widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Test Key Control Block with HDCP Version

Browse Source 
This is a copy of the Widevine CL:
https://widevine-internal-review.googlesource.com/#/c/9480/

This change is part of OEMCrypto API version 9.

This CL adds verification that a key control block which requires a
specific version of HDCP can be loaded.  Also, if secure data path is
not set, it verifies that data is still decrypted.

This CL also adds test that verify DecryptCTR fails when the current
HDCP version is below that in the key control block.  The expected
error is OEMCrypto_ERROR_INSUFFICIENT_HDCP.  This error code is newly
introduced in this CL.

This is one attempt to clarify HDCP, as specified in b/13626021, and
is a slight modification from previous behavior for the mock and the
level 3 haystacked code.

This CL also tests the two valid verification codes "kctl"
and "kc09".

bug: 13626021
Change-Id: If380709d2306a3489470b29fb148a45b609b089d
This commit is contained in:
Fred Gylys-Colwell
2014-04-10 16:22:25 -07:00
parent 45dc595f92
commit 026a04701e
9 changed files with 188 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -58,6 +58,7 @@ typedef enum OEMCryptoResult {
OEMCrypto_ERROR_INVALID_RSA_KEY = 35,
OEMCrypto_ERROR_KEY_EXPIRED = 36,
OEMCrypto_ERROR_INSUFFICIENT_RESOURCES = 37,
OEMCrypto_ERROR_INSUFFICIENT_HDCP = 38,
} OEMCryptoResult;
/*
@@ -889,7 +890,7 @@ OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session,
* then the current version of HDCP for the device and the display combined will
* be compared against the version specified in the control block. If the
* current version is not at least as high as that in the control block, then
* return OEMCrypto_ERROR_DECRYPT_FAILED.
* return OEMCrypto_ERROR_INSUFFICIENT_HDCP.
*
* 1. If the current session has an entry in the Usage Table, and the status of
* that entry is “inactive”, then return OEMCrypto_ERROR_INVALID_SESSION.[h]
@@ -935,6 +936,7 @@ OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session,
* OEMCrypto_ERROR_INVALID_CONTEXT
* OEMCrypto_ERROR_DECRYPT_FAILED
* OEMCrypto_ERROR_KEY_EXPIRED
* OEMCrypto_ERROR_INSUFFICIENT_HDCP
* OEMCrypto_ERROR_INSUFFICIENT_RESOURCES
* OEMCrypto_ERROR_UNKNOWN_FAILURE
*
@@ -1609,12 +1611,10 @@ OEMCryptoResult OEMCrypto_Generic_Encrypt(OEMCrypto_SESSION session,
* not, return OEMCrypto_ERROR_DECRYPT_FAILED.
* 2. If the current keys control block has the Data_Path_Type bit set, then
* return OEMCrypto_ERROR_DECRYPT_FAILED.
* 1. If the current keys control block has the HDCP bit set, then return
* OEMCrypto_ERROR_DECRYPT_FAILED.
* 2. If the current keys control block has a nonzero Duration field, then the
* 3. If the current keys control block has a nonzero Duration field, then the
* API shall verify that the duration is greater than the sessions elapsed time
* clock. If not, return OEMCrypto_ERROR_KEY_EXPIRED.
* 3. If the current session has an entry in the Usage Table, and the status of
* 4. If the current session has an entry in the Usage Table, and the status of
* that entry is “inactive”, then return OEMCrypto_ERROR_INVALID_SESSION.
*
* Parameters: