36340 ]
This relaxes the watchdog timer around the level 3 oemcrypto
initialization to 120 seconds. There are also a couple of new log
messages at the end of initialization and at termination.
Library for arm updated:
level3/arm/libwvlevel3.a Level3 Library 4445 Oct 4 2017 17:06:25
Bug: 65379279
Merged from https://widevine-internal-review.googlesource.com/35480
* Add test to get service certificate from server.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/37780 ]
This was extracted from Ic38dd27d06dc7528ae4cd995da4261fe6c34ad55
* Add watch dog timer to OEMCrypto L3
commit ec624ea483cbf8fb3d4e8f393bc25c90a0e29d4b
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/34260 ]
This code adds a watchdog timer to the level 3 initialization. If
initialization does not finish within 5 seconds, the process
will abort, printing a small amount of debugging information.
arm/libwvlevel3.a Level3 Library 4445 Sep 11 2017 14:05:15
Test: unit tests on bullhead. Video on Play Movies.
GTS tests run on loop overnight.
Bug: 65379279
Merged from https://widevine-internal-review.googlesource.com/33540
* Remove libwidevinehidl_utils dependency
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/37822 ]
libwvdrmcryptoplugin_hidl has a dependency on libwidevinehidl_utils
which was introduced due to an out of order merge from oc-mr1-dev
to master.
Bug: 69573113
* Automatically generate log location information
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36563 ]
Currently class and method names are manually added to each log message
in the CDM on android and some other platforms. This change prepends
log messages with file name, line number and function name automatically.
The code is platform specific so it can be enabled and the precise
format configured on a per-platform basis.
As an example, here is a log on android before the change,
11-01 02:48:48.658 D/WVCdm (32198): CryptoSession::Open:
Lock: requested_security_level: Default
and after,
11-01 02:48:48.658 D/WVCdm (32198): [crypto_session.cpp(1108):Open]
Lock: requested_security_level: Default
A follow on CL will remove the manually added class/method information.
Bug: 9261010
* Fix BoringSSL Compatibility of oec_session_util.cpp
Author: John W. Bruce <juce@google.com>
[ Merge of http://go/wvgerrit/37121 ]
A previous change inadvertantly used APIs from OpenSSL that do not exist
in BoringSSL in oec_session_util.cpp. As a temporary fix until we can
move all targets to BoringSSL, this patch switches that file to use
conditional compilation to choose the correct API depending on the
library in use. It does not otherwise change the behavior of the file.
Bug: 67908123
Test: wv_ce_cdm_unittest on x86-64
Test: linux_unit_tests
* Create local shared_ptr implementation
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/37600 ]
Derived from protobuf version, which came from google3.
Removed locking (not thread-safe) and removed weak pointers (not
needed for usages in CDM).
Locking can easily be added if needed.
* Revert C++11 usage - back to gnu++98
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/37440 ]
These changes roll back C++11-specific constructs:
std::unique_ptr -> std::auto_ptr
container initializers
nullptr -> NULL
std::shared_ptr to local shared_ptr
compiler flags (-std=c++11 -> -sdt=gnu++98)
NOTE: the "local" shared_ptr implementation is temporarily
a direct reference to the shared_ptr implementation in
third_party/protobuf. This has been fixed (implementation
extracted and moved to core/include) in CL 37600.
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: Ie09ecb970aa06fe9301ac255375ca7d8e7ead8bc
These are a set of CLs merged from the wv cdm repo to the android repo.
* Level3 cleanup for SHA + field provision headers
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/37581 ]
Moved some redundant macro and struct definitions out of hmac.cpp and
sha.cpp into a separate header file to make the build easier and
cleaner. Also cleaned up unnecessary includes and method signatures
in field_provision.h.
* Address CDM_All_Tests failures
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/37580 ]
CDM engine tests for CE CDM occasionally fails when CDM_All_Tests
is run by the build server. The failures are due to a nonce generation
error. If provisioning fails due to a nonce generation error, a delay
followed by a retry will be attempted.
* Update OEMCrypto version to 13 in cdm.gyp
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/37520 ]
* Use per-session service certificates for licensing
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/37260 ]
These changes allow for service certificates to be specified on a
per-session basis rather than use one common to a CdmEngine instance.
This also allows for a service certificate request and response handling
when allowed on the platform, when privacy mode is enabled and a service
certificate is not provided.
Request license tests accept a service certificate command line
parameter in hex (ascii). Earlier it expected it in binary.
