widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change the signature format requirement of OEMCrypto_GenerateCertificateKeyPair

Browse Source 
[ Merge of http://go/wvgerrit/147593 ]

As we have decided to use hw_bcc service in Trusty to generate BCC and
sign the generated certificate public key, we need to change the
signature format to cose-sign1, which is defined by hw_bcc API.

Bug: 221496117
Test: GtsMediaTestCase on sunfish
Change-Id: I30739a0f0ae49291d343db46ad9e898663985cc8
This commit is contained in:
Rahul Frias
2022-03-14 02:59:03 -07:00
parent 1ab6872f82
commit 85310dfbf6
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -4811,9 +4811,11 @@ OEMCryptoResult OEMCrypto_GetBootCertificateChain(
* @param[in,out] public_key_size: on input, size of the caller's public_key
* buffer. On output, the number of bytes written into the buffer.
* @param[out] public_key_signature: pointer to the buffer that receives the
* signature of the public key. If an OEM private key is unavailable, it is
* signed by the device private key; otherwise is signed by the OEM private
* key.
* signature of the public key.
* If an OEM private key is unavailable: it is signed by the device private
* key. The signature must be in COSE_SIGN1 format as specified in RFC 8152.
* If an OEM private key is available: it is signed by the OEM private key.
* The signature must be raw signature bytes.
* @param[in,out] public_key_signature_size: on input, size of the caller's
* public_key_signature buffer. On output, the number of bytes written into
* the buffer.