widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aac1439dea41c95179ee3451bd10de6799686c7e
android/libwvdrmengine/oemcrypto/test/oec_session_util.h
Rahul Frias aac1439dea Merges to android Pi release (part 12) 
These are a set of CLs merged from the wv cdm repo to the android repo.

* Correct error logging

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/40000 ]

  In tests, we set the cipher list to avoid using insecure
  ciphers when connecting to the provisioning/license service.
  The result of setting the cipher list was being incorrectly
  validated.

  Bug: 64847919

* Move mips cache headers to clear_cache_function.h

  Author: Srujan Gaddam <srujzs@google.com>

  [ Merge of http://go/wvgerrit/39700 ]

  Since the clear_cache function has been moved away from the dynamic
  adapter, we need these conditional includes to be migrated as well for
  MIPS.

* Comment out Level 3 debug call until merge

  Author: Srujan Gaddam <srujzs@google.com>

  [ Merge of http://go/wvgerrit/39761 ]

  This call was introduced in go/wvgerrit/34260/. Since the haystack tool
  in google3 still needs this merge, this should be commented out so the
  tool can still build until the merge has finished.

* Add logging for MAC keys to mock

  Author: Srujan Gaddam <srujzs@google.com>

  [ Merge of http://go/wvgerrit/39740 ]

  Bug: 70637842

* Move external interfaces into level3.h + refactor

  Author: Srujan Gaddam <srujzs@google.com>

  [ Merge of http://go/wvgerrit/39673 ]

  As part of b/70523618, this CL moves interfaces that partners are
  responsible for in Level 3 to level3.h so they can be visible as
  part of the CDM release process. It also cleans up some of the
  names of the files and adds documentation.

* Corrected close session logging level

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/39676 ]

  Bug: 69460963

* Remove Security Level Path Backward Compatibility Support

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/39505 ]

  From the android K release onwards certificates were stored in
  security level specific directories. If upgrading from
  previous releases persistent information needed to be moved
  to those directories.

  Since no device is likely to upgrade from J to Pi, comptibility
  support can be removed.

  Bug: 70160032

* Rename privacy_crypto_openssl To privacy_crypto_boringssl

  Author: John W. Bruce <juce@google.com>

  [ Merge of http://go/wvgerrit/37122 ]

  Now that we no longer support OpenSSL in the Shared Source CDM, the name
  of this file can be updated.

  Bug: 67907873
  Test: build.py x86-64
  Test: wv_ce_cdm_unittest
  Test: jenkins/linux_unit_tests

* Remove Conditional Compilation from OpenSSL/BoringSSL

  Author: John W. Bruce <juce@google.com>

  [ Merge of http://go/wvgerrit/39460 ]

  This change removes the usages of conditional compilation to support
  both BoringSSL and OpenSSL, as well as to support multiple versions of
  the OpenSSL API. All code is now compiled against one of the two
  versions of BoringSSL in third_party/.

  Note that in some cases, the kit/ and legacy_kit/ versions of BoringSSL
  had different APIs, so when removing the OpenSSL version compatibility
  conditional compilation, sometimes the older branch was kept and
  sometimes the newer branch was kept.

  Bug: 67907873
  Test: build.py x86-64
  Test: wv_ce_cdm_unittest
  Test: jenkins/linux_unit_tests

* Build CE & Jenkins CDMs With BoringSSL from third_party/

  Author: John W. Bruce <juce@google.com>

  [ Merge of http://go/wvgerrit/37120 ]

  Up until now, integrators have been responsible for providing a
  compatible crypto library for use by the CE CDM. (either OpenSSL or
  BoringSSL) After this change, this decision will no longer be in their
  hands. The CE CDM build will always use the copy of BoringSSL in
  third_party/, which will be statically linked with our library with
  hidden visibility. This allows us to better control what crypto library
  we use and will prevent continuing problems with trying to support both
  OpenSSL and BoringSSL.

  Unfortunately, BoringSSL began using C++11 in mid-2017, and we can't
  support C++11 right now. Until we can, we need to use a C++11-free
  version of BoringSSL for libssl. The CDM itself will continue to use a
  recent BoringSSL, as it only needs libcrypto. But the unit tests that
  need libssl have to use the legacy version.

