Source release 14.1.0
This commit is contained in:
John W. Bruce
115
CHANGELOG.md
115
CHANGELOG.md
@@ -1,5 +1,120 @@
|
||||
# Widevine CE CDM Changelog
|
||||
|
||||
[TOC]
|
||||
|
||||
## 14.1.0 (2018-06-29)
|
||||
|
||||
Features:
|
||||
- The OEMCrypto headers and documentation have been updated to v14.1
|
||||
- Note that although this is CE CDM 14.1.0 and it contains OEMCrypto v14.1,
|
||||
the synchronization of the minor version numbers is a coincidence. We do
|
||||
not guarantee that future OEMCrypto and CE CDM minor version updates will
|
||||
always coincide like this. We do expect that major version updates will
|
||||
coincide.
|
||||
- The client identification data passed up in a provisioning request has been
|
||||
expanded to match the client identification data passed up in a license
|
||||
request.
|
||||
- In order to protect users' privacy, this expanded client identification
|
||||
data is encrypted with the provisioning server's service certificate.
|
||||
- For apps using entitlement licenses, loading new entitled keys will no
|
||||
longer unload the previous entitled keys. After loading new entitled keys,
|
||||
both the old and new entitled keys will be available for decryption. Once
|
||||
loaded, entitled keys will remain valid until the session they were loaded
|
||||
into is closed.
|
||||
- This does not affect the behavior of OEMCrypto. Inside OEMCrypto, there
|
||||
remains at most one entitled key loaded for each entitlement key. The CE
|
||||
CDM handles switching out entitled keys so that the correct entitled key
|
||||
is loaded at any given time.
|
||||
- It is now possible to manually provision the CE CDM, rather than relying on
|
||||
the automatic generation of a provisioning request when attempting to
|
||||
generate a license request on an unprovisioned system. Partners that know
|
||||
they need to provision can use `Cdm::getProvisioningRequest()` and
|
||||
`Cdm::handleProvisioningResponse()` to perform provisioning before trying to
|
||||
open any sessions.
|
||||
- A new method, `Cdm::forceRemove()` has been added to allow the removal of
|
||||
offline data associated with a license without a server roundtrip. This is
|
||||
generally *not* what is desired, and this method should be used only by
|
||||
partners who are certain they want to discard offline licenses and/or usage
|
||||
info without the server being aware of it. Most partners will want to
|
||||
continue using `Cdm::remove()` to perform a release roundtrip with the
|
||||
licensing server, so that the server can track the release and record the
|
||||
final usage information.
|
||||
- An OEMCrypto clock rollback-prevention test has been added,
|
||||
`UsageTableTest.TimeRollbackPrevention`. This test can only run if the
|
||||
unit tests are being run as root, however, and is disabled automatically
|
||||
when the unit tests are run as a non-root user.
|
||||
- Usage information is now persisted to disk whenever a session is closed, in
|
||||
addition to its existing behavior of saving periodically. This gives better
|
||||
persistence at the expense of slightly more storage writes.
|
||||
- Additional unit tests for existing behavior have been added.
|
||||
- This changelog now has a table of contents.
|
||||
- [Widevine_OEMCrypto_Version_Compatibility.pdf][oec-version-compat] has been
|
||||
added, outlining the compatibility between the various Widevine CDM
|
||||
releases and the various OEMCrypto versions.
|
||||
- [Widevine_DRM_Device_Provisioning_Models.pdf][provisioning-models] has been
|
||||
added, outlining the differences between Provisioning 2.0 and 3.0.
|
||||
- The script `create_static_bundle.py` has been added to assist partners who
|
||||
want to concatenate all the static libraries that make up the Widevine CE
|
||||
CDM into one static library.
|
||||
|
||||
[oec-version-compat]: ./oemcrypto/docs/Widevine_OEMCrypto_Version_Compatibility.pdf
|
||||
[provisioning-models]: ./oemcrypto/docs/Widevine_DRM_Device_Provisioning_Models.pdf
|
||||
|
||||
Dependency Updates:
|
||||
- The bundled version of Protocol Buffers has been updated to
|
||||
[v3.5.1][protobuf-3.5.1]. The Widevine CE CDM should continue to work with
|
||||
any version of Protocol Buffers at or greater than v2.6, but we now
|
||||
recommend v3.5.1.
|
||||
- As part of this update, the compilation flags for Protocol Buffers were
|
||||
changed. Depending on the flags partners use by default, they may need to
|
||||
make changes to their flags to accomodate the new version of Protocol
|
||||
Buffers.
|
||||
- The bundled version of BoringSSL has been updated to commit
|
||||
[`0080d83b9faf8dd325f5f5f92eb56faa93864e4c`][boringssl-0080d83b].
|
||||
|
||||
[protobuf-3.5.1]: https://github.com/google/protobuf/releases/tag/v3.5.1
|
||||
[boringssl-0080d83b]: https://boringssl.googlesource.com/boringssl/+/0080d83b9faf8dd325f5f5f92eb56faa93864e4c
|
||||
|
||||
Bugfixes:
|
||||
- Cleaned up redundant compiler flags in the sample x86-64 platform files.
|
||||
- `UsageTableTest.TwoHundredEntries` was actually testing 201 entries. It has
|
||||
been fixed.
|
||||
- The CE CDM will now build without modification on Clang 4 and 5. Previously,
|
||||
the Protobuf build triggered some warnings that were treated as errors.
|
||||
- The CDM will now prevent attempts to unprovision devices that use a baked-in
|
||||
device certificate in their OEMCrypto implementation, as it is not possible
|
||||
to reprovision these devices.
|
||||
- The documentation for `Cdm::initialize()` has been updated to make the
|
||||
caller's responsibilities more explicit. The caller must ensure that the
|
||||
objects passed to the library at initialization outlive the library itself.
|
||||
This has always been the case, but the documentation for it has been made
|
||||
clearer.
|
||||
- The documentation for `Cdm::create()` was not updated to reflect the changes
|
||||
in CE CDM 14.0.0 that disallowed passing `NULL` to it. The documentation has
|
||||
been updated.
|
||||
- The CDM now recovers more gracefully when files persisted to disk have been
|
||||
corrupted.
|
||||
- A race condition between `Cdm::decrypt()`, `Cdm::close()`, and periodic
|
||||
timers has been fixed.
|
||||
- The copyright headers on the source code files have been updated.
|
||||
- Fixed a situation where the CDM might incorrectly report the expiration time
|
||||
of licenses that never expire. `Cdm::getExpiration()` should now correctly
|
||||
report an expiration of `-1` for these licenses. Note that the actual
|
||||
expiration time was always being tracked correctly internally; it was only
|
||||
being reported incorrectly to the application.
|
||||
- The CE CDM already made defensive copies of the buffer parameters when
|
||||
decrypting data in chunks, but it did not make defensive copies when
|
||||
calling `OEMCrypto_CopyBuffer()` in chunks. This has been fixed. This
|
||||
resolves issues that occurred when OEMCrypto modified the buffer parameters
|
||||
in-place during calls to `OEMCrypto_CopyBuffer()`.
|
||||
- Several disabled unit tests that did not need to be disabled anymore have
|
||||
been re-enabled.
|
||||
- Fixed a place where newer versions of Clang could not infer the correct
|
||||
overload of `std::string::insert()` to call.
|
||||
- The `HttpSocket` class used by the unit tests is now more resilient against
|
||||
errors that occur during HTTPS communication and will retry after a delay
|
||||
when it detects a retryable error.
|
||||
|
||||
## 14.0.0 (2018-05-16)
|
||||
|
||||
Features:
|
||||
|
||||
Reference in New Issue
Block a user