widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Snap for 7825444 from 938bc7bbad to tm-release

Browse Source 
Change-Id: I39766cec2dc2aee8a3053043caaaaccd5dd07af0
This commit is contained in:
Android Build Coastguard Worker
2021-10-15 01:19:43 +00:00
parent ee62dceb8a 938bc7bbad
commit 32a6981f3b
14 changed files with 247 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
libwvdrmengine/cdm/core/include/cdm_engine.h
View File

@@ -303,6 +303,12 @@ class CdmEngine {
virtual size_t SessionSize() const { return session_map_.Size(); }
// This tells the OEMCrypto adapter to ignore the next |count| keyboxes and
// report that it needs provisioning instead.
static CdmResponseType SetDebugIgnoreKeyboxCount(uint32_t count) {
return CryptoSession::SetDebugIgnoreKeyboxCount(count);
}
static CdmResponseType ParseDecryptHashString(const std::string& hash_string,
CdmSessionId* id,
uint32_t* frame_number,

4
libwvdrmengine/cdm/core/include/crypto_session.h
View File

@@ -295,6 +295,10 @@ class CryptoSession {
bool needs_keybox_provisioning() const { return needs_keybox_provisioning_; }
// This tells the OEMCrypto adapter to ignore the next |count| keyboxes and
// report that it needs provisioning instead.
static CdmResponseType SetDebugIgnoreKeyboxCount(uint32_t count);
// Returns a system-wide singleton instance of SystemFallbackPolicy
// to be used for communicating OTA keybox provisioning state between
// apps. Returns a null pointer if OTA provisioning is not supported,

4
libwvdrmengine/cdm/core/include/oemcrypto_adapter.h
View File

@@ -15,6 +15,10 @@ namespace wvcdm {
OEMCryptoResult OEMCrypto_InitializeAndCheckKeybox(
bool* needs_keybox_provisioning);
// This tells the OEMCrypto adapter to ignore the next |count| keyboxes and
// report that it needs provisioning instead.
OEMCryptoResult OEMCrypto_SetDebugIgnoreKeyboxCount(uint32_t count);
// This attempts to open a session at the desired security level.
// If one level is not available, the other will be used instead.
OEMCryptoResult OEMCrypto_OpenSession(OEMCrypto_SESSION* session,

5
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -3031,6 +3031,11 @@ OEMCryptoResult CryptoSession::LegacyDecryptInChunks(
return sts;
}
CdmResponseType CryptoSession::SetDebugIgnoreKeyboxCount(uint32_t count) {
OEMCryptoResult status = OEMCrypto_SetDebugIgnoreKeyboxCount(count);
return MapOEMCryptoResult(status, UNKNOWN_ERROR, "SetDebugIgnoreKeyboxCount");
}
okp::SystemFallbackPolicy* CryptoSession::GetOkpFallbackPolicy() {
const auto getter = [&]() -> okp::SystemFallbackPolicy* {
// If not set, then OTA keybox provisioning is not supported or

