widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add recoverable errors

Browse Source 
[ Merge of http://go/wvgerrit/71326 ]

Nonce flood, frame size, session and system invalidation errors
will now bubble up to the app. OEMCrypto v15 returns
OEMCrypto_ERROR_BUFFER_TOO_LARGE, OEMCrypto_ERROR_SESSION_LOST_STATE,
OEMCrypto_ERROR_SYSTEM_INVALIDATED and a variety of nonce errors.
These will be reported to HIDL as OUTPUT_TOO_LARGE_ERROR,
ERROR_DRM_SESSION_LOST_STATE, ERROR_DRM_INVALID_STATE and
ERROR_DRM_RESOURCE_CONTENTION.

Bug: 120572706
Test: Unit/Integration tests
Change-Id: Ida177300046327ce81592a273028ef6c3a0d9fd9
This commit is contained in:
Rahul Frias
2019-01-30 02:15:52 -08:00
parent 54104c7a22
commit 272e60db27
27 changed files with 977 additions and 648 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
libwvdrmengine/cdm/core/include/crypto_session.h
View File

@@ -63,7 +63,7 @@ class CryptoSession {
virtual ~CryptoSession();
virtual bool GetProvisioningToken(std::string* client_token);
virtual CdmResponseType GetProvisioningToken(std::string* client_token);
virtual CdmClientTokenType GetPreProvisionTokenType() {
return pre_provision_token_type_;
}
@@ -75,10 +75,10 @@ class CryptoSession {
virtual bool GetApiVersion(uint32_t* version);
virtual bool GetApiVersion(SecurityLevel requested_level, uint32_t* version);
virtual bool GetInternalDeviceUniqueId(std::string* device_id);
virtual bool GetExternalDeviceUniqueId(std::string* device_id);
virtual CdmResponseType GetInternalDeviceUniqueId(std::string* device_id);
virtual CdmResponseType GetExternalDeviceUniqueId(std::string* device_id);
virtual bool GetSystemId(uint32_t* system_id);
virtual bool GetProvisioningId(std::string* provisioning_id);
virtual CdmResponseType GetProvisioningId(std::string* provisioning_id);
virtual uint8_t GetSecurityPatchLevel();
virtual CdmResponseType Open() { return Open(kLevelDefault); }
@@ -90,10 +90,11 @@ class CryptoSession {
// Key request/response
virtual const std::string& request_id() { return request_id_; }
virtual bool PrepareRequest(const std::string& key_deriv_message,
bool is_provisioning, std::string* signature);
virtual bool PrepareRenewalRequest(const std::string& message,
std::string* signature);
virtual CdmResponseType PrepareRequest(const std::string& key_deriv_message,
bool is_provisioning,
std::string* signature);
virtual CdmResponseType PrepareRenewalRequest(const std::string& message,
std::string* signature);
virtual CdmResponseType LoadKeys(
const std::string& message, const std::string& signature,
const std::string& mac_key_iv, const std::string& mac_key,
@@ -103,21 +104,23 @@ class CryptoSession {
CdmLicenseKeyType key_type);
virtual CdmResponseType LoadEntitledContentKeys(
const std::vector<CryptoKey>& key_array);
virtual bool LoadCertificatePrivateKey(std::string& wrapped_key);
virtual bool RefreshKeys(const std::string& message,
const std::string& signature, int num_keys,
const CryptoKey* key_array);
virtual bool GenerateNonce(uint32_t* nonce);
virtual bool GenerateDerivedKeys(const std::string& message);
virtual bool GenerateDerivedKeys(const std::string& message,
const std::string& session_key);
virtual bool RewrapCertificate(const std::string& signed_message,
const std::string& signature,
const std::string& nonce,
const std::string& private_key,
const std::string& iv,
const std::string& wrapping_key,
std::string* wrapped_private_key);
virtual CdmResponseType LoadCertificatePrivateKey(std::string& wrapped_key);
virtual CdmResponseType RefreshKeys(const std::string& message,
const std::string& signature,
int num_keys,
const CryptoKey* key_array);
virtual CdmResponseType GenerateNonce(uint32_t* nonce);
virtual CdmResponseType GenerateDerivedKeys(const std::string& message);
