L3 Load RSA private key from two parts [sc-dev]
This is a cherry-pick of https://widevine-internal-review.googlesource.com/c/cdm/+/121763 Original commit message from master branch: This is a security improvement against an L3 exploit b/182584472. The change is to store RSA private key in two parts instead of one, and load it separately when the key is needed. This will make it more difficult to find the entire RSA key. OEM private key is split into two parts and stored in Haystack in CL: cl/367515385. Loading RSA key is to be changed to loading part one first and then part two. Bytes in each part are parsed in sequence. Only OEM private key has two non-empty parts. For DRM private key the first part contains the entire key, and second part is empty. For more details, please find the comments in the head of rsa_load.cpp. This change slightly increased the size of LoadRSAKey from 6KB to 7KB due to the macros introduced. It's unlikely to have overall performance impact. Bug: 183416973 Bug: 182584472 Test: jenkins/run_level3_static_tests Test: GTS test https: //android-build.googleplex.com/builds/forrest/run/L93800000881790143 Change-Id: I34b3b795e6ac2ce9b41e915c1adf8fcdc489d94a
This commit is contained in:
Cong Lin