widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2b26dee09cb29563a103824e111344ef6b71a7cd
ce_cdm/CHANGELOG.md
John W. Bruce 2b26dee09c Source release 15.1.0
2019-03-29 18:16:05 -07:00

36 KiB
Raw Blame History

Widevine CE CDM Changelog

[TOC]

15.1.0 (2018-03-29)

Features:

  • It is now possible to use opaque handles even when the OEMCrypto integration is L3, assuming the OEMCrypto integration is able to use opaque handles. Previously, the CE CDM blocked this combination of features.
  • Methods for querying information about the underlying OEMCrypto integration have been added to the CE CDM API.
    • Cdm::getRobustnessLevel()
    • Cdm::getResourceRatingTier()
    • Cdm::getOemCryptoBuildInfo()
  • Several new errors have been added to the CE CDM API. These errors are considered "recoverable errors" because there are well-known actions the caller can take to recover from them. These responses are covered in the Integration Guide.
    • kResourceContention
    • kSessionStateLost
    • kSystemStateLost
    • kOutputTooLarge
  • Improved error reporting around entitlement licenses.

Documentation:

  • The Integration Guide that shipped with CE CDM 15.0.0 did not contain updates about the removal of onDirectIndividualizationRequest() and did not contain documentation for the manual provisioning flow that replaced it. The Integration Guide for CE CDM 15.1.0 has been updated to correct this.
  • Additional comments have been added to the OEMCrypto unit tests to help integration partners better understand what is going wrong when they get an error. Future releases will further expand on this.
  • Widevine_OEMCrypto_Version_Compatibility.pdf has been updated to document the number of required keys per session in each version.

Bugfixes:

  • This release fixes a bug that caused CE CDM initialization to fail when using opaque handles.
  • The usage table unit tests have been re-enabled. Several additional tests for new scenarios have been added.
  • Several failures affecting edge cases when deleting usage table entries have been fixed.
  • The playback duration was not being counted correctly in cases where the license had an unlimited license duration but a very short playback duration and the license was received after playback had already started. This has been fixed.
  • The default compiler warnings for the sample "x86-64" platform have been strengthened, while some warnings that are triggered by third-party libraries have been disabled for only those libraries.
  • Several benign problems that triggered strict compiler warning levels have been fixed.
  • An error with the kSilent log level that could occur with very strict compiler or sanitizer settings has been fixed.
  • Fixed a spurious error that could occur when querying the SRM version on devices without SRM support.
  • Reworded some code that was tripping up the MSVC compiler.

15.0.0 (2018-02-28)

Features:

  • Widevine CE CDM 15.0.0 supports and requires OEMCrypto v15.1. The OEMCrypto header files, documentation, Reference OEMCrypto implementation, and tests have been updated to v15.1. For a full list of new features in OEMCrypto v15, please see the Widevine Modular DRM Version 15 Delta document.
    • Note that the threading requirements for OEMCrypto implementations were revised in OEMCrypto v15, and the Widevine CE CDM 15.0.0 takes greater advantage of parallelism where possible. When the application uses the Widevine CE CDM from multiple threads, the Widevine CE CDM will now be more willing to call into OEMCrypto simultaneously from multiple threads, though always obeying the guarantees put forth in the OEMCrypto v15 specification.
  • The Widevine CE CDM now requires support for C++11 and C11. A C++11-supporting compiler and STL library are required in order to build the Widevine CE CDM.
    • We have begun replacing POSIX functions and headers with their C++11 STL equivalents where possible. As a side-effect of this, it should be much easier to compile the Widevine CE CDM for non-POSIX-compliant platforms.
    • The Widevine-created drop-ins for several STL classes have been replaced with their STL equivalents. This eliminates bugs originating in these classes and improves performance on some systems.
      • wvcdm::scoped_ptr
      • wvcdm::shared_ptr
      • wvcdm::Lock
      • wvcdm::AutoLock
  • The Widevine CE CDM now builds with hidden visibility as the default and only exports symbols that correspond to the public API of the library. This allows the final binary to be smaller and faster and can reduce conflicts with other libraries.
  • It is now possible to set separate service certificates for the Provisioning Service and the Licensing Service. Methods that install a service certificate now take a parameter that indicates if this certificate is to be installed for the Provisioning Service, the Licensing Service, or both.
    • To replicate the previous behavior, pass Cdm::kAllServices to install the certificate for both services at the same time.
  • It is now valid to pass nullptr to Cdm::parseAndLoadServiceCertificateResponse() if you do not want to cache the parsed certificate for future reuse.
  • The onDirectIndividualizationRequest callback has been removed. In Widevine CE CDM 14.1.0, Cdm::getProvisioningRequest() and Cdm::handleProvisioningResponse() were added to allow applications to proactively provision unprovisioned devices. Starting with Widevine CE CDM 15.0.0, using these methods is now mandatory. There is no more onDirectIndividualizationRequest callback, and trying to open a session, generate a license request, or load an offline license will return an error if the device is not provisioned.
    • The existing method Cdm::isProvisioned() can be used to check if the device is provisioned at run-time.
    • The status code kDeferred has been removed.
  • There is now an overload of Cdm::decrypt() that takes an explicit session to use for decryption as a parameter. Ordinarily, Cdm::decrypt() will automatically find the session that matches the Key ID specified in the input parameter. However, there are some situations where the Key ID may not yet be known, such as when feeding clear content through Cdm::decrypt() before the Key ID is known. In these cases, it is necessary to be explicit about which session the CDM should use for decryption.
  • The Widevine CE CDM now supports Provider Client Tokens. If the license server includes a Provider Client Token with the license, then it will be copied to any renewal requests that are generated for that license.
  • The test code has been refactored and centralized so that it will be more reliable when running only a subset of the unit tests.
  • build.py now supports a -v/--verbose flag that can be passed to turn on verbose build output from the underlying build tool.
  • The OEM Certificate Generator now supports both PEM and DER format intermediate certs.
  • It is now possible to specify a path to NASM. This is only of interest for partners who are building for Windows and using assembly language code.
  • We have improved logging fidelity, particularly around the level of detail of logged error codes.
  • Several new tests have been added, including tests that exercise the Widevine CE CDM from multiple threads simultaneously.

Dependency Updates:

  • The bundled version of Protobuf has been updated to v3.6.1. Note that, as before, Widevine CE CDM will work with any version of Protobuf back to 2.6. However, we provide the version of Protobuf that we test with internally as a default.
  • The bundled version of BoringSSL has been updated to commit f18bd55240b229a65df48e7905da98fff18cbf59.
    • The legacy_kit version of BoringSSL that was previously used only by the unit test code has been removed. All Widevine CE CDM code now uses the same version of BoringSSL.

Bugfixes:

  • A bug has been found in all versions of the Widevine CE CDM prior to this one that can cause leaks and crashes when the CDM is used in a multi-threaded environment. The class wvcdm::shared_ptr contains operations that it claims are atomic which are not, in fact, atomic. This bug is a non-issue starting with CE CDM 15.0.0 because wvcdm::shared_ptr has been removed, but please be aware that this issue exists in all previous CDMs. This issue does not affect devices where the CDM cannot be used from multiple threads at once.
  • Several memory leaks have been fixed in this release. Thank you to the partners who reported these to us.
  • The new parallel operation tests have allowed us to find and fix several multi-threading issues.
  • Fixed a bug where compilation of Protobuf (but not the rest of the CDM) would sometimes ignore compiler flags being set by the platform.
  • Fixed a problem that could occur during callbacks on platforms where pthreads does not allow the same thread to recursively take a lock.
  • Two order-of-destruction ambiguities that could cause crashes during CDM teardown on certain platforms have been fixed.
  • Fixed an issue that could cause repeated decrypts with the same key to fail when using entitled content keys, depending on specific details of how OEMCrypto was implemented.
  • The comments on Cdm::setVideoResolution() have been updated to clarify that the resolution being passed in should be the resolution of the content being played, not the output resolution of the device. The behavior of this function is unchanged, as this was always true.
  • Some log messages were missing linefeeds at the end. These have been added.
  • Several tests that were disabled have been fixed and re-enabled.
  • APIs that rely on selecting a usage table entry at random were not sufficiently random in certain situations. Their selection will now be more random.
    • Note that this does not affect cryptographic random number generation, which was already sufficiently random.
  • Fixed some bugs that could occur when the usage table was full, particularly if random number generation was not sufficiently random.
  • Fixed spurious failures that could occur rarely during UsageTableHeaderTest.

