223 lines
8.4 KiB
Markdown
223 lines
8.4 KiB
Markdown
## 3.4.1 (2017-08-31)
|
|
|
|
Features:
|
|
- Preliminary support for sublicenses and key rotation using sublicenses.
|
|
|
|
BugFixes:
|
|
- Fixed build failure in protobuf host tools build (relaxed compiler
|
|
warning checks).
|
|
- Enabled a number of more restrictive compiler checks, and fixed
|
|
non-compliant code.
|
|
- Mock OEMCrypto: handle case of non-aligned nonce pointer in
|
|
OEMCrypto_RewrapDeviceRSAKey() and OEMCrypto_RewrapDevideRSAKey30()
|
|
|
|
## 3.3.0 (2017-05-03)
|
|
|
|
Features:
|
|
- Support OEMCrypto V12. Versions 8 through 11 are supported through
|
|
adapters.
|
|
- Bugfixes to Provisioning 3.0.
|
|
- Add tool for generating Provisioning 3.0 OEM Certificates.
|
|
- Add property (provisioning_messages_are_binary)to control whether
|
|
CDM generates/accepts provisioning messages in binary or base64+JSON
|
|
format (default is base64+JSON).
|
|
- Upgrade Protobuf kit (from 2.5.0 to 2.6.1).
|
|
- Add Cdm::getServiceCertificateRequest() and
|
|
Cdm::parseServiceCertificateResponse().
|
|
- Add API calls for managing usage records:
|
|
- Cdm::listUsageRecords
|
|
- Cdm::deleteUsageRecord
|
|
- Cdm::deleteAllUsageRecords
|
|
- Remove automatic Service certificate fetch from CDM.
|
|
- The CDM client is responsible for ensuring the CDM has a valid
|
|
Service Certificate.
|
|
- Add status return to report that playback is blocked by HDCP or
|
|
video resolution constraints (kKeyUsageBlockedByPolicy).
|
|
- Provisioning Request and Response are base64 (web-safe) protobuf messages:
|
|
- The request message in an
|
|
IEventListener::onDirectIndividualizationRequest() callback.
|
|
- The response message in the call to Cdm::update().
|
|
Conversions and/or filtering required by a particular Provisioning Server
|
|
must be performed in CDM client code.
|
|
|
|
Bugfixes:
|
|
- Various compiler warnings.
|
|
- Provisioning 3.0 bugfixes.
|
|
|
|
## 3.2.0 (2016-12-17)
|
|
|
|
Features:
|
|
- Changed location for fetching protobuf kit. Still using 2.5.0.
|
|
- Upgrade stringencoders to most recent release (28ae396)
|
|
- Upgrade gmock 1.7.0 to googletest 1.8.0
|
|
- Remove default service certificate.
|
|
- Add Cdm::listStoredLicenses().
|
|
- Break decryption buffers into 100KiB blocks if/when needed.
|
|
- Add Cdm::setVideoResolution().
|
|
- Add Cdm::isProvisioned() and Cdm::removeProvisioning().
|
|
- Add Cdm::removeUsageTable().
|
|
- Change default setting of Properties::use_certificates_as_identification
|
|
to TRUE.
|
|
- Changes to duration semantics in PolicyEngine.
|
|
- Support Provisioning v3.0.
|
|
- Add support for OEM Certificate - use it in provisioning request.
|
|
- Pass provider ID from service certificate to provisioning request.
|
|
- Retrieve device serial number from stored DRM Device Certificate.
|
|
- Upgrade to OEMCrypto V12.
|
|
|
|
Bugfixes:
|
|
- Add log messages for bad Keybox token.
|
|
- Make HTTP transactions in unit tests more robust.
|
|
- Ensure proper cleanup of offline release sessions.
|
|
- Avoid potential race condition on closing CDM sessions.
|
|
- Move g_cutoff earlier in Cdm::Initialize() - allows early debug messages
|
|
to be suppressed.
|
|
- Unit test bugfixes.
|
|
|
|
## 3.0.6 (2016-08-15)
|
|
|
|
Bugfixes:
|
|
- Upgraded TLS version used in HTTPS connections made by the unit tests, for
|
|
compatibility with recent changes to our servers
|
|
|
|
|
|
## 3.1.0 (2016-07-18)
|
|
|
|
Features:
|
|
- Updates to conform to EME June 10, 2016 Specification
|
|
(http://www.w3.org/TR/2016/WD-encrypted-media-20160610/)
|
|
- Add per-origin storage of all persistent data.
|
|
- Use EME Direct Individualization to provision devices.
|
|
- Add IEventListener::onDirectIndividualizationRequest() callback.
|
|
- A "license-release" message is no longer fired on calls to load().
|
|
- Add CDM entry points for generic crypto operations (Cdm::genericEncrypt(),
|
|
Cdm::genericDecrypt(), Cdm::genericSign(), Cdm::genericVerify()).
|
|
- Add support for CENC 3.0 and decryption of encrypted HLS content.
|
|
- Add support for querying allowed usage for a key
|
|
(Cdm::getKeyAllowedUsages()).
|
|
- Upgrade to OEMCrypto v11.
|
|
- Numerous unit test additions and improvements.
|
|
- Add jsmn to third\_party/.
|
|
|
|
Bugfixes:
|
|
- Remove IEventListener::onMessageUrl() callback.