  Bug: 67907873
  Test: build.py x86-64
  Test: wv_ce_cdm_unittest
  Test: jenkins/linux_unit_tests

* Modified RNG for Level3 to use more entropy

  Author: Srujan Gaddam <srujzs@google.com>

  [ Merge of http://go/wvgerrit/39220 ]

  Bug: 65165076

  Modified seed generation to use an xor of clock_gettime and
  client-implemented code to supply random seeds to the RNG. Modified the RNG
  as well to use xoroshiro128+ instead of xorshift, since it uses more
  than one seed/state (which are 64-bit) and has higher "statistical quality".
  The default implementations for the seed generation use /dev/urandom.

* Configure base path for Level3FileSystem

  Author: Srujan Gaddam <srujzs@google.com>

  [ Merge of http://go/wvgerrit/39506 ]

  This is in response to b/70354006. This change makes the
  Android Level3FileSystem use the existing properties method
  GetDevicesFilesBasePath for binderization. The same is done for the
  Linux implementation.

* Add legacy_kit/ to BoringSSL Directory

  Author: John W. Bruce <juce@google.com>

  [ Merge of http://go/wvgerrit/38861 ]

  This adds a second copy of BoringSSL to the third_party/boringssl/
  directory. This second copy is pinned to the last revision of BoringSSL
  not to require C++11 and is not updated by the UPDATE_BORINGSSL.sh
  script. This second copy will be used to provide libssl to the tests on
  devices that do not support C++11.

  Once we support C++11 in the CDM again, this weight should be removed
  and all targets should use the copy of BoringSSL in the kit/ directory.

  Bug: 67907873

* Use Shared Libraries for Unit Tests

  Author: John W. Bruce <juce@google.com>

  [ Merge of http://go/wvgerrit/38860 ]

  Some unit tests were using a statically-linked CDM instead of a
  dynamically-linked one. (Or, in one case, trying to link both ways into
  the same binary.) For now, we need to only link dynamically, so that the
  unit tests and the CDM can use different versions of BoringSSL.

  Long-term, we would like to test both kinds of linkage. (See b/69548115
  for that.)

  Some unit tests were also using a dynamicaly-linked CDM that was named
  such that it appeared to be statically-linked. This patch renames some
  targets to make the linkage clearer.

  Bug: 67907873

* Change CDM_Backwards_Compatiblity_Tests to dedicated brances

  Author: Fred Gylys-Colwell <fredgc@google.com>

  [ Merge of http://go/wvgerrit/39003 ]

  The build scripts used by CDM_Backwards_Compatiblity_Tests now pull
  old versions of oemcrypto from the dedicated branches oemcrypto-v*,
  which [will eventually] contain old oemcrypto versions, that build
  with the current build system with a current boringssl version.

  bug: 67907873

* Fix spacing on level3 header

  Author: Srujan Gaddam <srujzs@google.com>

  [ Merge of http://go/wvgerrit/38760 ]

* Correct Query status calls

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/38640 ]

  Bug: 70160032

* Refactoring to allow encryption of client ID

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/37460 ]

  The code has been restructured to allow encryption of client
  identification in provisioning requests. This will be enabled
  when server side changes have been made (b/69427217).

  * Additional information is included in the Client Identification
    portion of the provisioning request.
  * Client identification will be encrypted with a service
    certificate provided by the app/client. Platform changes
    to enable passing this to core are needed. If a service certificate
    is not provided, a default one associated with the production Keysmith
    will be used.
  * Switched APIs in CdmEngine to take a service certificate for
    provisioning rather than licensing. Service certificates for
    licensing are session based and passed as properties from platform
    code.

  Bug: 30737060

* Allow some CDM errors to be reported from multiple locations

  Author: Rahul Frias <rfrias@google.com>

  [ Merge of http://go/wvgerrit/38360 ]

  This creates some CdmResponseType errors which may be reused
  PARAMETER_NULL, NOT_INITIALIZED_ERROR, REINIT_ERROR.

  I have made changes to a few classes to report these errors.
  Will work on additional classes in a separate CL.

