widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[DO NOT MERGE] Revert "Restructed reference root of trust (2/3 DRM Cert)"

Browse Source 
This reverts commit f6f5099604.

Reason for revert: Feature missed deadline

Bug: 135283522
Change-Id: Ic86930ee3444c5a6aa1d78ae3a12a9030c29ef92
This commit is contained in:
Alex Dale
2021-05-17 21:51:54 +00:00
parent 9c47be6aa8
commit 06b637ed95
11 changed files with 458 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
libwvdrmengine/oemcrypto/ref/src/oemcrypto_auth_ref.cpp
View File

@@ -187,6 +187,7 @@ bool AuthenticationRoot::Initialize(OEMCrypto_ProvisioningMethod method) {
// If provisioning method is something other than ProvisioningError
// indicates it has already been initialized before. Must
// existing data.
rsa_key_set_ = false;
rsa_key_.reset();
test_rsa_key_.reset();
keybox_.reset();
@@ -195,11 +196,8 @@ bool AuthenticationRoot::Initialize(OEMCrypto_ProvisioningMethod method) {
prov_method_ = method;
switch (method) {
case OEMCrypto_DrmCertificate: {
std::unique_ptr<RsaPrivateKey> key =
RsaPrivateKey::Load(kPrivateKey, kPrivateKeySize);
if (key) {
rsa_key_ = std::move(key);
} else {
rsa_key_set_ = rsa_key_.LoadPkcs8RsaKey(kPrivateKey, kPrivateKeySize);
if (!rsa_key_set_) {
// This error message is OK in unit tests which use test certificate.
LOGE(
"FATAL ERROR: Platform uses a baked-in certificate instead of a "
@@ -224,7 +222,7 @@ bool AuthenticationRoot::Initialize(OEMCrypto_ProvisioningMethod method) {
bool AuthenticationRoot::IsValid() const {
switch (prov_method_) {
case OEMCrypto_DrmCertificate: {
return HasDrmCertKey() && HasDeviceKey();
return rsa_key_set_ && HasDeviceKey();
}
case OEMCrypto_Keybox: {
return HasDeviceKey();
@@ -326,18 +324,17 @@ OEMCryptoResult AuthenticationRoot::LoadTestRsaKey() {
LOGE("System does not support DRM certificates");
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
if (test_rsa_key_) {
if (test_rsa_key_.get() != nullptr) {
LOGE("Test RSA key is already loaded");
return OEMCrypto_ERROR_INSUFFICIENT_RESOURCES;
}
std::unique_ptr<RsaPrivateKey> key =
RsaPrivateKey::Load(kTestRSAPKCS8PrivateKeyInfo2_2048,
sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048));
if (!key) {
if (!test_rsa_key_.LoadPkcs8RsaKey(
kTestRSAPKCS8PrivateKeyInfo2_2048,
sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048))) {
LOGE("Failed to load test RSA key");
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
test_rsa_key_ = std::move(key);
rsa_key_set_ = true;
return OEMCrypto_SUCCESS;
}