Plugin to provide getPropertyByteArray("deviceSignedCsrPayload")
which returns the signed CSR payload for device registration. It
queries both BCC and device info to be set in plugin before calling this
getPropertyByteArray("deviceSignedCsrPayload") method. The returned csr
payload will be used by assemble the device CSR by the caller for device
registration.
Bug: 286556950
Test: build WV DRM plugin
Merged from https://widevine-internal-review.googlesource.com/178891
Merged from https://widevine-internal-review.googlesource.com/179731
Change-Id: I65d89ed998dd292fc656af2f91f4472c1b5ec33c
[ Merged of go/wvgerrit/186370 ]
CDM by default allows test keybox from device side.
Bug: 299987160
Bug: 301669353
Change-Id: I06f1936ccd068eb71364a5a8931970954233b686
[ Merge of http://go/wvgerrit/172010 ]
The CdmEngine provides an API for generic crypto operations that are
already used for the CE CDM. This API is being exposed in the Android
CDM. The parameter order of the Android CDM is modified to match the
existing generic crypto parameters used in the media DRM plugin.
Bug: 274984456
Bug: 29400687
Test: build x86-64 and Android
Change-Id: I3b286ebb011bd58754b7b8ea814ed46daf1f62f9
[ Merge of http://go/wvgerrit/172910 ]
The lifecycle of the Android CDM is controlled by Android's strong/
weak pointer functionality. Unfortunately, it does not provide an
easily predictable point in the code where the CDM is to be deleted
along with the saved metrics. In order to allow the CDM to keep a
list of metrics that are persistent with the life of the service, a
global thread safe queue is provided which is created when the first
CDM is created, but will out live the CDM.
The metrics will still be deleted when the DRM service is terminated.
Bug: 270166158
Test: adb shell dumpsys android.hardware.drm.IDrmFactory/widevine -m
Change-Id: Id98676d8b5278798b4de332cc272cd5b85024244
[ Merge of http://go/wvgerrit/171271 ]
There is a need to maintain a short history of metrics from CDMs which
have been deleted. This CL adds this ability to the Android version
of the WV CDM. The history cannot yet be maintained for long, as the
WV CDM instance is destroyed if unused.
Further changes are required to the plugin to maintain the history
beyond the life-cycle of the CDM instance, and to properly format
its output.
Bug: 239462891
Bug: 270166158
Test: adb shell dumpsys android.hardware.drm.IDrmFactory/widevine -m
Test: atest GtsMediaTestCases
Change-Id: I81c0996602722a9795fc3951030d20bb39b5816b
[ Semi-revert of http://ag/20183443 ]
[ Merge of http://go/wvgerrit/168898 ]
These tests were removed from Android last quarter; however, they
now need to be restored. These tests will be removed in Android V.
To help with ambiguity around where the CDM is operating on a single
or set of usage info messages, the variables have been renamed to
propery indicate plurality.
Bug: 263319220
Test: cdm_extended_duration_test
Test: request_license_test
Test: libwvdrmdrmplugin_hal_test
Change-Id: I38b16dd5811069fafaeab5ffc19d0f8a8095f0cf
[ Merge of http://go/wvgerrit/163900/ ]
ATSC licenses can be saved by calling
MediaDrm#setPropertyString("storeAtscLicense",<value>)
where <value> is
"<atsc-key-set-ID>:<license-file-data in Base64 format>"
Before storing an ATSC license a session must be opened and the
ATSC mode must be enabled.
Use MediaDrm#setPropertyString("atscMode","enable");
Bug: 176871821
Test: WV Unit/integration/Luci tests
Test: libwvdrmdrmplugin_hal_test
Test: GtsMediaTestCases
Change-Id: Iec2a8b7f87b1122395d06856202278b92316fdfe
[ Merge of http://go/wvgerrit/150350 ]
Certain integration tests were depending on the provisioning server
only sending short duration (~2 minute) certificates when testing
the CDM's ability to enforce expiration periods. This behavior of
the server was not reliable, resulting in device test failures from
server behavior changes.
The DRM certificate provisioning server allows the requester to
optionally provide a desired certificate duration in the request
URL. The tests which test the CDM's ability to enforce certificate
durations will now explicitly specify the certificate duration
required by the test.