96
libwvdrmengine/cdm/core/src/oemcrypto_adapter_dynamic.cpp
View File

@@ -25,6 +25,7 @@
#include <map>
#include <memory>
#include <mutex>
#include <sstream>
#include <string>
#include <thread>
@@ -626,6 +627,70 @@ class WatchDog {
uint32_t uid_;
};
// The DebugIgnoreKeyboxCount functions are related to testing the Keybox OTA
// Reprovisioning solution. If a positive counter is set, then the keybox will
// be ignored through that many initializations.
std::string GetIgnoreCountFile() {
std::string path;
if (!wvcdm::Properties::GetDeviceFilesBasePath(wvcdm::kSecurityLevelL1,
&path)) {
LOGW("DebugIgnoreKeyboxCount: Unable to get base path");
path = "/data/";
}
path += "debug_ignore_keybox_count.txt";
return path;
}
uint32_t GetDebugIgnoreKeyboxCount() {
const std::string filename = GetIgnoreCountFile();
wvcdm::FileSystem file_system;
if (!file_system.Exists(filename)) {
return 0;
}
auto file = file_system.Open(filename, file_system.kReadOnly);
if (!file) {
LOGE("Error opening %s", filename.c_str());
return 0;
}
ssize_t size = file_system.FileSize(filename);
std::string contents(size, ' ');
ssize_t size_read = file->Read(const_cast<char*>(contents.data()), size);
if (size != size_read) {
LOGE("Short ignore_debug_keybox_count = %zu", size_read);
return 0;
}
std::istringstream ss(contents);
uint32_t count = 0;
ss >> count;
if (ss.fail()) {
LOGE("Could not parse an integer from '%s'", contents.c_str());
count = 0;
}
LOGD("Using IgnoreDebugKeyboxCount = %u", count);
return count;
}
OEMCryptoResult SetDebugIgnoreKeyboxCount(uint32_t count) {
const std::string filename = GetIgnoreCountFile();
wvcdm::FileSystem file_system;
auto file =
file_system.Open(filename, file_system.kCreate | file_system.kTruncate);
if (!file) {
LOGE("Could not create file %s", filename.c_str());
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
const std::string contents = std::to_string(count);
ssize_t size = contents.size();
ssize_t size_written = file->Write(contents.data(), size);
if (size != size_written) {
LOGE("Wrote %zd bytes of %s, not %zd, to file %s", size_written,
contents.c_str(), size, filename.c_str());
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
}
LOGD("Wrote %u to %s", count, filename.c_str());
return OEMCrypto_SUCCESS;
}
struct LevelSession {
FunctionPointers* fcn;
OEMCrypto_SESSION session;
@@ -1218,7 +1283,12 @@ OEMCryptoResult OEMCrypto_InitializeAndCheckKeybox(
if (status != OEMCrypto_SUCCESS) return status;
const OEMCryptoResult keybox_status =
gAdapter->ValidateOrInstallKeyboxOrCert();
if (keybox_status == OEMCrypto_ERROR_NEEDS_KEYBOX_PROVISIONING) {
uint32_t ignore_count = GetDebugIgnoreKeyboxCount();
if (keybox_status == OEMCrypto_ERROR_NEEDS_KEYBOX_PROVISIONING ||
ignore_count > 0) {
if (ignore_count > 0) {
LOGD("Ignoring keybox status %d", static_cast<int>(keybox_status));
}
*needs_keybox_provisioning = true;
return OEMCrypto_SUCCESS;
}
@@ -1494,6 +1564,10 @@ OEMCryptoResult OEMCrypto_GetOEMPublicCertificate(uint8_t* public_cert,
}
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
OEMCryptoResult OEMCrypto_SetDebugIgnoreKeyboxCount(uint32_t count) {
return SetDebugIgnoreKeyboxCount(count);
}
} // namespace wvcdm
extern "C" OEMCryptoResult OEMCrypto_SetSandbox(const uint8_t* sandbox_id,
@@ -2818,5 +2892,23 @@ extern "C" OEMCryptoResult OEMCrypto_ProcessOTAKeybox(OEMCrypto_SESSION session,
const FunctionPointers* fcn = gAdapter->GetFunctionPointers(kLevelDefault);
if (!fcn) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
if (fcn->ProcessOTAKeybox == nullptr) return OEMCrypto_ERROR_NOT_IMPLEMENTED;
return fcn->ProcessOTAKeybox(session, buffer, buffer_length, use_test_key);
const OEMCryptoResult result =
fcn->ProcessOTAKeybox(session, buffer, buffer_length, use_test_key);
if (result == OEMCrypto_SUCCESS) {
// If the new keybox was installed, and we had been told to ignore a valid
// keybox, then we should now decrement the ignore counter.
int32_t ignore_count = GetDebugIgnoreKeyboxCount();
if (ignore_count > 0) {
ignore_count--;
const OEMCryptoResult save_result =
SetDebugIgnoreKeyboxCount(ignore_count);
if (save_result == OEMCrypto_SUCCESS) {
LOGD("Installed OTA keybox. Ignore count is now %u", ignore_count);
} else {
LOGE("Installed OTA keybox. save ignore count failed %d, count=%u",
static_cast<int>(save_result), ignore_count);
}
}
}
return result;
}

