Merge "Do not fall back to L3 if L1 has test keybox" into main
This commit is contained in:
Kyle Zhang
@@ -327,12 +327,6 @@ class CdmEngine {
|
||||
return CryptoSession::SetDebugIgnoreKeyboxCount(count);
|
||||
}
|
||||
|
||||
// This tells the OEMCrypto adapter to allow the device to continue with a
|
||||
// test keybox. Otherwise, the keybox is reported as invalid.
|
||||
static CdmResponseType SetAllowTestKeybox(bool allow) {
|
||||
return CryptoSession::SetAllowTestKeybox(allow);
|
||||
}
|
||||
|
||||
static CdmResponseType ParseDecryptHashString(const std::string& hash_string,
|
||||
CdmSessionId* id,
|
||||
uint32_t* frame_number,
|
||||
|
||||
@@ -331,10 +331,6 @@ class CryptoSession {
|
||||
// report that it needs provisioning instead.
|
||||
static CdmResponseType SetDebugIgnoreKeyboxCount(uint32_t count);
|
||||
|
||||
// This tells the OEMCrypto adapter to allow the device to continue with a
|
||||
// test keybox. Otherwise, the keybox is reported as invalid.
|
||||
static CdmResponseType SetAllowTestKeybox(bool allow);
|
||||
|
||||
// Returns a system-wide singleton instance of SystemFallbackPolicy
|
||||
// to be used for communicating OTA keybox provisioning state between
|
||||
// apps. Returns a null pointer if OTA provisioning is not supported,
|
||||
|
||||
@@ -20,10 +20,6 @@ OEMCryptoResult OEMCrypto_InitializeAndCheckKeybox(
|
||||
// report that it needs provisioning instead.
|
||||
OEMCryptoResult OEMCrypto_SetDebugIgnoreKeyboxCount(uint32_t count);
|
||||
|
||||
// This tells the OEMCrypto adapter to allow the device to continue with a
|
||||
// test keybox. Otherwise, the keybox is reported as invalid.
|
||||
OEMCryptoResult OEMCrypto_SetAllowTestKeybox(bool allow);
|
||||
|
||||
// This attempts to open a session at the desired security level.
|
||||
// If one level is not available, the other will be used instead.
|
||||
OEMCryptoResult OEMCrypto_OpenSession(OEMCrypto_SESSION* session,
|
||||
|
||||
@@ -3280,11 +3280,6 @@ CdmResponseType CryptoSession::SetDebugIgnoreKeyboxCount(uint32_t count) {
|
||||
return MapOEMCryptoResult(status, UNKNOWN_ERROR, "SetDebugIgnoreKeyboxCount");
|
||||
}
|
||||
|
||||
CdmResponseType CryptoSession::SetAllowTestKeybox(bool allow) {
|
||||
OEMCryptoResult status = OEMCrypto_SetAllowTestKeybox(allow);
|
||||
return MapOEMCryptoResult(status, UNKNOWN_ERROR, "SetAllowTestKeybox");
|
||||
}
|
||||
|
||||
okp::SystemFallbackPolicy* CryptoSession::GetOkpFallbackPolicy() {
|
||||
const auto getter = [&]() -> okp::SystemFallbackPolicy* {
|
||||
// If not set, then OTA keybox provisioning is not supported or
|
||||
|
||||
@@ -626,17 +626,6 @@ std::string GetIgnoreCountFile() {
|
||||
return path;
|
||||
}
|
||||
|
||||
std::string GetAllowTestKeyboxFile() {
|
||||
std::string path;
|
||||
if (!wvcdm::Properties::GetDeviceFilesBasePath(wvcdm::kSecurityLevelL1,
|
||||
&path)) {
|
||||
LOGW("GetAllowTestKeyboxFile: Unable to get base path");
|
||||
path = "/data/";
|
||||
}
|
||||
path += "debug_allow_test_keybox.txt";
|
||||
return path;
|
||||
}
|
||||
|
||||
uint32_t GetDebugIgnoreKeyboxCount() {
|