Bug: 228547158
Test: request_license_test
Change-Id: Ib9ebfdba1451104be0e59baca0b2f23a94cd51e6
The interface is defined in
hardware/interfaces/drm/aidl(http://go/ag/15329852).
Test: build
m android.hardware.drm-service.widevine -j128
Test: build_and_run_all_unit_tests.sh
for hidl tests
Test: atest VtsAidlHalDrmTargetTest
Bug: 200055138
Bug: 170964303
Change-Id: If2f2a129914436ba5cef1c46f6cb9415e12c3d1c
Merge from Widevine repo of http://go/wvgerrit/142150 (part 1)
For an EVT device, without a keybox or with a test keybox, we want it
to fall back to L3. However, when running the unit or integration
tests it should continue running tests with test keybox. This will
allow us to test L1 oemcrypto on an EVT device, while still using an
EVT device for dogfooding video content at the L3 level.
The original CL modified the HIDL and non-HIDL plugin, so this is the
hand cherry-pick.
Bug: 210807585
Change-Id: I85b96f127abe30f8f061b242f7580fa8f6c01776
[ Cherry-pick of http://ag/16064434 ]
[ Merge of http://go/wvgerrit/136330 ]
This changes adds a custom debug property for changing the fallback
policy used for the system. Depending on the value set, the device
will either use a "fast" fallback (30 seconds) or "default" fallback
(~1 day with exponential backoff). Setting this property to either
"fast" or "default" will end the current fallback if it has been
triggered.
Bug: 187646550
Test: Android unit tests
Change-Id: I5271f96139c1e468242f7fa742668cc791ffcf91
Merge from Widevine repo of http://go/wvgerrit/135984
If the MediaDrm property string debugIgnoreKeyboxCount is set to 1,
then the keybox will be ignored on the next initialization. This will
force an OTA keybox reprovisioning.
Equivalently, a 1 may be written to the file
L1/debug_ignore_keybox_count.txt.
In order to test a failed reprovisioning step, a value of 2 may be
used.
Bug: 187646550
Merged-In: Ie7d34a8b355398855f4ec43dd95dd73c5907bdeb
Change-Id: Ie7d34a8b355398855f4ec43dd95dd73c5907bdeb
[ Merge of http://go/wvgerrit/128325 ]
There were a few cases where |cdm_by_session_id_| was being iterated
over and the CDM did not acquire any write-protection locks to prevent
other threads from changing the map simultaneously.
In particular, it was possible that while cleaning up a CDM, and
removing all the associated session in |cdm_by_session_id_| another
CDM could have been opening a session and creating a new association
in |cdm_by_session_id_| at the same time.
Cases where |cdms_| and/or |cdm_by_session_id_| is being written to or
iteratively read from should require a lock. The iterator of
std::map maintains a "view" into the map's tree structure. Modifying
the map (inserting or deleting elements) can potentially change the
structure of the map and the underlying assumptions built into an
iterator's view (ex, the iterator thinking there is an element to the
left or right).
Modifying the value within the map can potentially cause problems, but
is not applicable in our case (we modify the object pointed to by the
map element, but not the pointer itself).
Bug: 190405462
Test: build_and_run_all_unit_tests.sh and MediaDrmTest
Change-Id: I043e238570dac9a0db990f8fe66be271062b965c
This commit is a combination of the following:
* http://go/wvgerrit/117003
* http://go/wvgerrit/118303
Bug: 162255728
Test: MediaDrmTest#testGetLogMessages
Change-Id: I5699b64d5c4bab463e5b587595fa7d324dc1d93f
[ Merge of http://go/wvgerrit/108084 ]
The Widevine License Agreement has been renamed to use inclusive
language. This covers files in the android directory.
Bug: 168562298
Test: verified compilation (comment only change)
Change-Id: I0f9e6445e0168ebe85425baeb81371e182e5a39c
Merge from http://go/wvgerrit/105767
To avoid conflict with metrics.proto in
frameworks/av/drm/libmediadrm/proto.
This is in preparation of moving metrics_dump tool
to build under Android.
bug: 161783052
Test: unit test
Test: Play Movies & Tv and Netflix streaming
Change-Id: I2406b66db4d61cca7c6260ea8847a555d96c8d42
Add options to dump Widevine Cdm properties,
Widevine Cdm metrics, or both.