14.2.0 (2018-10-12)

Features:

  • build.py now supports a -j flag that allows the caller to control the level of parallelism. This flag can be specified with a number argument to limit the build to that many processes in parallel (build.py x86-64 -j 56) or can be specified bare to build with unlimited parallelism. (build.py x86-64 -j) On build systems without suport for unlimited parallelism, using the bare flag will instead set the limit to 1000 processes.
  • The Reference OEMCrypto no longer uses danger_do_not_use.bin, and this file will no longer be written to the filesystem when running tests. The Reference OEMCrypto has no keybox. The tests install a test keybox into OEMCrypto temporarily when they run.

Dependency Updates:

Bugfixes:

  • A bug was introduced in CE CDM 14.0.0 that could prevent the clear lead of a video from playing if the key was not usable, even though the samples were not encrypted. Clear samples are now allowed through even when the key is not usable.
  • Additional locks have been added to protect sessions from concurrent access, particularly races between destruction and other calls.
  • Generating a release request and then closing and reloading the persistent session before returning the release response was not working correctly. This flow has been fixed.
  • Various minor problems, mostly warnings being treated as errors, that prevented the Widevine CE CDM from building cleanly on GCC 7 have been fixed.
  • LicenseKeysTest.ConstraintChanges was not testing all the variants it was meant to test. It has been fixed to test the full range of constraint scenarios again.
  • Explicit references to TR1 have been removed from the test code, in order to be compatible with the widest possible range of platforms and gTest versions.
  • Some typos in comments and names have been corrected.
  • Additional comments have been added clarifying how ITimer will be used by the CDM and what implementations are and are not responsible for.
  • The header comments regarding how to install a service certificate were outdated and have been updated to reflect the correct behavior of the CDM.
  • The CDM will now more gracefully recover from cases where OEMCrypto has run out of resources for storing the usage table information. This can result in the loss of usage info if there is large amount of unreleased usage info in the system, beyond the minimum amount OEMCrypto must support, but it will allow the CDM to continue working even in this state.
  • The framework running the unit tests has been significantly re-architected and should now be more robust, particularly when running only a subset of the tests.
  • Additional unit tests have been added.
  • The CDM will reject erroneous content that has embedded keys that are too short earlier in the process.

14.1.2 (2018-08-21)

Bugfixes:

  • Fixed an assert that would always fail when using opaque handles for the output type. This bug was introduced in CE CDM 14.0.0. All partners using 14.0.0 through 14.1.1 and opaque handles should update to 14.1.2.

14.1.1 (2018-07-25)

Bugfixes:

  • A crash that could occur in CdmSession when destroying a CDM instance has been fixed.

14.1.0 (2018-06-29)

Features:

  • The OEMCrypto headers and documentation have been updated to v14.1
    • Note that although this is CE CDM 14.1.0 and it contains OEMCrypto v14.1, the synchronization of the minor version numbers is a coincidence. We do not guarantee that future OEMCrypto and CE CDM minor version updates will always coincide like this. We do expect that major version updates will coincide.
  • The client identification data passed up in a provisioning request has been expanded to match the client identification data passed up in a license request.
    • In order to protect users' privacy, this expanded client identification data is encrypted with the provisioning server's service certificate.
  • For apps using entitlement licenses, loading new entitled keys will no longer unload the previous entitled keys. After loading new entitled keys, both the old and new entitled keys will be available for decryption. Once loaded, entitled keys will remain valid until the session they were loaded into is closed.
    • This does not affect the behavior of OEMCrypto. Inside OEMCrypto, there remains at most one entitled key loaded for each entitlement key. The CE CDM handles switching out entitled keys so that the correct entitled key is loaded at any given time.
  • It is now possible to manually provision the CE CDM, rather than relying on the automatic generation of a provisioning request when attempting to generate a license request on an unprovisioned system. Partners that know they need to provision can use Cdm::getProvisioningRequest() and Cdm::handleProvisioningResponse() to perform provisioning before trying to open any sessions.
  • A new method, Cdm::forceRemove() has been added to allow the removal of offline data associated with a license without a server roundtrip. This is generally not what is desired, and this method should be used only by partners who are certain they want to discard offline licenses and/or usage info without the server being aware of it. Most partners will want to continue using Cdm::remove() to perform a release roundtrip with the licensing server, so that the server can track the release and record the final usage information.
  • An OEMCrypto clock rollback-prevention test has been added, UsageTableTest.TimeRollbackPrevention. This test can only run if the unit tests are being run as root, however, and is disabled automatically when the unit tests are run as a non-root user.
  • Usage information is now persisted to disk whenever a session is closed, in addition to its existing behavior of saving periodically. This gives better persistence at the expense of slightly more storage writes.
  • Additional unit tests for existing behavior have been added.
  • This changelog now has a table of contents.
  • Widevine_OEMCrypto_Version_Compatibility.pdf has been added, outlining the compatibility between the various Widevine CDM releases and the various OEMCrypto versions.
  • Widevine_DRM_Device_Provisioning_Models.pdf has been added, outlining the differences between Provisioning 2.0 and 3.0.
  • The script create_static_bundle.py has been added to assist partners who want to concatenate all the static libraries that make up the Widevine CE CDM into one static library.

