widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Unit tests for forbidden RSA key usage

Browse Source 
This CL adds unit tests to verify that the following
forbidden uses of an RSA private key do not work:

- ForbidPrepAndSign -- A cast cert key cannot sign a license
  request.
- ForbidUseAsDRMCert -- A cast cert cannot be used with the
  DRM cert's padding scheme and it cannot be used to derive
  keys from a session key.
- *ForbidRSASignatureForDRMKey* -- A DRM cert key cannot be
  used with GenerateRSASignature.
- *OEMCertForbidGenerateRSASignature* -- An OEM cert key
  cannot be used with GenerateRSASignature.

Bug: 251875110
Change-Id: Ic2b23e3fd279e878c190a8294078a8d092126a29
This commit is contained in:
Fred Gylys-Colwell
2023-08-20 21:40:02 -07:00
committed by Robert Shih
parent 343324e97c
commit 8f3ee84c1b
4 changed files with 124 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -1201,6 +1201,8 @@ OEMCryptoResult OEMCrypto_GenerateNonce(OEMCrypto_SESSION session,
* @retval OEMCrypto_ERROR_BUFFER_TOO_LARGE
* @retval OEMCrypto_ERROR_SESSION_LOST_STATE
* @retval OEMCrypto_ERROR_SYSTEM_INVALIDATED
* @retval OEMCrypto_ERROR_INVALID_KEY if the session's private key is not a
* DRM key.
*
* @buffer_size
* OEMCrypto shall support message sizes as described in the section