From 574886067993930a74e932520a125b6e4f413d3c Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Fri, 20 Jan 2017 17:02:12 -0800 Subject: [PATCH] Rename oemcrypto's CryptoEngine configuration functions. Merge from Widevine repo of http://go/wvgerrit/22797 CryptoEngine has a number of functions that return constants that control the configuration of mock OEMCrypto. Give all the functions a common prefix (config_) so their intent is more clear. Change-Id: Idf9d3e9e8941fa0e793b0eb17a3f89bf634d9ed5 --- .../oemcrypto/mock/src/oem_cert.cpp | 2 +- .../oemcrypto_engine_device_properties.cpp | 28 +++++----- .../oemcrypto_engine_device_properties_L1.cpp | 26 ++++----- ...emcrypto_engine_device_properties_cert.cpp | 26 ++++----- ...crypto_engine_device_properties_prov30.cpp | 26 ++++----- .../mock/src/oemcrypto_engine_mock.cpp | 15 ++--- .../mock/src/oemcrypto_engine_mock.h | 22 ++++---- .../oemcrypto/mock/src/oemcrypto_mock.cpp | 56 ++++++++++--------- 8 files changed, 104 insertions(+), 97 deletions(-) diff --git a/libwvdrmengine/oemcrypto/mock/src/oem_cert.cpp b/libwvdrmengine/oemcrypto/mock/src/oem_cert.cpp index 8e111f82..e33d85ae 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oem_cert.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oem_cert.cpp @@ -32,7 +32,7 @@ const uint8_t kOEMPublicCert[] = "-----BEGIN CERTIFICATE-----\n" const size_t kOEMPublicCertSize = sizeof(kOEMPublicCert); -// TODO(fredgc): get the private key that goes with the certificat above. +// TODO(fredgc): get the private key that goes with the certificate above. const uint8_t kOEMPrivateKey[] = { 0x30, 0x82, 0x04, 0xbd, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties.cpp index 6f9c67db..b7e1ab64 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties.cpp @@ -6,40 +6,42 @@ namespace wvoec_mock { -// If local_display() returns true, we pretend we are using a built-in display, -// instead of HDMI or WiFi output. -bool CryptoEngine::local_display() { +// Configuration constants for CryptoEngine behavior + +// If config_local_display_only() returns true, we pretend we are using a +// built-in display, instead of HDMI or WiFi output. +bool CryptoEngine::config_local_display_only() { return false; } // A closed platform is permitted to use clear buffers. -bool CryptoEngine::closed_platform() { +bool CryptoEngine::config_closed_platform() { return false; } // Returns the HDCP version currently in use. -OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() { - return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; +OEMCrypto_HDCP_Capability CryptoEngine::config_current_hdcp_capability() { + return config_local_display_only() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; } // Returns the max HDCP version supported. -OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() { +OEMCrypto_HDCP_Capability CryptoEngine::config_maximum_hdcp_capability() { return HDCP_V2; } // Returns true if the client supports persistent storage of // offline usage table information. -bool CryptoEngine::supports_storage() { +bool CryptoEngine::config_supports_usage_table() { return true; } // Returns true if the client uses a keybox as the root of trust. -bool CryptoEngine::supports_keybox() { +bool CryptoEngine::config_supports_keybox() { return true; } // This version uses a keybox. -OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() { +OEMCrypto_ProvisioningMethod CryptoEngine::config_provisioning_method() { return OEMCrypto_Keybox; } @@ -51,19 +53,19 @@ OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session, // Returns false for mock library to indicate the client does not support // anti-rollback hardware. -bool CryptoEngine::is_anti_rollback_hw_present() { +bool CryptoEngine::config_is_anti_rollback_hw_present() { return false; } // Returns "L3" for a software only library. L1 is for hardware protected // data paths. -const char* CryptoEngine::security_level() { +const char* CryptoEngine::config_security_level() { return "L3"; } // This should start at 0, and be incremented only when a security patch has // been applied to the device that fixes a security bug. -uint8_t CryptoEngine::security_patch_level() { +uint8_t CryptoEngine::config_security_patch_level() { return 0; } diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_L1.