The valid arguments are Cdm Metrics (m|M) or Cdm Properties (p|P).
If no arguments are provided, both Cdm properties and
Cdm metrics will be displayed.
Test: adb shell lshal debug [drm service] [m/p]
adb shell lshal debug android.hardware.drm@1.3::IDrmFactory/widevine
Bug: 154027349
Change-Id: I95c10dd7d4274226936295c73be4eb1612c2ef6a
[ Merge of http://go/wvgerrit/101443 ]
The WVDrmPlugin has a single CdmIdentifier. The CdmIdentifier contains
a SPOID that is calculated from the device ID (keybox or OEM cert),
an application reverse domain name and possibly an origin.
The CdmIdentifier is set and SPOID calculated on certain calls into
WVDrmPlugin. Once it is set, it will not be recalculated. We prevent
certain operations such as modifying the origin once the CdmIdentifier
has been set as this will require recalculating the SPOID.
Recalculating the SPOID may affect open sessions or calls in progress.
In a similar way, modifying the security level, will affect the
Device ID value and in turn the SPOID. The security level cannot be modified
if any sessions are open. This does leave open the possibility that the
SPOID may be calculated at one security level, sessions are then closed,
and the security level is then changed without an error being flagged.
The provisioning certificate file name is based on the SPOID. When
the SPOID does not match the security level, either the provisioning
information may not be found even though that security level has
been provisionined or the provisioning information may be stored
in an incorrect location if provisioning occurs.
The correct solution is to prevent modifications to the security level
once the CdmIdentifier is set. This is a behavior change and might
impact apps. We will reevaluate this for the next release.
For now, we will work around this. When the CdmIdentifier is set for L3,
we will calculate SPOIDs with both L1 and L3 device IDs and check if
provisioning previously occurred with SPOIDs calculated for that level.
If so, use that level, otherwise use L3.
Bug: 147703382
Test: Android unit/integration tests, GtsMediaDrmTests
Change-Id: Ia64adfc5848e431ee3876af03eebdb4b6eb83116
[ Merge of http://go/wvgerrit/97267 ]
In earlier releases, provisioning would occur based on a cached
security level. If an open session call returned a NotProvisionedException
the security level would be cached for use with any future provisioning
call.
An app would have to set the security level, then call openSession,
have it fail and then request provisioning. This fits the normal flow of
most apps. Still on occasion, an app might change requested security level
after an openSession call failed. Using the cached security level
would result in unexpected behavior.
This change allows provisioning to occur at the last security level that
was set.
Bug: 129356527
Test: wv unit/integration tests, GTS tests (GtsMediaTestCases)
Merged-In: I8d9234eec2b23a9c913e77a709943b431e25e43e
Change-Id: I8d9234eec2b23a9c913e77a709943b431e25e43e
(This is a merge of http://go/wvgerrit/93829,
http://go/wvgerrit/93830, http://go/wvgerrit/93832,
http://go/wvgerrit/93833, and http://go/wvgerrit/93834 from the
Widevine repo.)
This implements the CDM code changes necessary to take advantage of
Combined Decrypt Calls on OEMCrypto v16. The result of this is that
WVCryptoPlugin is much lighter now because it can pass the full sample
down to the core in one call, but CryptoSession is heavier, as it now
has to handle more complex fallback logic when devices can't handle
multiple subsamples at once.
This patch also removes support for the 'cens' and 'cbc1' schema, which
are being dropped in OEMCrypto v16. This fixes an overflow in the code
for handling those schemas by removing it entirely.
This patch also fixes the "in chunks" legacy decrypt path to use larger
chunk sizes on devices with higher resource rating tiers.
Bug: 135285640
Bug: 123435824
Bug: 138584971
Bug: 139257871
Bug: 78289910
Bug: 149361893
Test: no new CE CDM Unit Test failures
Test: Google Play plays
Test: Netflix plays
Test: no new GTS failures
Change-Id: Ic4952c9fa3bc7fd5ed08698e88254380a7a18514
[ Merge of http://go/wvgerrit/89848 ]
Apps query a number of properties at initialization. The mediaDrm
API getProperty allows the query of a single property at a time.
