widevine-partner/ce_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53 Commits 1 Branch 0 Tags
19.1.0
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Matt Feddersen b8bdfccebe Source release 19.1.0
2024-03-29 10:49:35 -07:00
cdm
Source release 19.1.0
2024-03-29 10:49:35 -07:00
core
Source release 19.1.0
2024-03-29 10:49:35 -07:00
factory_upload_tool
Source release 19.1.0
2024-03-29 10:49:35 -07:00
metrics
Source release 18.5.0
2024-03-28 19:15:22 -07:00
oem_certificate_generator
Source release 17.1.2
2023-06-23 15:37:42 -07:00
oemcrypto
Source release 19.1.0
2024-03-29 10:49:35 -07:00
platforms
Source release 19.1.0
2024-03-29 10:49:35 -07:00
third_party
Source release 19.1.0
2024-03-29 10:49:35 -07:00
util
Source release 19.1.0
2024-03-29 10:49:35 -07:00
.gitallowed
Source release 17.1.0
2022-07-07 17:14:31 -07:00
.gitignore
Source release v3.0.2
2015-10-08 17:12:42 -07:00
build_utils.py
Source release 17.1.0
2022-07-07 17:14:31 -07:00
build.py
Source release 17.1.2
2023-06-23 15:37:42 -07:00
CHANGELOG.md
Source release 19.1.0
2024-03-29 10:49:35 -07:00
README.md
Source release 19.1.0
2024-03-29 10:49:35 -07:00

README.md

Widevine CE CDM 19.1.0

Released 2024-03-28

Getting Started

This project contains the sources for building a Widevine CDM module. Read the following to learn more about the contents of this project and how to use them:

The Widevine Developer Site documents the CDM API and describes how to integrate the CDM into a system.

New in v19.1.0

Note: Release v19.0 was skipped so that this release's version number matches the OEMCrypto version.

Features

  • Supports up to OEMCrypto v19.1, including new OEMCrypto tests introduced since OEMCrypto v18.
  • Added support for License Protocol v2.2, which uses SHA256-signed license requests.
  • Raised the minimum required version of C++ to C++17.
  • Added a new error code, kDeviceRevoked, which requires special handling.
    • kDeviceRevoked may be returned from any method that processes a service response. It indicates that the device's root of trust has been revoked and is no longer trusted.
    • All service interactions will fail after this, even after a device reboot or factory reset. Apps may want to handle this error by using a different DRM system, if supported.
    • Devices that support renewal can escape this condition by renewing their root of trust. Root of trust renewal is outside the scope of CE CDM. You'll need to work directly with your Widevine contact.
  • Added additional logging when license request fails, to help diagnose what went wrong.
  • Improved support for HDCP v1.0-1.4 version.
    • Cdm::getStatusForHdcpVersion() can now accept a specific HDCP 1.x minor version (specifically 1.0, 1.1, 1.2, 1.3, or 1.4) when checking if content can be decrypted.
    • The legacy behavior is still available via Cdm::HdcpVersion::kHdcp1_x.
    • See Bug Fixes note about related bug in previous versions.
  • Added support for Cast provisioning 4.0
    • Cast uses a slightly different provisioning 4.0 protocol compared to non-Cast cases. The additions to the protocol are internal to the library, and do not require API changes for CE CDM users
    • Additional tests are included, these tests will automatically skip for device which do not use provisioning 4.0.
  • Improved performance for unencrypted data provided via Cdm::decrypt().
    • Some apps are known to always use decrypt calls, even if parts of the data are completely unencrypted. The CDM will now check if samples/ sub-samples of decryption batch data can skip the decryption stage and instead directly copied to the secure output.
  • Various minor performance improvements
    • Reduced internal data copying.
    • Test runtime improvements:
      • Skipped set up for unsupported features.
      • Improved test data storage management.
      • Removed unused internal testing fixtures.
    • Compile time improvements by better dependency checks for third-party libraries.
  • CE CDM now compiles clean with -Wunused-parameter.
  • Added support for new provisioning flow for baked-in certificates on devices using Widevine's embedded device certificate.
    • Affected partners should check the L3 OEMCrypto documentation for details.
  • Added new tests for CE CDM and OEMCrypto v18.5 features.
  • Improved code performance slightly by reducing copy operations.
  • Added additional tests to check for problems when moving usage entries.

Bug Fixes

  • Fixed major issue with loss of offline licenses when stored license count exceeds OEMCrypto's usage table size limit.
    • Issue only affects users with 300 or more downloaded offline licenses across all apps.
  • Fixed major issue with memory corruption when apps misuse the API by making certain key operations before license is loaded.
    • Specifically, if an app generates a license request via Cdm::generateRequest(), then calls Cdm::remove() before Cdm::update() with the license response it can cause the CDM to crash.
  • Fixed mistaken test failures when the CE CDM and OEMCrypto versions were not identical.
  • Fixed an issue with DRM certificate serial number stability for provisioning 4.0 devices.
    • This only affected very specific devices when going through their specific factory reset process.
    • Added additional tests to catch future, similar errors.
  • Fixed an issue with Cdm::getKeyStatuses() reporting error for certain licenses which use specific HDCP v1.x minor versions.
  • Fixed an issue with URL parsing in test code for renewal requests
    • Certain tests used special URL parameters which were not properly accounted for in the CE CDM's test utility code; this caused tests to fail on otherwise working devices.
  • Fixed the CAS tests sometimes not being skipped on non-CAS-supporting devices.
  • Removed tests that explicitly tested against Widevine's staging provisioning servers.
  • Fixed minor issue with tests which were generating many warnings from expected behavior.
    • These warning did not cause the tests to fail, but created a lot of noise when trying to diagnose other failures
  • Fixed a potential out-of-bounds read in the logging code for certain invalid severity level values.
  • Fixed many minor issues identified via static analysis.

CHANGELOG.md lists the major changes for each past release.

Contains No OEMCrypto

The CE CDM requires an implementation of OEMCrypto, our hardware abstraction layer, in order to compile and run successfully. If you are an OEMCrypto implementer, you should have access to the OEMCrypto partner repository, which contains additional source code and information about implementing OEMCrypto, including the Widevine-written OEMCrypto implementation, the OEMCrypto Porting Kit. (OPK) If you are not an OEMCrypto implementer, then you will need to get an OEMCrypto implementation from your SoC manufacturer before you can use the CE CDM.

Description
No description provided
Readme 93 MiB