Add DRM reprovisioning request generation

[ Merge of http://go/wvgerrit/192010 ] Updates the CDM to add support for DRM reprovisioning request creation. - Load the baked-in certificate for use as the client token. - Add functions to build and sign a drm reprovisioning request. - Update the Rikers L3 OEMCrypto implementation to support signing provisioning requests and getting embedded certificate. - Update client id token to handle DRM reprovisioning. - Add OEMCrypto function to load the baked-in device certificate in Rikers CDMs and stubs for non-Rikers CDMs. - Add dynamic adapter support for getting embedded device certificate only on L3. Bug: 305093063 Test: WVTS Change-Id: I9a0ecf95e27213b046f03baa0781fb164179323b
2024-03-07 14:39:46 -08:00
parent 6499e7063d
commit af2ffca5fa
16 changed files with 164 additions and 7 deletions
--- a/libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
+++ b/libwvdrmengine/oemcrypto/include/OEMCryptoCENC.h
@@ -521,6 +521,8 @@ typedef enum OEMCrypto_ProvisioningMethod {
  OEMCrypto_OEMCertificate = 3,
  // Device has Boot Certificate Chain (BCC).
  OEMCrypto_BootCertificateChain = 4,
+  // Device has baked in DRM certificate with reprovisioning (level 3 only).
+  OEMCrypto_DrmReprovisioning = 5
 } OEMCrypto_ProvisioningMethod;

 /**
@@ -740,6 +742,7 @@ typedef enum OEMCrypto_SignatureHashAlgorithm {
 #define OEMCrypto_GetUsageEntryInfo           _oecc148
 #define OEMCrypto_GetBCCType                  _oecc149
 #define OEMCrypto_LoadRelease                 _oecc150
+#define OEMCrypto_GetEmbeddedDrmCertificate   _oecc151
 // clang-format on

 /// @addtogroup initcontrol
@@ -6108,6 +6111,22 @@ OEMCryptoResult OEMCrypto_LoadProvisioning_V18(

 /****************************************************************************/
 /****************************************************************************/
+/* The following functions are used by internal L3 CDMs and are not required by
+ * other CDM implementations.
+ */
+
+/**
+ * Get the embedded Drm Certificate used by internal L3 CDMs.
+ *
+ * @param[out] public_cert where the certificate is stored.
+ * @param[in,out] public_cert_length the length, in bytes, of the certificate.
+ *
+ * @retval OEMCrypto_SUCCESS on success
+ * @retval OEMCrypto_ERROR_SHORT_BUFFER if public_cert_length is too small.
+ * @retval OEMCrypto_ERROR_NOT_IMPLEMENTED
+ */
+OEMCryptoResult OEMCrypto_GetEmbeddedDrmCertificate(uint8_t* public_cert,
+                                                    size_t* public_cert_length);

 #ifdef __cplusplus
 }
--- a/libwvdrmengine/oemcrypto/include/level3.h
+++ b/libwvdrmengine/oemcrypto/include/level3.h
@@ -125,6 +125,7 @@
 #define Level3_GetUsageEntryInfo           _lcc148
 #define Level3_GetBCCType                  _lcc149
 #define Level3_LoadRelease                 _lcc150
+#define Level3_GetEmbeddedDrmCertificate   _lcc151
 #else
 #define Level3_Initialize                  _oecc01
 #define Level3_Terminate                   _oecc02
@@ -233,6 +234,8 @@
 #define Level3_GetUsageEntryInfo           _oecc148
 #define Level3_GetBCCType                  _oecc149
 #define Level3_LoadRelease                 _oecc150
+// Internal-only.
+#define Level3_GetEmbeddedDrmCertificate   _oecc151
 #endif

 #define Level3_GetInitializationState     _oecl3o01
@@ -527,6 +530,8 @@ OEMCryptoResult Level3_LoadProvisioningCast(
    size_t signature_length, uint8_t* wrapped_private_key,
    size_t* wrapped_private_key_length);
 OEMCryptoResult Level3_GetBCCType(OEMCrypto_BCCType* bcc_type);
+OEMCryptoResult Level3_GetEmbeddedDrmCertificate(uint8_t* public_cert,
+                                                 size_t* public_cert_length);

 // The following are specific to Google's Level 3 implementation and are not
 // required.