Dependency Updates:

  • The bundled version of Protocol Buffers has been updated to v3.5.1. The Widevine CE CDM should continue to work with any version of Protocol Buffers at or greater than v2.6, but we now recommend v3.5.1.
    • As part of this update, the compilation flags for Protocol Buffers were changed. Depending on the flags partners use by default, they may need to make changes to their flags to accommodate the new version of Protocol Buffers.
  • The bundled version of BoringSSL has been updated to commit 0080d83b9faf8dd325f5f5f92eb56faa93864e4c.

Bugfixes:

  • Cleaned up redundant compiler flags in the sample x86-64 platform files.
  • UsageTableTest.TwoHundredEntries was actually testing 201 entries. It has been fixed.
  • The CE CDM will now build without modification on Clang 4 and 5. Previously, the Protobuf build triggered some warnings that were treated as errors.
  • The CDM will now prevent attempts to unprovision devices that use a baked-in device certificate in their OEMCrypto implementation, as it is not possible to reprovision these devices.
  • The documentation for Cdm::initialize() has been updated to make the caller's responsibilities more explicit. The caller must ensure that the objects passed to the library at initialization outlive the library itself. This has always been the case, but the documentation for it has been made clearer.
  • The documentation for Cdm::create() was not updated to reflect the changes in CE CDM 14.0.0 that disallowed passing NULL to it. The documentation has been updated.
  • The CDM now recovers more gracefully when files persisted to disk have been corrupted.
  • A race condition between Cdm::decrypt(), Cdm::close(), and periodic timers has been fixed.
  • The copyright headers on the source code files have been updated.
  • Fixed a situation where the CDM might incorrectly report the expiration time of licenses that never expire. Cdm::getExpiration() should now correctly report an expiration of -1 for these licenses. Note that the actual expiration time was always being tracked correctly internally; it was only being reported incorrectly to the application.
  • The CE CDM already made defensive copies of the buffer parameters when decrypting data in chunks, but it did not make defensive copies when calling OEMCrypto_CopyBuffer() in chunks. This has been fixed. This resolves issues that occurred when OEMCrypto modified the buffer parameters in-place during calls to OEMCrypto_CopyBuffer().
  • Several disabled unit tests that did not need to be disabled anymore have been re-enabled.
  • Fixed a place where newer versions of Clang could not infer the correct overload of std::string::insert() to call.
  • The HttpSocket class used by the unit tests is now more resilient against errors that occur during HTTPS communication and will retry after a delay when it detects a retryable error.

14.0.0 (2018-05-16)

Features:

