## 3.0.4 (2015-12-14) Features: - Enforce storage restrictions based on the license type and policy - Updated to EME spec 2015-11-20 - Updated kPersistent to kPersistentLicense - Updated kInvalidAccess with kTypeError and kRangeError - Updated kOutputNotAllowed to kOutputRestricted - Added key status kReleased - Added new session type (kPersistentUsageRecord) used for "secure stop" - Enabled WebM-related tests for CdmEngine Bugfixes: - Fixed OEMCrypto test bugs regarding nonce-enabled and nonce-or-entry flags - Fixed build system bug to allow adding the static CDM library as a dependency of another gyp static library target - Fixed message type for service cert requests - Fixed reporting of expiration for sessions which do not expire - Fixed test bugs in which changing execution order caused test failures - Fixed bug in OEMCrypto\_DeleteUsageTable in which the empty table was not written to disk - Fixed bug in CE CDM tests in which OEMCrypto usage table data was not cleared between test runs, causing issues with duplicate PSTs ## 3.0.3 (2015-11-09) Features: - Added x86-32 build settings Bugfixes: - Fix buffer overflow in mock OEMCrypto on 32-bit systems - Fixed OEMCrypto\_RefreshKeys return value - Fixed OEMCrypto\_GenerateRSASignature return value - Fixed assertions during server certificate provisioning, triggered by a race condition - Removed spurious error messages from CdmEngine::AddKey() - Fixed PSS verification in iOS privacy crypto implementation ## 3.0.2 (2015-09-18) Features: - Updated OEMCrypto docs - Privacy crypto implementation for iOS - Now builds with strict warnings and warnings as errors - Added an extra method to IEventListener to allow integration with older versions of Chromium using prefixed EME - *NOTE: This is temporary and will be removed in a future release* Bugfixes: - Fixed support for C++11 and clang - Prevent renewal license when can\_renew is false - Fixed variable-length key ID tests - Fixed enforcement of secure buffer types for decrypt - Fix type-casting issues with various versions of OpenSSL and BoringSSL - Return kNotSupported when generateRequest called with non-Widevine initdata ## 3.0.1 (2015-09-11) Features: - Added new methods to access app parameters available on Android - Test suite is now IPv6-ready - Exposed IClient inheritance for Cdm interface - Added baked-in cert support to the mock OEMCrypto Bugfixes: - Made improvements to tests for OEMCrypto and core - Return client ID information in secure stop - Fix multiple deletions of OEMCrypto usage table entries - Don't delete offline licenses when a new device cert is provisioned - Hardened BufferReader class - Removed excess logging in PSSH parser - Fixed iOS build issues with MD5 in DeviceFiles - Fixed iOS build issues with protobuf\_config==target - Fixed bugs in OEMCrypto v9 and v10 adapters - Fixed inclusion of unit test gypis from external projects Broken compatibility: - Added a cancel() method to ITimer, needed for some timer implementations ## 3.0.0 (2015-06-19) v3.0 introduced a completely new interface which is not backward compatible with v2.x. Features: - Simplified, synchronous interface which mimics EME APIs - Support for key statuses and session expiration times - Simplified build system with fewer build-time flags - Simplified initialization with runtime settings for client info, log levels, and secure output modes - Secure output modes are explicit, and individual decrypt requests can be done in the clear (for example, for platforms with L3 audio) - Device certificates are now required for all platforms and must be provisioned during initialization if not present - Simplified storage interface with more explicit methods - New integration guide which replaces several older documents