This causes a series of requests. If no crypto
sessions are concurrently open, a series of expensive OEMCrypto
Initialization and Termination calls will occur.
In this change OEMCrypto termination is delayed. If an OEMCrypto
Terminate is followed in close succession by an Initialize, neither
will occur avoiding the overhead. A timer enables a countdown process.
If no session activity occurs, the timer will eventually terminate
OEMCrypto and exit.
Bug: 136282358
Test: Android unit/integration tests
Change-Id: I442b7919b4e7835c52583516c8bc64d0c150241d
[ Merge of http://go/wvgerrit/87123 ]
Certain android files have yet to be formated since we introduced
clang-formatting.
Test: built for android
Bug: 134365840
Change-Id: Ia316b039e7469f7cf803464ee95a919fe7966450
[ Merge of http://go/wvgerrit/85503 ]
Replacing a few instances of C's NULL with C++'s nullptr in some of the
smaller sub-directories in the CDM.
Note that clang-format has performed additional changes to some of the
test files that have not yet been formatted.
Bug: 120602075
Test: Android unittest
Change-Id: I926135ed4b85e9d2d58a014b4a62098b0cb7a373
Support overloaded isCryptoSchemeSupported method that
accepts a security level parameter
bug:110701831
test: cts media test cases, widevine integration tests, gts media tests
Change-Id: Ia84e40ff8d4f13fc06478e338e3238061e283dac
Merged from http://go/wvgerrit/69723.
The new APIs are getOfflineLicenseIds, getOfflineLicenseState and
removeOfflineLicense. These methods are currently stubbed out in
Widevine hidl service. This CL completes the implementation.
Test: unit tests - libwvdrmdrmplugin_hidl_test
Test: GTS
--test com.google.android.media.gts.MediaDrmTest#testWidevineApi29
bug: 117570686
Change-Id: I96ffb75f453e36e931effefd3664b5faa8d69d30
[ Merge of http://go/wvgerrit/70665 ]
This allows one to be able to query for security level, from
Crypto factory methods before the plugins and CdmEngine objects
have been created.
Bug: 117104043
Test: WV Unit/integration tests
Change-Id: Id07f420c3cfb92166cd3bb3cf82148d52e10eb03
[ Merge of http://go/wvgerrit/68083 ]
Add ability to query decrypt hash support, set a hash computed over a frame
and retrieve the last error at a later point.
Bug: 34080802
Test: WV unit/integration tests. New tests added to cdm_engine_test,
libwvdrmdrmplugin_hidl_test and request_license_test.
Change-Id: I7548c8798c873a6af3e1cfc0df57c117e1e474a6
[ Merge of http://go/wvgerrit/67884 ]
Now that we can use C++11, we should use the cross-platform std::mutex
type, not the custom pthread version.
Bug: 111850982
Test: WV unit/integration tests
Change-Id: If2fde2836826c5184609e6b1f3a6511206bd4594
(This is a merge of http://go/wvgerrit/65264)
Now that we have C++11, we can remove Android's hand-rolled UniquePtr in
favor of std::unique_ptr.
Bug: 111851141
Test: Android Unit Tests
Change-Id: I96c2015aa2422da66a4bcbefb927dacc5f6e782f
Merge from Widevine repo of http://go/wvgerrit/46204
Refactor utility code - split the mock, step 1
Merge from Widevine repo of http://go/wvgerrit/46205
Move some OEMCrypto types to common header - split the mock, step 2
Merge from Widevine repo of http://go/wvgerrit/46206
Split mock into two -- step 3
Merge from Widevine repo of http://go/wvgerrit/47460
Split the mock into two -- step 3.5
The CL moves several files used by oemcrypto and cdm into a common
subdirectory, so that it may more easily be shared with partners.
The CORE_DISALLOW_COPY_AND_ASSIGN macro was moved to its own header in
the util/include directory.
This CL removes some references to the mock from other code, and puts
some constants and types, such as the definition of the keybox, into a
header in oemcrypto.
Test: tested as part of http://go/ag/4674759
bug: 76393338
Change-Id: I75b4bde7062ed8ee572c97ebc2f4da018f4be0c9
[ Merge of http://go/wvgerrit/48400 ]
Client identification information has recently been enabled in
provisioning messages. For privacy concerns this information
is being encrypted with a default service certificate.