  • Support for OEMCrypto 14, including new unit tests that exercise its functionality. For a full list of new features in OEMCrypto 14, please see the Widevine Modular DRM Version 14 Delta document.
    • Widevine CE CDM 14.0.0 is not compatible with any previous version of OEMCrypto. It is only compatible with OEMCrypto v14.
  • Added a new overload of the load() function for loading keys embedded inside a PSSH header. This allows for key rotation without multiple server roundtrips, using entitlement licenses. See the Integration Guide for more information.
  • The version number of the Widevine CE CDM has been bumped to bring the version numbers of OEMCrypto, the Widevine CE CDM, and the Widevine Android CDM closer to each other. The major version number of the CE CDM will now always be the highest version of OEMCrypto supported by that version of the CE CDM. This is always the version of OEMCrypto that we recommend using with the CE CDM.
    • For this release, the version number is 14.0.0 to reflect that this is the first release to support OEMCrypto 14.
  • Vendors no longer need to supply a copy of either OpenSSL or BoringSSL in order to compile the CDM. The Widevine CE CDM will now always use the copy of BoringSSL in the third_party/ directory, which is provided with the CDM source code.
    • When compiled as a dynamic library, the Widevine CE CDM links statically with this copy of BoringSSL using hidden visibility. This requires no changes on the part of partners, so long as they are using the Widevine CE CDM as a dynamic library. The Widevine CE CDM does not export any BoringSSL functions and no longer interacts with the platform's copy of OpenSSL or BoringSSL.
    • When using the Widevine CE CDM as a static library, partners are responsible for providing a compatible copy of BoringSSL. The file third_party/boringssl/kit/BORINGSSL_REVISION contains the hash of the version of BoringSSL included with the CE CDM, which can be used to guide decisions about compatible versions of BoringSSL.
      • The Widevine CE CDM no longer supports OpenSSL. Those wishing to use the CE CDM as a static library with OpenSSL will have to make small modifications to the code where it uses BoringSSL-only APIs in order to compile with OpenSSL.
  • New build configuration setting: asm_target_arch
    • When building assembly language files, this setting is used to determine which CPU architecture's instructions to include.
    • If this flag is not set by the configuration, it defaults to none, which turns off use of assembly language completely. We strongly recommend overriding this default so that you receive the speed benefits of assembly language.
    • Valid values are:
      • x86
      • x86-64
      • arm
      • arm64
      • ppc64
      • none
  • Protobuf is now compiled by default to not use RTTI support. This reduces the size of the final binary and allows for easier support of platforms without RTTI.
  • Several additional flags have been added to the example settings.gypi in the x86-64 build to reduce the size of the final binary. Partners may want to consider setting similar flags on their own builds.
    • no-rtti (Widevine CE CDM does not and has never used RTTI.)
    • no-exceptions (Widevine CE CDM does not and has never used exceptions.)
    • lto
  • It is no longer permissible to pass a null IStorage pointer to Cdm::create(). Previously, passing NULL would select the global/default IStorage as the storage for the new CDM instance. However, starting in CE CDM 3.5.0, the default IStorage began to be the storage for global data such as the usage table header. To clarify its purpose, we are removing its ability to do double duty as global storage and as a default for new CDM instances.
    • It is still permitted to use the same IStorage instance for the global storage and as the storage for a specific CDM instance. If this is what you intend, just pass the same pointer to both Cdm::initialize() and Cdm::create().
  • Due to nonce flood protections in OEMCrypto, provisioning and licensing request generation can fail due to too many requests being generated quickly. Such failures can be retried successfully after a delay. This has always been the case. To help in discerning when a failure is due to a nonce flood and can be retried, these failures will now be reported as kQuotaExceeded errors.
  • There is a new parameter on onKeyStatusesChange(), has_new_usable_key. This will be set to true when the status change has resulted in any new keys becoming available. This can be used to more efficiently implement certain EME behavior.
  • A new function, getStatusForHdcpVersion() has been added to the CDM interface. This function can be used to implement getStatusForPolicy() from the EME Extension: HDCP Policy Check proposal.
  • The default service certificate used for Provisioning 3.0 has been updated to reflect changes to the Widevine Provisioning Server.

3.5.0 (2017-11-22)

Features:

  • Support OEMCrypto v13.2.
  • Remove c++11-specific language features and library usages. Current standard compliance is at gnu++98.
  • Supply boringssl in third_party. This is the preferred SSL implementation, although the gyp build scripts still allow an external boringssl or OpenSSL library to be used.
  • A number of gyp build rule changes have been made to improve how dependencies are managed and how compile and link command switches are applied. Compiler flags are used to restrictively detect and report potential issues.
  • Support for large Usage Tables (OEMCrypto v13 feature).
  • Support for SRM enforcement and update (OEMCrypto v13 feature).
  • Support for embedded licenses.
  • Added support for OpenSSL 1.1 (OpenSSL API changes). Earlier versions of OpenSSL are still supported. The actual OpenSSL version being used is checked at compile time.
  • Begin migration to exclusively supporting BoringSSL.
  • Add adapter and stubs for running CDM against OEMCrypto v12. Remove the adapter for OEMCrypto v8. Currently adapters exist for OEMCrypto versions 9 through 12.
  • Add Fuzzing tests for OEMCrypto interface (work in progress).

