am c10898e8: am b2af1e63: OEMCrypto Version 9 API (KLP Modular Version)

* commit 'c10898e8975683ca7243b524f7a0e42b06ebc7e3': OEMCrypto Version 9 API (KLP Modular Version)
2014-03-10 18:37:46 +00:00
parent f794ea70b1 c10898e897
commit 0444a6499f
8 changed files with 1136 additions and 400 deletions
--- a/libwvdrmengine/cdm/core/src/crypto_session.cpp
+++ b/libwvdrmengine/cdm/core/src/crypto_session.cpp
@@ -382,7 +382,7 @@ CdmResponseType CryptoSession::LoadKeys(const std::string& message,
  OEMCryptoResult sts = OEMCrypto_LoadKeys(
      oec_session_id_, msg, message.size(),
      reinterpret_cast<const uint8_t*>(signature.data()), signature.size(),
-      enc_mac_key_iv, enc_mac_key, num_keys, &load_key_array[0]);
+      enc_mac_key_iv, enc_mac_key, num_keys, &load_key_array[0], NULL, 0);

  if (OEMCrypto_SUCCESS == sts) {
    return KEY_ADDED;
@@ -514,7 +514,7 @@ bool CryptoSession::GenerateSignature(const std::string& message, bool use_rsa,
  if (use_rsa) {
    sts = OEMCrypto_GenerateRSASignature(
        oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
-        message.size(), NULL, &length);
+        message.size(), NULL, &length, kSign_RSASSA_PSS);
    if (OEMCrypto_ERROR_SHORT_BUFFER != sts) {
      LOGD("GenerateSignature: OEMCrypto_GenerateRSASignature err=%d", sts);
      return false;
@@ -537,7 +537,7 @@ bool CryptoSession::GenerateSignature(const std::string& message, bool use_rsa,
        oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
        message.size(),
        reinterpret_cast<uint8_t*>(const_cast<char*>(signature->data())),
-        &length);
+        &length, kSign_RSASSA_PSS);
  } else {
    sts = OEMCrypto_GenerateSignature(
        oec_session_id_, reinterpret_cast<const uint8_t*>(message.data()),
--- a/libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
+++ b/libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
@@ -48,7 +48,8 @@ typedef OEMCryptoResult (*L1_LoadKeys_t)(
    OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
    const uint8_t* signature, size_t signature_length,
    const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
-    const OEMCrypto_KeyObject* key_array);
+    const OEMCrypto_KeyObject* key_array,
+    const uint8_t* pst, size_t pst_length);
 typedef OEMCryptoResult (*L1_RefreshKeys_t)(
    OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
    const uint8_t* signature, size_t signature_length, size_t num_keys,
@@ -88,7 +89,8 @@ typedef OEMCryptoResult (*L1_GenerateRSASignature_t)(OEMCrypto_SESSION session,
                                                     const uint8_t* message,
                                                     size_t message_length,
                                                     uint8_t* signature,
-                                                     size_t* signature_length);
+                                                     size_t* signature_length,
+                                                     RSA_Padding_Scheme algorithm);
 typedef OEMCryptoResult (*L1_DeriveKeysFromSessionKey_t)(
    OEMCrypto_SESSION session, const uint8_t* enc_session_key,
    size_t enc_session_key_length, const uint8_t* mac_key_context,
@@ -239,9 +241,10 @@ class Adapter {
      return false;
    }
    uint32_t level1_version = level1_.APIVersion();
-    if (level1_version != oec_latest_version) {
+    uint32_t minimum_version = 8;  // TODO(fredgc): allow version 8 and 9?
+    if (level1_version < minimum_version) {
      LOGW("liboemcrypto.so is version %d, not %d. Falling Back to L3.",
-           level1_version, oec_latest_version);
+           level1_version, minimum_version);
      return false;
    }
    if (OEMCrypto_SUCCESS == level1_.IsKeyboxValid()) {
@@ -439,13 +442,14 @@ extern "C" OEMCryptoResult OEMCrypto_LoadKeys(
    OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
    const uint8_t* signature, size_t signature_length,
    const uint8_t* enc_mac_key_iv, const uint8_t* enc_mac_key, size_t num_keys,
-    const OEMCrypto_KeyObject* key_array) {
+    const OEMCrypto_KeyObject* key_array,
+    const uint8_t* pst, size_t pst_length) {
  if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
  LevelSession pair = kAdapter->get(session);
  if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
  return pair.fcn->LoadKeys(pair.session, message, message_length, signature,
                            signature_length, enc_mac_key_iv, enc_mac_key,
-                            num_keys, key_array);
+                            num_keys, key_array, pst, pst_length);
 }

 extern "C" OEMCryptoResult OEMCrypto_RefreshKeys(
@@ -579,12 +583,12 @@ extern "C" OEMCryptoResult OEMCrypto_LoadDeviceRSAKey(

 extern "C" OEMCryptoResult OEMCrypto_GenerateRSASignature(
    OEMCrypto_SESSION session, const uint8_t* message, size_t message_length,
-    uint8_t* signature, size_t* signature_length) {
+    uint8_t* signature, size_t* signature_length, RSA_Padding_Scheme algorithm) {
  if (!kAdapter) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
  LevelSession pair = kAdapter->get(session);
  if (!pair.fcn) return OEMCrypto_ERROR_INVALID_SESSION;
  return pair.fcn->GenerateRSASignature(pair.session, message, message_length,
-                                        signature, signature_length);
+                                        signature, signature_length, algorithm);
 }

 extern "C" OEMCryptoResult OEMCrypto_DeriveKeysFromSessionKey(