  Bug: 69864404

BUG: 71650075
Test: WV Unit/integration tests
Change-Id: Icc048770d424ac537d11ff327cda2cb142da802d
2018-01-16 19:34:30 -08:00

368 lines
17 KiB
C++
Raw Blame History

#ifndef CDM_OEC_SESSION_UTIL_H_
#define CDM_OEC_SESSION_UTIL_H_
// Copyright 2016 Google Inc. All Rights Reserved.
//
// OEMCrypto unit tests
//
#include <openssl/rsa.h>
#include <string>
#include <vector>
#include "oec_device_features.h"
#include "pst_report.h"
#include "wv_cdm_constants.h"
using namespace std;
// GTest requires PrintTo to be in the same namespace as the thing it prints,
// which is std::vector in this case.
namespace std {
void PrintTo(const vector<uint8_t>& value, ostream* os);
} // namespace std
namespace wvoec {
const size_t kMaxNumKeys = 20;
namespace {
#if defined(TEST_SPEED_MULTIPLIER) // Can slow test time limits when
// debugging is slowing everything.
const int kSpeedMultiplier = TEST_SPEED_MULTIPLIER;
#else
const int kSpeedMultiplier = 1;
#endif
const int kShortSleep = 1 * kSpeedMultiplier;
const int kLongSleep = 2 * kSpeedMultiplier;
const uint32_t kDuration = 2 * kSpeedMultiplier;
const uint32_t kLongDuration = 5 * kSpeedMultiplier;
const int32_t kTimeTolerance = 3 * kSpeedMultiplier;
const time_t kUsageTableTimeTolerance = 10 * kSpeedMultiplier;
} // namespace
typedef struct {
uint8_t verification[4];
uint32_t duration;
uint32_t nonce;
uint32_t control_bits;
} KeyControlBlock;
// Note: The API does not specify a maximum key id length. We specify a
// maximum just for these tests, so that we have a fixed message size.
const size_t kTestKeyIdMaxLength = 16;
// Most content will use a key id that is 16 bytes long.
const int kDefaultKeyIdLength = 16;
const size_t kMaxTestRSAKeyLength = 2000; // Rough estimate.
const size_t kMaxPSTLength = 255; // In specification.
const size_t kMaxMessageSize = 8 * 1024; // In specification.
const size_t kMaxDecryptSize = 100 * 1024; // In specification.
typedef struct {
uint8_t key_id[kTestKeyIdMaxLength];
size_t key_id_length;
uint8_t key_data[wvcdm::MAC_KEY_SIZE];
size_t key_data_length;
uint8_t key_iv[wvcdm::KEY_IV_SIZE];
uint8_t control_iv[wvcdm::KEY_IV_SIZE];
KeyControlBlock control;
// Note: cipher_mode may not be part of a real signed message. For these
// tests, it is convenient to keep it in this structure anyway.
OEMCryptoCipherMode cipher_mode;
} MessageKeyData;
// This structure will be signed to simulate a message from the server.
struct MessageData {
MessageKeyData keys[kMaxNumKeys];
uint8_t mac_key_iv[wvcdm::KEY_IV_SIZE];
uint8_t mac_keys[2 * wvcdm::MAC_KEY_SIZE];
uint8_t pst[kMaxPSTLength];
};
// This structure will be signed to simulate a provisioning response from the
// server.
struct RSAPrivateKeyMessage {
uint8_t rsa_key[kMaxTestRSAKeyLength];
uint8_t rsa_key_iv[wvcdm::KEY_IV_SIZE];
size_t rsa_key_length;
uint32_t nonce;
};
struct Test_PST_Report {
Test_PST_Report(const std::string& pst_in,
OEMCrypto_Usage_Entry_Status status_in)
: status(status_in), pst(pst_in) {}
OEMCrypto_Usage_Entry_Status status;
int64_t seconds_since_license_received;
int64_t seconds_since_first_decrypt;
int64_t seconds_since_last_decrypt;
std::string pst;
};
// Increment counter for AES-CTR. The CENC spec specifies we increment only
// the low 64 bits of the IV counter, and leave the high 64 bits alone. This
// is different from the OpenSSL implementation, so we implement the CTR loop
// ourselves.
void ctr128_inc64(int64_t increaseBy, uint8_t* iv);
// Some compilers don't like the macro htonl within an ASSERT_EQ.
uint32_t htonl_fnc(uint32_t x);
// Prints error string from BoringSSL
void dump_boringssl_error();
class Session {
public:
Session();
~Session();
// Returns the most recently generated nonce.
// Valid after call to GenerateNonce.
uint32_t get_nonce() { return nonce_; }
// Valid after call to open().
uint32_t session_id() { return (uint32_t)session_id_; }
// Call OEMCrypto_OpenSession, with GTest ASSERTs.
void open();
// Call OEMCrypto_CloseSession, with GTest ASSERTs.
void close();
// Artifically set session id without calling OEMCrypto_OpenSession. This is
// used in core/test/generic_crypto_unittest.cpp.
void SetSessionId(uint32_t session_id);
uint32_t GetOecSessionId() { return session_id_; }
// Generates one nonce. If error_counter is null, this will sleep 1 second
// and try again if a nonce flood has been detected. If error_counter is
// not null, it will be incremented when a nonce flood is detected.
void GenerateNonce(int* error_counter = NULL);
// Fill the vectors with test context which generate known mac and enc keys.
void FillDefaultContext(vector<uint8_t>* mac_context,
vector<uint8_t>* enc_context);
// Generate known mac and enc keys using OEMCrypto_GenerateDerivedKeys and
// also fill out enc_key_, mac_key_server_, and mac_key_client_.
void GenerateDerivedKeysFromKeybox();
// Generate known mac and enc keys using OEMCrypto_DeriveKeysFromSessionKey
// and also fill out enc_key_, mac_key_server_, and mac_key_client_.
void GenerateDerivedKeysFromSessionKey();
// Loads and verifies the keys in the message pointed to by message_ptr()
// using OEMCrypto_LoadKeys. This message should have already been created
// by FillSimpleMessage, modified if needed, and then encrypted and signed by
// the server's mac key in EncryptAndSign.
void LoadTestKeys(const std::string& pst = "", bool new_mac_keys = true);
// This uses OEMCrypto_QueryKeyControl to check that the keys in OEMCrypto
// have the correct key control data.
void VerifyTestKeys();
// This creates a refresh key or license renewal message, signs it with the
// server's mac key, and calls OEMCrypto_RefreshKeys.
void RefreshTestKeys(const size_t key_count, uint32_t control_bits,
uint32_t nonce, OEMCryptoResult expected_result);
// This sets the key id in the current message data to the specified string.
// This is used to test with different key id lengths.
void SetKeyId(int index, const string& key_id);
// This fills the data structure license_ with key information. This data
// can be modified, and then should be encrypted and signed in EncryptAndSign
// before being loaded in LoadTestKeys.
void FillSimpleMessage(uint32_t duration, uint32_t control, uint32_t nonce,
const std::string& pst = "");
// Like FillSimpleMessage, this fills encrypted_license_ with data. The name
// is a little misleading: the license renewal message is not encrypted, it
// is just signed. The signature is computed in RefreshTestKeys, above.
void FillRefreshMessage(size_t key_count, uint32_t control_bits,
uint32_t nonce);
// This copies data from license_ to encrypted_license_, and then encrypts
// each field in the key array appropriately. It then signes the buffer with
// the server mac keys. It then fills out the key_array_ so that pointers in
// that array point to the locations in the encrypted message.
void EncryptAndSign();
// This encrypts an RSAPrivateKeyMessage with encryption_key so that it may be
// loaded with OEMCrypto_RewrapDeviceRSAKey.
void EncryptProvisioningMessage(RSAPrivateKeyMessage* data,
RSAPrivateKeyMessage* encrypted,
const vector<uint8_t>& encryption_key);
// Sign the buffer with server's mac key.
void ServerSignBuffer(const uint8_t* data, size_t data_length,
std::vector<uint8_t>* signature);
// Sign the buffer with client's known mac key. Known test keys must be
// installed first.
void ClientSignMessage(const vector<uint8_t>& data,
std::vector<uint8_t>* signature);
// This checks the signature generated by OEMCrypto_GenerateSignature against
// that generaged by ClientSignMessage.
void VerifyClientSignature(size_t data_length = 400);
// Set the pointers in key_array[*] to point values inside data. This is
// needed to satisfy range checks in OEMCrypto_LoadKeys.
void FillKeyArray(const MessageData& data, OEMCrypto_KeyObject* key_array);
// As in FillKeyArray but for the license renewal message passed to