Bug: 68328352
* Refactor service certificate parsing
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/37060 ]
Service certificates may still be set in CdmEngine but service
certificate requests and responses have been moved from CdmEngine
to ServiceCertificate. This allows them to be called from lower
in the heirarchy (a class that CdmEngine depends on).
Bug: 68328352
* Revert "C++11: Replace OVERRIDE def with override keyword"
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/37020 ]
This reverts commit 2d3fb5c4c8f4cf5c986ee43723914a23cf76e8f0.
* Modified scripts/makefiles for L3 build
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/37220 ]
Changed build-android-haystack.sh and make_fastball_libwvlevel3.sh
to build using the new liboemcrypto.cpp file. Also changed
makefiles to build using the new file. Renamed liboemcrypto.cc to
liboemcrypto.cpp to make it consistent across android and CE CDM. Added
static libraries that were rebuilt using this change.
* Added android implementations for Level3
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/37181 ]
Moved getUniqueID and added Level3FileSystem implementations for
android. Also deleted redundant and unnecessary methods from
anroid_keybox.cpp.
* Refactored getUniqueID and updated libl3oemcrypto.cc
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/37160 ]
Renamed getUniqueID header and added comments to make it clear what the
function is doing. Also removed obfuscation of the method name since it
is implemented by the partner. Updated the libl3oemcrypto.cc file to
reflect the change as well as be obfuscated.
* Moved clear_cache function out of entry_points
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/37040 ]
clear_cache function is unobfuscated and relies on compiler flags to
work properly, and therefore should be removed from the
libl3oemcrypto.cpp file and linked during the final build.
* Minor gyp changes and added L3 build file
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/36480 ]
Gyp changes to cdm_unittests.gyp to make the test Level3FileSystem build
only on a level3 build and to oec_level3.gyp to be compatible with the
changes to the x86-64 platform settings changes (and to use -Wno-unused
to catch all unused warnings the libl3oemcrypto.cc might cause). This
change also includes an x86-64 libl3oemcrypto.cc so a Level3 OEMCrypto can build.
* Merge CE & Linux file system/factory + dynamic adapter changes
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/36220 ]
This CL merges the changes from
I27f5037e4fcea94abd84181f55053843b68f3e8d - it adds the CE
implementation for the file system, as well as the factory methods
needed to build the file system (and their implementations for both CE
and linux). As part of the merge, since the Linux build relies on the
dynamic adapter, that was fixed and gyp changes were made to reflect the
change.
* Cherry pick change to retrieve/save provisioning cert
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/30000 ]
This is cherry pick from level3-dev-3.3 of a merge of
I4f5dc5c216fa916e0bca0631c4ceda68859baf1d to save the
certificate for future tests with the current test host setup.
* Merged changes of usage/linux impl of L3FileSystem
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/35541 ]
This is a merge of change I15d38b3c36933d061d168e0ec30bcefd0182f32d. It
also adds a similar change in usage of L3FileSystem write for a line in
usage_table.cpp.
* Add cdm build changes for new Level3 build
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/34600 ]
Original CL: Ib611cf8a8589afa5cd25d6dc5b0aa43922cfda1e
Adds level3 oemcrypto library for static adapter. Includes changes to
gyp files to choose between oemcrypto libraries. Also includes changes
to the dynamic adapter, level3 headers, and entry_points to be
compatible with the function signature differences when using the
static adapter.
* Merge OEMCrypto Level3FileSystem interface
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/34541 ]
This merges in the interface for the Level3FileSystem object from
level3_dev_3.3 as well as the linux implementation. Furthermore, this
merge includes changes in properties and gyp files to allow compilation.
The associated changes are I3f1c58f0e3782de0669a96725a38673a26cc1a49,
I9fb2d10b0f966896bea685166c6b6b2e33c995dd, and
I4c87a5412a8a022fa9cfba43f33bd4d683e61536.
* Merged misc. changes to Level3 files
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/33303 ]
Continuation of I03d3aa1a308f2f010dcb6f5e15f927e81e42925b. These changes
are miscellaneous changes from level3-dev-3.3 involving include
statements, Caligo compatibility, and new Level3 signatures from changes
Ibc5befd492b295970e839f3481e2b512b52dcb08 and
If599e62c72b5eb40c53633cd72a4d20dc859ee52.
* Merged change involving getUniqueId()
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/33302 ]
This is a merge from level3-dev-3.3. This change
(Ibc5befd492b295970e839f3481e2b512b52dcb08) involves
separating out the method getUniqueId() from the linux_ and
android_keybox.cpp. This was done so that clients can
supply the necessary implementation for the method.