virtual CdmResponseType GenerateDerivedKeys(const std::string& message,
const std::string& session_key);
virtual CdmResponseType RewrapCertificate(
const std::string& signed_message,
const std::string& signature,
const std::string& nonce,
const std::string& private_key,
const std::string& iv,
const std::string& wrapping_key,
std::string* wrapped_private_key);
// Media data path
virtual CdmResponseType Decrypt(const CdmDecryptionParameters& params);
@@ -151,25 +154,25 @@ class CryptoSession {
// The overloaded methods with |security_level| may be called without a
// preceding call to Open. The other methods must call Open first.
virtual bool GetHdcpCapabilities(HdcpCapability* current,
HdcpCapability* max);
virtual bool GetHdcpCapabilities(SecurityLevel security_level,
HdcpCapability* current,
HdcpCapability* max);
virtual CdmResponseType GetHdcpCapabilities(HdcpCapability* current,
HdcpCapability* max);
virtual CdmResponseType GetHdcpCapabilities(SecurityLevel security_level,
HdcpCapability* current,
HdcpCapability* max);
virtual bool GetResourceRatingTier(uint32_t* tier);
virtual bool GetResourceRatingTier(SecurityLevel security_level,
uint32_t* tier);
virtual bool GetSupportedCertificateTypes(SupportedCertificateTypes* support);
virtual bool GetRandom(size_t data_length, uint8_t* random_data);
virtual bool GetNumberOfOpenSessions(SecurityLevel security_level,
size_t* count);
virtual bool GetMaxNumberOfSessions(SecurityLevel security_level,
size_t* max);
virtual CdmResponseType GetRandom(size_t data_length, uint8_t* random_data);
virtual CdmResponseType GetNumberOfOpenSessions(SecurityLevel security_level,
size_t* count);
virtual CdmResponseType GetMaxNumberOfSessions(SecurityLevel security_level,
size_t* max);
virtual bool GetSrmVersion(uint16_t* srm_version);
virtual CdmResponseType GetSrmVersion(uint16_t* srm_version);
virtual bool IsSrmUpdateSupported();
virtual bool LoadSrm(const std::string& srm);
virtual CdmResponseType LoadSrm(const std::string& srm);
virtual bool GetBuildInformation(SecurityLevel security_level,
std::string* info);
@@ -259,29 +262,31 @@ class CryptoSession {
void Init();
void Terminate();
bool GetTokenFromKeybox(std::string* token);
bool GetTokenFromOemCert(std::string* token);
CdmResponseType GetTokenFromKeybox(std::string* token);
CdmResponseType GetTokenFromOemCert(std::string* token);
static bool ExtractSystemIdFromOemCert(const std::string& oem_cert,
uint32_t* system_id);
bool GetSystemIdInternal(uint32_t* system_id);
bool GenerateSignature(const std::string& message, std::string* signature);
bool GenerateRsaSignature(const std::string& message, std::string* signature);
CdmResponseType GetSystemIdInternal(uint32_t* system_id);
CdmResponseType GenerateSignature(
const std::string& message, std::string* signature);
CdmResponseType GenerateRsaSignature(const std::string& message,
std::string* signature);
bool SetDestinationBufferType();
bool RewrapDeviceRSAKey(const std::string& message,
const std::string& signature,
const std::string& nonce,
const std::string& enc_rsa_key,
const std::string& rsa_key_iv,
std::string* wrapped_rsa_key);
CdmResponseType RewrapDeviceRSAKey(const std::string& message,
const std::string& signature,
const std::string& nonce,
const std::string& enc_rsa_key,
const std::string& rsa_key_iv,
std::string* wrapped_rsa_key);
bool RewrapDeviceRSAKey30(const std::string& message,
const std::string& nonce,
const std::string& private_key,
const std::string& iv,
const std::string& wrapping_key,
std::string* wrapped_private_key);
CdmResponseType RewrapDeviceRSAKey30(const std::string& message,
const std::string& nonce,
const std::string& private_key,
const std::string& iv,
const std::string& wrapping_key,
std::string* wrapped_private_key);
CdmResponseType SelectKey(const std::string& key_id,
CdmCipherMode cipher_mode);