// OEMCrypto_RefreshKeys.
void FillRefreshArray(OEMCrypto_KeyRefreshObject* key_array,
size_t key_count);
// Encrypt a block of data using CTR mode.
void EncryptCTR(const vector<uint8_t>& in_buffer, const uint8_t* key,
const uint8_t* starting_iv, vector<uint8_t>* out_buffer);
// Encrypt some data and pass to OEMCrypto_DecryptCENC to verify decryption.
void TestDecryptCTR(bool select_key_first = true,
OEMCryptoResult expected_result = OEMCrypto_SUCCESS,
int key_index = 0);
// This compares the actual result with the expected result. If OEMCrypto is
// an older version, we allow it to report an equivalent error code.
void TestDecryptResult(OEMCryptoResult expected_result,
OEMCryptoResult actual_result);
// Verify that an attempt to select an expired key either succeeds, or gives
// an actionable error code.
void TestSelectExpired(unsigned int key_index);
// Calls OEMCrypto_GetOEMPublicCertificate and loads the OEM cert's public
// rsa key into public_rsa_.
void LoadOEMCert(bool verify_cert = false);
// Creates RSAPrivateKeyMessage for the specified rsa_key, encrypts it with
// the specified encryption key, and then signs it with the server's mac key.
// If encryption_key is null, use the session's enc_key_.
void MakeRSACertificate(struct RSAPrivateKeyMessage* encrypted,
size_t message_size, std::vector<uint8_t>* signature,
uint32_t allowed_schemes,
const vector<uint8_t>& rsa_key,
const vector<uint8_t>* encryption_key = NULL);
// Calls OEMCrypto_RewrapDeviceRSAKey with the given provisioning response
// message. If force is true, we assert that the key loads successfully.
void RewrapRSAKey(const struct RSAPrivateKeyMessage& encrypted,
size_t message_size, const std::vector<uint8_t>& signature,
vector<uint8_t>* wrapped_key, bool force);
// Loads the specified RSA public key into public_rsa_. If rsa_key is null,
// the default test key is loaded.
void PreparePublicKey(const uint8_t* rsa_key = NULL,
size_t rsa_key_length = 0);
// Verifies the given signature is from the given message and RSA key, pkey.
static bool VerifyPSSSignature(EVP_PKEY* pkey, const uint8_t* message,
size_t message_length,
const uint8_t* signature,
size_t signature_length);
// Verify that the message was signed by the private key associated with
// |public_rsa_| using the specified padding scheme.
void VerifyRSASignature(const vector<uint8_t>& message,
const uint8_t* signature, size_t signature_length,
RSA_Padding_Scheme padding_scheme);
// Encrypts a known session key with public_rsa_ for use in future calls to
// OEMCrypto_DeriveKeysFromSessionKey or OEMCrypto_RewrapDeviceRSAKey30.
// The unencrypted session key is stored in session_key.
bool GenerateRSASessionKey(vector<uint8_t>* session_key,
vector<uint8_t>* enc_session_key);
// Calls OEMCrypto_RewrapDeviceRSAKey30 with the given provisioning response
// message. If force is true, we assert that the key loads successfully.
void RewrapRSAKey30(const struct RSAPrivateKeyMessage& encrypted,
const std::vector<uint8_t>& encrypted_message_key,
vector<uint8_t>* wrapped_key, bool force);
// Loads the specified wrapped_rsa_key into OEMCrypto, and then runs
// GenerateDerivedKeysFromSessionKey to install known encryption and mac keys.
void InstallRSASessionTestKey(const vector<uint8_t>& wrapped_rsa_key);
// Creates a new usage entry, and keeps track of the index.
void CreateNewUsageEntry();
// Copy encrypted usage entry from other session, and then load it.
// This session must already be open.
void LoadUsageEntry(uint32_t index, const vector<uint8_t>& buffer);
// Copy encrypted usage entry from other session.
// This session must already be open.
void LoadUsageEntry(const Session& other) {
LoadUsageEntry(other.usage_entry_number(), other.encrypted_usage_entry());
}
// Reload previously used usage entry.
void ReloadUsageEntry() { LoadUsageEntry(*this); }
// Update the usage entry and save the header to the specified buffer.
void UpdateUsageEntry(std::vector<uint8_t>* header_buffer);