* Merged needle file changes from level3-dev-3.3
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/33301 ]
Continuation of I3dbf34bab526945720280f819dd3212ae982d2f7. These are
changes (Ibc5befd492b295970e839f3481e2b512b52dcb08) involving the
compiled needles for Haystack. Major changes include function signature
changes, adding non-state needles automatically, and include statements.
* Merged keybox/usage table access and function sigs
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/33300 ]
These are changes from level3-dev-3.3. They involve changing function
signatures/include files for the new Haystack runtime
(Ibc5befd492b295970e839f3481e2b512b52dcb08). They are also
related to change I0285e6d85e80b06b7df1ed298cd1145a6c9c4842. Keybox and
usage table file names are replaced with constant needles. Furthermore,
a state needle was added that removes the OldUsageTable file. In
addition, this CL includes removals of method references that are now
stale due to the introduction of change
I9fb2d10b0f966896bea685166c6b6b2e33c995dd.
* Android unit test build fixes
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/37380 ]
Removed crypto_session_unittest from build script (introduced
in http://go/wvgerrit/32824), since crypto_session.cpp requires
some changes to be merged over from oc-mr1-dev (b/64456400).
Added oemcrypto_session_tests_helper.cpp to the oemcrypto test
makefile so the oemcrypto unit tests can link in the
methods from the refactor in http://go/wvgerrit/36562.
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I7e45901a151e51da96d192d359edddc5fe74946e
These are a set of CLs merged from the wv cdm repo to the android repo.
* Correct RELEASE_ALL_USAGE_INFO_ERRORs
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28742 ]
RELEASE_ALL_USAGE_INFO_ERROR_4 and 5 were introduced and made use of in
http://go/wvgerrit/24022 (branch: oc-dev). The error code definitions
were merged over in http://go/wvgerrit/24602.
When http://go/wvgerrit/24622 from cdm_partners_3.2 was merged to master
(http://go/wvgerrit/27723) there was conflict in error codes. The error
codes were adjusted to RELEASE_ALL_USAGE_INFO_ERROR_3 and 4
and were made use of.
To avoid renaming the errors between oc-dev and master, new errors
RELEASE_ALL_USAGE_INFO_ERROR_6 and 7 have been added to handle the
scenarios noted in the merge from cdm_partner_3.2. The other
errors have been reverted back to RELEASE_ALL_USAGE_INFO_ERROR_4 and 5.
They will be used when http://go/wvgerrit/24602 is merged.
* Address compilation issues
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28740 ]
These changes enable compilation of most of the cdm code on android
expect for OEMCrypto unit tests (b/62739406) on wv master.
* Add property for binary/base64 provisioning msgs.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28074 ]
Property is "provisioning_messages_are_binary". Its default setting is
false in the CE CDM, but it can be overridden by integrators.
Added section to integration guide that discusses Provisioning Server
message formats and the new property.
Link: https://docs.google.com/document/d/1cBVbhgrajLpDe2W3_vzLzUqzpdDt73chvm4_sZlZlS8/edit#heading=h.hgxw53ddw7jo
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I9168193819974d1ff65d9a94dbd762e45ecc43ca
Below are a set of CLs being merged from the wv cdm repo to the android repo.
* Fix handling of OEM Cert public key.
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/27921 ]
This is a potential fix for b/36656190. Set aside public
key on first call to get the public key, and use it afterwards.
This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(),
which has side-effect of staging the OEM private key.
This also fixes a problem where the public cert string was
not being trimmed to match the size returned by
OEMCrypto_GetOEMPublicCertificate().
* Complete provisioning request/response for Provisioning 3.0
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Fix bug on provisioning request path where GenerateDerivedKeys()
was being called when preparing to generate the signature.
Add message signature verification, and call correct OEMCrypto
routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30).
* Implement Cdm::deleteAllUsageRecords()
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Delete all usage records for current origin. Removes usage
records from file system and retains the PSTs. The deletes
any usage entries matching those PSTs held by OEMCrypto.
BUG: 35319024
* Remove stringencoders library from third_party.
Author: Jacob Trimble <modmaker@google.com>
[ Merge of http://go/wvgerrit/27585 ]
We have a fork of the stringencoders library that we use for base64
encoding. This reimplements base64 encoding to remove the extra
dependency and to reduce the amount of code.
