widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename oemcrypto's CryptoEngine configuration functions.

Browse Source 
Merge from Widevine repo of http://go/wvgerrit/22797

CryptoEngine has a number of functions that return constants that
control the configuration of mock OEMCrypto.  Give all the functions
a common prefix (config_) so their intent is more clear.

Change-Id: Idf9d3e9e8941fa0e793b0eb17a3f89bf634d9ed5
This commit is contained in:
Fred Gylys-Colwell
2017-01-20 17:02:12 -08:00
parent 3164194908
commit 5748860679
8 changed files with 104 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libwvdrmengine/oemcrypto/mock/src/oem_cert.cpp
View File

@@ -32,7 +32,7 @@ const uint8_t kOEMPublicCert[] = "-----BEGIN CERTIFICATE-----\n"
const size_t kOEMPublicCertSize = sizeof(kOEMPublicCert); const size_t kOEMPublicCertSize = sizeof(kOEMPublicCert);
// TODO(fredgc): get the private key that goes with the certificat above. // TODO(fredgc): get the private key that goes with the certificate above.
const uint8_t kOEMPrivateKey[] = { const uint8_t kOEMPrivateKey[] = {
0x30, 0x82, 0x04, 0xbd, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x30, 0x82, 0x04, 0xbd, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,

28
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties.cpp
View File

@@ -6,40 +6,42 @@
namespace wvoec_mock { namespace wvoec_mock {
// If local_display() returns true, we pretend we are using a built-in display, // Configuration constants for CryptoEngine behavior
// instead of HDMI or WiFi output.
bool CryptoEngine::local_display() { // If config_local_display_only() returns true, we pretend we are using a
// built-in display, instead of HDMI or WiFi output.
bool CryptoEngine::config_local_display_only() {
return false; return false;
} }
// A closed platform is permitted to use clear buffers. // A closed platform is permitted to use clear buffers.
bool CryptoEngine::closed_platform() { bool CryptoEngine::config_closed_platform() {
return false; return false;
} }
// Returns the HDCP version currently in use. // Returns the HDCP version currently in use.
OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() { OEMCrypto_HDCP_Capability CryptoEngine::config_current_hdcp_capability() {
return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; return config_local_display_only() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1;
} }
// Returns the max HDCP version supported. // Returns the max HDCP version supported.
OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() { OEMCrypto_HDCP_Capability CryptoEngine::config_maximum_hdcp_capability() {
return HDCP_V2; return HDCP_V2;
} }
// Returns true if the client supports persistent storage of // Returns true if the client supports persistent storage of
// offline usage table information. // offline usage table information.
bool CryptoEngine::supports_storage() { bool CryptoEngine::config_supports_usage_table() {
return true; return true;
} }
// Returns true if the client uses a keybox as the root of trust. // Returns true if the client uses a keybox as the root of trust.
bool CryptoEngine::supports_keybox() { bool CryptoEngine::config_supports_keybox() {
return true; return true;
} }
// This version uses a keybox. // This version uses a keybox.
OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() { OEMCrypto_ProvisioningMethod CryptoEngine::config_provisioning_method() {
return OEMCrypto_Keybox; return OEMCrypto_Keybox;
} }
@@ -51,19 +53,19 @@ OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session,
// Returns false for mock library to indicate the client does not support // Returns false for mock library to indicate the client does not support
// anti-rollback hardware. // anti-rollback hardware.
bool CryptoEngine::is_anti_rollback_hw_present() { bool CryptoEngine::config_is_anti_rollback_hw_present() {
return false; return false;
} }
// Returns "L3" for a software only library. L1 is for hardware protected // Returns "L3" for a software only library. L1 is for hardware protected
// data paths. // data paths.
const char* CryptoEngine::security_level() { const char* CryptoEngine::config_security_level() {
return "L3"; return "L3";
} }
// This should start at 0, and be incremented only when a security patch has // This should start at 0, and be incremented only when a security patch has
// been applied to the device that fixes a security bug. // been applied to the device that fixes a security bug.
uint8_t CryptoEngine::security_patch_level() { uint8_t CryptoEngine::config_security_patch_level() {
return 0; return 0;
} }

