Merge OEMCrypto changes from CDM to android repository
This is a merge of the following CLs: Style clean up in oemcrypto/mock https://widevine-internal-review.googlesource.com/#/c/10660 Split off default keybox. https://widevine-internal-review.googlesource.com/#/c/10661/ Split off several properties from CryptoEngine. https://widevine-internal-review.googlesource.com/#/c/10662/ Split off Keybox installation. https://widevine-internal-review.googlesource.com/#/c/10680/ Wii-U build compatibility fixes. https://widevine-internal-review.googlesource.com/#/c/10720/ Fix style issues in oemcrypto_logging_test. https://widevine-internal-review.googlesource.com/#/c/10824/ Correct OEMCrypto error codes in the mock. https://widevine-internal-review.googlesource.com/#/c/10821/ Enable logging during OEMCrypto unit tests. https://widevine-internal-review.googlesource.com/#/c/10833/ Wait to create usage table path until needed. https://widevine-internal-review.googlesource.com/#/c/10831/ Allow keybox installation to be unimplemented. https://widevine-internal-review.googlesource.com/#/c/10850/ Minor clean up in the OEMCrypto header. https://widevine-internal-review.googlesource.com/#/c/10921/ Add usage table device property to the mock oemcrypto https://widevine-internal-review.googlesource.com/#/c/11092/ Change-Id: I02a818a620bcd4bd2291f1b3c0ac9308ae444319
This commit is contained in:
Fred Gylys-Colwell
@@ -562,7 +562,7 @@ OEMCryptoResult OEMCrypto_GenerateSignature(
|
||||
* as a successful comparison).
|
||||
*
|
||||
* 2. The enc_mac_keys pointer must be either null, or point inside the
|
||||
* message. If the pointer enc_mac_keys is not null, [e]the API shall verify
|
||||
* message. If the pointer enc_mac_keys is not null, the API shall verify
|
||||
* that the two pointers enc_mac_keys_iv and enc_mac_keys point to locations in
|
||||
* the message. I.e. (message <= p && p < message+message_length)for p in
|
||||
* each of enc_mac_keys_iv, enc_mac_keys. If not, return
|
||||
@@ -603,8 +603,8 @@ OEMCryptoResult OEMCrypto_GenerateSignature(
|
||||
* license from being loaded more than once, and will be used for online
|
||||
* streaming.
|
||||
*
|
||||
* - If Replay_Control is 2 = “Require existing Session Usage table entry or
|
||||
* Nonce”, then OEMCrypto will check the Session Usage table for an existing
|
||||
* - If Replay_Control is 2 = "Require existing Session Usage table entry or
|
||||
* Nonce", then OEMCrypto will check the Session Usage table for an existing
|
||||
* entry with the same pst.
|
||||
*
|
||||
* --- If the pst is not in the table yet, a new entry will be created in the
|
||||
@@ -867,8 +867,8 @@ OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session,
|
||||
* secure buffer.
|
||||
*
|
||||
* If the session has an entry in the Usage Table, then OEMCrypto will update the
|
||||
* time_of_last_decrypt. If the status of the entry is “unused”, then change the
|
||||
* status to “active” and set the time_of_first_decrypt.[f]
|
||||
* time_of_last_decrypt. If the status of the entry is "unused", then change the
|
||||
* status to "active" and set the time_of_first_decrypt.
|
||||
*
|
||||
*
|
||||
* Verification:
|
||||
@@ -877,7 +877,7 @@ OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session,
|
||||
*
|
||||
* 1. If the current key’s control block has a nonzero Duration field, then the
|
||||
* API shall verify that the duration is greater than the session’s elapsed time
|
||||
* clock. If not, return OEMCrypto_ERROR_KEY_EXPIRED[g].
|
||||
* clock. If not, return OEMCrypto_ERROR_KEY_EXPIRED.
|
||||
*
|
||||
* 2. If the current key’s control block has the Data_Path_Type bit set, then the
|
||||
* API shall verify that the output buffer is secure or direct. If not, return
|
||||
@@ -893,8 +893,8 @@ OEMCryptoResult OEMCrypto_SelectKey(const OEMCrypto_SESSION session,
|
||||
* current version is not at least as high as that in the control block, then
|
||||
* return OEMCrypto_ERROR_INSUFFICIENT_HDCP.
|
||||
*
|
||||
* 1. If the current session has an entry in the Usage Table, and the status of
|
||||
* that entry is “inactive”, then return OEMCrypto_ERROR_INVALID_SESSION.[h]
|
||||
* 5. If the current session has an entry in the Usage Table, and the status of
|
||||
* that entry is "inactive", then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
*
|
||||
* If the flag is_encrypted is false, then no verification is performed. This
|
||||
* call shall copy clear data even when there are no keys loaded, or there is no
|
||||
@@ -1160,11 +1160,11 @@ OEMCryptoResult OEMCrypto_GetRandom(uint8_t* randomData,
|
||||
* GenerateDerivedKeys.
