Refactor OEMCrypto_SetDecryptHash

The current implementation of OEMCrypto_SetDecryptHash gives developers flexibility to use different types of hashes. However, all the implementations we have seen thus far use crc32. Because of this, crc32 should be sufficient and we can refactor OEMCrypto_SetDecryptHash to only use the crc32 hash. Bug: 287706586 Change-Id: I4aaa253b2656dfd9c984f77dfb08fe160b23b47c
2023-08-01 17:29:41 +00:00
parent c26d6d3c97
commit 18369730b9
8 changed files with 51 additions and 43 deletions
--- a/libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
+++ b/libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
@@ -662,7 +662,7 @@ typedef enum OEMCrypto_SignatureHashAlgorithm {
 #define OEMCrypto_ResourceRatingTier          _oecc85
 #define OEMCrypto_SupportsDecryptHash         _oecc86
 #define OEMCrypto_InitializeDecryptHash       _oecc87
-#define OEMCrypto_SetDecryptHash              _oecc88
+#define OEMCrypto_SetDecryptHash_V18          _oecc88
 #define OEMCrypto_GetHashErrorCode            _oecc89
 #define OEMCrypto_BuildInformation_V16        _oecc90
 #define OEMCrypto_RefreshKeys                 _oecc91
@@ -715,6 +715,7 @@ typedef enum OEMCrypto_SignatureHashAlgorithm {
 #define OEMCrypto_EnterTestMode               _oecc140
 #define OEMCrypto_GetDeviceSignedCsrPayload   _oecc141
 #define OEMCrypto_FactoryInstallBCCSignature  _oecc142
+#define OEMCrypto_SetDecryptHash              _oecc143
 // clang-format on

 /// @addtogroup initcontrol
@@ -5243,8 +5244,7 @@ uint32_t OEMCrypto_SupportsDecryptHash(void);
 * output is not supported, then this will return
 * OEMCrypto_ERROR_NOT_IMPLEMENTED. If the hash is ill formed or there are
 * other error conditions, this returns OEMCrypto_ERROR_UNKNOWN_FAILURE. The
- * length of the hash will be at most 128 bytes, and will be 4 bytes (32
- * bits) for the default CRC32 hash.
+ * length of the hash will be 4 bytes (32 bits) for the default CRC32 hash.
 *
 * This may be called before the first call to OEMCrypto_GetKeyHandle. In that
 * case, this function cannot verify that the key control block allows hash
@@ -5265,8 +5265,7 @@ uint32_t OEMCrypto_SupportsDecryptHash(void);
 *
 * @param[in] session: session id for current decrypt operation
 * @param[in] frame_number: frame number for the recent DecryptCENC sample.
- * @param[in] hash: hash or CRC of previously decrypted frame.
- * @param[in] hash_length: length of hash, in bytes.
+ * @param[in] crc32: CRC of previously decrypted frame.
 *
 * @retval OEMCrypto_SUCCESS if the hash was set
 * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED function not implemented
@@ -5290,9 +5289,7 @@ uint32_t OEMCrypto_SupportsDecryptHash(void);
 *   This method is new in API version 15.
 */
 OEMCryptoResult OEMCrypto_SetDecryptHash(OEMCrypto_SESSION session,
-                                         uint32_t frame_number,
-                                         const uint8_t* hash,
-                                         size_t hash_length);
+                                         uint32_t frame_number, uint32_t crc32);

 /**
 * If the hash set in OEMCrypto_SetDecryptHash() did not match the computed
@@ -5531,6 +5528,17 @@ OEMCryptoResult OEMCrypto_ProcessOTAKeybox(OEMCrypto_SESSION session,
 * backwards compatibility.
 */

+/*
+ * OEMCrypto_SetDecryptHash
+ * @deprecated
+ *   Not required for the current version of OEMCrypto. Declared here to
+ *   help with backward compatibility.
+ */
+OEMCryptoResult OEMCrypto_SetDecryptHash_V18(OEMCrypto_SESSION session,
+                                             uint32_t frame_number,
+                                             const uint8_t* hash,
+                                             size_t hash_length);
+
 /*
 * OEMCrypto_GenerateSignature
 * @deprecated