* Add Cdm::deleteUsageRecord() based on key_set_id.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27605 ]
Delete specified usage record from file system usage info and
from OEMCrypto.
BUG: 35319024
* Modifiable OEMCrypto
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/24729 ]
This CL adds a new variant of the OEMCrypto mock code that adjusts its
behavior based on a configuration file. This is intended for
testing.
For example, a tester can set current_hdcp to 2 in the options.txt
file, push it to the device, and verify that a license is granted for
HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and
push the file to the device. Playback should stop because the license
is no longer valid.
This variant uses a real level 1 liboemcrypto.so to push data to a
secure buffer. That means we can test playback for a license that
requires secure buffers on an Android device with real secure buffers.
BUG: 35141278
BUG: 37353534
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I58443c510919e992bb455192e70373490a00e2b6
Merge from Widevine repo of http://go/wvgerrit/35480
This relaxes the watchdog timer around the level 3 oemcrypto
initialization to 120 seconds. There are also a couple of new log
messages at the end of initialization and at termination.
Library for arm updated:
level3/arm/libwvlevel3.a Level3 Library 4445 Oct 4 2017 17:06:25
bug: 65379279
Test: unit tests on n5. View netflix on Nexus 5. GTS tests on N5.
Change-Id: Id474d6728da557051801d2ca92987496672b896a
Merge from Widevine repo of http://go/wvgerrit/33540
This code adds a watchdog timer to the level 3 initialization. If
initialization does not finish within 5 seconds, the process will
abort, printing a small amount of debugging information.
arm/libwvlevel3.a Level3 Library 4445 Sep 11 2017 14:05:15
Test: unit tests on bullhead. Video on Play Movies.
Kyle ran the GTS tests on loop overnight.
bug: 65379279
Change-Id: I0e0e4b158dbce193abbd8ee2cf6b366060c768b8
Merge from Widevine repo of http://go/wvgerrit/26780
and http://go/wvgerrit/26740
Previously, in oemcrypto level 3, a session's current key's duration
was not updated until the next call to SelectKey. This caused
problems with license that only used one key. This CL fixes that.
arm64/libwvlevel3.a Level3 Library 7283 May 2 2017 13:16:21
arm/libwvlevel3.a Level3 Library 4445 May 2 2017 11:49:34
x86_64/libwvlevel3.a Level3 Library 7284 May 2 2017 12:09:21
x86/libwvlevel3.a Level3 Library 4464 May 2 2017 11:53:46
Test: unit tests run on emulator.
b/37481239
b/37523523
Change-Id: Ife90a3358b6620c8fb81324ec2331d3775a38191
(This is a merge of http://go/wvgerrit/25900 and http://go/wvgerrit/25920)
This commit contains the latest Haystack prebuilt binaries based on
the latest OEMCrypto code in the Widevine tree. This is to pick up the
change "Report error OEMCrypto_ERROR_ENTRY_IN_USE", which fixes
several failing unit tests. This CL also adjusts the L3 library so
that it stores its data in the directory specified by the layer above.
level3/x86_64/libwvlevel3.a Level3 Library 7284 Apr 13 2017 16:58:07
level3/arm/libwvlevel3.a Level3 Library 4445 Apr 13 2017 16:48:19
level3/mips64/libwvlevel3.a Level3 Library 7285 Apr 13 2017 23:52:51
level3/mips/libwvlevel3.a Level3 Library 4465 Apr 13 2017 23:16:02
level3/arm64/libwvlevel3.a Level3 Library 7283 Apr 13 2017 17:05:12
level3/x86/libwvlevel3.a Level3 Library 4464 Apr 13 2017 16:36:25
Bug: 36656178
Bug: 37210088
Test: build_and_run_all_unit_tests.sh and GTS tests
Change-Id: Ia5b272cd945f0c9f2fe37ecd0f3ccd2f2ff398bc
Merge from Widevine repo of http://go/wvgerrit/24043
This CL simplifies the way the oemcrypto dynamic adapter handles
backwards compatibility while looking up old function pointers.
It also puts in guards for functions that do not have pointers.
