Included changes:
- 676ac7be8548d80c420591fc0b4fb9a11723ef34 Backwards compatibility script for CDM v18 and OPK v19 by Vicky Min <vickymin@google.com>
- 3cd4f71fda91245ac0b61c4c847950952f3021c0 Change BuildInformation ree fields to optional by Matt Feddersen <mattfedd@google.com>
- a2259e95dea40c27a4be02ad479aec8f1fc84737 Created a DICE CBOR Cert parser/serializer. by Alex Dale <sigquit@google.com>
- b8f2c364afeb6279e5aee6488d4527e189ac42ff Don't create invalid enum value by John "Juce" Bruce <juce@google.com>
- b0aed212a3b2dd8f752d8fc43982848c1aa6c152 Created an HLS Key type. by Alex Dale <sigquit@google.com>
- f8cfc54b41f124ba849596dbe6438b7f271a72b7 Specify C/C++ standard when running clang-tidy on OPK by John "Juce" Bruce <juce@google.com>
GitOrigin-RevId: 676ac7be8548d80c420591fc0b4fb9a11723ef34
Because the fake clock is getting out of sync with the real clock for
the nonce flood tests, add a call to TestSleep::SyncFakeClock() in
Clock::GetCurrentTime() to force a sync.
Bug: 198329759
This patch adds a suite of tests for OEMCrypto that verifying buffer
overflow and off-by-one errors. The reference code has also been
updated to pass these tests.
The ODK library and the OEMCrypto API have not changed since the
release of version 16.4.
This update is not required for all devices. It is necessary for
supporting some use cases for offline licenses on devices that do not
support usage tables. Most devices are expected to support usage
tables.
There were no new changes to the OEMCrypto code. However, the ODK
library has been updated so the minior version has been updated to 4.
There were also some changes to the unit tests.
1. We added more tests for pattern decryption.
2. We added more tests for buffer overflow handling.
4. We added some support for fuzz testing. These tests are not quite
ready for wide use.
There were no new changes to the OEMCrypto code. However, the ODK
library changed, so we rolled the minor version number to 3. The ODK
library was updated to support a nonce-free offline license. An
offline license would not require a nonce if, for example, it is
preloaded onto the device and does not have an entry in the usage
table.
Also, the following unit tests have been updated:
1. Various tests: Keys are not derived if they are not used. This is more
in line with the “OEMCrypto state” diagram below.
2. The decrypt hash is not verified when there are multiple samples or no
key is selected.
3. LoadKeyWithNoRequest. A nonce-free license is loaded in a session that
did not sign the request. (Requires 16.3 ODK library)
4. RefreshLargeBuffer. The renewal message was set to the large
size. Previously, only the license request was set to the larger size.
5. OEMCryptoGenericCryptoTest.*LargeBuffer. The correct buffer size is
now being used.
6. ShrinkOverOpenSessions: The correct error code
OEMCrypto_ERROR_ENTRY_IN_USE is now verified.
7. TimeRollbackPrevention: The test was refactored and fixed. Comments
were added.
This CL updates the following:
- Some robustness improvements to the ODK library.
- Unit tests assume that license release does not have a core message.
- Added version string to unit tests.
The version string of the unit tests is now:
OEMCrypto unit tests for API 16.2. Tests last updated 2020-03-27
This commit contains the updated v16.1 documentation dated Nov 12th,
as well has the headers and update ODK library.
Unit tests and reference code is partially implemented, but not yet
complete.
This commit has the initial ODK library. Partners may use this code
to begin integrating the ODK library into their platform. The
functionality is not complete, but this should help partners get an
early start playing with build files.
This change updates the unit tests to have more comments so that it is
more clear what went wrong if a test fails.
Also, some utility code has been changed to make it easier to support
new platforms and read/write locks.
Also, the reference code has had some refactoring added to make it
easier for Widevine to test CDM code. There should be no
functionality differences in the reference code.
Also, in the main API doc, there was an obsolete paragraph in the
description of the threading model. This paragraph has been removed.
This CL updates documentation, reference code, and unit tests to match
the OEMCrypto v15.1 API.
1. The design for the Full Decrypt Path Testing application has
changed. Instead of reading hashes from an external file, it will use
a single key frame and modify it to match the desired size. The test
application will then compute the hash and encrypt the frame. For
OEMCrypto, this means that there will not be a call to
OEMCrypto_InitializeDecryptHash before the frame and
OEMCrypto_SetDecryptHash after the frame. Instead, there will be a
single call to OEMCrypto_SetDecryptHash before the frame. The function
OEMCrypto_InitializeDecryptHash will not be used.
2. The "Shared License" feature is not used by any production
server. This functionality is no longer required and OEMCrypto may
reject licenses with a nonzero bit 23 in the key control block.
This CL updates has several changes.
The document WidevineModularDRMSecurityIntegrationGuideforCENC_v14.pdf
had an incorrect definition of the PST_Report structure. The header
file had the correct definition. This has been updated and the version
number of the document was rolled to 14.1
The unit tests TwoHundredEntries has been modifed to make sure that if
the usage table is full, then OEMCrypto will return the error
OEMCrypto_ERROR_INSUFFICIENT_RESOURCES. This is important for the CDM
layer to correctly delete old licenses and secure stops when this
happens.
Several other unit tests covering corner cases have been added.
The reference code has been cleaned up a bit. Some logging that might
be dangerous has been removed.
This renames the "mock" code to "reference" because that's really what
it is. Also, some code has been moved from the CDM repo to a common
utility directory so that it can be included here, and the oemcrypto
unit tests can now be built without having access to a current CDM
repo.
There are no functionality changes in this CL.