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_L1.cpp index 5ffc068a..c6c99a3c 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_L1.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_L1.cpp @@ -8,40 +8,40 @@ namespace wvoec_mock { -// If local_display() returns true, we pretend we are using a built-in display, -// instead of HDMI or WiFi output. -bool CryptoEngine::local_display() { +// If config_local_display_only() returns true, we pretend we are using a +// built-in display, instead of HDMI or WiFi output. +bool CryptoEngine::config_local_display_only() { return true; } // A closed platform is permitted to use clear buffers. -bool CryptoEngine::closed_platform() { +bool CryptoEngine::config_closed_platform() { return false; } // Returns the HDCP version currently in use. -OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() { - return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; +OEMCrypto_HDCP_Capability CryptoEngine::config_current_hdcp_capability() { + return config_local_display_only() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; } // Returns the max HDCP version supported. -OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() { +OEMCrypto_HDCP_Capability CryptoEngine::config_maximum_hdcp_capability() { return HDCP_NO_DIGITAL_OUTPUT; } // Returns true if the client supports persistent storage of // offline usage table information. -bool CryptoEngine::supports_storage() { +bool CryptoEngine::config_supports_usage_table() { return true; } // Returns true if the client uses a keybox as the root of trust. -bool CryptoEngine::supports_keybox() { +bool CryptoEngine::config_supports_keybox() { return true; } // This version uses a keybox. -OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() { +OEMCrypto_ProvisioningMethod CryptoEngine::config_provisioning_method() { return OEMCrypto_Keybox; } @@ -52,19 +52,19 @@ OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session, } // Returns true to indicate the client does support anti-rollback hardware. -bool CryptoEngine::is_anti_rollback_hw_present() { +bool CryptoEngine::config_is_anti_rollback_hw_present() { return true; } // Returns "L3" for a software only library. L1 is for hardware protected // data paths. -const char* CryptoEngine::security_level() { +const char* CryptoEngine::config_security_level() { return "L1"; } // This should start at 0, and be incremented only when a security patch has // been applied to the device that fixes a security bug. -uint8_t CryptoEngine::security_patch_level() { +uint8_t CryptoEngine::config_security_patch_level() { return 3; } diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_cert.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_cert.cpp index 2a4dec2b..aed87e64 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_cert.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_cert.cpp @@ -9,40 +9,40 @@ namespace wvoec_mock { -// If local_display() returns true, we pretend we are using a built-in display, -// instead of HDMI or WiFi output. -bool CryptoEngine::local_display() { +// If config_local_display_only() returns true, we pretend we are using a +// built-in display, instead of HDMI or WiFi output. +bool CryptoEngine::config_local_display_only() { return true; } // A closed platform is permitted to use clear buffers. -bool CryptoEngine::closed_platform() { +bool CryptoEngine::config_closed_platform() { return false; } // Returns the HDCP version currently in use. -OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() { - return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; +OEMCrypto_HDCP_Capability CryptoEngine::config_current_hdcp_capability() { + return config_local_display_only() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; } // Returns the max HDCP version supported. -OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() { +OEMCrypto_HDCP_Capability CryptoEngine::config_maximum_hdcp_capability() { return HDCP_NO_DIGITAL_OUTPUT; } // Returns true if the client supports persistent storage of // offline usage table