widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added keybox provisioning proto fields.

Browse Source 
Merge from Widevine repo of http://go/wvgerrit/127926
which was merged from http://go/wvgerrit/127083

This CL copies over the required license_protocol.proto changes that
are required for OTA keybox provisioning.  These fields are defined in
the server-side certificate_provisioning.proto, defined in
http://cl/377533774.

Bug: 189232882
Test: run_x86_64_tests
Change-Id: Ic6ca04eef4f6b5f62d4be70690a2cd12ada446bb
This commit is contained in:
Alex Dale
2021-08-17 04:40:52 +00:00
committed by Fred Gylys-Colwell
parent b83661532b
commit 752a635551
1 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
libwvdrmengine/cdm/core/src/license_protocol.proto
View File

@@ -532,6 +532,14 @@ message ProvisioningRequest {
// Serialized, encrypted session keys. Required.
optional bytes encrypted_session_keys = 2;
}
// This message contains the custom serialized message for OTA provisioning
// using Android Attestation and a device id as authentication.
message AndroidAttestationOtaKeyboxRequest {
// The request contains custom serialized and signed data for the
// Android Attestation OTA request.
optional bytes ota_request = 1;
}
oneof clear_or_encrypted_client_id {
// Device root of trust and other client identification. Required.
ClientIdentification client_id = 1;
@@ -555,6 +563,8 @@ message ProvisioningRequest {
// SessionKeys encrypted using a service cert public key.
// Required for keybox provisioning.
optional EncryptedSessionKeys encrypted_session_keys = 8;
// The custom request for Android Attestation OTA.
optional AndroidAttestationOtaKeyboxRequest android_ota_keybox_request = 9;
}
// Provisioning response sent by the provisioning server to client devices.
@@ -579,6 +589,14 @@ message ProvisioningResponse {
// Devices in this series have been revoked. Provisioning is not possible.
REVOKED_DEVICE_SERIES = 2;
}
// This message contains the custom response for Android Attestation OTA
// provisioning which uses the Android Attestation keybox and a device id
// from the chip set.
message AndroidAttestationOtaKeyboxResponse {
// The response contains custom serialized and signed data for the
// Android Attestation OTA keybox provisioning.
optional bytes ota_response = 1;
}
// AES-128 encrypted device private RSA key. PKCS#1 ASN.1 DER-encoded.
// Required. For X.509 certificates, the private RSA key may also include
@@ -603,6 +621,9 @@ message ProvisioningResponse {
// than |status| may be empty and should be ignored if the |status|
// is present and not NO_ERROR
optional ProvisioningStatus status = 7;
// The Android Attestation OTA response. Only populated if the request
// was an Android Attestation OTA request.
optional AndroidAttestationOtaKeyboxResponse android_ota_keybox_response = 8;
}
// Protocol-specific context data used to hold the state of the server in
@@ -654,6 +675,8 @@ message SignedProvisioningMessage {
PROVISIONING_20 = 2; // Keybox factory-provisioned devices.
PROVISIONING_30 = 3; // OEM certificate factory-provisioned devices.
ARCPP_PROVISIONING = 4; // ChromeOS/Arc++ devices.
// Android-Attestation-based OTA keyboxes.
ANDROID_ATTESTATION_KEYBOX_OTA = 6;
INTEL_SIGMA_101 = 101; // Intel Sigma 1.0.1 protocol.
}