26
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_L1.cpp
View File

@@ -8,40 +8,40 @@
namespace wvoec_mock { namespace wvoec_mock {
// If local_display() returns true, we pretend we are using a built-in display, // If config_local_display_only() returns true, we pretend we are using a
// instead of HDMI or WiFi output. // built-in display, instead of HDMI or WiFi output.
bool CryptoEngine::local_display() { bool CryptoEngine::config_local_display_only() {
return true; return true;
} }
// A closed platform is permitted to use clear buffers. // A closed platform is permitted to use clear buffers.
bool CryptoEngine::closed_platform() { bool CryptoEngine::config_closed_platform() {
return false; return false;
} }
// Returns the HDCP version currently in use. // Returns the HDCP version currently in use.
OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() { OEMCrypto_HDCP_Capability CryptoEngine::config_current_hdcp_capability() {
return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; return config_local_display_only() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1;
} }
// Returns the max HDCP version supported. // Returns the max HDCP version supported.
OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() { OEMCrypto_HDCP_Capability CryptoEngine::config_maximum_hdcp_capability() {
return HDCP_NO_DIGITAL_OUTPUT; return HDCP_NO_DIGITAL_OUTPUT;
} }
// Returns true if the client supports persistent storage of // Returns true if the client supports persistent storage of
// offline usage table information. // offline usage table information.
bool CryptoEngine::supports_storage() { bool CryptoEngine::config_supports_usage_table() {
return true; return true;
} }
// Returns true if the client uses a keybox as the root of trust. // Returns true if the client uses a keybox as the root of trust.
bool CryptoEngine::supports_keybox() { bool CryptoEngine::config_supports_keybox() {
return true; return true;
} }
// This version uses a keybox. // This version uses a keybox.
OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() { OEMCrypto_ProvisioningMethod CryptoEngine::config_provisioning_method() {
return OEMCrypto_Keybox; return OEMCrypto_Keybox;
} }
@@ -52,19 +52,19 @@ OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session,
} }
// Returns true to indicate the client does support anti-rollback hardware. // Returns true to indicate the client does support anti-rollback hardware.
bool CryptoEngine::is_anti_rollback_hw_present() { bool CryptoEngine::config_is_anti_rollback_hw_present() {
return true; return true;
} }
// Returns "L3" for a software only library. L1 is for hardware protected // Returns "L3" for a software only library. L1 is for hardware protected
// data paths. // data paths.
const char* CryptoEngine::security_level() { const char* CryptoEngine::config_security_level() {
return "L1"; return "L1";
} }
// This should start at 0, and be incremented only when a security patch has // This should start at 0, and be incremented only when a security patch has
// been applied to the device that fixes a security bug. // been applied to the device that fixes a security bug.
uint8_t CryptoEngine::security_patch_level() { uint8_t CryptoEngine::config_security_patch_level() {
return 3; return 3;
} }