Current Level 3 libraries merged from http://go/wvgerrit/23686/
level3/arm64/libwvlevel3.a Level3 Library 7283 Feb 15 2017 13:39:10
level3/mips64/libwvlevel3.a Level3 Library 7285 Feb 15 2017 13:51:12
level3/arm/libwvlevel3.a Level3 Library 4445 Feb 15 2017 14:20:04
level3/x86_64/libwvlevel3.a Level3 Library 7284 Feb 15 2017 13:43:04
level3/x86/libwvlevel3.a Level3 Library 4464 Feb 15 2017 14:14:55
level3/mips/libwvlevel3.a Level3 Library 4465 Feb 15 2017 14:10:04
Test: OEMCrypto Unit tests pass on bullhead, fugu, and all
six emulators. A bullhead was crippled to use L3 only, and
Play Movies worked OK. ExoPlayer tests were also run on the
bullhead. L1 was re-installed on the bullhead, and Play Movies and
ExoPlayer tests were repeated with no problems.
Bug: 18949752
Bug: 31458046
Change-Id: I8668fde1ce8a045c71bf33c566f3ff86e11821c5
Merge from Widevine repo of http://go/wvgerrit/23044
On some platforms, the compiler will not pack structures. This CL
replaces the OECrypto_PST_Report packed structure with a simple buffer
of uint8_t. This changes the signature of OEMCrypto_ReportUsage as
part of OEMCrypto v13.
There is also a new wrapper class that test code, the mock, and debug
code can use to access data in the report.
The old packed structure definition is moved to the level 3, where we
use a compiler that packs sructs when asked nicely.
arm/libwvlevel3.a Level3 Library 4445 Jan 20 2017 11:29:15
x86/libwvlevel3.a Level3 Library 4464 Jan 20 2017 11:10:49
mips/libwvlevel3.a Level3 Library 4465 Jan 20 2017 10:56:08
b/32180083
Change-Id: Ie138f034cb12780a2f8636888cebf022c52169e5
Merge from Widevine repo of http://go/wvgerrit/22899
This is most of the header changes for OEMCrypto v13. This updates
just enough of the code that existing unit tests build and pass.
The documentation will be reviewed in http://go/wvgerrit/22887. When
that CL has been approved, comments in the code will be updated to
match.
Real code will be broken into several other CLs.
bug:31458046
arm/libwvlevel3.a Level3 Library 4445 Jan 17 2017 20:01:26
x86/libwvlevel3.a Level3 Library 4464 Jan 17 2017 19:00:37
mips/libwvlevel3.a Level3 Library 4465 Jan 17 2017 19:24:35
Change-Id: I0318c53235c0b33afb623cba933365e09dec4e61
Merge of several CLs from the widevine repo.
Merge from widevine repo of http://go/wvgerrit/22440
Build OEMCrypto v12 Haystacks with cache flush
level3/mips/libwvlevel3.a Level3 Library 4465 Nov 29 2016 13:34:45
level3/arm/libwvlevel3.a Level3 Library 4445 Nov 29 2016 14:02:08
level3/x86/libwvlevel3.a Level3 Library 4464 Nov 29 2016 14:22:21
Merge from widevine repo of http://go/wvgerrit/22403
Pull cache flush out of Haystack
Merge from widevine repo of http://go/wvgerrit/21145
OEMCrypto v12 stubs -- just the header file changes.
Merge from widevine repo of http://go/wvgerrit/21146
Add OEMCrypto v12 functions to profiler
This CL adds the new oemcrypto v12 functions for provision 3.0 to the
list of profiler functions.
Merge from widevine repo of http://go/wvgerrit/21143
OEMCrypto v12 adapter
This CL updates the oemcrypto dynamic and static adpaters to include
oemcrypto v12 funtionality. It adds the three new Provisioning 3.0
functions.
It also adds code in the initialization routine to null out all of
the function pointers if any of them fail to load. It is better to
fall back to level 3 than to use an inconsistent level 1.
b/31528025
Change-Id: I3579dc93e00ad7e7c743beecdd8291eac557d4e4
Merge of http://go/wvgerrit/20924
This CL pulls the cache flush code out of the haystack code and into
the adapter level. This is so it will be built with processor
specific compiler flags instead of as part of the precompiled binary.
level3/mips/libwvlevel3.a Level3 Library 4465 Sep 10 2016 21:44:37
level3/arm/libwvlevel3.a Level3 Library 4445 Sep 10 2016 21:30:01
level3/x86/libwvlevel3.a Level3 Library 4464 Sep 10 2016 21:49:53
b/30550782 Battery Problems
Change-Id: I8967da498a43cabe82e78345162705dc2fcdb859
Merge from widevine side of http://go/wvgerrit/17355
The previous build of this library had some filenames and linker
symbols left in that should not be leaked. This build removes them.