43
libwvdrmengine/cdm/core/test/keybox_ota_test.cpp
View File

@@ -82,6 +82,27 @@ TEST_F(CdmOtaKeyboxTest, BasicTest) {
FileSystem file_system;
TestCdmEngine cdm_engine(&file_system,
std::shared_ptr<EngineMetrics>(new EngineMetrics));
// Create a singleton crypto session to prevent OEMCrypto from being
// terminated. This is really only needed when running the test against the
// testbed OEMCrypto which does save its keybox across init/terminate.
metrics::CryptoMetrics crypto_metrics;
std::unique_ptr<CryptoSession> crypto_session(
CryptoSession::MakeCryptoSession(&crypto_metrics));
// Remove any existing certificate.
cdm_engine.Unprovision(kSecurityLevelL1);
std::string system_id;
CdmResponseType system_id_status =
cdm_engine.QueryStatus(kLevelDefault, QUERY_KEY_SYSTEM_ID, &system_id);
if (system_id_status == NO_ERROR) {
std::cout << " "
<< "System ID before test: " << system_id << "\n";
} else {
std::cout << " "
<< "Could not find system id before test. ";
PrintTo(system_id_status, &std::cout);
std::cout << "\n";
}
CdmSessionId session_id;
ConfigTestEnv config = WvCdmTestBase::default_config_;
@@ -97,6 +118,17 @@ TEST_F(CdmOtaKeyboxTest, BasicTest) {
}
std::cout << "First provisioning process.\n";
Provision(&cdm_engine);
system_id_status =
cdm_engine.QueryStatus(kLevelDefault, QUERY_KEY_SYSTEM_ID, &system_id);
if (system_id_status == NO_ERROR) {
std::cout << " "
<< "System ID after first provisioning: " << system_id << "\n";
} else {
std::cout << " "
<< "Could not find system id after first provisioning. ";
PrintTo(system_id_status, &std::cout);
std::cout << "\n";
}
// After the first provisioning pass, we try to open a session again. If the
// first provisioning was to install a keybox, this provisioning should be to
@@ -111,6 +143,17 @@ TEST_F(CdmOtaKeyboxTest, BasicTest) {
}
std::cout << "Second provisioning process.\n";
Provision(&cdm_engine);
system_id_status =
cdm_engine.QueryStatus(kLevelDefault, QUERY_KEY_SYSTEM_ID, &system_id);
if (system_id_status == NO_ERROR) {
std::cout << " "
<< "System ID after second provisioning: " << system_id << "\n";
} else {
std::cout << " "
<< "Could not find system id after second provisioning. ";
PrintTo(system_id_status, &std::cout);
std::cout << "\n";
}
// After the second provisioning pass, we should be able to open a session
// and continue.

10
libwvdrmengine/cdm/core/test/test_printers.cpp
View File

@@ -1213,6 +1213,16 @@ void PrintTo(const enum OEMCryptoResult& value, ::std::ostream* os) {
case ODK_STALE_RENEWAL:
*os << "STALE_RENEWAL";
break;
// OPK Values.
case OPK_ERROR_INCOMPATIBLE_VERSION:
*os << "INCOMPATIBLE_VERSION";
break;
case OPK_ERROR_REMOTE_CALL:
*os << "REMOTE_CALL";
break;
case OPK_ERROR_NO_PERSISTENT_DATA:
*os << "NO_PERSISTENT_DATA";
break;
}
}
namespace okp {

2
libwvdrmengine/cdm/include/wv_content_decryption_module.h
View File

@@ -159,6 +159,8 @@ class WvContentDecryptionModule : public android::RefBase, public TimerHandler {
// Closes the CdmEngine and sessions associated with the given CdmIdentifier.
virtual CdmResponseType CloseCdm(const CdmIdentifier& identifier);
virtual CdmResponseType SetDebugIgnoreKeyboxCount(uint32_t count);
virtual CdmResponseType SetDecryptHash(const std::string& hash_data,
CdmSessionId* session_id);
virtual CdmResponseType GetDecryptHashError(const CdmSessionId& session_id,