26
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_cert.cpp
View File

@@ -9,40 +9,40 @@
namespace wvoec_mock { namespace wvoec_mock {
// If local_display() returns true, we pretend we are using a built-in display, // If config_local_display_only() returns true, we pretend we are using a
// instead of HDMI or WiFi output. // built-in display, instead of HDMI or WiFi output.
bool CryptoEngine::local_display() { bool CryptoEngine::config_local_display_only() {
return true; return true;
} }
// A closed platform is permitted to use clear buffers. // A closed platform is permitted to use clear buffers.
bool CryptoEngine::closed_platform() { bool CryptoEngine::config_closed_platform() {
return false; return false;
} }
// Returns the HDCP version currently in use. // Returns the HDCP version currently in use.
OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() { OEMCrypto_HDCP_Capability CryptoEngine::config_current_hdcp_capability() {
return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; return config_local_display_only() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1;
} }
// Returns the max HDCP version supported. // Returns the max HDCP version supported.
OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() { OEMCrypto_HDCP_Capability CryptoEngine::config_maximum_hdcp_capability() {
return HDCP_NO_DIGITAL_OUTPUT; return HDCP_NO_DIGITAL_OUTPUT;
} }
// Returns true if the client supports persistent storage of // Returns true if the client supports persistent storage of
// offline usage table information. // offline usage table information.
bool CryptoEngine::supports_storage() { bool CryptoEngine::config_supports_usage_table() {
return false; return false;
} }
// Returns true if the client uses a keybox as the root of trust. // Returns true if the client uses a keybox as the root of trust.
bool CryptoEngine::supports_keybox() { bool CryptoEngine::config_supports_keybox() {
return false; return false;
} }
// This version uses a baked in DRM certificate. // This version uses a baked in DRM certificate.
OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() { OEMCrypto_ProvisioningMethod CryptoEngine::config_provisioning_method() {
return OEMCrypto_DrmCertificate; return OEMCrypto_DrmCertificate;
} }
@@ -53,20 +53,20 @@ OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session,
} }
// Returns true to indicate the client does support anti-rollback hardware. // Returns true to indicate the client does support anti-rollback hardware.
bool CryptoEngine::is_anti_rollback_hw_present() { bool CryptoEngine::config_is_anti_rollback_hw_present() {
return false; return false;
} }
// Returns "L3" for a software only library. L1 is for hardware protected keys // Returns "L3" for a software only library. L1 is for hardware protected keys
// and data paths. L2 is for hardware protected keys but no data path // and data paths. L2 is for hardware protected keys but no data path
// protection. // protection.
const char* CryptoEngine::security_level() { const char* CryptoEngine::config_security_level() {
return "L2"; return "L2";
} }
// This should start at 0, and be incremented only when a security patch has // This should start at 0, and be incremented only when a security patch has
// been applied to the device that fixes a security bug. // been applied to the device that fixes a security bug.
uint8_t CryptoEngine::security_patch_level() { uint8_t CryptoEngine::config_security_patch_level() {
return 0; return 0;
} }

26
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_device_properties_prov30.cpp
View File

@@ -14,40 +14,40 @@
namespace wvoec_mock { namespace wvoec_mock {
// If local_display() returns true, we pretend we are using a built-in display, // If config_local_display_only() returns true, we pretend we are using a
// instead of HDMI or WiFi output. // built-in display, instead of HDMI or WiFi output.
bool CryptoEngine::local_display() { bool CryptoEngine::config_local_display_only() {
return true; return true;
} }
// A closed platform is permitted to use clear buffers. // A closed platform is permitted to use clear buffers.
bool CryptoEngine::closed_platform() { bool CryptoEngine::config_closed_platform() {
return false; return false;
} }
// Returns the HDCP version currently in use. // Returns the HDCP version currently in use.
OEMCrypto_HDCP_Capability CryptoEngine::current_hdcp_capability() { OEMCrypto_HDCP_Capability CryptoEngine::config_current_hdcp_capability() {
return local_display() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1; return config_local_display_only() ? HDCP_NO_DIGITAL_OUTPUT : HDCP_V1;
} }
// Returns the max HDCP version supported. // Returns the max HDCP version supported.
OEMCrypto_HDCP_Capability CryptoEngine::maximum_hdcp_capability() { OEMCrypto_HDCP_Capability CryptoEngine::config_maximum_hdcp_capability() {
return HDCP_NO_DIGITAL_OUTPUT; return HDCP_NO_DIGITAL_OUTPUT;
} }
// Returns true if the client supports persistent storage of // Returns true if the client supports persistent storage of
// offline usage table information. // offline usage table information.
bool CryptoEngine::supports_storage() { bool CryptoEngine::config_supports_usage_table() {
return false; return false;
} }
// Returns true if the client uses a keybox as the root of trust. // Returns true if the client uses a keybox as the root of trust.
bool CryptoEngine::supports_keybox() { bool CryptoEngine::config_supports_keybox() {
return false; return false;
} }
// This version uses a keybox. // This version uses a keybox.
OEMCrypto_ProvisioningMethod CryptoEngine::provisioning_method() { OEMCrypto_ProvisioningMethod CryptoEngine::config_provisioning_method() {
return OEMCrypto_OEMCertificate; return OEMCrypto_OEMCertificate;
} }
@@ -77,20 +77,20 @@ OEMCryptoResult CryptoEngine::get_oem_certificate(SessionContext *session,
} }
// Returns true to indicate the client does support anti-rollback hardware. // Returns true to indicate the client does support anti-rollback hardware.
bool CryptoEngine::is_anti_rollback_hw_present() { bool CryptoEngine::config_is_anti_rollback_hw_present() {
return false; return false;
} }
// Returns "L3" for a software only library. L1 is for hardware protected keys // Returns "L3" for a software only library. L1 is for hardware protected keys
// and data paths. L2 is for hardware protected keys but no data path // and data paths. L2 is for hardware protected keys but no data path
// protection. // protection.
const char* CryptoEngine::security_level() { const char* CryptoEngine::config_security_level() {
return "L2"; return "L2";
} }
// This should start at 0, and be incremented only when a security patch has // This should start at 0, and be incremented only when a security patch has
// been applied to the device that fixes a security bug. // been applied to the device that fixes a security bug.
uint8_t CryptoEngine::security_patch_level() { uint8_t CryptoEngine::config_security_patch_level() {
return 0; return 0;
} }

