Factory tool implements Widevine IRPC HAL v3

Implement IRPC HAL v3 interfaces for extracting device registration CSR. The new interface calls OEMCrypto_GetDeviceInformation() and OEMCrypto_GetSignedCsrPayload() and then constructs the CSR. Also added all mandatory fields of device info in the request. Test: Run extraction tool on Pixel 7 and upload CSR Test: Verified Widevine remote provisioning Bug: 268246995 Change-Id: I24097ba32c7a105266071c1341c938b5874b38d8
2023-02-19 17:38:25 -08:00
parent e8add8eed8
commit 8dc7cc0c74
6 changed files with 130 additions and 53 deletions
--- a/libwvdrmengine/factory_upload_tool/src/WidevineRemotelyProvisionedComponent.cpp
+++ b/libwvdrmengine/factory_upload_tool/src/WidevineRemotelyProvisionedComponent.cpp
@@ -75,9 +75,10 @@ class Status {

 ScopedAStatus WidevineRemotelyProvisionedComponent::getHardwareInfo(
    RpcHardwareInfo* info) {
-  info->versionNumber = 1;
+  info->versionNumber = 3;
  info->rpcAuthorName = "Google";
  info->supportedEekCurve = RpcHardwareInfo::CURVE_25519;
+  info->uniqueId = "Widevine Implementation";
  return ScopedAStatus::ok();
 }

@@ -112,4 +113,23 @@ ScopedAStatus WidevineRemotelyProvisionedComponent::generateCertificateRequest(
  return ScopedAStatus::ok();
 }

+ScopedAStatus
+WidevineRemotelyProvisionedComponent::generateCertificateRequestV2(
+    const std::vector<MacedPublicKey>& keysToSign,
+    const std::vector<uint8_t>& challenge, std::vector<uint8_t>* csr) {
+  if (!keysToSign.empty()) {
+    return Status("Invalid operation: Keys to sign must be empty.");
+  }
+  if (csr == nullptr) {
+    return Status("Parameter csr must not be null.");
+  }
+  if (provisioner_ == nullptr) {
+    provisioner_ = std::make_unique<widevine::WidevineProvisioner>();
+  }
+  if (!provisioner_->GenerateCertificateRequestV2(challenge, csr)) {
+    return Status("Failed to generate certificate request V2.");
+  }
+  return ScopedAStatus::ok();
+}
+
 }  // namespace aidl::android::hardware::security::keymint