5
libwvdrmengine/cdm/src/wv_content_decryption_module.cpp
View File

@@ -500,6 +500,11 @@ CdmResponseType WvContentDecryptionModule::CloseCdm(
return NO_ERROR;
}
CdmResponseType WvContentDecryptionModule::SetDebugIgnoreKeyboxCount(
uint32_t count) {
return CdmEngine::SetDebugIgnoreKeyboxCount(count);
}
CdmResponseType WvContentDecryptionModule::SetDecryptHash(
const std::string& hash_data, CdmSessionId* id) {
if (id == nullptr) {

12
libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
View File

@@ -13,6 +13,7 @@
#include <endian.h>
#include <stdlib.h>
#include <string.h>
#include <sstream>
#include <string>
#include <vector>
@@ -667,6 +668,17 @@ status_t WVDrmPlugin::setPropertyString(const String8& name,
} else {
mCdmIdentifier.origin = value.string();
}
} else if (name == "debugIgnoreKeyboxCount") {
std::istringstream ss(value.string());
uint32_t count = 0;
ss >> count;
if (ss.fail()) {
ALOGE("Could not parse an integer from '%s'", value.string());
count = 0;
return android::BAD_VALUE;
}
CdmResponseType res = mCDM->SetDebugIgnoreKeyboxCount(count);
return mapCdmResponseType(res);
} else if (name == "decryptHash") {
CdmSessionId sessionId;
CdmResponseType res =

12
libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
View File

@@ -12,6 +12,7 @@
#include <cstring>
#include <list>
#include <stdlib.h>
#include <sstream>
#include <string>
#include "WVDrmPlugin.h"
@@ -1431,6 +1432,17 @@ Return<Status> WVDrmPlugin::setPropertyString(const hidl_string& propertyName,
return Status::BAD_VALUE;
}
}
} else if (name == "debugIgnoreKeyboxCount") {
std::istringstream ss(_value);
uint32_t count = 0;
ss >> count;
if (ss.fail()) {
ALOGE("Could not parse an integer from '%s'", _value.c_str());
count = 0;
return Status::BAD_VALUE;
}
CdmResponseType res = mCDM->SetDebugIgnoreKeyboxCount(count);
return mapCdmResponseType(res);
} else if (name == "decryptHash") {
wvcdm::CdmSessionId sessionId;
CdmResponseType res =