15
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp
View File

@@ -531,7 +531,7 @@ bool SessionContext::InstallKey(const KeyId& key_id,
} }
if ((key_control_block.control_bits() & if ((key_control_block.control_bits() &
kControlRequireAntiRollbackHardware) && kControlRequireAntiRollbackHardware) &&
!ce_->is_anti_rollback_hw_present()) { !ce_->config_is_anti_rollback_hw_present()) {
LOGE("Anti-rollback hardware is required but hardware not present."); LOGE("Anti-rollback hardware is required but hardware not present.");
return false; return false;
} }
@@ -773,7 +773,7 @@ OEMCryptoResult SessionContext::Generic_Decrypt(const uint8_t* in_buffer,
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (control.control_bits() & kControlDataPathSecure) { if (control.control_bits() & kControlDataPathSecure) {
if (!ce_->closed_platform()) { if (!ce_->config_closed_platform()) {
LOGE("[Generic_Decrypt(): control bit says secure path only."); LOGE("[Generic_Decrypt(): control bit says secure path only.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
@@ -1085,7 +1085,8 @@ OEMCryptoResult SessionContext::DecryptCENC(
} }
const KeyControlBlock& control = current_content_key()->control(); const KeyControlBlock& control = current_content_key()->control();
if (control.control_bits() & kControlDataPathSecure) { if (control.control_bits() & kControlDataPathSecure) {
if (!ce_->closed_platform() && buffer_type == OEMCrypto_BufferType_Clear) { if (!ce_->config_closed_platform() &&
buffer_type == OEMCrypto_BufferType_Clear) {
LOGE("[DecryptCTR(): Secure key with insecure buffer]"); LOGE("[DecryptCTR(): Secure key with insecure buffer]");
return OEMCrypto_ERROR_DECRYPT_FAILED; return OEMCrypto_ERROR_DECRYPT_FAILED;
} }
@@ -1102,16 +1103,16 @@ OEMCryptoResult SessionContext::DecryptCENC(
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
} }
if (!ce_->local_display()) { // Only look at HDCP if the display is not if (!ce_->config_local_display_only()) {
// local. // Only look at HDCP if the display is non-local.
if (control.control_bits() & kControlHDCPRequired) { if (control.control_bits() & kControlHDCPRequired) {
uint8_t required_hdcp = uint8_t required_hdcp =
(control.control_bits() & kControlHDCPVersionMask) >> (control.control_bits() & kControlHDCPVersionMask) >>
kControlHDCPVersionShift; kControlHDCPVersionShift;
// For reference implementation, we pretend we can handle the current // For reference implementation, we pretend we can handle the current
// HDCP version. // HDCP version.
if (required_hdcp > ce_->current_hdcp_capability() || if (required_hdcp > ce_->config_current_hdcp_capability() ||
ce_->current_hdcp_capability() == 0) { ce_->config_current_hdcp_capability() == 0) {
return OEMCrypto_ERROR_INSUFFICIENT_HDCP; return OEMCrypto_ERROR_INSUFFICIENT_HDCP;
} }
} }

