widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restructed reference root of trust (3/3 OEM Cert)

Browse Source 
[ Merge of http://go/wvgerrit/116944 ]

This change is the last part of a three part change for restructing
the root of trust used by the reference implementation.

OEM Certificates are now managed by the root of trust of the crypto
engine.  Previously, OEM certs where handled separately on a session
by session basis.

Bug: 135283522
Test: oemcrypto_unittests ce_cdm_tests
Change-Id: I6cf1fa3fade28baad85b5fce57a8eab6f2ed17c1
This commit is contained in:
Alex Dale
2021-02-18 20:00:15 -08:00
parent f6f5099604
commit 9f7e2c4413
7 changed files with 120 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
libwvdrmengine/oemcrypto/ref/src/oemcrypto_engine_ref.h
View File

@@ -75,8 +75,8 @@ class CryptoEngine {
OEMCryptoResult LoadTestRsaKey() { return root_of_trust_.LoadTestRsaKey(); }
OEMCryptoResult IsKeyboxValid() const {
return root_of_trust_.IsKeyboxValid();
OEMCryptoResult IsKeyboxOrOemCertValid() const {
return root_of_trust_.IsKeyboxOrOemCertValid();
}
std::vector<uint8_t> DeviceRootKey() const {
@@ -97,6 +97,26 @@ class CryptoEngine {
return root_of_trust_.GetKeyData(key_data, key_data_length);
}
OEMCryptoResult InstallOemCertificate(const uint8_t* private_key,
size_t private_key_size,
const uint8_t* public_cert,
size_t public_cert_size) {
return root_of_trust_.InstallOemCertificate(private_key, private_key_size,
public_cert, public_cert_size);
}
OEMCryptoResult GetOemPublicCertificate(uint8_t* public_cert,
size_t* public_cert_length) const {
return root_of_trust_.GetOemPublicCertificate(public_cert,
public_cert_length);
}
std::shared_ptr<RsaPrivateKey> ShareOemPrivateKey() {
return root_of_trust_.ShareOemCertKey();
}
bool HasOemPrivateKey() const { return root_of_trust_.HasOemCertKey(); }
virtual void Terminate();
virtual SessionId OpenSession();
@@ -155,15 +175,6 @@ class CryptoEngine {
return OEMCrypto_Keybox;
}
virtual OEMCryptoResult get_oem_certificate(uint8_t* public_cert,
size_t* public_cert_length) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
virtual OEMCryptoResult load_oem_private_key(SessionContext* session) {
return OEMCrypto_ERROR_NOT_IMPLEMENTED;
}
// Used for OEMCrypto_IsAntiRollbackHwPresent.
virtual bool config_is_anti_rollback_hw_present() { return false; }