widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Internal BCC extraction tool to consume verified device info

Browse Source 
BCC extraction tool calls OEMCrypto_GetDeviceInformation() to read
verified device info from TEE. If the verified device info is not
available, (e.g. not implemented), it falls back to using OS properties.

This CL changes the tool used by widevine internally. Another CL will
update the tool for factory use.

Test: Ran the tool on Pixel 7 w/wo verified device info being present
Bug: 263312447

Change-Id: I71a48cc210f6a6f26f339f512a1851237ba94172
This commit is contained in:
Cong Lin
2022-12-19 21:41:26 -08:00
parent ead412cc55
commit a880498f36
4 changed files with 142 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
libwvdrmengine/tools/factory_upload_tool/include/WidevineOemcryptoInterface.h
View File

@@ -13,6 +13,13 @@
namespace widevine {
struct VerifiedDeviceInfo {
std::vector<uint8_t> device_info;
// Used by Interface of Remote Provisioning Component (IRPC) v3 for CSR
// uploading
std::vector<uint8_t> signed_csr_payload;
};
class OEMCryptoInterface {
public:
OEMCryptoInterface() = default;
@@ -30,6 +37,11 @@ class OEMCryptoInterface {
// implementation.
OEMCryptoResult GetOEMCryptoBuildInfo(std::string& build_info);
// Retrieves the verified device information of the OEMCrypto library from
// OEMCrypto implementation.
OEMCryptoResult GetVerifiedDeviceInformation(
VerifiedDeviceInfo& verified_device_info);
private:
typedef OEMCryptoResult (*Initialize_t)();
typedef OEMCryptoResult (*Terminate_t)();
@@ -38,11 +50,15 @@ class OEMCryptoInterface {
size_t* additional_signature_size);
typedef OEMCryptoResult (*BuildInformation_t)(char* buffer,
size_t* buffer_length);
typedef OEMCryptoResult (*GetDeviceInformation_t)(
uint8_t* device_info, size_t* device_info_length,
uint8_t* signed_csr_payload, size_t* signed_csr_payload_length);
Initialize_t Initialize = nullptr;
Terminate_t Terminate = nullptr;
GetBootCertificateChain_t GetBootCertificateChain = nullptr;
BuildInformation_t BuildInformation = nullptr;
GetDeviceInformation_t GetDeviceInformation = nullptr;
void* handle_ = nullptr;
};

2
libwvdrmengine/tools/factory_upload_tool/include/WidevineProvisioner.h
View File

@@ -44,6 +44,8 @@ class WidevineProvisioner {
cppbor::Array BuildCertReqRecipients(const std::vector<uint8_t>& pubkey,
const std::vector<uint8_t>& kid) const;
void InitializeCryptoInterface();
bool GetDeviceInfoCommon(cppbor::Map& device_info_map);
bool TryAddVerifiedDeviceInfo(cppbor::Map& device_info_map);
std::unique_ptr<OEMCryptoInterface> crypto_interface_;
};