information. -bool CryptoEngine::supports_storage() { +bool CryptoEngine::config_supports_usage_table() { return false; } // Returns true if the client uses a keybox as the root of trust. -bool CryptoEngine::supports_keybox() { +bool CryptoEngine::config_supports_keybox() { return false; } // This version uses a baked in DRM certificate. -OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() { +OEMCrypto_ProvisioningMethod CryptoEngine::config_provisioning_method() { return OEMCrypto_DrmCertificate; } @@ -53,20 +53,20 @@ OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session, } // Returns true to indicate the client does support anti-rollback hardware. -bool CryptoEngine::is_anti_rollback_hw_present() { +bool CryptoEngine::config_is_anti_rollback_hw_present() { return false; } // Returns "L3" for a software only library. L1 is for hardware protected keys // and data paths. L2 is for hardware protected keys but no data path // protection. -const char* CryptoEngine::security_level() { +const char* CryptoEngine::config_security_level() { return "L2"; } // This should start at 0, and be incremented only when a security patch has // been applied to the device that fixes a security bug. -uint8_t CryptoEngine::security_patch_level() { +uint8_t CryptoEngine::config_security_patch_level() { return 0; } diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_prov30.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_prov30.cpp index 1d783f80..a55e316c 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_prov30.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_prov30.cpp @@ -14,40 +14,40 @@ namespace wvoec_mock { -// If local_display() returns true, we pretend we are using a built-in display, -// instead of HDMI or WiFi output. -bool CryptoEngine::local_display() { +// If config_local_display_only() returns true, we pretend we are using a +// built-in display, instead of HDMI or WiFi output. +bool CryptoEngine::config_local_display_only() { return true; } // A closed platform is permitted to use clear buffers. -bool CryptoEngine::closed_platform() { +bool CryptoEngine::config_closed_platform() { return false; } // Returns the HDCP version currently in use. -OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() { - return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; +OEMCrypto_HDCP_Capability CryptoEngine::config_current_hdcp_capability() { + return config_local_display_only() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; } // Returns the max HDCP version supported. -OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() { +OEMCrypto_HDCP_Capability CryptoEngine::config_maximum_hdcp_capability() { return HDCP_NO_DIGITAL_OUTPUT; } // Returns true if the client supports persistent storage of // offline usage table information. -bool CryptoEngine::supports_storage() { +bool CryptoEngine::config_supports_usage_table() { return false; } // Returns true if the client uses a keybox as the root of trust. -bool CryptoEngine::supports_keybox() { +bool CryptoEngine::config_supports_keybox() { return false; } // This version uses a keybox. -OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() { +OEMCrypto_ProvisioningMethod CryptoEngine::config_provisioning_method() { return OEMCrypto_OEMCertificate; } @@ -77,20 +77,20 @@ OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session, } // Returns true to indicate the client does support anti-rollback hardware. -bool CryptoEngine::is_anti_rollback_hw_present() { +bool CryptoEngine::config_is_anti_rollback_hw_present() { return false; } // Returns "L3" for a software only library. L1 is for hardware protected keys // and data paths. L2 is for hardware protected keys but no data path // protection. -const char* CryptoEngine::security_level() { +const char* CryptoEngine::config_security_level() { return "L2"; } // This should start at 0, and be incremented only when a security patch has // been applied to the device that fixes a security bug. -uint8_t CryptoEngine::security_patch_level() { +uint8_t CryptoEngine::config_security_patch_level() { return 0; } diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp index 0602ec07..545e6140 