Apps need to be able to override the default one to allow
for provisioning with third party provisioning services.
Bug: 78420508
Test: WV unit, integration tests
New WvCdmRequestLicenseTest.ProvisioningTestWithServiceCertificate test
GTS MediaDrmTestCases
Change-Id: Iee61ad47d33ce011efbea4eb90f7e4b1f032d15f
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
This change contains the original change go/ag/3819203 and a fix to the
deadlock that was seen on Marlin and Taimen.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: Ib208204a1b794df9f306fa11d13a8bb6cd6889f7
Merge from Widevine repo of http://go/wvgerrit/47860
This CL updates the copyright notice to indicate that files
shared with partners are shared under the Widevine Master
License Agreement.
bug: 77926774
test: comment change only
Change-Id: I0423668111578b80fb39a932d763df2827e2dfc3
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: I7e041b6cdf3e272d067da49d25a297b4a4663f1f
Changes to a much more efficient and more reusable protobuf format for
metrics.
Test: Widevine tests, Google Play and MediaDrm CTS test.
Bug: 73724218
Change-Id: I3299051d7a16bcd7758c8f272415ca40e10c1313
[ Merge of http://go/wvgerrit/44921 ]
* Added the ability to remove a single usage information record.
* Added a method to retrieve all secure stop Ids.
Bug: 69674645
Test: WV unit, integration tests
Change-Id: I04ac8224b4bdda69541e61ff1103af3836138228
These are a set of CLs merged from the wv cdm repo to the android
repo.
* Android build fixes
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36322 ]
* Address android compilation errors and warnings
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/36300 ]
* Gyp cleanup and OpenSSL v10.1 support.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/36001 ]
OpenSSL 10.1 has a small number of incompatible changes.
A desktop system upgrade exposed some issue in the build scripts.
Specifically, the linux build was using both third_party/protobufs (2.6.1)
and the version installed on the system (3.0 in this case). The linux
cdm.gyp depended on cdm/cdm.gyp which caused that plus some
additional issues.
These changes are necessary to support g++ version:
g++ (Debian 6.3.0-18) 6.3.0 20170516
Also did some cosmetic rework on run_current_tests to make it easier
to figure out what is going on when something fails.
Also tweaked some of the compiler settings for g++ support (revisit
this later).
* Refactored Service Certificate encryption to allow encryption of arbitrary data.
Author: Thomas Inskip <tinskip@google.com>
[ Merge of http://go/wvgerrit/36141 ]
* Send cdm test requests to UAT.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36221 ]
This change resolves the all of the
CdmDecryptTest/CdmTestWithDecryptParam.DecryptToClearBuffer
tests.
The license servers will return different keys and keyids.
Sending the request to staging returned key ids and keys that were
not matching what was expected in the unit tests.
* Fix for building L3 OEMCrypto with clang and libc++
Author: yucliu <yucliu@google.com>
[ Merge of http://go/wvgerrit/35740 ]
1. Include <time.h> for time(time_t*).
2. Create endian check union on stack. Clang may create const union
somewhere else, which may cause crash.
* Remove error result when a sublicense session does
not exist. This is not considered an error.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36080 ]
* Set default mock handler for GetSupportedCertificateTypes
for all unit tests and removed the use of StrictMock from
MockCryptoSession.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35922 ]
The handler for this was only set for one test and resulted
in a number of failures.
* Set default handler for GetHdcpCapabilities. For
now the default action is to call the real
GetHdcpCapabilities of crypto_session.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/36140 ]
I also changed the mock to a NiceMock to silence
responses to unexpected calls to GetHdcpCapabilities.
The default handler can be overridden as needed in
the individual tests.
This resolves the policy engine test failures.
* Finalize merge of cdm_partner_3.4 to master.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35360 ]
This is the final set of updates to merge all v3.4.1
changes into master.
* Embedded license: Sublicense rotation.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35360 ]
Handle sublicense rotation event.
* Embedded license: Initial license phase.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/34280 ]
Initial license phase - key loading subsession.
* Embedded license: generate session data.
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/33722 ]
Generate session data and add it to the license request for
any embedded license material.
