Update OEMCrypto documents am: 15b1cd9cc9 am: 02443e2142 am: 045e637317 am: 12d6316b6f
Change-Id: I23804e7f976038607b90ee49348a6c66fb0cda69
This commit is contained in:
Fred Gylys-Colwell
committed by
Automerger Merge Worker
Automerger Merge Worker
commit
3924a00573
@@ -1036,8 +1036,8 @@ OEMCryptoResult OEMCrypto_PrepAndSignRenewalRequest(
|
||||
* in the document "Widevine Core Message Serialization", to prepare the core
|
||||
* message. If it returns an error, the error should be returned by OEMCrypto
|
||||
* to the CDM layer. If it returns OEMCrypto_SUCCESS, then OEMCrypto shall
|
||||
* sign compute the signature of the entire message. The entire message is
|
||||
* the buffer starting at message with length message_length.
|
||||
* compute the signature of the entire message. The entire message is the
|
||||
* buffer starting at message with length message_length.
|
||||
*
|
||||
* For a device that has a keybox, i.e. Provisioning 2.0, OEMCrypto will sign
|
||||
* the request with the session's derived client mac key from the previous
|
||||
@@ -1838,26 +1838,11 @@ OEMCryptoResult OEMCrypto_RefreshKeys(
|
||||
* the session.
|
||||
*
|
||||
* Verification:
|
||||
* The following checks should be performed. If any check fails, an error is
|
||||
* returned, and none of the keys are loaded.
|
||||
* 1. The signature of the message shall be computed using mac_key[server],
|
||||
* and the API shall verify the computed signature matches the signature
|
||||
* passed in. If not, return OEMCrypto_ERROR_SIGNATURE_FAILURE. The
|
||||
* signature verification shall use a constant-time algorithm (a
|
||||
* signature mismatch will always take the same time as a successful
|
||||
* comparison).
|
||||
* 2. The API shall verify that each substring in each KeyObject has zero
|
||||
* length or satisfies the range check described in the discussion of
|
||||
* OEMCrypto_LoadKeys. If not, return OEMCrypto_ERROR_INVALID_CONTEXT.
|
||||
* 3. Each key's control block shall have a valid verification field. If
|
||||
* not, return OEMCrypto_ERROR_INVALID_CONTEXT.
|
||||
* 4. If the key control block has the Nonce_Enabled bit set, the Nonce
|
||||
* field shall match one of the nonces in the cache. If not, return
|
||||
* OEMCrypto_ERROR_INVALID_NONCE. If there is a match, remove that nonce
|
||||
* from the cache. Note that all the key control blocks in a
|
||||
* particular call shall have the same nonce value.
|
||||
* 5. If a key ID is specified, and that key has not been loaded into this
|
||||
* session, return OEMCrypto_ERROR_NO_CONTENT_KEY.
|
||||
* The signature of the message shall be computed using mac_key[server], and
|
||||
* the API shall verify the computed signature matches the signature passed
|
||||
* in. If not, return OEMCrypto_ERROR_SIGNATURE_FAILURE. The signature
|
||||
* verification shall use a constant-time algorithm (a signature mismatch
|
||||
* will always take the same time as a successful comparison).
|
||||
*
|
||||
* Parameters:
|
||||
* [in] session: handle for the session to be used.
|
||||
@@ -1877,7 +1862,6 @@ OEMCryptoResult OEMCrypto_RefreshKeys(
|
||||
* OEMCrypto_ERROR_INSUFFICIENT_RESOURCES
|
||||
* OEMCrypto_ERROR_UNKNOWN_FAILURE
|
||||
* OEMCrypto_ERROR_BUFFER_TOO_LARGE
|
||||
* OEMCrypto_ERROR_NO_CONTENT_KEY
|
||||
* OEMCrypto_ERROR_SESSION_LOST_STATE
|
||||
* OEMCrypto_ERROR_SYSTEM_INVALIDATED
|
||||
* ODK_STALE_RENEWAL
|
||||
@@ -3186,8 +3170,8 @@ OEMCryptoResult OEMCrypto_GetOEMPublicCertificate(uint8_t* public_cert,
|
||||
* OEMCrypto_ERROR_SYSTEM_INVALIDATED
|
||||
*
|
||||
* Buffer Sizes:
|
||||
* OEMCrypto shall support dataLength sizes of at least 32 bytes for random
|
||||
* number generation.
|
||||
* OEMCrypto shall support random_data_length- sizes of at least 32 bytes
|
||||
* for random number generation.
|
||||
* OEMCrypto shall return OEMCrypto_ERROR_BUFFER_TOO_LARGE if the buffer is
|
||||
* larger than the supported size.
|
||||
*
|
||||
@@ -3784,8 +3768,8 @@ uint32_t OEMCrypto_GetAnalogOutputFlags(void);
|
||||
* should also support a higher frame rate. Platforms may enforce these
|
||||
* values. For example Android will enforce a frame rate via a GTS test.
|
||||
*
|
||||
* Note on units: We will use KiB to mean 1024 bytes and MiB to mean 1024 KiB,
|
||||
* as described at https://en.wikipedia.org/wiki/Kibibyte.
|
||||
* Note on units: We will use KiB to mean 1024 bytes and MiB to mean 1024
|
||||
* KiB, as described at https://en.wikipedia.org/wiki/Kibibyte.
|
||||
*
|
||||
* +--------------------------------+---------+----------+---------+---------+
|
||||
* |Resource Rating Tier |1 - Low |2 - Medium|3 - High |4 - Very |
|
||||
@@ -4301,7 +4285,7 @@ OEMCryptoResult OEMCrypto_CreateNewUsageEntry(OEMCrypto_SESSION session,
|
||||
* returned and the entry is not loaded.
|
||||
*
|
||||
* OEMCrypto shall call ODK_ReloadClockValues, as described in "License
|
||||
* Duration and Renweal" to set the session's clock values.
|
||||
* Duration and Renewal" to set the session's clock values.
|
||||
*
|
||||
* If the entry is already loaded into another open session, then this fails
|
||||
* and returns OEMCrypto_ERROR_INVALID_SESSION. If the session already has a
|
||||
|
||||
Reference in New Issue
Block a user