22
libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h
View File

@@ -284,22 +284,24 @@ class CryptoEngine {
return kMaxSupportedOEMCryptoSessions; return kMaxSupportedOEMCryptoSessions;
} }
OEMCrypto_HDCP_Capability current_hdcp_capability(); // Configuration constants - controls behavior of this CryptoEngine
OEMCrypto_HDCP_Capability maximum_hdcp_capability(); OEMCrypto_HDCP_Capability config_current_hdcp_capability();
OEMCrypto_HDCP_Capability config_maximum_hdcp_capability();
UsageTable* usage_table() { return usage_table_; } UsageTable* usage_table() { return usage_table_; }
wvcdm::FileSystem* file_system() { return file_system_; } wvcdm::FileSystem* file_system() { return file_system_; }
bool local_display();
bool closed_platform(); bool config_local_display_only();
bool supports_storage(); bool config_closed_platform();
bool supports_keybox(); bool config_supports_usage_table();
OEMCrypto_ProvisioningMethod provisioning_method(); bool config_supports_keybox();
OEMCrypto_ProvisioningMethod config_provisioning_method();
OEMCryptoResult get_oem_certificate(SessionContext* session, OEMCryptoResult get_oem_certificate(SessionContext* session,
uint8_t* public_cert, uint8_t* public_cert,
size_t* public_cert_length); size_t* public_cert_length);
bool is_anti_rollback_hw_present(); bool config_is_anti_rollback_hw_present();
const char* security_level(); const char* config_security_level();
uint8_t security_patch_level(); uint8_t config_security_patch_level();
private: private:
ActiveSessions sessions_; ActiveSessions sessions_;