Library versions:
level3/mips/libwvlevel3.a Level3 Library 4465 Mar 30 2016 13:29:24
level3/arm/libwvlevel3.a Level3 Library 4445 Mar 30 2016 13:23:54
level3/x86/libwvlevel3.a Level3 Library 4464 Mar 30 2016 13:26:29
b/27831262
Change-Id: I7801c6f953af338f5e80e95aa27098ae4c7a6c93
Merge from widevine of http://go/wvgerrit/17178
These are the OEMCrypto Level 3 libraries, built using a stable
version of GCC and build tools on nyc-dev. Code changes are just
merged from master. Aside from build tool updates, the CL contains a
fix for b/26567162.
Current version (as printed by oemcrypto/level3/print-version-strings):
level3/arm/libwvlevel3.a Level3 Library 4445 Mar 17 2016 14:11:16
level3/x86/libwvlevel3.a Level3 Library 4464 Mar 17 2016 13:14:40
level3/mips/libwvlevel3.a Level3 Library 4465 Mar 17 2016 11:34:50
bug: 26917438
bug: 26567162
Change-Id: I07d526f28e61c5a9b66fa59b78041a93a99dc8e6
This CL is a merge from the widevine repo of
http://go/wvgerrit/16553 Prebuilt Level 3 OEMCrypto for Android
http://go/wvgerrit/16238 Require OEMCrypto v11 for Android N Unit Tests
http://go/wvgerrit/16484 Shared License Tests (OEMCrypto v11)
http://go/wvgerrit/16448 Pattern Decrypt Unit Tests and Reference Implementation
http://go/wvgerrit/16489 Enforce UNUSED Variables
http://go/wvgerrit/16479 Pattern Decrypt for Level 3 OEMCrypto
http://go/wvgerrit/16280 Correctly handle bad RSA key
http://go/wvgerrit/16315 Security Patch Level - haystack version
http://go/wvgerrit/16282 Correctly handle null pointer in GetKeyData
http://go/wvgerrit/16294 Initialize data for generation number
It contains the Level 3 implementation, as well.
mips/libwvlevel3.a Level3 Library Jan 22 2016 14:30:27
arm/libwvlevel3.a Level3 Library Jan 22 2016 15:03:55
x86/libwvlevel3.a Level3 Library Jan 22 2016 13:52:29
b/26692954 [DRM] OEMCrypto v11 needed for Nexus devices
Change-Id: Ibb1384959620f63a1be1e82ce2952ec9f48f0d3e
This CL contains the level 3 oemcrypto library built for android. I
used the toolchain from the mnc-emu-release branch because I'm having
problems with the toolchain on master.
This includes the security patch API, and several bug fixes to the library.
Current versions:
mips/libwvlevel3.a Level3 Library Dec 17 2015 21:26:57
arm/libwvlevel3.a Level3 Library Dec 17 2015 21:09:47
x86/libwvlevel3.a Level3 Library Dec 17 2015 21:19:15
http://go/wvgerrit/16371 Level 3 OEMCrypto library
http://go/wvgerrit/16315 Security Patch Level - haystack version
http://go/wvgerrit/16282 Correctly handle null pointer in GetKeyData
http://go/wvgerrit/16294 Initialize data for generation number
http://go/wvgerrit/16280 Correctly handle bad RSA key
bug: 26089773
bug: 26092100
bug: 26086944
Change-Id: I3ea1b5d219dae0c88deafa742f61d67e97297902
Merge from widevine of http://go/wvgerrit/15778
This CL rebuilds the level 3 libraries with the android emulator
sdk_phone_*. This seems to avoid problems with the x86 build using
incorrect compiler flags.
Versions:
level3/mips/libwvlevel3.a Level3 Library Sep 28 2015 13:25:25
level3/arm/libwvlevel3.a Level3 Library Sep 28 2015 13:18:25
level3/x86/libwvlevel3.a Level3 Library Sep 28 2015 13:08:28
bug: 21766765
Change-Id: I0470d3ea55bf9fc18ff7c69f6f39d532c9865404
Merge from Widevine of http://go/wvgerrit/15507
This change recompiles the oemcrypto libraries on the emulators
because those should have the "least common denomintor" of compiler
options.
New Versions:
android/level3/mips/libwvlevel3.a Level3 Library Aug 27 2015 11:53:29
android/level3/arm/libwvlevel3.a Level3 Library Aug 27 2015 11:43:45
android/level3/x86/libwvlevel3.a Level3 Library Aug 27 2015 11:48:16
bug: 21766765
Change-Id: Ic69bacd71af835df940af1c21166b0ade57abf04
Merge from widevine repo of http://go/wvgerrit/14668
This CL modifies the multiplication routine to avoid memory cache
misses. This shows a 10-20% speed improvment in license requests on
an x86.