|
||||
*
|
||||
* After decrypting enc_rsa_key, If the first four bytes of the buffer are the
|
||||
* string “SIGN”, then the actual RSA key begins on the 9th byte of the buffer.
|
||||
* The second four bytes of the buffer is the 32 bit field “allowed_schemes”,
|
||||
* string "SIGN", then the actual RSA key begins on the 9th byte of the buffer.
|
||||
* The second four bytes of the buffer is the 32 bit field "allowed_schemes",
|
||||
* of type RSA_Padding_Scheme, which is used in OEMCrypto_GenerateRSASignature. The
|
||||
* value of allowed_schemes must also be wrapped with RSA key. We recommend
|
||||
* storing the magic string “SIGN” with the key to distinguish keys that have a
|
||||
* storing the magic string "SIGN" with the key to distinguish keys that have a
|
||||
* value for allowed_schemes from those that should use the default
|
||||
* allowed_schemes. Devices that do not support the alternative signing
|
||||
* algorithms may refuse to load these keys and return an error of
|
||||
@@ -1173,7 +1173,7 @@ OEMCryptoResult OEMCrypto_GetRandom(uint8_t* randomData,
|
||||
* authentication when acting as a ChromeCast receiver. This is not needed for
|
||||
* devices that wish to send data to a ChromeCast.
|
||||
*
|
||||
* If the first four bytes of the buffer enc_rsa_key are not the string “SIGN”,
|
||||
* If the first four bytes of the buffer enc_rsa_key are not the string "SIGN",
|
||||
* then the default value of allowed_schemes = 1 will be used.
|
||||
*
|
||||
* Verification:
|
||||
@@ -1262,7 +1262,7 @@ OEMCryptoResult OEMCrypto_RewrapDeviceRSAKey(OEMCrypto_SESSION session,
|
||||
* the one verified and wrapped by OEMCrypto_RewrapDeviceRSAKey. The RSA private
|
||||
* key should be stored in secure memory.
|
||||
*
|
||||
* If the bit field “allowed_schemes” was wrapped with this RSA key, its value
|
||||
* If the bit field "allowed_schemes" was wrapped with this RSA key, its value
|
||||
* will be loaded and stored with the RSA key. If there was not bit field
|
||||
* wrapped with the RSA key, the key will use a default value of 1 = RSASSA-PSS
|
||||
* with SHA1.
|
||||
@@ -1550,8 +1550,8 @@ bool OEMCrypto_SupportsUsageTable();
|
||||
* This function encrypts a generic buffer of data using the current key.
|
||||
*
|
||||
* If the session has an entry in the Usage Table, then OEMCrypto will update the
|
||||
* time_of_last_decrypt. If the status of the entry is “unused”, then change the
|
||||
* status to “active” and set the time_of_first_decrypt.
|
||||
* time_of_last_decrypt. If the status of the entry is "unused", then change the
|
||||
* status to "active" and set the time_of_first_decrypt.
|
||||
*
|
||||
* Verification:
|
||||
* The following checks should be performed. If any check fails, an error is
|
||||
@@ -1562,7 +1562,7 @@ bool OEMCrypto_SupportsUsageTable();
|
||||
* API shall verify that the duration is greater than the session’s elapsed time
|
||||
* clock. If not, return OEMCrypto_ERROR_KEY_EXPIRED.
|
||||
* 3. If the current session has an entry in the Usage Table, and the status of
|
||||
* that entry is “inactive”, then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
* that entry is "inactive", then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
*
|
||||
* Parameters:
|
||||
* session (in) - crypto session identifier.
|
||||
@@ -1602,8 +1602,8 @@ OEMCryptoResult OEMCrypto_Generic_Encrypt(OEMCrypto_SESSION session,
|
||||
* This function decrypts a generic buffer of data using the current key.
|
||||
*
|
||||
* If the session has an entry in the Usage Table, then OEMCrypto will update the
|
||||
* time_of_last_decrypt. If the status of the entry is “unused”, then change the
|
||||
* status to “active” and set the time_of_first_decrypt.
|
||||
* time_of_last_decrypt. If the status of the entry is "unused", then change the
|
||||
* status to "active" and set the time_of_first_decrypt.
|
||||
*
|
||||
* Verification:
|
||||
* The following checks should be performed. If any check fails, an error is
|
||||
@@ -1616,7 +1616,7 @@ OEMCryptoResult OEMCrypto_Generic_Encrypt(OEMCrypto_SESSION session,
|
||||
* API shall verify that the duration is greater than the session’s elapsed time
|
||||
* clock. If not, return OEMCrypto_ERROR_KEY_EXPIRED.
