In order to reproduce the issue in the white-box and VMP+RA, padding
must be used in the license. This change updates the VMP+RA test
to run every test with and without padding. The expected test
outcomes should not different between padding and no padding.
This change brings the partner repo in sync with the internal repo
at commit abcc1f9bebf1f36a108a84155ae821b8764ec4ad.
Before the VMP/RA tests only tested that decryption was successful
(checking the return code) but did not test the actual success of the
decryption (checking the decrypted plaintext against golden
plaintext).
This brings this repo in sync with the internal repo's commit
58d85cf6b19ecfb932f8edc2eaa8e907a1d21489.
It is possible for the key security level to be omitted from the
key container. When this happens, SW_SECURE_CRYPTO should be used
as the key's security level (as per the protobuf definition).
This only matters when reading the security level from the key
container since the security level must appear in the key control
block.
This change adds a test that will purposely omit the key security
level from the key container.
We were missing break-statements when parsing the security levels
from the key control block.
To confirm this, the key control block tests were updated to attempt
decrypting so that we will try using the keys. The test that used
the KCB was failing since they key security level was "hardware".
This brings this repo in sync with the internal repo at commit
499bfbbb5beb6842071e47125842aedb12b1a8e0.
This change updates the external copy of the reference to match the
internal copy at commit cda42fa07b533f8aad3183cd7eb99ce553949f88 which
introduces the tests (and fix) to handle an encrypted key block.
Rather than having init data for the license white-box be passed in
via WB_License_Create, this changes it so that it is assumed that
the private key is compiled into the white-box code.
Minor changes in this code drop include:
- Updating the git attributes to avoid line-ending conflicts between
different operating systems
- Resolving a linking issue seen on Windows
- Removing default parameter for padding in conformance tests
To make it easier to have separate implementations, we have
structured the repo so that there are three Bazel workspaces:
- The API (and reference)
- The vendor implementation for dev
- The vendor implementation for prod
This allows the vendor implementation to be separated from
the API, while it makes little difference in this repo. While
it makes little difference for this repo, it makes managing versions
much easier internally. We do it here to better reflect our internal
structure to partners.
A vendor implementation has been stubbed in (BUILD file and directory
structure) to provide vendors with some scaffolding to organize their
implementation.
In this code update we add a test to ensure that the White-box API
implementation handle seeing multiple renewal keys correctly. Since
there should be no more than one renewal key in a license response, upon
seeing a second renewal key, the implementation should return a
WB_RESULT_INVALID_PARAMETER code.
Due to changes in how Chrome manages CHECKS and DCHECKS, this code has
been updated to use the new headers.
In this code drop we introduce the ODK dependency. The reference
implementation has been updated to make use of the ODK and the related
tests have been included.
In addition, we have included an example of how a shared libraries can
be created. This will allow make it easier to test and verify different
implementations of the API.
Most other changes introduce by this code drop were made to clean-up the
reference implementation and limit dependencies.
In this code drop we introduce the benchmarking tests that allow us to
compare the performance of different implementations. Like the other
tests, any implementation can link with them to create their own
binary.
There are two types of benchmarks:
1 - Throughput, which measures the speed that a function can process
information (bits per second). These are used for AEAD decrypt
and license white-box decrypt functions.
2 - Samples, which measures the min, 25% percentile, median, 75%
percentile, and max observed values. These is used for all other
functions as a way to measure the execute duration of a call.
The other change in this code drop is the update to the unmasking
function to only unmask a subset of the bytes in the masked buffer.
This was added to better align with the decoder behaviour in the CDM.
In this update we have:
- Added the verified platform tests. These tests show how some
platforms, when verified are allowed to by pass the normal policy
restrictions. This is done with ChromeOS, thus the name of the
tests use "chrome_os".
- Removed WB_RESULT_INVALID_PADDING. This error was when we the
non-license APIs exposed a AES function with padding. However,
those functions have been removed from the API and this error is
no longer used by the API.
- Tests have been updated to avoid signed-vs-unsigned comparison
and to use the Chromium path to gTest (which is mocked in this
library).
- Tests have been updated to use a new test base and golden data
system to make them easier to read.
This is the second code drop for the white-box api reference
implementation and tests. This corrects the errors in the license
white-box reference implementation and implements the remaining
test cases.
It should be noted that there is one test case missing, the test case
for handling ChromeOS's unique policy settings.
In order to make the tests easier to create and read, a license
builder class was created and golden content and keys were wrapped in
their own classes.
How key errors are communicated was changed in the API.
WB_RESULT_NO_SUCH_KEY and WB_RESULT_WRONG_KEY_TYPE were merged into
WB_RESULT_KEY_UNAVAILABLE.
This is the initial code drop of the reference implementation and
test cases for the Widevine Whitebox API.
In this drop, the full reference implementation for the AEAD
white-box is provided and all test cases verifying the top-level
behave have are enabled. Since the implementations can vary so much
the testing is mostly left to verifying the return codes for specific
parameter conditions.
A full reference implementation for the license white-box is provided,
however not all tests are implemented or enabled. A number of tests
have been disabled as they required a loaded license and test licenses
are still being worked on.
The two license white-box API functions that are the further from
competition are ProcessLicenseResponse() and MaskedDecryt().
ProcessLicenseResponse() is still being worked on and MaskedDecrypt()
is waiting on Decrypt() to be fully functional.
Most tests focus on verifying return code for specific parameter
conditions, but as test licenses are created, tests looking to test
the internal behaviour of license management will be added to
ProcessLicenseResponse(), Decrypt(), and MaskedDecrypt().