56
libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp
View File

@@ -149,7 +149,7 @@ OEMCryptoResult OEMCrypto_GenerateDerivedKeys(OEMCrypto_SESSION session,
LOGE("OEMCrypto_GenerateDerivedKeys: OEMCrypto Not Initialized."); LOGE("OEMCrypto_GenerateDerivedKeys: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_keybox()) { if (!crypto_engine->config_supports_keybox()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
if (!crypto_engine->ValidRootOfTrust()) { if (!crypto_engine->ValidRootOfTrust()) {
@@ -691,7 +691,7 @@ OEMCryptoResult OEMCrypto_WrapKeybox(const uint8_t* keybox,
if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) {
LOGI("-- OEMCryptoResult OEMCrypto_WrapKeybox(const uint8_t *keybox,\n"); LOGI("-- OEMCryptoResult OEMCrypto_WrapKeybox(const uint8_t *keybox,\n");
} }
if (!crypto_engine->supports_keybox()) { if (!crypto_engine->config_supports_keybox()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
if (!keybox || !wrappedKeybox || !wrappedKeyBoxLength if (!keybox || !wrappedKeybox || !wrappedKeyBoxLength
@@ -714,7 +714,7 @@ OEMCryptoResult OEMCrypto_InstallKeybox(const uint8_t* keybox,
LOGE("OEMCrypto_InstallKeybox: OEMCrypto Not Initialized."); LOGE("OEMCrypto_InstallKeybox: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_keybox()) { if (!crypto_engine->config_supports_keybox()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
if (crypto_engine->InstallKeybox(keybox, keyBoxLength)) { if (crypto_engine->InstallKeybox(keybox, keyBoxLength)) {
@@ -732,7 +732,7 @@ OEMCryptoResult OEMCrypto_LoadTestKeybox() {
LOGE("OEMCrypto_LoadTestKeybox: OEMCrypto Not Initialized."); LOGE("OEMCrypto_LoadTestKeybox: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_keybox()) { if (!crypto_engine->config_supports_keybox()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
crypto_engine->UseTestKeybox(); crypto_engine->UseTestKeybox();
@@ -748,7 +748,7 @@ OEMCryptoResult OEMCrypto_IsKeyboxValid(void) {
LOGE("OEMCrypto_IsKeyboxValid: OEMCrypto Not Initialized."); LOGE("OEMCrypto_IsKeyboxValid: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_keybox()) { if (!crypto_engine->config_supports_keybox()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
switch(crypto_engine->ValidateKeybox()) { switch(crypto_engine->ValidateKeybox()) {
@@ -769,7 +769,7 @@ OEMCrypto_ProvisioningMethod OEMCrypto_GetProvisioningMethod() {
LOGE("OEMCrypto_GetProvisioningMethod: OEMCrypto Not Initialized."); LOGE("OEMCrypto_GetProvisioningMethod: OEMCrypto Not Initialized.");
return OEMCrypto_ProvisioningError; return OEMCrypto_ProvisioningError;
} }
return crypto_engine->provisioning_method(); return crypto_engine->config_provisioning_method();
} }
extern "C" extern "C"
@@ -784,10 +784,9 @@ OEMCryptoResult OEMCrypto_GetOEMPublicCertificate(OEMCrypto_SESSION session,
LOGE("OEMCrypto_GetOEMPublicCertificate: OEMCrypto Not Initialized."); LOGE("OEMCrypto_GetOEMPublicCertificate: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (crypto_engine->provisioning_method() != OEMCrypto_OEMCertificate) { if (crypto_engine->config_provisioning_method() != OEMCrypto_OEMCertificate) {
LOGE("OEMCrypto_GetOEMPublicCertificate: Provisioning method = %d.", LOGE("OEMCrypto_GetOEMPublicCertificate: Provisioning method = %d.",
crypto_engine->provisioning_method() crypto_engine->config_provisioning_method());
);
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
SessionContext* session_ctx = crypto_engine->FindSession(session); SessionContext* session_ctx = crypto_engine->FindSession(session);
@@ -809,7 +808,7 @@ OEMCryptoResult OEMCrypto_GetDeviceID(uint8_t* deviceID,
LOGE("OEMCrypto_GetDeviceID: OEMCrypto Not Initialized."); LOGE("OEMCrypto_GetDeviceID: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_keybox()) { if (!crypto_engine->config_supports_keybox()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
// Devices that do not support a keybox should use some other method to // Devices that do not support a keybox should use some other method to
@@ -845,7 +844,7 @@ OEMCryptoResult OEMCrypto_GetKeyData(uint8_t* keyData,
