widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Correct when OEMCrypto_GetOEMPublicCertificate is called" into tm-dev am: 27d2826d03 am: 6905de19f9

Browse Source 
Original change: https://googleplex-android-review.googlesource.com/c/platform/vendor/widevine/+/17365196

Change-Id: Ic9ef9f131d6ee1d7d6138294ed9a3c62e6ff0220
This commit is contained in:
TreeHugger Robot
2022-03-24 04:23:40 +00:00
committed by Automerger Merge Worker
parent 355e671d6e 6905de19f9
commit 9378f74171
1 changed files with 2 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -1303,7 +1303,7 @@ CdmResponseType CryptoSession::PrepareAndSignProvisioningRequest(
const OEMCryptoResult status = OEMCrypto_LoadOEMPrivateKey(oec_session_id_); const OEMCryptoResult status = OEMCrypto_LoadOEMPrivateKey(oec_session_id_);
if (status != OEMCrypto_SUCCESS) { if (status != OEMCrypto_SUCCESS) {
return MapOEMCryptoResult(status, GET_TOKEN_FROM_OEM_CERT_ERROR, return MapOEMCryptoResult(status, GET_TOKEN_FROM_OEM_CERT_ERROR,
"GetTokenFromOemCert"); "PrepareAndSignProvisioningRequest");
} }
} else { } else {
LOGE("Unknown method %d", pre_provision_token_type_); LOGE("Unknown method %d", pre_provision_token_type_);
@@ -1385,20 +1385,6 @@ CdmResponseType CryptoSession::LoadEntitledContentKeys(
CdmResponseType CryptoSession::LoadCertificatePrivateKey( CdmResponseType CryptoSession::LoadCertificatePrivateKey(
const CryptoWrappedKey& private_key) { const CryptoWrappedKey& private_key) {
// TODO(b/141655126): Getting the OEM Cert no longer loads the private key.
// Call OEMCrypto_GetOEMPublicCertificate before OEMCrypto_LoadDRMPrivateKey
// so it caches the OEMCrypto Public Key and then throw away result
std::string temp_buffer(CERTIFICATE_DATA_SIZE, '\0');
size_t buf_size = temp_buffer.size();
uint8_t* buf = reinterpret_cast<uint8_t*>(&temp_buffer[0]);
OEMCryptoResult sts = WithOecSessionLock(
"LoadCertificatePrivateKey() calling OEMCrypto_GetOEMPublicCertificate",
[&] {
return OEMCrypto_GetOEMPublicCertificate(buf, &buf_size,
requested_security_level_);
});
metrics_->oemcrypto_get_oem_public_certificate_.Increment(sts);
const OEMCrypto_PrivateKeyType key_type = const OEMCrypto_PrivateKeyType key_type =
(private_key.type() == CryptoWrappedKey::kEcc) (private_key.type() == CryptoWrappedKey::kEcc)
? OEMCrypto_ECC_Private_Key ? OEMCrypto_ECC_Private_Key
@@ -1407,6 +1393,7 @@ CdmResponseType CryptoSession::LoadCertificatePrivateKey(
LOGV("Loading device DRM key: id = %u", oec_session_id_); LOGV("Loading device DRM key: id = %u", oec_session_id_);
// TODO(b/140813486): determine if cert is RSA or ECC. // TODO(b/140813486): determine if cert is RSA or ECC.
OEMCryptoResult sts;
WithOecSessionLock( WithOecSessionLock(
"LoadCertificatePrivateKey() calling OEMCrypto_LoadDRMPrivateKey()", [&] { "LoadCertificatePrivateKey() calling OEMCrypto_LoadDRMPrivateKey()", [&] {
M_TIME(sts = OEMCrypto_LoadDRMPrivateKey( M_TIME(sts = OEMCrypto_LoadDRMPrivateKey(