* Resolve missing symbol when building cd-cdm
Author: Jeff Fore <jfore@google.com>
[ Merge of http://go/wvgerrit/35840 ]
* C++11: Replace OVERRIDE def with override keyword
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/35400 ]
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I37d0cb17f255ac6389030047d616ad69f895748c
These are a set of CLs merged from the wv cdm repo to the android repo.
* Enable Cast for Android Things build.
Author: Thoren Paulson <thoren@google.com>
[ Merge of http://go/wvgerrit/29941 ]
Added a path to make_cast_libwvlevel3 for Android Things. Added the new
system id to the preprocessor guards in android_keybox.cpp. Guarded the
references to stderr in page_allocator.cpp because for some reason they
don't get resolved when we link against the resulting library.
BUG: 63443584
* Resolve memory leaks in use of OpenSSL.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32700 ]
Use of EVP_CIPHER_CTX requires a call to EVP_CIPHER_CTX_cleanup().
* Memory leak in OpenSSL RSA key handling.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32621 ]
This fixes a range of tests. --gtest_filter="CdmDecrypt*" runs
five tests and still loses 5 objects totalling 1320 bytes (down
from 6200 bytes).
* Unit test and mock OEMCrypto memory leaks.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32640 ]
More memory leak cleanup. All remaining leaks are due
to calls to CRYPTO_malloc() without the matching free
(i.e., calls into openssl).
* Clean up memory leaks in tests.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32600 ]
This is the first pass at cleaning up memory leaks. These leaks
were affecting a lot of tests, making it hard to identify more
serious leaks.
Switch to unique_ptr<> pointers for CdmEngine in
generic_crypto_unittest tests for FileSystem object in
mock OEMCrypto's CryptoEngine object.
* Fix broken tests - linux-only & address sanitizer failures.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32460 ]
Fix broken test:
WvCdmEnginePreProvTestStaging.ServiceCertificateInitialNoneTest
Fix failures found by address sanitizer:
DeviceFilesUsageInfoTest.RetrieveByProviderSessionToken
DeviceFilesUsageInfoTest.UpdateUsageInfo
NOTE: address sanitizer cannot handle EXPECT_CALL macros containing
a call with a Contains matcher as an argument, e.g.:
EXPECT_CALL(file,
Write(Contains(certificate, wrapped_private_key, 0),
Gt(certificate.size() + wrapped_private_key.size())))
The address sanitizer reports a crash, issues a report, and stops. A
temporary fix is to replace the "Contains()" argument with "_".
* Usage license handling corrections
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28540 ]
Validate that offline licenses that do not contain a provider session
token are not handled by the TEE.
BUG: 38490468
Test: WV Unit/integration tests, GtsMediaTestCases,
WvCdmRequestLicenseTest.ReleaseRetryL3OfflineKeySessionUsageDisabledTest
* UsageTableEntry::CopyOldUsageEntry memcpy read out of range.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/32220 ]
The function copies the pst from a variable length input vector
into a 256 byte character array. But the length argument was a
fixed value - MAC_KEY_SIZE. Depending on the actual PST length this
can lead to memcpy reading out of bounds or the PST getting truncated.
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I81a4593d7d04d0ef6069ce48d0601b6fbdd85de9
These are a set of CLs merged from the wv cdm repo to the android repo.
* Correct RELEASE_ALL_USAGE_INFO_ERRORs
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28742 ]
RELEASE_ALL_USAGE_INFO_ERROR_4 and 5 were introduced and made use of in
http://go/wvgerrit/24022 (branch: oc-dev). The error code definitions
were merged over in http://go/wvgerrit/24602.
When http://go/wvgerrit/24622 from cdm_partners_3.2 was merged to master
(http://go/wvgerrit/27723) there was conflict in error codes. The error
codes were adjusted to RELEASE_ALL_USAGE_INFO_ERROR_3 and 4
and were made use of.
To avoid renaming the errors between oc-dev and master, new errors
RELEASE_ALL_USAGE_INFO_ERROR_6 and 7 have been added to handle the
scenarios noted in the merge from cdm_partner_3.2. The other
errors have been reverted back to RELEASE_ALL_USAGE_INFO_ERROR_4 and 5.
They will be used when http://go/wvgerrit/24602 is merged.
