widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Provide BCC in WVDrmFactory dumpsys.

Browse Source 
[ Merge of go/wvgerrit/c/cdm/+/165138 ]

Enabled the Widevine DRM service on Android to return the raw boot
certificate chain via the CDM status query capabilities.  This
property key is not available for app-level queries.

The BCC is dumped by the WVDrmFactory when requested to print all
CDM properties via dumpsys.

Bug: 234095402
Test: request_license_test
Test: adb shell dumpsys android.hardware.drm.IDrmFactory/widevine -p
Change-Id: I34695b0655b4c609979577e9986974bc0fbda898
This commit is contained in:
Alex Dale
2022-06-09 15:58:18 -07:00
parent 1deba6cee1
commit b11890a694
5 changed files with 60 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
libwvdrmengine/cdm/core/src/crypto_session.cpp
View File

@@ -837,19 +837,17 @@ CdmResponseType CryptoSession::GetProvisioningId(std::string* provisioning_id) {
RETURN_IF_NULL(provisioning_id, PARAMETER_NULL);
RETURN_IF_NOT_OPEN(CRYPTO_SESSION_NOT_OPEN);
if (pre_provision_token_type_ == kClientTokenOemCert) {
// OEM Cert devices have no provisioning-unique ID embedded in them, so we
// synthesize one by using the External Device-Unique ID and inverting all
// the bits.
CdmResponseType status = GetExternalDeviceUniqueId(provisioning_id);
if (pre_provision_token_type_ == kClientTokenOemCert ||
pre_provision_token_type_ == kClientTokenBootCertChain) {
// OEM Cert and BCC devices have no provisioning-unique ID embedded in
// them, so we synthesize one by using the External Device-Unique ID
// and inverting all the bits.
const CdmResponseType status = GetExternalDeviceUniqueId(provisioning_id);
if (status != NO_ERROR) return status;
for (size_t i = 0; i < provisioning_id->size(); ++i) {
char value = (*provisioning_id)[i];
(*provisioning_id)[i] = ~value;
for (char& c : *provisioning_id) {
c ^= 0xff;
}
return CdmResponseType(NO_ERROR);
}
if (pre_provision_token_type_ == kClientTokenKeybox) {
@@ -1383,7 +1381,14 @@ CdmResponseType CryptoSession::GetBootCertificateChain(
RETURN_IF_UNINITIALIZED(CRYPTO_SESSION_NOT_INITIALIZED);
LOGV("requested_security_level = %s",
RequestedSecurityLevelToString(requested_security_level));
if (pre_provision_token_type_ != kClientTokenBootCertChain) {
CdmClientTokenType token_type = kClientTokenUninitialized;
const CdmResponseType status =
GetProvisioningMethod(requested_security_level, &token_type);
if (status != NO_ERROR) {
LOGE("Failed to get token type");
return status;
}
if (token_type != kClientTokenBootCertChain) {
return CdmResponseType(
PROVISIONING_TYPE_IS_NOT_BOOT_CERTIFICATE_CHAIN_ERROR);
}