LOGE("OEMCrypto_GetKeyData: OEMCrypto Not Initialized."); LOGE("OEMCrypto_GetKeyData: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_keybox()) { if (!crypto_engine->config_supports_keybox()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
size_t length = crypto_engine->DeviceRootTokenLength(); size_t length = crypto_engine->DeviceRootTokenLength();
@@ -947,7 +946,8 @@ extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(
if(!session_ctx->InstallRSAEncryptedKey(encrypted_message_key, if(!session_ctx->InstallRSAEncryptedKey(encrypted_message_key,
encrypted_message_key_length)) { encrypted_message_key_length)) {
LOGE("OEMCrypto_RewrapDeviceRSAKey30: Error loading encrypted_message_key."); LOGE("OEMCrypto_RewrapDeviceRSAKey30: "
"Error loading encrypted_message_key.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
@@ -959,7 +959,8 @@ extern "C" OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey30(
} }
size_t padding = pkcs8_rsa_key[enc_rsa_key_length - 1]; size_t padding = pkcs8_rsa_key[enc_rsa_key_length - 1];
if (padding > 16) { if (padding > 16) {
LOGE("[OEMCrypto_RewrapDeviceRSAKey30(): Encrypted RSA has bad padding: %d]", LOGE("[OEMCrypto_RewrapDeviceRSAKey30(): "
"Encrypted RSA has bad padding: %d]",
padding); padding);
return OEMCrypto_ERROR_INVALID_RSA_KEY; return OEMCrypto_ERROR_INVALID_RSA_KEY;
} }
@@ -1043,7 +1044,7 @@ OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey(OEMCrypto_SESSION session,
LOGE("OEMCrypto_RewrapDeviceRSAKey: OEMCrypto Not Initialized."); LOGE("OEMCrypto_RewrapDeviceRSAKey: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_keybox()) { if (!crypto_engine->config_supports_keybox()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
if (wrapped_rsa_key_length == NULL) { if (wrapped_rsa_key_length == NULL) {
@@ -1174,7 +1175,7 @@ OEMCryptoResult OEMCrypto_LoadDeviceRSAKey(OEMCrypto_SESSION session,
LOGE("OEMCrypto_LoadDeviceRSAKey: OEMCrypto Not Initialized."); LOGE("OEMCrypto_LoadDeviceRSAKey: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (crypto_engine->provisioning_method() == OEMCrypto_DrmCertificate) { if (crypto_engine->config_provisioning_method() == OEMCrypto_DrmCertificate) {
// If we are using a baked in cert, the "wrapped RSA key" should actually be // If we are using a baked in cert, the "wrapped RSA key" should actually be
// the magic value for baked-in certificates. // the magic value for baked-in certificates.
if (wrapped_rsa_key_length != sizeof(kBakedInCertificateMagicBytes) || if (wrapped_rsa_key_length != sizeof(kBakedInCertificateMagicBytes) ||
@@ -1384,7 +1385,7 @@ uint32_t OEMCrypto_APIVersion() {
extern "C" extern "C"
uint8_t OEMCrypto_Security_Patch_Level() { uint8_t OEMCrypto_Security_Patch_Level() {
uint8_t security_patch_level = crypto_engine->security_patch_level(); uint8_t security_patch_level = crypto_engine->config_security_patch_level();
if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) {
LOGI("-- uint8_t OEMCrypto_Security_Patch_Level(); // returns %d.\n", LOGI("-- uint8_t OEMCrypto_Security_Patch_Level(); // returns %d.\n",
security_patch_level); security_patch_level);
@@ -1394,7 +1395,7 @@ uint8_t OEMCrypto_Security_Patch_Level() {
extern "C" extern "C"
const char* OEMCrypto_SecurityLevel() { const char* OEMCrypto_SecurityLevel() {
const char* security_level = crypto_engine->security_level(); const char* security_level = crypto_engine->config_security_level();
if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) {
LOGI("-- const char* OEMCrypto_SecurityLevel(); // returns %s.\n", security_level); LOGI("-- const char* OEMCrypto_SecurityLevel(); // returns %s.\n", security_level);
} }
@@ -1415,14 +1416,14 @@ OEMCryptoResult OEMCrypto_GetHDCPCapability(
} }
if (current == NULL) return OEMCrypto_ERROR_UNKNOWN_FAILURE; if (current == NULL) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
if (maximum == NULL) return OEMCrypto_ERROR_UNKNOWN_FAILURE; if (maximum == NULL) return OEMCrypto_ERROR_UNKNOWN_FAILURE;
*current = crypto_engine->current_hdcp_capability(); *current = crypto_engine->config_current_hdcp_capability();