|
|
- Don't check/validate crypto mode when Decrypt is called with unencrypted
|
|
data.
|
|
- Ensure keys are loaded before sending OnKeyStatusChange notifications.
|
|
This avoids errors due to prematurely checking key statuses.
|
|
- Correctly handle a bad RSA key.
|
|
|
|
|
|
## 3.0.5 (2015-12-16)
|
|
|
|
Features:
|
|
- Add openssl\_config variable for gyp-based projects which already include
|
|
OpenSSL or BoringSSL
|
|
|
|
Bugfixes:
|
|
- Sleep between tests to avoid triggering OEMCrypto nonce-flood errors on
|
|
very fast machines
|
|
|
|
|
|
## 3.0.4 (2015-12-14)
|
|
|
|
Features:
|
|
- Enforce storage restrictions based on the license type and policy
|
|
- Updated to EME spec 2015-11-20
|
|
- Updated kPersistent to kPersistentLicense
|
|
- Updated kInvalidAccess with kTypeError and kRangeError
|
|
- Updated kOutputNotAllowed to kOutputRestricted
|
|
- Added key status kReleased
|
|
- Added new session type (kPersistentUsageRecord) used for "secure stop"
|
|
- Enabled WebM-related tests for CdmEngine
|
|
|
|
Bugfixes:
|
|
- Fixed OEMCrypto test bugs regarding nonce-enabled and nonce-or-entry flags
|
|
- Fixed build system bug to allow adding the static CDM library as a
|
|
dependency of another gyp static library target
|
|
- Fixed message type for service cert requests
|
|
- Fixed reporting of expiration for sessions which do not expire
|
|
- Fixed test bugs in which changing execution order caused test failures
|
|
- Fixed bug in OEMCrypto\_DeleteUsageTable in which the empty table was not
|
|
written to disk
|
|
- Fixed bug in CE CDM tests in which OEMCrypto usage table data was not
|
|
cleared between test runs, causing issues with duplicate PSTs
|
|
|
|
|
|
## 3.0.3 (2015-11-09)
|
|
|
|
Features:
|
|
- Added x86-32 build settings
|
|
|
|
Bugfixes:
|
|
- Fix buffer overflow in mock OEMCrypto on 32-bit systems
|
|
- Fixed OEMCrypto\_RefreshKeys return value
|
|
- Fixed OEMCrypto\_GenerateRSASignature return value
|
|
- Fixed assertions during server certificate provisioning, triggered by a
|
|
race condition
|
|
- Removed spurious error messages from CdmEngine::AddKey()
|
|
- Fixed PSS verification in iOS privacy crypto implementation
|
|
|
|
|
|
## 3.0.2 (2015-09-18)
|
|
|
|
Features:
|
|
- Updated OEMCrypto docs
|
|
- Privacy crypto implementation for iOS
|
|
- Now builds with strict warnings and warnings as errors
|
|
- Added an extra method to IEventListener to allow integration with older
|
|
versions of Chromium using prefixed EME
|
|
- *NOTE: This is temporary and will be removed in a future release*
|
|
|
|
Bugfixes:
|
|
- Fixed support for C++11 and clang
|
|
- Prevent renewal license when can\_renew is false
|
|
- Fixed variable-length key ID tests
|
|
- Fixed enforcement of secure buffer types for decrypt
|
|
- Fix type-casting issues with various versions of OpenSSL and BoringSSL
|
|
- Return kNotSupported when generateRequest called with non-Widevine initdata
|
|
|
|
|
|
## 3.0.1 (2015-09-11)
|
|
|
|
Features:
|
|
- Added new methods to access app parameters available on Android
|
|
- Test suite is now IPv6-ready
|
|
- Exposed IClient inheritance for Cdm interface
|
|
- Added baked-in cert support to the mock OEMCrypto
|
|
|
|
Bugfixes:
|
|
- Made improvements to tests for OEMCrypto and core
|
|
- Return client ID information in secure stop
|
|
- Fix multiple deletions of OEMCrypto usage table entries
|
|
- Don't delete offline licenses when a new device cert is provisioned
|
|
- Hardened BufferReader class
|
|
- Removed excess logging in PSSH parser
|
|
- Fixed iOS build issues with MD5 in DeviceFiles
|
|
- Fixed iOS build issues with protobuf\_config==target
|
|
- Fixed bugs in OEMCrypto v9 and v10 adapters
|
|
- Fixed inclusion of unit test gypis from external projects
|
|
|
|
Broken compatibility:
|
|
- Added a cancel() method to ITimer, needed for some timer implementations
|
|
|
|
|
|
## 3.0.0 (2015-06-19)
|
|
|
|
v3.0 introduced a completely new interface which is not backward compatible
|
|
with v2.x.
|
|
|
|
Features:
|
|
- Simplified, synchronous interface which mimics EME APIs
|
|
- Support for key statuses and session expiration times
|
|
- Simplified build system with fewer build-time flags
|
|
- Simplified initialization with runtime settings for client info,
|
|
log levels, and secure output modes
|
|
- Secure output modes are explicit, and individual decrypt requests can
|
|
be done in the clear (for example, for platforms with L3 audio)
|
|
- Device certificates are now required for all platforms and must be
|
|
provisioned during initialization if not present
|
|
- Simplified storage interface with more explicit methods
|
|
- New integration guide which replaces several older documents
|
|
|