Implement provisioning 3.0 functionality in oemcrypto mock

Merge from widevine repo of http://go/wvgerrit/21684 This CL adds provisioning 3.0 functionality to the OEMCrypto reference implementation. Change-Id: I60c1fd88f246d443e0ae59ad56862c2ea9d95445
2016-11-29 16:00:22 -08:00
parent 3e525dfdd3
commit 08ad98cad9
9 changed files with 673 additions and 248 deletions
--- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_prov30.cpp
+++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_prov30.cpp
@@ -0,0 +1,97 @@
+// Copyright 2016 Google Inc. All Rights Reserved.
+//
+//  Mock implementation of OEMCrypto APIs
+//
+//  This file contains oemcrypto engine properties that would be for a
+//  level 2 device that does not have persistant storage or a keybox.
+//  Note: this is for illustration only.  Production devices are rarely level 2.
+#include "oemcrypto_engine_mock.h"
+
+#include <string.h>
+
+#include "log.h"
+#include "oem_cert.h"
+
+namespace wvoec_mock {
+
+// If local_display() returns true, we pretend we are using a built-in display,
+// instead of HDMI or WiFi output.
+bool CryptoEngine::local_display() {
+  return true;
+}
+
+// A closed platform is permitted to use clear buffers.
+bool CryptoEngine::closed_platform() {
+  return false;
+}
+
+// Returns the HDCP version currently in use.
+OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() {
+  return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1;
+}
+
+// Returns the max HDCP version supported.
+OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() {
+  return HDCP_NO_DIGITAL_OUTPUT;
+}
+
+// Returns true if the client supports persistent storage of
+// offline usage table information.
+bool CryptoEngine::supports_storage() {
+  return false;
+}
+
+// Returns true if the client uses a keybox as the root of trust.
+bool CryptoEngine::supports_keybox() {
+  return false;
+}
+
+// This version uses a keybox.
+OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() {
+  return OEMCrypto_OEMCertificate;
+}
+
+OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session,
+                                                  uint8_t *public_cert,
+                                                  size_t *public_cert_length) {
+  if (kOEMPublicCertSize == 0) {
+    return OEMCrypto_ERROR_NOT_IMPLEMENTED;
+  }
+  if (public_cert_length == NULL) {
+    return OEMCrypto_ERROR_UNKNOWN_FAILURE;
+  }
+  if (*public_cert_length < kOEMPublicCertSize) {
+    *public_cert_length = kOEMPublicCertSize;
+    return OEMCrypto_ERROR_SHORT_BUFFER;
+  }
+  *public_cert_length = kOEMPublicCertSize;
+  if (public_cert == NULL) {
+    return OEMCrypto_ERROR_SHORT_BUFFER;
+  }
+  memcpy(public_cert, kOEMPublicCert, kOEMPublicCertSize);
+  if (!session->LoadRSAKey(kOEMPrivateKey, kOEMPrivateKeySize)) {
+    LOGE("Private RSA Key did not load correctly.");
+    return OEMCrypto_ERROR_INVALID_RSA_KEY;
+  }
+  return OEMCrypto_SUCCESS;
+}
+
+// Returns true to indicate the client does support anti-rollback hardware.
+bool CryptoEngine::is_anti_rollback_hw_present() {
+  return false;
+}
+
+// Returns "L3" for a software only library.  L1 is for hardware protected keys
+// and data paths.  L2 is for hardware protected keys but no data path
+// protection.
+const char* CryptoEngine::security_level() {
+  return "L2";
+}
+
+// This should start at 0, and be incremented only when a security patch has
+// been applied to the device that fixes a security bug.
+uint8_t CryptoEngine::security_patch_level() {
+  return 0;
+}
+
+}  // namespace wvoec_mock