||||
const std::string filename = GetIgnoreCountFile();
|
||||
wvutil::FileSystem file_system;
|
||||
@@ -689,49 +678,6 @@ OEMCryptoResult SetDebugIgnoreKeyboxCount(uint32_t count) {
|
||||
return OEMCrypto_SUCCESS;
|
||||
}
|
||||
|
||||
bool GetAllowTestKeybox() {
|
||||
const std::string filename = GetAllowTestKeyboxFile();
|
||||
wvutil::FileSystem file_system;
|
||||
if (!file_system.Exists(filename)) {
|
||||
return 0;
|
||||
}
|
||||
auto file = file_system.Open(filename, file_system.kReadOnly);
|
||||
if (!file) {
|
||||
LOGE("Error opening %s", filename.c_str());
|
||||
return 0;
|
||||
}
|
||||
ssize_t size = file_system.FileSize(filename);
|
||||
std::string contents(size, ' ');
|
||||
ssize_t size_read = file->Read(const_cast<char*>(contents.data()), size);
|
||||
if (size != size_read) {
|
||||
LOGE("Short allow_test_keybox = %zu", size_read);
|
||||
return 0;
|
||||
}
|
||||
// skip whitespace or any extra garbage.
|
||||
return (std::string::npos != contents.find("true"));
|
||||
}
|
||||
|
||||
OEMCryptoResult SetAllowTestKeybox(bool allow) {
|
||||
const std::string filename = GetAllowTestKeyboxFile();
|
||||
wvutil::FileSystem file_system;
|
||||
auto file =
|
||||
file_system.Open(filename, file_system.kCreate | file_system.kTruncate);
|
||||
if (!file) {
|
||||
LOGE("Could not create file %s", filename.c_str());
|
||||
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
||||
}
|
||||
const std::string contents = allow ? "true\n" : "false\n";
|
||||
const size_t size = contents.size();
|
||||
ssize_t size_written = file->Write(contents.data(), size);
|
||||
if (static_cast<ssize_t>(size) != size_written) {
|
||||
LOGE("Wrote %zd bytes of %s, not %zd, to file %s", size_written,
|
||||
contents.c_str(), size, filename.c_str());
|
||||
return OEMCrypto_ERROR_UNKNOWN_FAILURE;
|
||||
}
|
||||
LOGD("Wrote %s to %s", contents.c_str(), filename.c_str());
|
||||
return OEMCrypto_SUCCESS;
|
||||
}
|
||||
|
||||
typedef enum OEMCryptoSessionType {
|
||||
SESSION_TYPE_OEMCRYPTO = 0,
|
||||
SESSION_TYPE_ENTITLED_KEY = 1,
|
||||
@@ -1314,18 +1260,6 @@ class Adapter {
|
||||
return result;
|
||||
}
|
||||
|
||||
// Check the system ID of the keybox. This should only be called if the device
|
||||
// uses provisioning 2.0.
|
||||
bool UsingTestKeybox() {
|
||||
uint8_t key_data[256];
|
||||
size_t key_data_len = sizeof(key_data);
|
||||
OEMCryptoResult sts = OEMCrypto_GetKeyData(key_data, &key_data_len);
|
||||
if (sts != OEMCrypto_SUCCESS) return true;
|
||||
uint32_t* data = reinterpret_cast<uint32_t*>(key_data);
|
||||
uint32_t system_id = htonl(data[1]);
|
||||
return system_id == 7912;
|
||||
}
|
||||
|
||||
// Check the L1 keybox or cert. If it is valid, return success. If not, try to
|
||||
// install one. If one is not available, but OTA provisioning is supported,
|
||||
// return OEMCrypto_ERROR_NEEDS_KEYBOX_PROVISIONING. If none of these work,
|
||||
@@ -1361,19 +1295,6 @@ class Adapter {
|
||||
// Check if the keybox or oem certificate is valid, if so, we are finished
|
||||
// with initialization. Record some metrics and return success.