*maximum = crypto_engine->maximum_hdcp_capability(); *maximum = crypto_engine->config_maximum_hdcp_capability();
return OEMCrypto_SUCCESS; return OEMCrypto_SUCCESS;
} }
extern "C" extern "C"
bool OEMCrypto_SupportsUsageTable() { bool OEMCrypto_SupportsUsageTable() {
bool supports_usage = crypto_engine->supports_storage(); bool supports_usage = crypto_engine->config_supports_usage_table();
if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) {
LOGI("-- bool OEMCrypto_SupportsUsageTable(); // returns %s.\n", LOGI("-- bool OEMCrypto_SupportsUsageTable(); // returns %s.\n",
(supports_usage ? "true" : "false")); (supports_usage ? "true" : "false"));
@@ -1460,7 +1461,8 @@ OEMCryptoResult OEMCrypto_GetMaxNumberOfSessions(size_t* maximum) {
extern "C" extern "C"
bool OEMCrypto_IsAntiRollbackHwPresent() { bool OEMCrypto_IsAntiRollbackHwPresent() {
bool anti_rollback_hw_present = crypto_engine->is_anti_rollback_hw_present(); bool anti_rollback_hw_present =
crypto_engine->config_is_anti_rollback_hw_present();
if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) { if (LogCategoryEnabled(kLoggingTraceOEMCryptoCalls)) {
LOGI("-- bool OEMCrypto_IsAntiRollbackHwPresent(): %d\n", LOGI("-- bool OEMCrypto_IsAntiRollbackHwPresent(): %d\n",
@@ -1651,7 +1653,7 @@ OEMCryptoResult OEMCrypto_UpdateUsageTable() {
LOGE("OEMCrypto_UpdateUsageTable: OEMCrypto Not Initialized."); LOGE("OEMCrypto_UpdateUsageTable: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_storage()) { if (!crypto_engine->config_supports_usage_table()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
return crypto_engine->usage_table()->UpdateTable(); return crypto_engine->usage_table()->UpdateTable();
@@ -1670,7 +1672,7 @@ OEMCryptoResult OEMCrypto_DeactivateUsageEntry(const uint8_t *pst,
LOGE("OEMCrypto_DeactivateUsageEntry: OEMCrypto Not Initialized."); LOGE("OEMCrypto_DeactivateUsageEntry: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_storage()) { if (!crypto_engine->config_supports_usage_table()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
std::vector<uint8_t> pstv(pst, pst + pst_length); std::vector<uint8_t> pstv(pst, pst + pst_length);
@@ -1693,7 +1695,7 @@ OEMCryptoResult OEMCrypto_ReportUsage(OEMCrypto_SESSION session,
LOGE("OEMCrypto_ReportUsage: OEMCrypto Not Initialized."); LOGE("OEMCrypto_ReportUsage: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_storage()) { if (!crypto_engine->config_supports_usage_table()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
SessionContext* session_ctx = crypto_engine->FindSession(session); SessionContext* session_ctx = crypto_engine->FindSession(session);
@@ -1739,7 +1741,7 @@ OEMCryptoResult OEMCrypto_DeleteUsageEntry(OEMCrypto_SESSION session,
LOGE("OEMCrypto_DeleteUsageEntry: OEMCrypto Not Initialized."); LOGE("OEMCrypto_DeleteUsageEntry: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_storage()) { if (!crypto_engine->config_supports_usage_table()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
SessionContext* session_ctx = crypto_engine->FindSession(session); SessionContext* session_ctx = crypto_engine->FindSession(session);
@@ -1782,7 +1784,7 @@ OEMCryptoResult OEMCrypto_ForceDeleteUsageEntry(const uint8_t* pst,
LOGE("OEMCrypto_ForceDeleteUsageEntry: OEMCrypto Not Initialized."); LOGE("OEMCrypto_ForceDeleteUsageEntry: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_storage()) { if (!crypto_engine->config_supports_usage_table()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
std::vector<uint8_t> pstv(pst, pst + pst_length); std::vector<uint8_t> pstv(pst, pst + pst_length);
@@ -1801,7 +1803,7 @@ OEMCryptoResult OEMCrypto_DeleteUsageTable() {
LOGE("OEMCrypto_DeleteUsageTable: OEMCrypto Not Initialized."); LOGE("OEMCrypto_DeleteUsageTable: OEMCrypto Not Initialized.");
return OEMCrypto_ERROR_UNKNOWN_FAILURE; return OEMCrypto_ERROR_UNKNOWN_FAILURE;
} }
if (!crypto_engine->supports_storage()) { if (!crypto_engine->config_supports_usage_table()) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED; return OEMCrypto_ERROR_NOT_IMPLEMENTED;
} }
crypto_engine->usage_table()->Clear(); crypto_engine->usage_table()->Clear();