Level 3 library version:
level3/arm/libwvlevel3.a Level3 Library Jun 15 2015 14:09:24
level3/x86/libwvlevel3.a Level3 Library Jun 15 2015 14:09:10
bug: 18252910
Change-Id: I4429324374de46d1d710d5fcac80f7ed363c696c
Merge from widevine repo of http://go/wvgerrit/14502
If any OEMCrypto session call is made after Terminate is called, then
there was a null pointer access. This is protected by the oemcrypto
adapter, but could still be a problem in unit tests which by-pass the
adapter.
bug: 21642892
Level 3 versions:
level3/arm/libwvlevel3.a Level3 Library May 29 2015 14:03:11
level3/x86/libwvlevel3.a Level3 Library May 29 2015 14:03:12
Change-Id: I84fd098c2faea71a79bc21658485593e22a8e994
This is a merge from the widevine repo of http://go/wvgerrit/14262
This CL replaces AES with a psuedorandom number generator to encrypt
the needles in the oemcyrpto level 3 haystack. This speeds up the
overhead significantly, and reduces decrypt times by as much as 75%
for small buffers (1-3 kb). This makes the obfuscation slightly less
secure but is worth the overall performance boost.
Level 3 library versions:
level3/arm/libwvlevel3.a Level3 Library May 1 2015 15:45:12
level3/x86/libwvlevel3.a Level3 Library May 1 2015 15:45:55
b/19582757 L3 Widevine extremely choppy on Nexus 6 (480p)
Change-Id: I3077c04047a7f2da6f64869d7a9af5ddcc62671f
This is a merge from the Widevine repository of
http://go/wvgerrit/14024
Add Level 3 Oemcrypto Unit Tests To Run All Tests Script
This CL adds the ability to restrict the oemcrypto unit tests to only
use the fall back level 3. This restriction is per-process, and is
only used while running the unit tests. This allows us to automate
running the unit tests on an android device as both level 1 and level
3 without modifying files in /system/lib. To turn on the restriction,
set the environment variable: FORCE_LEVEL3_OEMCRYPTO=yes.
New level 3 library versions are:
level3/arm/libwvlevel3.a Level3 Library Apr 8 2015 13:09:05
level3/x86/libwvlevel3.a Level3 Library Apr 8 2015 13:15:42
http://go/wvgerrit/14055
Remove Redundant Tests
This CL modifies the UsageTableTests in oemcrypto_test.cpp so that
they are not all parameterized by new_mac_keys_. This parameter is
used when testing signatures. In particular, we do not need to verify
timing twice.
Also, I modified the run_all_unit_tests.sh script so that the
environment variable GTEST_FILTER is passed down to the android
process. This allows us to use the script to run a limited list of
tests while debugging.
http://go/wvgerrit/14054
Filter Out API Version 10 Tests
This CL updates the OEMCrypto tests so that all but one test will pass
for a device that implements the version 9 API.
Android LMP devices should pass tests with
GTEST_FILTER="*-*MNC*:*CanLoadTestKeys*"
http://go/wvgerrit/13886
Update Documentation about Optional Features
The intergration guide has been updated to include reference to
OEMCrypto_LoadTestRSAKey. It also now discusses optional features.
The Delta 10 document now mentions OEMCrypto_LoadTestRSAKey.
The android supplement warns that most optional features are required.
This also adds clarification about which functions should save the
usage table, in answer to:
b/16799904 OEMCrypto v9 ambiguous about saving usage table information
Change-Id: Ifb517d58952c9b332b2958ca99af64bc293b985f
Merge from Widevine repo of http://go/wvgerrit/10308
There was a memory leak in the oemcrypto RSA code.
Also, when saving the usage table, some session variables were
allocated twice. This results in session data being lost.
There were also some leaks and uninitialized values in oemcrypto_test.
I added some checks and profiling to the debug runtime for the
haystack. It will warn if a variable is left unencrypted or is
unencrypted twice. I also added the profile code.
Versions of L3 library:
android/level3/arm/libwvlevel3.a Level3 Library Apr 1 2015 11:40:06
android/level3/x86/libwvlevel3.a Level3 Library Apr 1 2015 12:44:32
b/19950814
Change-Id: Ic752e36c09fce121dcaf92f9209591e74f3eb070
This is a merge of http://go/wvgerrit/13710
The oemcrypto adapter loads a version 8, 9 or 10 library and adds
backwards compatibility for version 8 or 9.