* Address compilation issues
Author: Rahul Frias <rfrias@google.com>
[ Merge of http://go/wvgerrit/28740 ]
These changes enable compilation of most of the cdm code on android
expect for OEMCrypto unit tests (b/62739406) on wv master.
* Add property for binary/base64 provisioning msgs.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/28074 ]
Property is "provisioning_messages_are_binary". Its default setting is
false in the CE CDM, but it can be overridden by integrators.
Added section to integration guide that discusses Provisioning Server
message formats and the new property.
Link: https://docs.google.com/document/d/1cBVbhgrajLpDe2W3_vzLzUqzpdDt73chvm4_sZlZlS8/edit#heading=h.hgxw53ddw7jo
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I9168193819974d1ff65d9a94dbd762e45ecc43ca
Below are a set of CLs being merged from the wv cdm repo to the android repo.
* Fix handling of OEM Cert public key.
Author: Srujan Gaddam <srujzs@google.com>
[ Merge of http://go/wvgerrit/27921 ]
This is a potential fix for b/36656190. Set aside public
key on first call to get the public key, and use it afterwards.
This gets rid of extra calls to OEMCrypto_GetOEMPublicCertificate(),
which has side-effect of staging the OEM private key.
This also fixes a problem where the public cert string was
not being trimmed to match the size returned by
OEMCrypto_GetOEMPublicCertificate().
* Complete provisioning request/response for Provisioning 3.0
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Fix bug on provisioning request path where GenerateDerivedKeys()
was being called when preparing to generate the signature.
Add message signature verification, and call correct OEMCrypto
routine to rewrap the private key (OEMCrypto_RewrapDeviceRSAKey30).
* Implement Cdm::deleteAllUsageRecords()
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27780 ]
Delete all usage records for current origin. Removes usage
records from file system and retains the PSTs. The deletes
any usage entries matching those PSTs held by OEMCrypto.
BUG: 35319024
* Remove stringencoders library from third_party.
Author: Jacob Trimble <modmaker@google.com>
[ Merge of http://go/wvgerrit/27585 ]
We have a fork of the stringencoders library that we use for base64
encoding. This reimplements base64 encoding to remove the extra
dependency and to reduce the amount of code.
* Add Cdm::deleteUsageRecord() based on key_set_id.
Author: Gene Morgan <gmorgan@google.com>
[ Merge of http://go/wvgerrit/27605 ]
Delete specified usage record from file system usage info and
from OEMCrypto.
BUG: 35319024
* Modifiable OEMCrypto
Author: Fred Gylys-Colwell <fredgc@google.com>
[ Merge of http://go/wvgerrit/24729 ]
This CL adds a new variant of the OEMCrypto mock code that adjusts its
behavior based on a configuration file. This is intended for
testing.
For example, a tester can set current_hdcp to 2 in the options.txt
file, push it to the device, and verify that a license is granted for
HDCP 2.0. Then the tester can edit the value of current_hdcp to 1 and
push the file to the device. Playback should stop because the license
is no longer valid.
This variant uses a real level 1 liboemcrypto.so to push data to a
secure buffer. That means we can test playback for a license that
requires secure buffers on an Android device with real secure buffers.
BUG: 35141278
BUG: 37353534
BUG: 71650075
Test: Not currently passing. Will be addressed in a subsequent
commit in the chain.
Change-Id: I58443c510919e992bb455192e70373490a00e2b6
This fixes a problem where a CdmEngine instance (and its sessions) could
be closed before its metrics could be collected. The change allows the
wv_content_decryption_module to extract metrics from instances about to
be closed. These are held until reported to the caller.
Test: Manually verified that collection is now occurring correctly. Also
added unit test: wv_cdm_metric_test.
This is a merge from wvgerrit/29069
Change-Id: If82bfd5cae3b72b9d14ab4741424a7ae7cc0a3a6
Adds support for GetPropertyByteArray to return a serialized set of metrics
to the caller. This should be the last part of the widevine plugin
changes that fix the referenced bug. More changes are coming on the
MediaDrm side.
This is a merge of wvgerrit/28422
I intend to submit 2048751, 2048750, and 2048509 together.
Bug: 36217927
Test: Added additional unit tests for affected code.
Change-Id: I2618c2be48d7d780127e35f237e2276efd080879