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp @@ -531,7 +531,7 @@ bool SessionContext::InstallKey(const KeyId& key_id, } if ((key_control_block.control_bits() & kControlRequireAntiRollbackHardware) && - !ce_->is_anti_rollback_hw_present()) { + !ce_->config_is_anti_rollback_hw_present()) { LOGE("Anti-rollback hardware is required but hardware not present."); return false; } @@ -773,7 +773,7 @@ OEMCryptoResult SessionContext::Generic_Decrypt(const uint8_t* in_buffer, return OEMCrypto_ERROR_UNKNOWN_FAILURE; } if (control.control_bits() & kControlDataPathSecure) { - if (!ce_->closed_platform()) { + if (!ce_->config_closed_platform()) { LOGE("[Generic_Decrypt(): control bit says secure path only."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } @@ -1085,7 +1085,8 @@ OEMCryptoResult SessionContext::DecryptCENC( } const KeyControlBlock& control = current_content_key()->control(); if (control.control_bits() & kControlDataPathSecure) { - if (!ce_->closed_platform() && buffer_type == OEMCrypto_BufferType_Clear) { + if (!ce_->config_closed_platform() && + buffer_type == OEMCrypto_BufferType_Clear) { LOGE("[DecryptCTR(): Secure key with insecure buffer]"); return OEMCrypto_ERROR_DECRYPT_FAILED; } @@ -1102,16 +1103,16 @@ OEMCryptoResult SessionContext::DecryptCENC( return OEMCrypto_ERROR_UNKNOWN_FAILURE; } } - if (!ce_->local_display()) { // Only look at HDCP if the display is not - // local. + if (!ce_->config_local_display_only()) { + // Only look at HDCP if the display is non-local. if (control.control_bits() & kControlHDCPRequired) { uint8_t required_hdcp = (control.control_bits() & kControlHDCPVersionMask) >> kControlHDCPVersionShift; // For reference implementation, we pretend we can handle the current // HDCP version. - if (required_hdcp > ce_->current_hdcp_capability() || - ce_->current_hdcp_capability() == 0) { + if (required_hdcp > ce_->config_current_hdcp_capability() || + ce_->config_current_hdcp_capability() == 0) { return OEMCrypto_ERROR_INSUFFICIENT_HDCP; } } diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h index 872f8b8a..8cee1b72 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h @@ -284,22 +284,24 @@ class CryptoEngine { return kMaxSupportedOEMCryptoSessions; } - OEMCrypto_HDCP_Capability current_hdcp_capability(); - OEMCrypto_HDCP_Capability maximum_hdcp_capability(); + // Configuration constants - controls behavior of this CryptoEngine + OEMCrypto_HDCP_Capability config_current_hdcp_capability(); + OEMCrypto_HDCP_Capability config_maximum_hdcp_capability(); UsageTable* usage_table() { return usage_table_; } wvcdm::FileSystem* file_system() { return file_system_; } - bool local_display(); - bool closed_platform(); - bool supports_storage(); - bool supports_keybox(); - OEMCrypto_ProvisioningMethod provisioning_method(); + + bool config_local_display_only(); + bool config_closed_platform(); + bool config_supports_usage_table(); + bool config_supports_keybox(); + OEMCrypto_ProvisioningMethod config_provisioning_method(); OEMCryptoResult get_oem_certificate(SessionContext* session, uint8_t* public_cert, size_t* public_cert_length); - bool is_anti_rollback_hw_present(); - const char* security_level(); - uint8_t security_patch_level(); + bool config_is_anti_rollback_hw_present(); + const char* config_security_level(); + uint8_t config_security_patch_level(); private: ActiveSessions sessions_; diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp index e60b744b..2fbddb66 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp @@ -149,7 +149,7 @@ OEMCryptoResult OEMCrypto_GenerateDerivedKeys(OEMCrypto_SESSION session, LOGE("OEMCrypto_GenerateDerivedKeys: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_keybox()) { + if (!crypto_engine->config_supports_keybox()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } if (!crypto_engine->ValidRootOfTrust()) { @@ -691,7 +691,7 @@ OEMCryptoResult OEMCrypto_WrapKeybox(const uint8_t* keybox, if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { LOGI("-- OEMCryptoResult OEMCrypto_WrapKeybox(const uint8_t *keybox,\n"); } - if (!crypto_engine->supports_keybox()) { + if (!crypto_engine->config_supports_keybox()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } if (!keybox || !wrappedKeybox || !wrappedKeyBoxLength @@ -714,7 +714,7 @@ OEMCryptoResult OEMCrypto_InstallKeybox(const uint8_t* keybox, LOGE("OEMCrypto_InstallKeybox: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_keybox()) { + if (!crypto_engine->config_supports_keybox()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } if (crypto_engine->InstallKeybox(keybox, keyBoxLength)) { @@ -732,7 +732,7 @@ OEMCryptoResult OEMCrypto_LoadTestKeybox() { LOGE("OEMCrypto_LoadTestKeybox: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_keybox()) { + if (!crypto_engine->config_supports_keybox()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } crypto_engine->UseTestKeybox(); @@ -748,7 +748,7 @@ OEMCryptoResult OEMCrypto_IsKeyboxValid(void) { LOGE("OEMCrypto_IsKeyboxValid: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_keybox()) { + if (!crypto_engine->config_supports_keybox()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } switch(crypto_engine->ValidateKeybox()) { @@ -769,7 +769,7 @@ OEMCrypto_ProvisioningMethod OEMCrypto_GetProvisioningMethod() { LOGE("OEMCrypto_GetProvisioningMethod: OEMCrypto Not Initialized."); return OEMCrypto_ProvisioningError; } - return crypto_engine->provisioning_method(); + return crypto_engine->config_provisioning_method(); } extern "C" @@ -784,10 +784,9 @@ OEMCryptoResult OEMCrypto_GetOEMPublicCertificate(OEMCrypto_SESSION session, LOGE("OEMCrypto_GetOEMPublicCertificate: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (crypto_engine->provisioning_method() != OEMCrypto_OEMCertificate) { + if (crypto_engine->config_provisioning_method() != OEMCrypto_OEMCertificate) { LOGE("OEMCrypto_GetOEMPublicCertificate: Provisioning method = %d.", - crypto_engine->provisioning_method() - ); + crypto_engine->config_provisioning_method()); return OEMCrypto_ERROR_NOT_IMPLEMENTED; } SessionContext* session_ctx = crypto_engine->FindSession(session); @@ -809,7 +808,7 @@ OEMCryptoResult OEMCrypto_GetDeviceID(uint8_t* deviceID, LOGE("OEMCrypto_GetDeviceID: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_keybox()) { + if (!crypto_engine->config_supports_keybox()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } // Devices that do not support a keybox should use some other method to @@ -845,7 +844,7 @@ OEMCryptoResult OEMCrypto_GetKeyData(uint8_t* keyData, LOGE("OEMCrypto_GetKeyData: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_keybox()) { + if (!crypto_engine->config_supports_keybox()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } size_t length = crypto_engine->DeviceRootTokenLength(); @@ -947,7 +946,8 @@ extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30( if(!session_ctx->InstallRSAEncryptedKey(encrypted_message_key, encrypted_message_key_length)) { - LOGE("OEMCrypto_RewrapDeviceRSAKey30: Error loading encrypted_message_key."); + LOGE("OEMCrypto_RewrapDeviceRSAKey30: " + "Error loading encrypted_message_key."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } @@ -959,7 +959,8 @@ extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30( } size_t padding = pkcs8_rsa_key[enc_rsa_key_length - 1]; if (padding > 16) { - LOGE("[OEMCrypto_RewrapDeviceRSAKey30(): Encrypted RSA has bad padding: %d]", + LOGE("[OEMCrypto_RewrapDeviceRSAKey30(): " + "Encrypted RSA has bad padding: %d]", padding); return OEMCrypto_ERROR_INVALID_RSA_KEY; } @@ -1043,7 +1044,7 @@ OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey(OEMCrypto_SESSION session, LOGE("OEMCrypto_RewrapDeviceRSAKey: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_keybox()) { + if (!crypto_engine->config_supports_keybox()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } if (wrapped_rsa_key_length == NULL) { @@ -1174,7 +1175,7 @@ OEMCryptoResult OEMCrypto_LoadDeviceRSAKey(OEMCrypto_SESSION session, LOGE("OEMCrypto_LoadDeviceRSAKey: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (crypto_engine->provisioning_method() == OEMCrypto_DrmCertificate) { + if (crypto_engine->config_provisioning_method() == OEMCrypto_DrmCertificate) { // If we are using a baked in cert, the "wrapped RSA key" should actually be // the magic value for baked-in certificates. if (wrapped_rsa_key_length != sizeof(kBakedInCertificateMagicBytes) || @@ -1384,7 +1385,7 @@ uint32_t OEMCrypto_APIVersion() { extern "C" uint8_t OEMCrypto_Security_Patch_Level() { - uint8_t security_patch_level = crypto_engine->security_patch_level(); + uint8_t security_patch_level = crypto_engine->config_security_patch_level(); if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { LOGI("-- uint8_t OEMCrypto_Security_Patch_Level(); // returns %d.