Verify DRM certificate validity
[ Merge of http://go/wvgerrit/120123 ] DRM certificate creation and expiration times are now validated. * New DRM (default) certificates will have an expiration time specified by the provisioning service. When stored, the client will include the time the certificate was received. This allows for expiration calculation to occur when client and provisioning service clocks are out of sync. When read out, creation, expiration and acquisition times are validated. The certificate is checked for expiry by making sure that the time at the client since the license was acquired is not greater than the expiration period. The time information stored at the client may be tampered with. The license service will perform an expiration check and reject the license request if tampered with. The expiration time may be set to never expires/unlimited. This is not a valid value for creation or acquisition time. * Pre-existing (legacy) certificates from upgrading devices will not have an expiration time set by the provisioning service. Instead the client will calculate an expiration time 6 months with + or - a random two month period in the future. This is stored along with the certificate. When read out, if no expiration time has been set by the client, one will be calculated and written out. The certificate will be declared as valid. If a client calculated expiration time is present, the certificate will be validated. In case of tampering, the license service can reject license requests and force reprovisioning when appropriate. * ATSC certificates will continue to not have an expiration time. No additional validation is required. Other changes for non-ATSC licenses involve managing both default and legacy certificate co-existance. When checking for DRM certificates, the default certificate is attempted first. This is followed by a check for the legacy certificate, if the default certificate is not present. Bug: 169740403 Test: WV unit/integration tests DeviceFilesTest.StoreCertificateInvalidParams DeviceFilesTest.RetrieveAtscCertificate DeviceFilesTest.RetrieveAtscCertificateNotFound DeviceFilesTest.RetrieveCertificateInvalidParams DeviceFilesTest.RetrieveLegacyCertificateWithoutExpirationTime DeviceFilesTest.RetrieveLegacyCertificateWithClientExpirationTime DeviceFilesTest.RetrieveLegacyExpiredCertificateByClientExpirationTime DeviceFilesTest.RetrieveLegacyCertificateInvalidClientExpirationTime DeviceFilesTest.RetrieveCertificateWithoutKeyType DeviceFilesTest.RetrieveDefaultCertificate DeviceFilesTest.RetrieveDefaultCertificateNeverExpires DeviceFilesTest.HasCertificateAtsc DeviceFilesTest.HasCertificateDefault DeviceFilesTest.HasCertificateLegacy DeviceFilesTest.HasCertificateNone CertificateTest.StoreCertificateTest.DefaultAndLegacy/* CertificateTest.RetrieveLegacyCertificateTest.ErrorScenarios/* CertificateTest.RetrieveDefaultCertificateTest.ErrorScenarios/* Change-Id: I7dbec7555fbd493c1ec61c6bb5d9428a2405b1fd
This commit is contained in:
Rahul Frias
@@ -254,7 +254,7 @@ std::vector<uint8_t> Base64SafeDecode(const std::string& b64_input) {
|
||||
std::string HexEncode(const uint8_t* in_buffer, unsigned int size) {
|
||||
static const char kHexChars[] = "0123456789ABCDEF";
|
||||
if (size == 0) return "";
|
||||
constexpr unsigned int kMaxSafeSize = 2048;
|
||||
constexpr unsigned int kMaxSafeSize = 3072;
|
||||
if (size > kMaxSafeSize) size = kMaxSafeSize;
|
||||
// Each input byte creates two output hex characters.
|
||||
std::string out_buffer(size * 2, '\0');
|
||||
|
||||
Reference in New Issue
Block a user