The only function whose signature has changed from v9 to v10 is
OEMCrypto_GetHDCPCability. This CL adds backwards compatibility for
that function.
Level 3 libraries are now:
level3/arm/libwvlevel3.a Level3 Library Mar 17 2015 14:33:34
level3/x86/libwvlevel3.a Level3 Library Mar 17 2015 14:30:23
b/19785099 L1 Widevine missing/broken on master (Fugu)
b/19789909 L1 Widevine missing on master (AAY75B)
Change-Id: I9bd716f5cdffaf1bfbdfcd8ed067af3f5d0ac9ba
This is a merge of http://go/wvgerrit/13391 from the Widevine repository.
This CL adds the OEMCrypto version 10 API to the header, and changes
just enough code so that code still compiles. There are no unit tests
or implementation.
The level 3 libraries are just stubs so that tests will compile.
level3/arm/libwvlevel3.a Level3 Library Mar 11 2015 13:33:21
level3/x86/libwvlevel3.a Level3 Library Mar 11 2015 15:20:27
Change-Id: I41de753a2a60da29b756c3327341ece72069d8bb
(This is a merge of http://go/wvgerrit/13420 from the Widevine
repository.)
Generates new obfuscated libraries that include @kqyang's recent
changes to add OEMCrypto_GetMaxNumberOfSessions().
libwvdrmengine/level3/arm/libwvlevel3.a Level3 Library Mar 6 2015 15:16:17
libwvdrmengine/level3/x86/libwvlevel3.a Level3 Library Mar 6 2015 15:20:30
Change-Id: Ibea299a372617f98c0f24861c673f56a97845ad8
* Replace an stlport static assert with a C++11 static_assert.
* Move some libraries that were being built with the NDK but
statically included into platform code off the NDK.
* Rebuild the obfuscated binaries to use the new STL.
* Remove MIPS support temporarily due to an inability to generate
obfuscated binaries for it. (To be fixed in b/19482469.)
Bug: 15193147
Change-Id: Icc166583b0c6af68550baf17ab8c33076a1179d3
This is a merge of the widevine change:
https://widevine-internal-review.googlesource.com/#/c/11781
The OEMCrypto did not save the usage table correctly after a key was
loaded and not used.
Also, oemcrypto uses the keybox to verify and sign the usage table.
On library initialization, the usage table was being loaded before the
keybox, so the signature was not verified correctly.
Both these problems have been corrected.
Current Library Version:
arm: Level3 Library Nov 19 2014 16:53:43
bug: 17328418 Can't play pinned content
Change-Id: Ia753e2f47b36433931fbe8dba78939581e647222
This is a merge of the widevine CL:
https://widevine-internal-review.googlesource.com/11254
On arm64, some devices are having random issues that probaby relate to
a stale instruction cache. This code change flushes the cache for
pages that are going to be made executable.
b/17400000
Current Library Version:
arm64: Level3 Library Sep 25 2014 17:10:03
Change-Id: I3904e96e922654c055a478079aa52c29cbde8b9f
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11110/
The level 3 oemcrypto library version of DeactivateUsageEntry now
returns OEMCrypto_ERROR_INVALID_CONTEXT if there is no entry in the
usage table.
Current Library Version:
arm: Level3 Library Sep 3 2014 18:13:47
b/17373630
Change-Id: Iaeb65b4ad4b2b9f3c6733a2c9c8d96e2be263d09
This is a copy of
https://widevine-internal-review.googlesource.com/#/c/11030
It is an error for the key control block to have a nonzero replay
control flag and a null pst. This CL adds unit tests to
oemcrypto_test to verify that oemcrypto checkes this. A unit test is
also added for verifying that an offline license has a valid nonce the
first time it is loaded.
It also updates the reference implementation (mock) to check that the
pst is not empty when the replay control flag is nonzero.
It also updates the level 3 implementation to check that the pst is
not empty when the replay control flag is nonzero.
This change is compiled into the arm library, but because of
compilation errors, is not included in x86 or mips.
Current Library Version:
arm: Level3 Library Aug 27 2014 18:42:40
bug: 16525204 OEMCrypto unit test for reloading offline license
bug: 16844305 Mock OEMCrypto does not catch null pst
Change-Id: Icdb090e80fc92522c187b26f30e5ba082f26363b
