Added an OTA keybox provisioner.

[ Merge of http://go/wvgerrit/133729 ] The OtaKeyboxProvisioner is a system-wide provisioner for sharing the provisioning workflow between CDM engines. Bug: 189232882 Test: GtsMediaTestCases Change-Id: I873af3087cc05e1831bdd1d2c14fb002b73e6902 Added keybox provisioning proto fields. [ Merge of http://go/wvgerrit/133730 and http://go/ag/15113032 ] This CL copies over the required license_protocol.proto changes that are required for OTA keybox provisioning. These fields are defined in the server-side certificate_provisioning.proto, defined in http://cl/377533774. Note, changes are slightly different from server proto due to the RVC version of license_protocol.proto being out of date with SC and newer changes. Bug: 189232882 Test: run_x86_64_tests Change-Id: I55fcf6a7ac2ba4b6026b9acc63e822ff33c431d9 Added OTA keybox provisioning device files. [ Merge of http://go/wvgerrit/133743 and http://go/ag/15421141 ] This change adds a new set of proto messages/fields the CDM's device files for recording device and engine information around OTA keybox provisioning (OKP). To make cleanup and thread protection possible, there is a single file which will contain all the information for the device as a whole and each CDM engine tied to an app/origin. Bug: 189232882 Test: Linux unit tests Change-Id: Iaf80cd6342f32657e04416750d9b278d935821a5 Client ID for OKP requests. [ Merge of http://go/wvgerrit/133744 and http://go/ag/15645331 ] Extended the CDM ClientIdentification class to support a subset of client info used for OKP requests. Bug: 189232882 Test: Android unit tests Merged-In: I6aafb4f2164efe69bc733ece0a912f0e91893b91 Change-Id: I6aafb4f2164efe69bc733ece0a912f0e91893b91
2021-09-15 02:56:19 -07:00
parent 44ba42f5cc
commit 52bd1d206e
13 changed files with 586 additions and 30 deletions
--- a/libwvdrmengine/cdm/core/include/crypto_session.h
+++ b/libwvdrmengine/cdm/core/include/crypto_session.h
@@ -26,6 +26,7 @@ namespace wvcdm {

 class CryptoKey;
 class CryptoSessionFactory;
+class OtaKeyboxProvisioner;
 class UsageTableHeader;

 using CryptoKeyMap = std::map<std::string, CryptoKey*>;
@@ -41,6 +42,7 @@ OEMCrypto_Substring GetSubstring(const std::string& message = "",
                                 bool set_zero = false);
 OEMCryptoCipherMode ToOEMCryptoCipherMode(CdmCipherMode cipher_mode);

+
 class CryptoSession {
 public:
  using HdcpCapability = OEMCrypto_HDCP_Capability;
@@ -288,7 +290,14 @@ class CryptoSession {
      SecurityLevel requested_security_level, CdmClientTokenType* token_type);

  // OTA Provisioning
-  // TODO(sigquit): include rest of http://go/wvgerrit/126004
+
+  bool needs_keybox_provisioning() const { return needs_keybox_provisioning_; }
+
+  // Returns a system-wide singleton instance of OtaKeyboxProvisioner
+  // to be used for OTA provisioning requests/responses across apps.
+  // Returns a null pointer if OTA provisioning is NOT supported, or
+  // if the device has already been provisioned.
+  virtual OtaKeyboxProvisioner* GetOtaKeyboxProvisioner();

  // Generates an OTA provisioning request.
  // This should only be called by an instance of OtaKeyboxProvisioner.
@@ -504,6 +513,11 @@ class CryptoSession {
  static std::mutex factory_mutex_;
  static std::unique_ptr<CryptoSessionFactory> factory_;

+  // A singleton instance of OtaKeyboxProvisioner.  Only one will
+  // be created for the system if OTA keybox provisioning is both
+  // required and supported by L1.
+  static std::unique_ptr<OtaKeyboxProvisioner> ota_keybox_provisioner_l1_;
+
  CORE_DISALLOW_COPY_AND_ASSIGN(CryptoSession);
 };  // class CryptoSession