widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve documentation for OEMCrypto_GenerateCertificateKeyPair

Browse Source 
Bug: 279194702

Merged from https://widevine-internal-review.googlesource.com/173630

Merged from https://widevine-internal-review.googlesource.com/174539

Change-Id: I59dfe4c5053c24c011c9222fe516b446df6524e0
This commit is contained in:
Matt Feddersen
2023-05-02 17:31:52 +00:00
committed by Robert Shih
parent 89ba99f16d
commit aaa1ce865f
1 changed files with 49 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
View File

@@ -4864,11 +4864,54 @@ OEMCryptoResult OEMCrypto_GetBootCertificateChain(
* key is supposed to be certified by the server. The private key is wrapped * key is supposed to be certified by the server. The private key is wrapped
* with the encryption key so it can be stored in the file system. * with the encryption key so it can be stored in the file system.
* *
* If an OEM private key is unavailable, the request is assumed for OEM * The |public_key_signature| output is formatted differently depending
* on whether or not an OEM private key has been loaded.
*
* If an OEM private key is unavailable, the request is assumed to be for OEM
* certificate provisioning. In this case, the public key is signed by the * certificate provisioning. In this case, the public key is signed by the
* device private key. If an OEM private key is available, the request is * device private key. The format of |public_key_signature| in this case is a
* assumed for DRM certificate provisioning and the public key is signed by the * COSE_Sign1 CBOR array. The format is described in RFC 8152 Section 4.2 and
* OEM private key. * 4.4, as well as Android IRemotelyProvisionedComponent.aidl (under
* "SignedData<Data>")
*
* |public_key_signature|: COSE_Sign1 CBOR array
* [
* protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 /
* AlgorithmES384 },
* unprotected: {},
* payload: bstr .cbor Data / nil,
* signature: bstr ; PureEd25519(priv_key, Sig_structure) /
* ; ECDSA(priv_key, Sig_structure)
* ]
*
* Notes:
* 1. The payload field in the COSE_Sign1 struct is the public key generated
* by OEMCrypto_GenerateCertificateKeyPair
* 2. The signature field in the COSE_Sign1 struct is the concatenation of the
* (R,S) values from the EC/Ed signature. If either R or S is smaller than
* the key size, it is left-padded with 0 to match the key size as
* described in RFC 8152. This signature is not DER encoded.
* 3. The signature is generated by calling the selected EC signing function
* (PureEd25519 or one of the supported ECDSA algorithms) on
* `Sig_structure`, which is a CBOR array described below. The payload
* field in Sig_structure is the same as the payload in the above
* COSE_Sign1 CBOR array.
*
* Sig_structure: CBOR array
* [
* context: "Signature1",
* protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 /
* AlgorithmES384 },
* external_aad: bstr .size 0,
* payload: bstr .cbor Data / nil,
* ]
*
* If an OEM private key is available, the request is assumed to be for DRM
* certificate provisioning and the public key is signed by the OEM private key.
* If the OEM private key is an RSA key, then |public_key_signature| is the raw
* output of the RSA sign operation with RSASSA-PSS padding. If the OEM private
* key is an ECC key, then |public_key_signature| is the ASN.1 DER-encoded (R,S)
* signature as specified in RFC 3279 2.2.3.
* *
* @param[in] session: session id. * @param[in] session: session id.
* @param[out] public_key: pointer to the buffer that receives the public key * @param[out] public_key: pointer to the buffer that receives the public key
@@ -4877,11 +4920,8 @@ OEMCryptoResult OEMCrypto_GetBootCertificateChain(
* @param[in,out] public_key_length: on input, size of the caller's public_key * @param[in,out] public_key_length: on input, size of the caller's public_key
* buffer. On output, the number of bytes written into the buffer. * buffer. On output, the number of bytes written into the buffer.
* @param[out] public_key_signature: pointer to the buffer that receives the * @param[out] public_key_signature: pointer to the buffer that receives the
* signature of the public key. * signature of the public key. The format depends on whether an OEM private
* If an OEM private key is unavailable: it is signed by the device private * key has been loaded.
* key. The signature must be in COSE_SIGN1 format as specified in RFC 8152.
* If an OEM private key is available: it is signed by the OEM private key.
* The signature must be raw signature bytes.
* @param[in,out] public_key_signature_length: on input, size of the caller's * @param[in,out] public_key_signature_length: on input, size of the caller's
* public_key_signature buffer. On output, the number of bytes written into * public_key_signature buffer. On output, the number of bytes written into
* the buffer. * the buffer.