Merge OEMCrypto KDF and usage functions

Since KDF functions are only used right before specific functions, this merges them to simplify internal state within OEMCrypto. Fixes: 299527712 Change-Id: I426cfcdc102bd73cf65cd809b213da2474f44b34
2023-04-13 18:37:26 +00:00
parent b04fda2908
commit 488a4647db
21 changed files with 567 additions and 634 deletions
--- a/libwvdrmengine/cdm/core/include/certificate_provisioning.h
+++ b/libwvdrmengine/cdm/core/include/certificate_provisioning.h
@@ -125,6 +125,7 @@ class CertificateProvisioning {
  std::unique_ptr<CryptoSession> crypto_session_;
  CdmCertificateType cert_type_;
  std::unique_ptr<ServiceCertificate> service_certificate_;
+  std::string request_;
  // The wrapped private key in provisioning 4 generated by calling
  // GenerateCertificateKeyPair. It will be saved to file system if a valid
  // response is received.
--- a/libwvdrmengine/cdm/core/include/content_key_session.h
+++ b/libwvdrmengine/cdm/core/include/content_key_session.h
@@ -24,13 +24,6 @@ class ContentKeySession : public KeySession {

  KeySessionType Type() override { return kDefault; }

-  // Generate Derived Keys for ContentKeySession
-  OEMCryptoResult GenerateDerivedKeys(const std::string& message) override;
-
-  // Generate Derived Keys (from session key) for ContentKeySession
-  OEMCryptoResult GenerateDerivedKeys(const std::string& message,
-                                      const std::string& session_key) override;
-
  // Load Keys for ContentKeySession
  OEMCryptoResult LoadKeys(const std::string& message,
                           const std::string& signature,
--- a/libwvdrmengine/cdm/core/include/crypto_session.h
+++ b/libwvdrmengine/cdm/core/include/crypto_session.h
@@ -159,7 +159,9 @@ class CryptoSession {
      OEMCrypto_SignatureHashAlgorithm& algorithm);
  virtual CdmResponseType UseSecondaryKey(bool dual_key);
  // V16 licenses.
-  virtual CdmResponseType LoadLicense(const std::string& signed_message,
+  virtual CdmResponseType LoadLicense(const std::string& context,
+                                      const std::string& session_key,
+                                      const std::string& signed_message,
                                      const std::string& core_message,
                                      const std::string& signature,
                                      CdmLicenseKeyType key_type);
@@ -178,17 +180,19 @@ class CryptoSession {
      const std::vector<CryptoKey>& key_array);

  // Provisioning request/responses
-  virtual CdmResponseType GenerateDerivedKeys(const std::string& message);
-  virtual CdmResponseType GenerateDerivedKeys(const std::string& message,
-                                              const std::string& session_key);
  virtual CdmResponseType PrepareAndSignProvisioningRequest(
      const std::string& message, std::string* core_message,
      std::string* signature, bool& should_specify_algorithm,
      OEMCrypto_SignatureHashAlgorithm& algorithm);
-  virtual CdmResponseType LoadProvisioning(const std::string& signed_message,
+  virtual CdmResponseType LoadProvisioning(const std::string& request,
+                                           const std::string& signed_message,
                                           const std::string& core_message,
                                           const std::string& signature,
                                           std::string* wrapped_private_key);
+  virtual CdmResponseType LoadProvisioningCast(
+      const std::string& derivation_key, const std::string& request,
+      const std::string& signed_message, const std::string& core_message,
+      const std::string& signature, std::string* wrapped_private_key);
  virtual CdmResponseType LoadCertificatePrivateKey(
      const CryptoWrappedKey& private_key);
  virtual CdmResponseType GetBootCertificateChain(
--- a/libwvdrmengine/cdm/core/include/key_session.h
+++ b/libwvdrmengine/cdm/core/include/key_session.h
@@ -23,9 +23,6 @@ class KeySession {
  typedef enum { kDefault, kEntitlement } KeySessionType;
  virtual ~KeySession() {}
  virtual KeySessionType Type() = 0;
-  virtual OEMCryptoResult GenerateDerivedKeys(const std::string& message) = 0;
-  virtual OEMCryptoResult GenerateDerivedKeys(
-      const std::string& message, const std::string& session_key) = 0;
  virtual OEMCryptoResult LoadKeys(const std::string& message,
                                   const std::string& signature,
                                   const std::string& mac_key_iv,
--- a/libwvdrmengine/cdm/core/include/license.h
+++ b/libwvdrmengine/cdm/core/include/license.h
@@ -105,16 +105,18 @@ class CdmLicense {
      video_widevine::LicenseRequest* license_request);

  CdmResponseType HandleContentKeyResponse(
-      bool is_restore, const std::string& msg, const std::string& core_message,
-      const std::string& signature, const std::vector<CryptoKey>& key_array,
+      bool is_restore, const std::string& session_key, const std::string& msg,
+      const std::string& core_message, const std::string& signature,
+      const std::vector<CryptoKey>& key_array,
      const video_widevine::License& license);

  // HandleEntitlementKeyResponse loads the entitlement keys in |key_array| into
  // the crypto session. In addition, it also extracts content keys from
  // |wrapped_keys_| and loads them for use.
  CdmResponseType HandleEntitlementKeyResponse(
-      bool is_restore, const std::string& msg, const std::string& core_message,
-      const std::string& signature, const std::vector<CryptoKey>& key_array,
+      bool is_restore, const std::string& session_key, const std::string& msg,
+      const std::string& core_message, const std::string& signature,
+      const std::vector<CryptoKey>& key_array,
      const video_widevine::License& license);

  // Prepare to reload a key update message. Some special code is needed to work