\n", security_patch_level); @@ -1394,7 +1395,7 @@ uint8_t OEMCrypto_Security_Patch_Level() { extern "C" const char* OEMCrypto_SecurityLevel() { - const char* security_level = crypto_engine->security_level(); + const char* security_level = crypto_engine->config_security_level(); if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { LOGI("-- const char* OEMCrypto_SecurityLevel(); // returns %s.\n", security_level); } @@ -1415,14 +1416,14 @@ OEMCryptoResult OEMCrypto_GetHDCPCapability( } if (current == NULL) return OEMCrypto_ERROR_UNKNOWN_FAILURE; if (maximum == NULL) return OEMCrypto_ERROR_UNKNOWN_FAILURE; - *current = crypto_engine->current_hdcp_capability(); - *maximum = crypto_engine->maximum_hdcp_capability(); + *current = crypto_engine->config_current_hdcp_capability(); + *maximum = crypto_engine->config_maximum_hdcp_capability(); return OEMCrypto_SUCCESS; } extern "C" bool OEMCrypto_SupportsUsageTable() { - bool supports_usage = crypto_engine->supports_storage(); + bool supports_usage = crypto_engine->config_supports_usage_table(); if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { LOGI("-- bool OEMCrypto_SupportsUsageTable(); // returns %s.\n", (supports_usage ? "true" : "false")); @@ -1460,7 +1461,8 @@ OEMCryptoResult OEMCrypto_GetMaxNumberOfSessions(size_t* maximum) { extern "C" bool OEMCrypto_IsAntiRollbackHwPresent() { - bool anti_rollback_hw_present = crypto_engine->is_anti_rollback_hw_present(); + bool anti_rollback_hw_present = + crypto_engine->config_is_anti_rollback_hw_present(); if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { LOGI("-- bool OEMCrypto_IsAntiRollbackHwPresent(): %d\n", @@ -1651,7 +1653,7 @@ OEMCryptoResult OEMCrypto_UpdateUsageTable() { LOGE("OEMCrypto_UpdateUsageTable: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_storage()) { + if (!crypto_engine->config_supports_usage_table()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } return crypto_engine->usage_table()->UpdateTable(); @@ -1670,7 +1672,7 @@ OEMCryptoResult OEMCrypto_DeactivateUsageEntry(const uint8_t *pst, LOGE("OEMCrypto_DeactivateUsageEntry: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_storage()) { + if (!crypto_engine->config_supports_usage_table()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } std::vector pstv(pst, pst + pst_length); @@ -1693,7 +1695,7 @@ OEMCryptoResult OEMCrypto_ReportUsage(OEMCrypto_SESSION session, LOGE("OEMCrypto_ReportUsage: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_storage()) { + if (!crypto_engine->config_supports_usage_table()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } SessionContext* session_ctx = crypto_engine->FindSession(session); @@ -1739,7 +1741,7 @@ OEMCryptoResult OEMCrypto_DeleteUsageEntry(OEMCrypto_SESSION session, LOGE("OEMCrypto_DeleteUsageEntry: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_storage()) { + if (!crypto_engine->config_supports_usage_table()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } SessionContext* session_ctx = crypto_engine->FindSession(session); @@ -1782,7 +1784,7 @@ OEMCryptoResult OEMCrypto_ForceDeleteUsageEntry(const uint8_t* pst, LOGE("OEMCrypto_ForceDeleteUsageEntry: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_storage()) { + if (!crypto_engine->config_supports_usage_table()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } std::vector pstv(pst, pst + pst_length); @@ -1801,7 +1803,7 @@ OEMCryptoResult OEMCrypto_DeleteUsageTable() { LOGE("OEMCrypto_DeleteUsageTable: OEMCrypto Not Initialized."); return OEMCrypto_ERROR_UNKNOWN_FAILURE; } - if (!crypto_engine->supports_storage()) { + if (!crypto_engine->config_supports_usage_table()) { return OEMCrypto_ERROR_NOT_IMPLEMENTED; } crypto_engine->usage_table()->Clear();