// Deactivate this session's usage entry.
void DeactivateUsageEntry(const std::string& pst);
// The usage entry number for this session's usage entry.
uint32_t usage_entry_number() const { return usage_entry_number_; }
void set_usage_entry_number(uint32_t v) { usage_entry_number_ = v; }
// The encrypted buffer holding the recently updated and saved usage entry.
const vector<uint8_t>& encrypted_usage_entry() const {
return encrypted_usage_entry_;
}
// Generates a usage report for the specified pst. If there is success,
// the report's signature is verified, and several fields are given sanity
// checks. If other is not null, then the mac keys are copied from other in
// order to verify signatures.
void GenerateReport(const std::string& pst,
OEMCryptoResult expected_result = OEMCrypto_SUCCESS,
Session* other = 0);
// Move this usage entry to a new index.
void MoveUsageEntry(uint32_t new_index, std::vector<uint8_t>* header_buffer,
OEMCryptoResult expect_result = OEMCrypto_SUCCESS);
// PST used in FillSimpleMesage.
string pst() const { return pst_; }
// Returns a pointer-like thing to the usage report generated by the previous
// call to GenerateReport.
wvcdm::Unpacked_PST_Report pst_report() {
return wvcdm::Unpacked_PST_Report(&pst_report_buffer_[0]);
}
// Verify the values in the PST report. The signature should have been
// verified in GenerateReport, above.
void VerifyPST(const Test_PST_Report& report);
// Generate and Verify the Usage Report. If any time is greater than 10
// minutes, it is assumed to be an absolute time, and time_since will be
// computed relative to now.
void GenerateVerifyReport(const std::string& pst,
OEMCrypto_Usage_Entry_Status status,
int64_t time_license_received = 0,
int64_t time_first_decrypt = 0,
int64_t time_last_decrypt = 0);
// Create an entry in the old usage table based on the given report.
void CreateOldEntry(const Test_PST_Report &report);
// Create a new entry and copy the old entry into it. Then very the report
// is right.
void CopyAndVerifyOldEntry(const Test_PST_Report &report,
std::vector<uint8_t>* header_buffer);
// The unencrypted license response or license renewal response.
MessageData& license() { return license_; }
// The encrypted license response or license renewal response.
MessageData& encrypted_license() { return padded_message_; }
// A pointer to the buffer holding encrypted_license.
const uint8_t* message_ptr();
// An array of key objects for use in LoadKeys.
OEMCrypto_KeyObject* key_array() { return key_array_; }
// The last signature generated with the server's mac key.
std::vector<uint8_t>& signature() { return signature_; }
// Set the number of keys to use in the license(), encrypted_license()
// and key_array().
void set_num_keys(int num_keys) { num_keys_ = num_keys; }
// The current number of keys to use in the license(), encrypted_license()
// and key_array().
unsigned int num_keys() const { return num_keys_; }
// Set the size of the buffer used the encrypted license.
// Must be between sizeof(MessageData) and kMaxMessageSize.
void set_message_size(size_t size);
// The size of the encrypted message.
size_t message_size() { return message_size_; }
private:
bool open_;
bool forced_session_id_;
OEMCrypto_SESSION session_id_;
vector<uint8_t> mac_key_server_;
vector<uint8_t> mac_key_client_;
vector<uint8_t> enc_key_;
uint32_t nonce_;
RSA* public_rsa_;
vector<uint8_t> pst_report_buffer_;
MessageData license_;
struct PaddedMessageData : public MessageData {
uint8_t padding[kMaxMessageSize - sizeof(MessageData)];
} padded_message_;
size_t message_size_; // How much of the padded message to use.
OEMCrypto_KeyObject key_array_[kMaxNumKeys];
std::vector<uint8_t> signature_;
unsigned int num_keys_;
vector<uint8_t> encrypted_usage_entry_;
uint32_t usage_entry_number_;
string pst_;
};
} // namespace wvoec
#endif // CDM_OEC_SESSION_UTIL_H_
Reference in New Issue View Git Blame Copy Permalink