|
||||
* 4. If the current session has an entry in the Usage Table, and the status of
|
||||
* that entry is “inactive”, then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
* that entry is "inactive", then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
*
|
||||
* Parameters:
|
||||
* session (in) - crypto session identifier.
|
||||
@@ -1657,8 +1657,8 @@ OEMCryptoResult OEMCrypto_Generic_Decrypt(OEMCrypto_SESSION session,
|
||||
* This function signs a generic buffer of data using the current key.
|
||||
*
|
||||
* If the session has an entry in the Usage Table, then OEMCrypto will update the
|
||||
* time_of_last_decrypt. If the status of the entry is “unused”, then change the
|
||||
* status to “active” and set the time_of_first_decrypt.
|
||||
* time_of_last_decrypt. If the status of the entry is "unused", then change the
|
||||
* status to "active" and set the time_of_first_decrypt.
|
||||
*
|
||||
* Verification:
|
||||
* The following checks should be performed. If any check fails, an error is
|
||||
@@ -1668,7 +1668,7 @@ OEMCryptoResult OEMCrypto_Generic_Decrypt(OEMCrypto_SESSION session,
|
||||
* API shall verify that the duration is greater than the session’s elapsed time
|
||||
* clock. If not, return OEMCrypto_ERROR_KEY_EXPIRED.
|
||||
* 3. If the current session has an entry in the Usage Table, and the status of
|
||||
* that entry is “inactive”, then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
* that entry is "inactive", then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
*
|
||||
* Parameters:
|
||||
* session (in) - crypto session identifier.
|
||||
@@ -1714,8 +1714,8 @@ OEMCryptoResult OEMCrypto_Generic_Sign(OEMCrypto_SESSION session,
|
||||
* current key.
|
||||
*
|
||||
* If the session has an entry in the Usage Table, then OEMCrypto will update the
|
||||
* time_of_last_decrypt. If the status of the entry is “unused”, then change the
|
||||
* status to “active” and set the time_of_first_decrypt.
|
||||
* time_of_last_decrypt. If the status of the entry is "unused", then change the
|
||||
* status to "active" and set the time_of_first_decrypt.
|
||||
*
|
||||
* Verification:
|
||||
* The following checks should be performed. If any check fails, an error is
|
||||
@@ -1730,7 +1730,7 @@ OEMCryptoResult OEMCrypto_Generic_Sign(OEMCrypto_SESSION session,
|
||||
* API shall verify that the duration is greater than the session’s elapsed time
|
||||
* clock. If not, return OEMCrypto_ERROR_KEY_EXPIRED.
|
||||
* 5. If the current session has an entry in the Usage Table, and the status of
|
||||
* that entry is “inactive”, then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
* that entry is "inactive", then return OEMCrypto_ERROR_INVALID_SESSION.
|
||||
*
|
||||
* Parameters:
|
||||
* session (in) - crypto session identifier.
|
||||
@@ -1797,8 +1797,8 @@ OEMCryptoResult OEMCrypto_UpdateUsageTable();
|
||||
*
|
||||
* Description:
|
||||
* Find the entry in the Usage Table with a matching PST. Mark the status of
|
||||
* that entry as “inactive”. If it corresponds to an open session, the status of
|
||||
* that session will also be marked as “inactive”. Then OEMCrypto will increment
|
||||
* that entry as "inactive". If it corresponds to an open session, the status of
|
||||
* that session will also be marked as "inactive". Then OEMCrypto will increment
|
||||
* Usage Table’s generation number, sign, encrypt, and save the Usage Table.
|
||||
*
|
||||
* If no entry in the Usage Table has a matching PST, return the error
|
||||
@@ -1934,7 +1934,7 @@ OEMCryptoResult OEMCrypto_ReportUsage(OEMCrypto_SESSION session,
|
||||
* the computed signature matches the signature passed in. The signature will be
|
||||
* computed using HMAC-SHA256 and the mac_key_server. If they do not match,
|
||||
* return OEMCrypto_ERROR_SIGNATURE_FAILURE.
|
||||
* 3. If the session is not associated with an entry in the Usage Table, return
|
||||
* 3. If the session is not associated with an entry in the Usage Table, return
|
||||
* OEMCrypto_ERROR_UNKNOWN_FAILURE.
|
||||
* 4. If the pst passed in as a parameter does not match that in the Usage Table,
|
||||
* return OEMCrypto_ERROR_UNKNOWN_FAILURE.
|
||||
|
||||
Reference in New Issue
Block a user