BugFixes:

  • Numerous Usage Table fixes and improvements.
  • Memory leak fixes.
  • Handle non-aligned nonce pointer in RewrapDeviceRSAKey calls.
  • Fix scoping errors in gyp build rules.
  • Fixes to offline license handling.

3.4.1 (2017-08-31)

Features:

  • Preliminary support for sublicenses and key rotation using sublicenses.

BugFixes:

  • Fixed build failure in protobuf host tools build (relaxed compiler warning checks).
  • Enabled a number of more restrictive compiler checks, and fixed non-compliant code.
  • Mock OEMCrypto: handle case of non-aligned nonce pointer in OEMCrypto_RewrapDeviceRSAKey() and OEMCrypto_RewrapDevideRSAKey30()

3.3.0 (2017-05-03)

Features:

  • Support OEMCrypto V12. Versions 8 through 11 are supported through adapters.
  • Bugfixes to Provisioning 3.0.
  • Add tool for generating Provisioning 3.0 OEM Certificates.
  • Add property (provisioning_messages_are_binary)to control whether CDM generates/accepts provisioning messages in binary or base64+JSON format (default is base64+JSON).
  • Upgrade Protobuf kit (from 2.5.0 to 2.6.1).
  • Add Cdm::getServiceCertificateRequest() and Cdm::parseServiceCertificateResponse().
  • Add API calls for managing usage records:
    • Cdm::listUsageRecords
    • Cdm::deleteUsageRecord
    • Cdm::deleteAllUsageRecords
  • Remove automatic Service certificate fetch from CDM.
    • The CDM client is responsible for ensuring the CDM has a valid Service Certificate.
  • Add status return to report that playback is blocked by HDCP or video resolution constraints (kKeyUsageBlockedByPolicy).
  • Provisioning Request and Response are base64 (web-safe) protobuf messages:
    • The request message in an IEventListener::onDirectIndividualizationRequest() callback.
    • The response message in the call to Cdm::update(). Conversions and/or filtering required by a particular Provisioning Server must be performed in CDM client code.

Bugfixes:

  • Various compiler warnings.
  • Provisioning 3.0 bugfixes.

3.2.0 (2016-12-17)

Features:

  • Changed location for fetching protobuf kit. Still using 2.5.0.
  • Upgrade stringencoders to most recent release (28ae396)
  • Upgrade gmock 1.7.0 to googletest 1.8.0
  • Remove default service certificate.
  • Add Cdm::listStoredLicenses().
  • Break decryption buffers into 100KiB blocks if/when needed.
  • Add Cdm::setVideoResolution().
  • Add Cdm::isProvisioned() and Cdm::removeProvisioning().
  • Add Cdm::removeUsageTable().
  • Change default setting of Properties::use_certificates_as_identification to TRUE.
  • Changes to duration semantics in PolicyEngine.
  • Support Provisioning v3.0.
    • Add support for OEM Certificate - use it in provisioning request.
    • Pass provider ID from service certificate to provisioning request.
    • Retrieve device serial number from stored DRM Device Certificate.
  • Upgrade to OEMCrypto V12.

Bugfixes:

  • Add log messages for bad Keybox token.
  • Make HTTP transactions in unit tests more robust.
  • Ensure proper cleanup of offline release sessions.
  • Avoid potential race condition on closing CDM sessions.
  • Move g_cutoff earlier in Cdm::Initialize() - allows early debug messages to be suppressed.
  • Unit test bugfixes.

3.0.6 (2016-08-15)

Bugfixes:

  • Upgraded TLS version used in HTTPS connections made by the unit tests, for compatibility with recent changes to our servers

3.1.0 (2016-07-18)

Features:

  • Updates to conform to EME June 10, 2016 Specification (http://www.w3.org/TR/2016/WD-encrypted-media-20160610/)
    • Add per-origin storage of all persistent data.
    • Use EME Direct Individualization to provision devices.
    • Add IEventListener::onDirectIndividualizationRequest() callback.
    • A "license-release" message is no longer fired on calls to load().
  • Add CDM entry points for generic crypto operations (Cdm::genericEncrypt(), Cdm::genericDecrypt(), Cdm::genericSign(), Cdm::genericVerify()).
  • Add support for CENC 3.0 and decryption of encrypted HLS content.
  • Add support for querying allowed usage for a key (Cdm::getKeyAllowedUsages()).
  • Upgrade to OEMCrypto v11.
  • Numerous unit test additions and improvements.
  • Add jsmn to third_party/.