|
||||
const OEMCryptoResult rot_valid = level1_.IsKeyboxOrOEMCertValid();
|
||||
// For production systems, we do wish to use a test keybox. We do not force
|
||||
// a fallback to L3 at this point, because this can be overridden by test
|
||||
// code that requires a test keybox.
|
||||
if ((rot_valid == OEMCrypto_SUCCESS) &&
|
||||
(provisioning_method == OEMCrypto_Keybox) && UsingTestKeybox()) {
|
||||
if (GetAllowTestKeybox()) {
|
||||
LOGW("Allowing device with test keybox installed.");
|
||||
} else {
|
||||
LOGW("Device has test keybox installed.");
|
||||
return OEMCrypto_ERROR_KEYBOX_INVALID;
|
||||
}
|
||||
}
|
||||
|
||||
if (rot_valid == OEMCrypto_SUCCESS) {
|
||||
// The keybox or certificate is valid -- that means initialization is done
|
||||
// and we only have save some metrics and return.
|
||||
@@ -1824,9 +1745,6 @@ OEMCryptoResult OEMCrypto_GetOEMPublicCertificate(
|
||||
OEMCryptoResult OEMCrypto_SetDebugIgnoreKeyboxCount(uint32_t count) {
|
||||
return SetDebugIgnoreKeyboxCount(count);
|
||||
}
|
||||
OEMCryptoResult OEMCrypto_SetAllowTestKeybox(bool allow) {
|
||||
return SetAllowTestKeybox(allow);
|
||||
}
|
||||
|
||||
OEMCrypto_WatermarkingSupport OEMCrypto_GetWatermarkingSupport(
|
||||
wvcdm::RequestedSecurityLevel level) {
|
||||
|
||||
@@ -205,7 +205,6 @@ TestCryptoSession::TestCryptoSession(metrics::CryptoMetrics* crypto_metrics,
|
||||
|
||||
void TestCryptoSession::MaybeInstallTestKeybox() {
|
||||
if (IsTestKeyboxNeeded()) {
|
||||
CryptoSession::SetAllowTestKeybox(true);
|
||||
ReinitializeForTest();
|
||||
WvCdmTestBase::InstallTestRootOfTrust();
|
||||
}
|
||||
|
||||
@@ -232,10 +232,6 @@ class WvContentDecryptionModule : public android::RefBase, public TimerHandler {
|
||||
// device to request a keybox OTA reprovisioning.
|
||||
virtual CdmResponseType SetDebugIgnoreKeyboxCount(uint32_t count);
|
||||
|
||||
// Allow the device to continue with a test keybox. Otherwise, it will fall
|
||||
// back to L3.
|
||||
virtual CdmResponseType SetAllowTestKeybox(bool allow);
|
||||
|
||||
virtual CdmResponseType SetDecryptHash(const std::string& hash_data,
|
||||
CdmSessionId* session_id);
|
||||
virtual CdmResponseType GetDecryptHashError(const CdmSessionId& session_id,
|
||||
|
||||
@@ -668,10 +668,6 @@ CdmResponseType WvContentDecryptionModule::SetDebugIgnoreKeyboxCount(
|
||||
return CdmEngine::SetDebugIgnoreKeyboxCount(count);
|
||||
}
|
||||
|
||||
CdmResponseType WvContentDecryptionModule::SetAllowTestKeybox(bool allow) {
|
||||
return CdmEngine::SetAllowTestKeybox(allow);
|
||||
}
|
||||
|
||||
CdmResponseType WvContentDecryptionModule::SetDecryptHash(
|
||||
const std::string& hash_data, CdmSessionId* id) {
|
||||
if (id == nullptr) {
|
||||
|
||||
Reference in New Issue
Block a user