widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Specify encoding restrictsion for BCC

Browse Source 
If the BCC has an RSA key, then it needs to be parsed by
BoringSSL, which expects rsaEncryption as the encoding type.

Bug: 272102162

Change-Id: I9b7dc374d8db80efda062b47f6b17720d9bc2ba2
This commit is contained in:
Fred Gylys-Colwell
2023-07-10 15:51:38 -07:00
committed by Robert Shih
parent 0a9bc6534c
commit 0a39e71bfb
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -4924,6 +4924,11 @@ OEMCryptoResult OEMCrypto_GetBootCertificateChain(
* function is used to generate an OEM Certificate key pair, the session will be
* ready to sign a provisioning request with the OEM Cert private key.
*
* The public key shall be an ASN.1 DER-encoded SubjectPublicKeyInfo as
* specified in RFC 5280. Widevine recommends ECC keys for Provisioning 4.0, but
* an RSA key may also be used. If the key is an RSA key, then the encoding
* should use "rsaEncryption" (OID 1.2.840.113549.1.1.1), and not RSASSA-PSS.
*
* @param[in] session: session id.
* @param[out] public_key: pointer to the buffer that receives the public key
* that is to be certified by the server. The key must be an ASN.1