50
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -57,7 +57,7 @@
* a root of trust to secure content on a device that uses Provisioning
* 3.0. Factory Provisioning a device is related to manufacturing methods. This
* section describes the API that installs the Widevine Keybox and the
* recommended methods for the OEMs factory provisioning procedure.
* recommended methods for the OEM's factory provisioning procedure.
*
* Starting with API version 10, devices should have two keyboxes. One is the
* production keybox which may be installed in the factory, or using
@@ -69,7 +69,7 @@
* OEMCrypto_Terminate has been called, the production keybox should be active
* again.
*
* API functions marked as optional may be used by the OEMs factory
* API functions marked as optional may be used by the OEM's factory
* provisioning procedure and implemented in the library, but are not called
* from the Widevine DRM Plugin during normal operation.
*
@@ -90,7 +90,7 @@
* functions in this section are for devices that are provisioned with an OEM
* Certificate, i.e. Provisioning 3.0.
*
* API functions marked as optional may be used by the OEMs factory
* API functions marked as optional may be used by the OEM's factory
* provisioning procedure and implemented in the library, but are not called
* from the Widevine DRM Plugin during normal operation.
*
@@ -624,10 +624,17 @@ typedef enum OEMCrypto_ProvisioningMethod {
#define OEMCrypto_MinorAPIVersion _oecc108
#define OEMCrypto_AllocateSecureBuffer _oecc109
#define OEMCrypto_FreeSecureBuffer _oecc110
// Reserved 111-112
#define OEMCrypto_CreateEntitledKeySession _oecc111
#define OEMCrypto_RemoveEntitledKeySession _oecc112
#define OEMCrypto_GenerateOTARequest _oecc113
#define OEMCrypto_ProcessOTAKeybox _oecc114
// Reserved 115-121
#define OEMCrypto_OPK_SerializationVersion _oecc115
#define OEMCrypto_GetBootCertificateChain _oecc116
#define OEMCrypto_GenerateCertificateKeyPair _oecc117
#define OEMCrypto_InstallOemPrivateKey _oecc118
#define OEMCrypto_ReassociateEntitledKeySession _oecc119
#define OEMCrypto_LoadCasECMKeys _oecc120
#define OEMCrypto_LoadEntitledContentKeys_v17 _oecc121 // place holder for v17.
// clang-format on
/// @addtogroup initcontrol
@@ -4728,6 +4735,39 @@ OEMCryptoResult OEMCrypto_FreeSecureBuffer(
/// @}
/*
* OEMCrypto_OPK_SerializationVersion
* Check the serialization protocol version used by the OEMCrypto Porting Kit
* (OPK). If the OPK is not used, this function must return
* OEMCrypto_ERROR_NOT_IMPLEMENTED. The serialization version is expressed as
* |major.minor|, where |major| and |minor| are integers. The TEE and REE
* serialization versions must match in order for OEMCrypto to communicate
* with the TEE. If the serialization versions do not match, calls to other
* OEMCrypto functions will return OPK_ERROR_INCOMPATIBLE_VERSION. A match is
* achieved if the |major| fields of the TEE and REE versions are the
* same. Differences in only the |minor| fields indicates that the protocols
* are different but are still compatible.
*
* @param[in,out] ree_major: pointer to memory to receive the REE's |major|
* version. On input, *ree_major may be zero to request the serialization
* version of the REE. If *ree_major is non-zero, this function will test the
* TEE's compatibility using the specified REE major version.
* @param[in,out] ree_minor: pointer to memory to receive the REE's |minor|
* version. On input, *ree_minor may be zero to request the serialization
* version of the REE. If *ree_minor is non-zero, this function will test the
* TEE's compatibility using the specified REE minor version.
* @param[out] tee_major: pointer to memory to receive the TEE's |major| version
* @param[out] tee_minor: pointer to memory to receive the TEE's |minor| version
*
* @retval OEMCrypto_SUCCESS success
* @retval OPK_ERROR_INCOMPATIBLE_VERSION
* @retval OEMCrypto_ERROR_NOT_IMPLEMENTED
*/
OEMCryptoResult OEMCrypto_OPK_SerializationVersion(uint32_t* ree_major,
uint32_t* ree_minor,
uint32_t* tee_major,
uint32_t* tee_minor);
/****************************************************************************/
/****************************************************************************/
/* The following functions are optional. They are only used if the device

5
libwvdrmengine/oemcrypto/odk/include/OEMCryptoCENCCommon.h
View File

@@ -97,6 +97,11 @@ typedef enum OEMCryptoResult {
ODK_TIMER_EXPIRED = ODK_ERROR_BASE + 3,
ODK_UNSUPPORTED_API = ODK_ERROR_BASE + 4,
ODK_STALE_RENEWAL = ODK_ERROR_BASE + 5,
/* OPK return values */
OPK_ERROR_BASE = 2000,
OPK_ERROR_REMOTE_CALL = OPK_ERROR_BASE,
OPK_ERROR_INCOMPATIBLE_VERSION = OPK_ERROR_BASE + 1,
OPK_ERROR_NO_PERSISTENT_DATA = OPK_ERROR_BASE + 2,
} OEMCryptoResult;
/* clang-format on */

5
libwvdrmengine/oemcrypto/odk/test/odk_test_helper.cpp
View File

@@ -482,11 +482,6 @@ void ODK_BuildMessageBuffer(ODK_CoreMessage* core_message,
{ODK_UINT32, &(core_message->nonce_values.session_id), "session_id"},
};
uint32_t header_size = 0;
for (auto& field : total_fields) {
header_size += ODK_FieldLength(field.type);
}
total_fields.insert(total_fields.end(), extra_fields.begin(),
extra_fields.end());
for (auto& field : total_fields) {