Bugfixes:

  • Remove IEventListener::onMessageUrl() callback.
  • Don't check/validate crypto mode when Decrypt is called with unencrypted data.
  • Ensure keys are loaded before sending OnKeyStatusChange notifications. This avoids errors due to prematurely checking key statuses.
  • Correctly handle a bad RSA key.

3.0.5 (2015-12-16)

Features:

  • Add openssl_config variable for gyp-based projects which already include OpenSSL or BoringSSL

Bugfixes:

  • Sleep between tests to avoid triggering OEMCrypto nonce-flood errors on very fast machines

3.0.4 (2015-12-14)

Features:

  • Enforce storage restrictions based on the license type and policy
  • Updated to EME spec 2015-11-20
    • Updated kPersistent to kPersistentLicense
    • Updated kInvalidAccess with kTypeError and kRangeError
    • Updated kOutputNotAllowed to kOutputRestricted
    • Added key status kReleased
    • Added new session type (kPersistentUsageRecord) used for "secure stop"
  • Enabled WebM-related tests for CdmEngine

Bugfixes:

  • Fixed OEMCrypto test bugs regarding nonce-enabled and nonce-or-entry flags
  • Fixed build system bug to allow adding the static CDM library as a dependency of another gyp static library target
  • Fixed message type for service cert requests
  • Fixed reporting of expiration for sessions which do not expire
  • Fixed test bugs in which changing execution order caused test failures
  • Fixed bug in OEMCrypto_DeleteUsageTable in which the empty table was not written to disk
  • Fixed bug in CE CDM tests in which OEMCrypto usage table data was not cleared between test runs, causing issues with duplicate PSTs

3.0.3 (2015-11-09)

Features:

  • Added x86-32 build settings

Bugfixes:

  • Fix buffer overflow in mock OEMCrypto on 32-bit systems
  • Fixed OEMCrypto_RefreshKeys return value
  • Fixed OEMCrypto_GenerateRSASignature return value
  • Fixed assertions during server certificate provisioning, triggered by a race condition
  • Removed spurious error messages from CdmEngine::AddKey()
  • Fixed PSS verification in iOS privacy crypto implementation

3.0.2 (2015-09-18)

Features:

  • Updated OEMCrypto docs
  • Privacy crypto implementation for iOS
  • Now builds with strict warnings and warnings as errors
  • Added an extra method to IEventListener to allow integration with older versions of Chromium using prefixed EME
    • NOTE: This is temporary and will be removed in a future release

Bugfixes:

  • Fixed support for C++11 and clang
  • Prevent renewal license when can_renew is false
  • Fixed variable-length key ID tests
  • Fixed enforcement of secure buffer types for decrypt
  • Fix type-casting issues with various versions of OpenSSL and BoringSSL
  • Return kNotSupported when generateRequest called with non-Widevine initdata

3.0.1 (2015-09-11)

Features:

  • Added new methods to access app parameters available on Android
  • Test suite is now IPv6-ready
  • Exposed IClient inheritance for Cdm interface
  • Added baked-in cert support to the mock OEMCrypto

Bugfixes:

  • Made improvements to tests for OEMCrypto and core
  • Return client ID information in secure stop
  • Fix multiple deletions of OEMCrypto usage table entries
  • Don't delete offline licenses when a new device cert is provisioned
  • Hardened BufferReader class
  • Removed excess logging in PSSH parser
  • Fixed iOS build issues with MD5 in DeviceFiles
  • Fixed iOS build issues with protobuf_config==target
  • Fixed bugs in OEMCrypto v9 and v10 adapters
  • Fixed inclusion of unit test gypis from external projects

Broken compatibility:

  • Added a cancel() method to ITimer, needed for some timer implementations

3.0.0 (2015-06-19)

v3.0 introduced a completely new interface which is not backward compatible with v2.x.

Features:

  • Simplified, synchronous interface which mimics EME APIs
  • Support for key statuses and session expiration times
  • Simplified build system with fewer build-time flags
  • Simplified initialization with runtime settings for client info, log levels, and secure output modes
  • Secure output modes are explicit, and individual decrypt requests can be done in the clear (for example, for platforms with L3 audio)
  • Device certificates are now required for all platforms and must be provisioned during initialization if not present
  • Simplified storage interface with more explicit methods
  • New integration guide which replaces several older documents